Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/3ee19f4b-6941-451a-a36b-eca835bb4851.roa
File:                     3ee19f4b-6941-451a-a36b-eca835bb4851.roa (raw, json)
Hash identifier:          LBsKamiXr3vscrNEDLrjP4BDmgGYm3c8g/Azov9Umx0=
Subject key identifier:   23:3E:06:A0:16:FC:98:76:77:F9:FB:4F:39:7D:1F:6D:01:5E:76:8E
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       7EB0A7225C0C38683EAF8D27D214E6409331820B
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/3ee19f4b-6941-451a-a36b-eca835bb4851.roa
Signing time:             Wed 25 Jun 2025 00:30:48 +0000
ROA not before:           Wed 25 Jun 2025 00:30:48 +0000
ROA not after:            Wed 30 Jul 2025 23:59:59 +0000
asID:                     21664
IP address blocks:        2605:9cc0:c0b::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 30 Jun 2025 18:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7e:b0:a7:22:5c:0c:38:68:3e:af:8d:27:d2:14:e6:40:93:31:82:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Jun 25 00:30:48 2025 GMT
            Not After : Jul 30 23:59:59 2025 GMT
        Subject: serialNumber=1ccd25089e82df6fd78c17b6b1e6d2a3264821297f3d0569c38991deb97ed778, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:09:3c:af:19:fd:c7:75:5b:56:93:5d:54:02:
                    82:14:db:bd:00:50:1c:33:fb:62:bb:19:65:72:26:
                    97:36:42:ed:6d:95:91:32:fa:5c:79:85:ce:17:f8:
                    3c:67:70:80:ee:9d:7b:20:f4:c4:0f:f1:6c:4c:e3:
                    1f:e5:85:5b:f6:27:b6:e6:40:7c:cc:d1:39:53:cb:
                    aa:19:03:7c:3f:50:c4:da:c3:04:af:6a:f6:4f:10:
                    c9:a0:95:b3:19:a3:5f:52:ee:bd:3b:25:e6:bd:64:
                    9e:b9:93:85:9d:04:ee:87:94:c7:5e:1e:17:51:65:
                    67:f0:31:b0:10:d3:31:c7:2c:77:d2:2f:af:53:33:
                    7b:06:23:b5:fa:3a:98:f8:71:fb:45:54:35:60:f8:
                    fa:c4:45:b0:ac:b5:35:5a:de:17:46:10:46:0d:f4:
                    80:1c:d1:2f:64:88:61:44:54:6d:69:d2:52:ee:2f:
                    bd:5d:53:4a:bd:2f:f8:c7:81:28:ae:ba:3c:ed:59:
                    d7:54:45:f3:f0:ef:56:7e:67:c8:5c:79:21:34:84:
                    ab:1e:fd:de:63:20:52:6e:1e:8f:d9:92:a5:2d:37:
                    40:de:cf:54:76:e5:35:d9:a3:23:4e:de:74:35:7b:
                    b0:f9:52:98:28:10:d3:68:a7:2b:ec:1d:45:e3:12:
                    f5:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:3E:06:A0:16:FC:98:76:77:F9:FB:4F:39:7D:1F:6D:01:5E:76:8E
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/3ee19f4b-6941-451a-a36b-eca835bb4851.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:c0b::/48

    Signature Algorithm: sha256WithRSAEncryption
         74:08:2c:f6:8c:03:b8:78:a7:3c:99:51:eb:1b:b5:5e:de:a6:
         46:f1:2d:fd:08:df:0b:d8:c3:b6:6b:da:ed:7a:7b:41:a3:87:
         ae:12:0c:fa:23:65:a7:23:6d:f9:23:bb:5f:71:76:63:9a:68:
         50:ea:ec:70:8c:ca:ce:29:be:a6:6c:ab:10:06:13:02:75:e0:
         1d:b5:5e:88:aa:fd:72:c6:10:45:ff:13:17:6e:90:70:19:34:
         16:b3:fd:30:cf:51:04:96:d0:7e:48:19:07:67:c9:d3:7d:6e:
         3f:40:df:fd:f9:fc:c0:ff:25:e3:43:46:c4:cb:7a:cd:06:4e:
         c4:75:e1:14:05:f2:4b:45:d5:e3:8b:7b:89:e3:81:c2:0c:9b:
         6a:68:57:32:92:1c:aa:b7:d2:1a:86:f4:14:0d:ac:da:94:80:
         5c:34:5b:56:ff:bd:79:7e:58:e3:eb:74:db:e2:42:9e:7a:7c:
         af:d1:8b:af:14:10:c9:57:be:f5:2d:91:49:71:31:08:eb:cb:
         da:40:54:85:91:57:a5:19:90:d3:fc:dd:1c:6d:54:96:63:70:
         5b:3e:f7:d7:1d:84:1d:7b:17:54:a4:7b:81:c1:99:23:bb:cb:
         9d:39:b2:0e:80:88:63:f2:1c:c1:1c:2f:c2:a8:7b:95:02:45:
         0f:b2:e0:6c
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUfrCnIlwMOGg+r40n0hTmQJMxggswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUwNjI1MDAzMDQ4WhcNMjUwNzMwMjM1OTU5
WjB6MUkwRwYDVQQFE0AxY2NkMjUwODllODJkZjZmZDc4YzE3YjZiMWU2ZDJhMzI2
NDgyMTI5N2YzZDA1NjljMzg5OTFkZWI5N2VkNzc4MS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC7CTyvGf3HdVtWk11UAoIU270AUBwz+2K7GWVyJpc2Qu1t
lZEy+lx5hc4X+DxncIDunXsg9MQP8WxM4x/lhVv2J7bmQHzM0TlTy6oZA3w/UMTa
wwSvavZPEMmglbMZo19S7r07Jea9ZJ65k4WdBO6HlMdeHhdRZWfwMbAQ0zHHLHfS
L69TM3sGI7X6Opj4cftFVDVg+PrERbCstTVa3hdGEEYN9IAc0S9kiGFEVG1p0lLu
L71dU0q9L/jHgSiuujztWddURfPw71Z+Z8hceSE0hKse/d5jIFJuHo/ZkqUtN0De
z1R25TXZoyNO3nQ1e7D5UpgoENNopyvsHUXjEvWxAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUIz4GoBb8mHZ3+ftPOX0fbQFedo4wHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiLzNlZTE5ZjRiLTY5NDEtNDUxYS1hMzZiLWVjYTgzNWJiNDg1MS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzADAswDQYJKoZIhvcNAQELBQADggEBAHQILPaMA7h4pzyZUesbtV7e
pkbxLf0I3wvYw7Zr2u16e0Gjh64SDPojZacjbfkju19xdmOaaFDq7HCMys4pvqZs
qxAGEwJ14B21Xoiq/XLGEEX/ExdukHAZNBaz/TDPUQSW0H5IGQdnydN9bj9A3/35
/MD/JeNDRsTLes0GTsR14RQF8ktF1eOLe4njgcIMm2poVzKSHKq30hqG9BQNrNqU
gFw0W1b/vXl+WOPrdNviQp56fK/Ri68UEMlXvvUtkUlxMQjry9pAVIWRV6UZkNP8
3RxtVJZjcFs+99cdhB17F1Ske4HBmSO7y505sg6AiGPyHMEcL8Koe5UCRQ+y4Gw=
-----END CERTIFICATE-----