Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/3ff4c7b2-a6a3-42fb-9f80-b7f5ffc66399.roa
File:                     3ff4c7b2-a6a3-42fb-9f80-b7f5ffc66399.roa (raw, json)
Hash identifier:          Mg++4cK1ndY2iX6yKeVfILvuX49luTN4DVHx8wigcxc=
Subject key identifier:   8E:56:93:11:D6:0C:F2:C2:05:4D:41:AB:8F:D4:16:F0:28:E9:C0:5E
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       6FDE0652CAEAD3EF919C1B8C263B2514B37788CF
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/3ff4c7b2-a6a3-42fb-9f80-b7f5ffc66399.roa
Signing time:             Fri 11 Apr 2025 00:20:34 +0000
ROA not before:           Fri 11 Apr 2025 00:20:34 +0000
ROA not after:            Fri 16 May 2025 23:59:59 +0000
asID:                     21664
IP address blocks:        2605:9cc0:64d::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 07 May 2025 18:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6f:de:06:52:ca:ea:d3:ef:91:9c:1b:8c:26:3b:25:14:b3:77:88:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Apr 11 00:20:34 2025 GMT
            Not After : May 16 23:59:59 2025 GMT
        Subject: serialNumber=338c40d9d1d7c8f4d91a28853ef70b40b7abc00a87787cc9b84045b7826afd9f, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:b9:71:ac:48:c0:81:86:7c:4e:47:e4:e2:2b:
                    67:e9:45:99:52:fd:8e:aa:ce:1b:10:35:15:33:cf:
                    f4:69:b7:17:6e:ec:ae:90:8f:7e:0e:19:40:db:7c:
                    0b:54:eb:ad:83:c8:f8:20:47:f1:03:fa:03:be:44:
                    18:6d:22:49:4e:a4:2f:fd:00:b1:ea:ac:ff:d3:4b:
                    83:8a:ac:af:b9:50:a4:23:be:2f:d5:fa:94:3e:b2:
                    3f:cd:a8:2f:82:ac:e7:53:21:67:bc:1f:42:57:3c:
                    b3:c2:2b:27:56:01:a1:e9:66:09:4f:ca:7b:f4:12:
                    80:a5:a6:81:70:29:ed:bb:f8:29:d7:24:57:34:3c:
                    43:fb:b7:03:38:fd:f9:53:ed:1b:09:2f:d7:46:c8:
                    ce:60:f0:36:78:75:22:21:a4:8c:b6:a7:a1:22:58:
                    ab:a2:3c:01:a9:f1:4d:a9:5a:28:d5:dd:48:11:7b:
                    4f:b5:18:71:2f:e3:cc:cc:3d:f0:38:93:7d:63:ea:
                    25:a9:90:5c:76:75:a1:7e:a1:f8:8b:4d:f6:73:23:
                    94:08:31:e5:a6:52:4f:7e:f6:54:b7:7e:a6:83:9b:
                    ca:6d:5b:0e:34:55:ea:0f:23:a7:cc:4d:bb:05:6b:
                    ca:2e:f8:2e:56:6c:84:0e:b5:2e:5e:dd:99:5d:ef:
                    b9:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:56:93:11:D6:0C:F2:C2:05:4D:41:AB:8F:D4:16:F0:28:E9:C0:5E
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/3ff4c7b2-a6a3-42fb-9f80-b7f5ffc66399.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:64d::/48

    Signature Algorithm: sha256WithRSAEncryption
         91:37:95:7c:0d:0f:58:40:91:4f:2b:c8:1f:aa:ff:b4:71:a4:
         8f:bb:83:04:e7:b6:b2:53:bb:ba:2f:68:3a:7f:3d:a9:f8:c3:
         9a:99:ed:90:cf:ee:8a:eb:cd:39:51:ab:fb:d7:ce:73:ee:fc:
         d5:00:61:c6:5c:75:db:9e:ff:72:ed:da:f6:1a:5a:b2:13:5d:
         2e:45:a8:08:83:5e:81:ee:30:2f:4e:26:59:51:eb:22:fb:83:
         26:51:0f:96:51:b1:dd:7f:9f:cd:d9:5c:f9:3b:db:87:ce:89:
         b7:e8:4e:a0:ad:02:a4:66:6a:95:14:7e:5a:23:cd:62:d5:96:
         b9:91:b1:73:60:87:8e:66:d0:50:9c:fb:30:d9:ab:d5:ae:9b:
         ba:00:c5:ca:44:93:ae:97:aa:95:2b:e4:98:6d:23:67:c0:38:
         1d:66:97:1f:08:89:58:a7:51:c2:d1:84:8d:a6:71:22:38:5d:
         9b:d8:26:13:02:31:ce:41:a7:92:3a:bc:b4:b3:89:29:40:39:
         b4:a6:51:8e:92:18:70:6c:68:83:86:c6:0d:dd:a7:c9:6a:4b:
         5b:52:b1:7f:a6:26:b8:32:81:d2:5a:43:38:9c:9b:a2:06:e4:
         ec:66:30:dd:ec:63:4a:23:3b:a8:0a:ce:f9:be:1d:e8:ea:12:
         75:4f:fa:54
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUb94GUsrq0++RnBuMJjslFLN3iM8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUwNDExMDAyMDM0WhcNMjUwNTE2MjM1OTU5
WjB6MUkwRwYDVQQFE0AzMzhjNDBkOWQxZDdjOGY0ZDkxYTI4ODUzZWY3MGI0MGI3
YWJjMDBhODc3ODdjYzliODQwNDViNzgyNmFmZDlmMS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC9uXGsSMCBhnxOR+TiK2fpRZlS/Y6qzhsQNRUzz/Rptxdu
7K6Qj34OGUDbfAtU662DyPggR/ED+gO+RBhtIklOpC/9ALHqrP/TS4OKrK+5UKQj
vi/V+pQ+sj/NqC+CrOdTIWe8H0JXPLPCKydWAaHpZglPynv0EoClpoFwKe27+CnX
JFc0PEP7twM4/flT7RsJL9dGyM5g8DZ4dSIhpIy2p6EiWKuiPAGp8U2pWijV3UgR
e0+1GHEv48zMPfA4k31j6iWpkFx2daF+ofiLTfZzI5QIMeWmUk9+9lS3fqaDm8pt
Ww40VeoPI6fMTbsFa8ou+C5WbIQOtS5e3Zld77mbAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUjlaTEdYM8sIFTUGrj9QW8CjpwF4wHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiLzNmZjRjN2IyLWE2YTMtNDJmYi05ZjgwLWI3ZjVmZmM2NjM5OS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzABk0wDQYJKoZIhvcNAQELBQADggEBAJE3lXwND1hAkU8ryB+q/7Rx
pI+7gwTntrJTu7ovaDp/Pan4w5qZ7ZDP7orrzTlRq/vXznPu/NUAYcZcddue/3Lt
2vYaWrITXS5FqAiDXoHuMC9OJllR6yL7gyZRD5ZRsd1/n83ZXPk724fOibfoTqCt
AqRmapUUflojzWLVlrmRsXNgh45m0FCc+zDZq9Wum7oAxcpEk66XqpUr5JhtI2fA
OB1mlx8IiVinUcLRhI2mcSI4XZvYJhMCMc5Bp5I6vLSziSlAObSmUY6SGHBsaIOG
xg3dp8lqS1tSsX+mJrgygdJaQzicm6IG5OxmMN3sY0ojO6gKzvm+HejqEnVP+lQ=
-----END CERTIFICATE-----