Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/85cd33cc-b671-45ad-86eb-fda837142de7.roa
File:                     85cd33cc-b671-45ad-86eb-fda837142de7.roa (raw, json)
Hash identifier:          VlyKKNlyb8Y09M+NNhZbjfwkw7i6JZaJcS8DuDBKKrg=
Subject key identifier:   83:D1:B3:7E:AC:72:2D:5B:20:6B:0B:FB:DD:E6:9A:6A:86:E5:3E:4D
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       6C48757C8381A84CE3F70338E0C0522A12AFA8B1
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/85cd33cc-b671-45ad-86eb-fda837142de7.roa
Signing time:             Wed 16 Apr 2025 00:31:47 +0000
ROA not before:           Wed 16 Apr 2025 00:31:47 +0000
ROA not after:            Wed 21 May 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        15.230.87.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 06 May 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6c:48:75:7c:83:81:a8:4c:e3:f7:03:38:e0:c0:52:2a:12:af:a8:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Apr 16 00:31:47 2025 GMT
            Not After : May 21 23:59:59 2025 GMT
        Subject: serialNumber=9a454c77bd809bd6c1a39357fa6b2e0320bd05a1f10549083982a609de898f15, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:83:89:ca:f7:11:6c:f5:40:ee:cb:19:23:a2:
                    af:54:2c:6f:13:f7:8d:44:78:67:47:0a:45:0d:c7:
                    96:e2:ac:62:12:e3:42:6b:5f:20:08:8f:53:72:1c:
                    66:00:77:a4:b9:7a:01:13:e4:da:1c:65:0d:1c:ec:
                    ba:26:31:3b:bf:d5:cf:99:b8:ee:ee:56:f7:67:a0:
                    c2:38:be:ed:49:19:42:33:b4:5f:09:46:51:db:b7:
                    c3:b5:23:22:c5:f4:c1:fd:77:f3:28:d2:04:23:b9:
                    22:2c:ad:b1:50:a4:83:70:2b:74:e3:e8:62:05:1d:
                    9e:07:59:1b:0e:fa:77:0a:7a:7a:52:57:c8:72:6a:
                    97:cc:ec:4e:74:9a:b6:19:c3:9f:0f:fe:77:81:cc:
                    2b:2c:7e:5b:cc:3c:f9:3b:88:44:38:95:35:1a:be:
                    d9:58:e6:b9:ea:dd:1c:8f:22:c9:81:89:b7:ab:c4:
                    51:17:a6:11:71:14:f3:49:c9:6c:60:89:45:9d:44:
                    6d:d4:be:e6:0f:fd:60:f4:7c:60:f9:c1:a5:01:6e:
                    9e:58:a0:c2:d5:44:c0:64:c0:3b:b4:07:11:ed:4d:
                    9f:13:20:15:2a:09:b3:7a:34:6b:3f:50:4c:d6:a3:
                    b1:88:3f:bc:ae:3c:80:3d:25:b5:c4:b2:0c:92:e5:
                    2e:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:D1:B3:7E:AC:72:2D:5B:20:6B:0B:FB:DD:E6:9A:6A:86:E5:3E:4D
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/85cd33cc-b671-45ad-86eb-fda837142de7.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  15.230.87.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a3:d9:7d:be:5d:cb:c6:73:89:76:2e:43:ec:09:f4:87:19:90:
         b2:83:29:0b:bc:b2:ee:9d:36:48:83:59:d2:8c:2c:f7:5f:b3:
         48:d3:1c:d7:41:06:59:8d:9d:a3:de:bd:19:e4:70:f0:2b:cc:
         5c:a3:9a:94:e2:e1:70:d9:e9:88:49:c0:cb:05:5d:02:8c:74:
         9c:5b:f8:bc:d8:a2:2c:cd:31:b0:5f:1c:c8:0e:84:6e:22:1b:
         60:a8:4a:69:51:50:da:c0:46:ad:2b:a0:11:62:16:09:ac:93:
         6c:94:6e:06:17:b6:5b:02:22:06:ad:ff:43:65:2e:97:ad:17:
         27:2f:5e:f2:7e:7c:3e:be:59:61:fc:aa:f1:2b:09:ed:72:09:
         83:1c:52:98:bd:64:0e:6d:66:eb:c4:83:1a:ec:0d:6f:ae:db:
         d7:9c:93:cf:d1:4f:6f:00:1e:2d:29:e2:82:b8:be:b8:7a:48:
         ae:aa:8d:2b:cb:63:21:53:40:e9:58:bb:57:c5:b3:ef:21:50:
         b5:1f:92:00:2b:70:43:c5:75:9b:cd:5e:7e:2b:bc:93:8e:2b:
         00:df:1d:01:80:06:45:7b:11:f9:9c:13:33:5b:bc:2c:12:da:
         f7:a9:16:72:3c:9b:65:45:1a:6c:b2:b9:3f:99:9a:1f:17:3a:
         1d:e3:75:f6
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUbEh1fIOBqEzj9wM44MBSKhKvqLEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNDE2MDAzMTQ3WhcNMjUwNTIxMjM1OTU5
WjB6MUkwRwYDVQQFE0A5YTQ1NGM3N2JkODA5YmQ2YzFhMzkzNTdmYTZiMmUwMzIw
YmQwNWExZjEwNTQ5MDgzOTgyYTYwOWRlODk4ZjE1MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDAg4nK9xFs9UDuyxkjoq9ULG8T941EeGdHCkUNx5birGIS
40JrXyAIj1NyHGYAd6S5egET5NocZQ0c7LomMTu/1c+ZuO7uVvdnoMI4vu1JGUIz
tF8JRlHbt8O1IyLF9MH9d/Mo0gQjuSIsrbFQpINwK3Tj6GIFHZ4HWRsO+ncKenpS
V8hyapfM7E50mrYZw58P/neBzCssflvMPPk7iEQ4lTUavtlY5rnq3RyPIsmBiber
xFEXphFxFPNJyWxgiUWdRG3UvuYP/WD0fGD5waUBbp5YoMLVRMBkwDu0BxHtTZ8T
IBUqCbN6NGs/UEzWo7GIP7yuPIA9JbXEsgyS5S6zAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUg9GzfqxyLVsgawv73eaaaoblPk0wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzg1Y2QzM2NjLWI2NzEtNDVhZC04NmViLWZkYTgzNzE0MmRlNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAP5lcwDQYJKoZIhvcNAQELBQADggEBAKPZfb5dy8ZziXYuQ+wJ9IcZkLKD
KQu8su6dNkiDWdKMLPdfs0jTHNdBBlmNnaPevRnkcPArzFyjmpTi4XDZ6YhJwMsF
XQKMdJxb+LzYoizNMbBfHMgOhG4iG2CoSmlRUNrARq0roBFiFgmsk2yUbgYXtlsC
Igat/0NlLpetFycvXvJ+fD6+WWH8qvErCe1yCYMcUpi9ZA5tZuvEgxrsDW+u29ec
k8/RT28AHi0p4oK4vrh6SK6qjSvLYyFTQOlYu1fFs+8hULUfkgArcEPFdZvNXn4r
vJOOKwDfHQGABkV7EfmcEzNbvCwS2vepFnI8m2VFGmyyuT+Zmh8XOh3jdfY=
-----END CERTIFICATE-----