Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/a6073f80-fafc-4e6b-940c-475df5662892.roa
File:                     a6073f80-fafc-4e6b-940c-475df5662892.roa (raw, json)
Hash identifier:          4oMWyu0dRJybLPcEZKJ/dffiRbaGlMRcnmQDw8KVd34=
Subject key identifier:   FB:56:BE:42:7C:0F:C2:ED:10:3E:0C:D9:35:CD:3D:79:F5:9A:0C:38
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       151F5FF02A3FF31B4BFB91373FF0E543D6810364
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/a6073f80-fafc-4e6b-940c-475df5662892.roa
Signing time:             Mon 14 Apr 2025 15:51:53 +0000
ROA not before:           Mon 14 Apr 2025 15:51:53 +0000
ROA not after:            Mon 19 May 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        3.250.0.0/15 maxlen: 15
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 06 May 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            15:1f:5f:f0:2a:3f:f3:1b:4b:fb:91:37:3f:f0:e5:43:d6:81:03:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Apr 14 15:51:53 2025 GMT
            Not After : May 19 23:59:59 2025 GMT
        Subject: serialNumber=9ea451be8add34c95f1f808d23f13939425732eb5ff04bdc2ee2a7a410cb1150, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:6b:82:bc:36:e1:39:b0:ec:87:10:f5:14:48:
                    f8:0e:3b:0b:b2:46:fb:00:eb:06:33:45:f5:15:88:
                    82:30:76:9c:25:3c:f8:3c:29:10:9d:6c:8a:99:0c:
                    77:ed:78:f2:83:e2:ec:84:1a:eb:f1:f2:59:d5:09:
                    f5:7f:ce:47:34:59:f4:f2:db:57:dc:db:bc:63:47:
                    d7:de:ed:55:a1:8e:ff:6d:fd:a2:f7:5b:bb:7f:22:
                    8d:1a:01:32:9d:3c:ab:40:84:e8:cb:b6:a6:a7:30:
                    94:e1:a2:fe:7d:01:e4:01:65:1d:01:b6:95:58:ec:
                    58:3b:d7:8b:9a:bc:67:c5:b9:c6:4f:2c:2e:32:d3:
                    aa:7b:c5:16:8f:4b:91:05:c6:fb:fd:25:93:7f:e8:
                    29:f6:18:c6:71:40:cf:d7:4f:59:18:77:4d:64:dd:
                    fa:15:5f:46:13:78:6d:74:25:26:42:04:45:ed:b2:
                    06:a8:19:84:59:27:d3:d5:99:77:12:a3:cc:4b:f9:
                    0d:9a:04:74:b8:6c:48:c7:06:58:3a:d4:e9:64:65:
                    89:74:00:5e:33:12:b0:a9:c5:88:06:0b:6f:21:4c:
                    72:b0:8e:38:5a:6c:5f:de:dd:31:3f:63:60:d9:26:
                    9d:30:3a:3e:bb:16:f8:1d:24:de:60:31:6b:37:6f:
                    65:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:56:BE:42:7C:0F:C2:ED:10:3E:0C:D9:35:CD:3D:79:F5:9A:0C:38
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/a6073f80-fafc-4e6b-940c-475df5662892.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  3.250.0.0/15

    Signature Algorithm: sha256WithRSAEncryption
         03:24:c2:bb:17:34:a0:14:10:e7:e0:28:20:0d:da:bf:c9:6a:
         c8:25:01:17:b1:95:12:9f:00:95:de:ba:bf:ef:09:b9:d4:5b:
         29:b9:38:bf:70:32:56:3b:f8:b8:7d:93:2c:b3:88:21:e2:89:
         76:39:c0:94:3b:44:e3:01:d3:0b:58:b1:83:d2:fc:b8:18:19:
         c6:0a:36:13:98:47:48:e6:c6:ff:a5:5a:38:7c:6c:b2:56:7f:
         09:94:a3:6a:3f:b6:3c:cb:a0:1d:94:35:5c:ee:db:7a:f5:80:
         fe:9a:8f:74:87:89:02:86:25:9f:ac:98:43:9e:72:17:3d:70:
         61:2b:05:75:fe:db:84:c8:8e:23:ec:6e:02:24:18:b0:4c:8c:
         ff:8c:11:ff:44:a6:d1:bc:52:79:3a:d3:8b:a6:55:88:de:38:
         f0:45:33:73:2f:d4:f2:39:e6:96:aa:4d:c1:97:ef:3c:a0:b9:
         79:58:43:eb:83:39:7d:55:11:c0:67:5e:3f:84:8d:7b:aa:89:
         5c:54:d4:4c:aa:33:57:ff:b0:2f:e0:ce:0a:85:7c:a0:16:f9:
         d4:04:0a:e1:20:bb:a1:7b:76:5a:69:54:37:ed:36:5a:7e:88:
         bd:1a:d5:8b:b6:f9:db:17:b4:e3:c8:14:f8:82:98:8c:1b:b8:
         c1:62:a4:ca
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUFR9f8Co/8xtL+5E3P/DlQ9aBA2QwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNDE0MTU1MTUzWhcNMjUwNTE5MjM1OTU5
WjB6MUkwRwYDVQQFE0A5ZWE0NTFiZThhZGQzNGM5NWYxZjgwOGQyM2YxMzkzOTQy
NTczMmViNWZmMDRiZGMyZWUyYTdhNDEwY2IxMTUwMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCua4K8NuE5sOyHEPUUSPgOOwuyRvsA6wYzRfUViIIwdpwl
PPg8KRCdbIqZDHftePKD4uyEGuvx8lnVCfV/zkc0WfTy21fc27xjR9fe7VWhjv9t
/aL3W7t/Io0aATKdPKtAhOjLtqanMJThov59AeQBZR0BtpVY7Fg714uavGfFucZP
LC4y06p7xRaPS5EFxvv9JZN/6Cn2GMZxQM/XT1kYd01k3foVX0YTeG10JSZCBEXt
sgaoGYRZJ9PVmXcSo8xL+Q2aBHS4bEjHBlg61OlkZYl0AF4zErCpxYgGC28hTHKw
jjhabF/e3TE/Y2DZJp0wOj67FvgdJN5gMWs3b2X/AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU+1a+QnwPwu0QPgzZNc09efWaDDgwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2E2MDczZjgwLWZhZmMtNGU2Yi05NDBjLTQ3NWRmNTY2Mjg5Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwED+jANBgkqhkiG9w0BAQsFAAOCAQEAAyTCuxc0oBQQ5+AoIA3av8lqyCUB
F7GVEp8Ald66v+8JudRbKbk4v3AyVjv4uH2TLLOIIeKJdjnAlDtE4wHTC1ixg9L8
uBgZxgo2E5hHSObG/6VaOHxsslZ/CZSjaj+2PMugHZQ1XO7bevWA/pqPdIeJAoYl
n6yYQ55yFz1wYSsFdf7bhMiOI+xuAiQYsEyM/4wR/0Sm0bxSeTrTi6ZViN448EUz
cy/U8jnmlqpNwZfvPKC5eVhD64M5fVURwGdeP4SNe6qJXFTUTKozV/+wL+DOCoV8
oBb51AQK4SC7oXt2WmlUN+02Wn6IvRrVi7b52xe048gU+IKYjBu4wWKkyg==
-----END CERTIFICATE-----