Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/9318efc3-4d3a-413f-86c6-169a71d2eccb.roa
File:                     9318efc3-4d3a-413f-86c6-169a71d2eccb.roa (raw, json)
Hash identifier:          S30Q64TzuLYgZuawXzqg/yMIiW9WzmScgAwuv5xlvDE=
Subject key identifier:   42:16:9B:0B:DC:85:52:69:F1:1D:94:03:68:66:0C:7C:C9:36:87:D6
Certificate issuer:       /CN=0ee4583d84d9b4f0824cb80ba8fc1240b4794b515071e9751d
Certificate serial:       49368E92593E30BAC9542E99393B4899F2C362BC
Authority key identifier: 7D:84:47:C4:97:8A:0B:4C:73:9B:EB:F6:92:E2:4C:75:DD:3F:BC:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b4e4fec5-3510-4017-90ef-8391412ecd6c/0ee4583d84d9b4f0824cb80ba8fc1240b4794b515071e9751d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/9318efc3-4d3a-413f-86c6-169a71d2eccb.roa
Signing time:             Fri 06 Jun 2025 00:20:33 +0000
ROA not before:           Fri 06 Jun 2025 00:20:33 +0000
ROA not after:            Fri 11 Jul 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2605:b140::/32 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/2bTwgky4C6j8EkC0eUtRUHHpdR0.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/2bTwgky4C6j8EkC0eUtRUHHpdR0.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b4e4fec5-3510-4017-90ef-8391412ecd6c/0ee4583d84d9b4f0824cb80ba8fc1240b4794b515071e9751d.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b4e4fec5-3510-4017-90ef-8391412ecd6c/b4e4fec5-3510-4017-90ef-8391412ecd6c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b4e4fec5-3510-4017-90ef-8391412ecd6c/b4e4fec5-3510-4017-90ef-8391412ecd6c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b4e4fec5-3510-4017-90ef-8391412ecd6c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 02 Jul 2025 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            49:36:8e:92:59:3e:30:ba:c9:54:2e:99:39:3b:48:99:f2:c3:62:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ee4583d84d9b4f0824cb80ba8fc1240b4794b515071e9751d
        Validity
            Not Before: Jun  6 00:20:33 2025 GMT
            Not After : Jul 11 23:59:59 2025 GMT
        Subject: serialNumber=eba0b88584d95c13fb61a99e56149c4d1ebd1e535c6f3e47f561b08b3c1527e6, CN=b0dbbb6a-5472-4b68-ae4d-401518603039
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:e3:cc:b7:9c:21:0f:3a:2e:06:d0:98:7a:71:
                    c4:04:ce:20:ed:a3:94:32:26:f2:8f:3c:8f:07:a1:
                    bd:0e:b2:a2:33:45:92:2b:c9:36:7f:82:a4:68:33:
                    d0:4c:99:f5:fa:a8:80:da:d0:e0:2e:48:ac:24:d1:
                    bb:bf:54:cb:cf:3d:6d:52:53:a3:c2:83:3c:bc:f9:
                    8f:20:0f:fe:2c:c4:57:75:fa:05:40:1a:b6:07:9f:
                    8f:df:6b:a3:0f:3c:de:d6:12:94:68:fb:87:37:8d:
                    3d:7c:c4:8d:71:f9:be:ca:87:0d:11:e5:ad:bf:cd:
                    3a:16:e2:d9:5e:0a:6f:d6:10:6a:aa:e2:cf:43:b2:
                    c6:2b:12:46:8e:38:70:22:52:c1:17:ac:23:ac:c2:
                    bd:15:22:c0:81:66:73:77:0e:40:27:a7:ff:a6:e9:
                    06:fc:40:92:e0:ef:9e:70:ca:b1:df:14:6f:13:97:
                    5b:c8:62:93:4b:d6:ce:1e:61:9c:98:03:02:a9:2f:
                    ef:79:6c:0e:f4:55:9d:ec:5d:77:ba:71:bc:2a:f4:
                    c3:e8:d9:a9:5d:77:d2:5a:8a:86:56:43:da:c5:91:
                    bf:9d:87:ec:06:3e:37:93:93:9a:03:65:f8:73:11:
                    72:ce:af:6d:91:1a:2e:5c:f0:33:d1:bb:7b:d5:b4:
                    bf:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:16:9B:0B:DC:85:52:69:F1:1D:94:03:68:66:0C:7C:C9:36:87:D6
            X509v3 Authority Key Identifier:
                keyid:7D:84:47:C4:97:8A:0B:4C:73:9B:EB:F6:92:E2:4C:75:DD:3F:BC:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b4e4fec5-3510-4017-90ef-8391412ecd6c/0ee4583d84d9b4f0824cb80ba8fc1240b4794b515071e9751d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/9318efc3-4d3a-413f-86c6-169a71d2eccb.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/2bTwgky4C6j8EkC0eUtRUHHpdR0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:b140::/32

    Signature Algorithm: sha256WithRSAEncryption
         1a:16:2b:e9:f6:92:74:44:05:8e:e9:14:43:96:33:d4:67:af:
         b8:31:4f:ff:04:ec:86:01:f7:93:e4:e4:2a:0f:e6:0f:1c:0d:
         17:8e:1c:f6:bf:28:c3:2d:5f:36:34:00:61:19:87:7f:f6:28:
         cd:d0:36:3c:aa:b2:93:75:9f:79:44:81:fa:7b:3d:c8:96:96:
         ec:ed:c5:cd:c7:32:e6:f4:ba:32:38:e0:28:f6:4c:41:31:bc:
         3a:30:f1:47:7f:ca:7e:05:b7:8c:9a:b3:8f:49:3f:e3:32:b8:
         15:59:7d:c0:0b:8e:ee:ea:50:80:c0:90:a1:a0:bd:4e:0c:80:
         b4:e8:8b:a5:3c:3f:7d:7e:57:d7:da:98:bb:3d:b0:b8:a7:39:
         24:e7:bc:f2:ed:a9:04:5b:4b:64:cb:4c:16:d8:3d:ae:2a:fd:
         69:21:4d:76:6d:ef:21:7a:f0:34:b3:7f:7a:a9:a9:f3:18:fe:
         a8:99:da:3b:b4:94:b2:ba:42:ca:97:ed:3b:72:cd:93:ed:c9:
         0d:dd:e2:7f:7e:41:65:8f:9f:8d:0c:f5:5f:d8:cd:ba:8e:1c:
         a9:2b:dd:6f:a4:5a:bb:e0:39:ad:9e:ef:1e:8a:de:15:ea:63:
         bf:df:ec:b8:86:04:1b:65:e2:cc:48:d0:ff:42:6c:a5:72:bb:
         9b:fc:57:84
-----BEGIN CERTIFICATE-----
MIIF+TCCBOGgAwIBAgIUSTaOklk+MLrJVC6ZOTtImfLDYrwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMGVlNDU4M2Q4NGQ5YjRmMDgyNGNiODBiYThmYzEyNDBi
NDc5NGI1MTUwNzFlOTc1MWQwHhcNMjUwNjA2MDAyMDMzWhcNMjUwNzExMjM1OTU5
WjB6MUkwRwYDVQQFE0BlYmEwYjg4NTg0ZDk1YzEzZmI2MWE5OWU1NjE0OWM0ZDFl
YmQxZTUzNWM2ZjNlNDdmNTYxYjA4YjNjMTUyN2U2MS0wKwYDVQQDEyRiMGRiYmI2
YS01NDcyLTRiNjgtYWU0ZC00MDE1MTg2MDMwMzkwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCY48y3nCEPOi4G0Jh6ccQEziDto5QyJvKPPI8Hob0OsqIz
RZIryTZ/gqRoM9BMmfX6qIDa0OAuSKwk0bu/VMvPPW1SU6PCgzy8+Y8gD/4sxFd1
+gVAGrYHn4/fa6MPPN7WEpRo+4c3jT18xI1x+b7Khw0R5a2/zToW4tleCm/WEGqq
4s9DssYrEkaOOHAiUsEXrCOswr0VIsCBZnN3DkAnp/+m6Qb8QJLg755wyrHfFG8T
l1vIYpNL1s4eYZyYAwKpL+95bA70VZ3sXXe6cbwq9MPo2aldd9JaioZWQ9rFkb+d
h+wGPjeTk5oDZfhzEXLOr22RGi5c8DPRu3vVtL87AgMBAAGjggKyMIICrjAdBgNV
HQ4EFgQUQhabC9yFUmnxHZQDaGYMfMk2h9YwHwYDVR0jBBgwFoAUfYRHxJeKC0xz
m+v2kuJMdd0/vK4wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS9iNGU0ZmVjNS0z
NTEwLTQwMTctOTBlZi04MzkxNDEyZWNkNmMvMGVlNDU4M2Q4NGQ5YjRmMDgyNGNi
ODBiYThmYzEyNDBiNDc5NGI1MTUwNzFlOTc1MWQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZGZkN2Y2ZDMtZTZlOS00OTg3LTlhZTctZDA1
MmM1MzUzODk4LzkzMThlZmMzLTRkM2EtNDEzZi04NmM2LTE2OWE3MWQyZWNjYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2RmZDdmNmQzLWU2ZTktNDk4Ny05YWU3
LWQwNTJjNTM1Mzg5OC8yYlR3Z2t5NEM2ajhFa0MwZVV0UlVISHBkUjAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgAC
MAcDBQAmBbFAMA0GCSqGSIb3DQEBCwUAA4IBAQAaFivp9pJ0RAWO6RRDljPUZ6+4
MU//BOyGAfeT5OQqD+YPHA0Xjhz2vyjDLV82NABhGYd/9ijN0DY8qrKTdZ95RIH6
ez3Ilpbs7cXNxzLm9LoyOOAo9kxBMbw6MPFHf8p+BbeMmrOPST/jMrgVWX3AC47u
6lCAwJChoL1ODIC06IulPD99flfX2pi7PbC4pzkk57zy7akEW0tky0wW2D2uKv1p
IU12be8hevA0s396qanzGP6omdo7tJSyukLKl+07cs2T7ckN3eJ/fkFlj5+NDPVf
2M26jhypK91vpFq74Dmtnu8eit4V6mO/3+y4hgQbZeLMSND/Qmylcrub/FeE
-----END CERTIFICATE-----