Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/741f335f-920f-473e-a577-c562b2725f1c.roa
File:                     741f335f-920f-473e-a577-c562b2725f1c.roa (raw, json)
Hash identifier:          p+7eWguI3MDlVIpT12Xoh8E0YSuNxXL7MVIffK+hFV4=
Subject key identifier:   EE:D8:B6:B3:38:E0:1F:70:1D:BD:B8:02:00:C9:DD:D0:7B:DB:A7:B1
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       5AD20DDB4A85ECB7E100BDD351B969F350CB502C
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/741f335f-920f-473e-a577-c562b2725f1c.roa
Signing time:             Mon 16 Jun 2025 16:31:30 +0000
ROA not before:           Mon 16 Jun 2025 16:31:30 +0000
ROA not after:            Mon 21 Jul 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        15.177.79.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 01 Jul 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5a:d2:0d:db:4a:85:ec:b7:e1:00:bd:d3:51:b9:69:f3:50:cb:50:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jun 16 16:31:30 2025 GMT
            Not After : Jul 21 23:59:59 2025 GMT
        Subject: serialNumber=270676a3f6b8158201a368e0990c81326de85fc2890c6f71ebba2871b1408c9b, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:77:4a:2f:eb:1a:20:85:fd:aa:ca:44:5d:9d:
                    d7:ae:c3:55:67:12:7f:e1:a3:c3:82:3d:fa:f2:7f:
                    40:5b:9b:8b:9a:be:ca:df:7c:33:cc:c9:06:d2:b6:
                    db:af:28:d3:84:cc:1c:8a:59:ef:e8:e0:98:52:99:
                    16:a0:e9:9c:c3:6f:d9:7d:a3:26:09:dc:7c:b6:01:
                    3b:e0:4e:53:ba:7f:71:b0:1c:42:ff:28:5b:29:e0:
                    39:08:2d:57:d7:34:5b:a9:b4:5d:0f:00:67:01:0f:
                    3d:9e:e5:30:a5:34:a8:34:38:27:7a:d4:37:8a:64:
                    19:4a:c5:64:9b:14:cd:2e:b6:4d:a1:22:57:e2:53:
                    90:6d:40:6d:87:73:bd:71:e7:2a:cd:6c:ef:18:34:
                    d0:0a:f4:e7:2e:2d:2f:b0:5f:e9:d1:4f:23:2d:d8:
                    bd:22:4b:73:01:91:23:7d:ff:cd:92:2b:5c:64:42:
                    0f:b5:f5:95:07:72:71:69:da:f8:7e:cf:22:c0:44:
                    8c:86:37:a4:6c:fc:45:13:55:0c:2d:e2:10:c9:40:
                    d1:f2:d5:1d:b3:95:84:87:1a:be:43:b7:e6:0b:78:
                    1c:a3:fc:ed:33:f4:0a:5b:d8:71:50:cb:20:86:13:
                    5e:cc:ae:40:48:c9:56:d2:b7:e0:1e:07:25:ae:7c:
                    ec:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:D8:B6:B3:38:E0:1F:70:1D:BD:B8:02:00:C9:DD:D0:7B:DB:A7:B1
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/741f335f-920f-473e-a577-c562b2725f1c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  15.177.79.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b4:b8:d9:7a:1c:d7:7a:82:f9:80:44:b2:ac:d0:f4:32:15:6e:
         d2:aa:5a:fa:83:76:48:1e:f6:a0:3c:62:80:74:9b:43:0c:35:
         bc:fc:25:f4:a4:1d:19:3d:7b:83:23:96:f3:53:14:da:94:04:
         fe:36:37:d1:1e:0d:a5:fa:a8:0b:6e:57:88:75:99:6f:db:52:
         4a:cf:6c:a5:73:74:9b:c1:d9:01:b6:f0:3a:35:f2:b9:85:39:
         2e:13:5b:bb:70:fa:25:4b:42:ec:cc:90:79:fd:e0:e9:a5:a6:
         dc:81:13:40:e0:1e:57:44:12:d0:2f:ba:7f:5b:24:46:fb:46:
         77:59:47:40:7c:76:4e:6d:69:33:83:13:5e:02:05:58:30:35:
         25:f4:94:03:d0:f7:1f:c6:dc:d1:8e:c4:86:3d:d5:3e:16:e3:
         71:78:95:00:90:13:22:ee:98:70:10:ed:4b:26:fa:e8:3c:84:
         2e:9c:be:3f:b8:21:9d:7b:0b:1d:6d:3c:1d:b8:18:28:d8:9f:
         36:40:02:d7:f8:70:a5:f5:8e:f8:68:64:d5:42:2a:0a:2b:9e:
         47:79:d3:ae:4e:e4:67:52:c1:86:3c:57:fb:60:71:9f:95:12:
         f5:fa:1f:3b:a9:7f:46:a2:e5:b0:f4:2e:97:5e:64:ed:5f:3d:
         bb:3f:0c:d6
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUWtIN20qF7LfhAL3TUblp81DLUCwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNjE2MTYzMTMwWhcNMjUwNzIxMjM1OTU5
WjB6MUkwRwYDVQQFE0AyNzA2NzZhM2Y2YjgxNTgyMDFhMzY4ZTA5OTBjODEzMjZk
ZTg1ZmMyODkwYzZmNzFlYmJhMjg3MWIxNDA4YzliMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDCd0ov6xoghf2qykRdndeuw1VnEn/ho8OCPfryf0Bbm4ua
vsrffDPMyQbSttuvKNOEzByKWe/o4JhSmRag6ZzDb9l9oyYJ3Hy2ATvgTlO6f3Gw
HEL/KFsp4DkILVfXNFuptF0PAGcBDz2e5TClNKg0OCd61DeKZBlKxWSbFM0utk2h
IlfiU5BtQG2Hc71x5yrNbO8YNNAK9OcuLS+wX+nRTyMt2L0iS3MBkSN9/82SK1xk
Qg+19ZUHcnFp2vh+zyLARIyGN6Rs/EUTVQwt4hDJQNHy1R2zlYSHGr5Dt+YLeByj
/O0z9Apb2HFQyyCGE17MrkBIyVbSt+AeByWufOy3AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU7ti2szjgH3AdvbgCAMnd0Hvbp7EwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzc0MWYzMzVmLTkyMGYtNDczZS1hNTc3LWM1NjJiMjcyNWYxYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAPsU8wDQYJKoZIhvcNAQELBQADggEBALS42Xoc13qC+YBEsqzQ9DIVbtKq
WvqDdkge9qA8YoB0m0MMNbz8JfSkHRk9e4MjlvNTFNqUBP42N9EeDaX6qAtuV4h1
mW/bUkrPbKVzdJvB2QG28Do18rmFOS4TW7tw+iVLQuzMkHn94OmlptyBE0DgHldE
EtAvun9bJEb7RndZR0B8dk5taTODE14CBVgwNSX0lAPQ9x/G3NGOxIY91T4W43F4
lQCQEyLumHAQ7Usm+ug8hC6cvj+4IZ17Cx1tPB24GCjYnzZAAtf4cKX1jvhoZNVC
Kgornkd5065O5GdSwYY8V/tgcZ+VEvX6Hzupf0ai5bD0LpdeZO1fPbs/DNY=
-----END CERTIFICATE-----