Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/197db50e-a85a-4e13-b89b-2e27b2a468c8.roa
File:                     197db50e-a85a-4e13-b89b-2e27b2a468c8.roa (raw, json)
Hash identifier:          +OVK8M0nM6GZelHst5VGXtLIDePLi0P3rTeTr5R14BQ=
Subject key identifier:   9E:B6:6E:54:69:EC:79:20:F4:3D:A8:D9:79:A4:03:EC:6F:F1:F5:B6
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       4FBF7F1ADD505AEBA9F46EC434061EC52D87B55A
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/197db50e-a85a-4e13-b89b-2e27b2a468c8.roa
Signing time:             Fri 21 Mar 2025 00:22:13 +0000
ROA not before:           Fri 21 Mar 2025 00:22:13 +0000
ROA not after:            Fri 25 Apr 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        99.150.104.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 06 Apr 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4f:bf:7f:1a:dd:50:5a:eb:a9:f4:6e:c4:34:06:1e:c5:2d:87:b5:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 21 00:22:13 2025 GMT
            Not After : Apr 25 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:33:05:c5:f0:b7:19:ab:a1:ed:8a:a3:ae:eb:
                    0e:90:5d:5b:5e:a2:23:9d:42:65:41:41:40:eb:d4:
                    37:d8:7b:68:38:da:97:82:2d:a2:08:be:26:f3:5c:
                    c6:0e:ab:35:a7:35:f5:f2:e8:02:fe:cb:89:9a:ec:
                    9f:cb:c4:d5:d7:e7:11:20:1a:60:7f:2e:5d:e1:10:
                    dd:4e:5e:fc:57:bc:7b:ba:c8:78:9f:af:00:a1:e5:
                    b9:a0:de:e0:75:3b:8f:99:64:94:a7:c2:2c:c5:af:
                    fe:b0:4c:3c:11:e8:7e:fb:0c:c4:39:e8:75:35:27:
                    8d:34:07:93:5d:50:19:28:aa:71:70:a4:fd:7d:9a:
                    f9:18:44:05:22:c3:89:7e:e6:7a:ae:d0:69:23:ea:
                    d8:85:19:d9:45:bb:be:ab:44:9f:e3:b9:fa:cb:6d:
                    a7:6e:1a:7e:18:5e:ff:c6:93:7d:3c:85:42:44:ae:
                    0b:c2:d7:5c:3b:fe:a0:b4:03:45:e4:f2:4b:f2:1f:
                    ef:10:5c:f4:b8:94:15:12:bc:09:48:37:52:10:41:
                    9c:04:b8:a2:31:7e:c0:f0:c1:a9:13:9f:f7:b0:00:
                    32:07:2d:67:f6:88:ab:da:06:e8:50:cd:b9:7a:67:
                    9a:5a:27:0d:b4:95:14:7b:5c:e7:15:ae:39:13:11:
                    bd:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:B6:6E:54:69:EC:79:20:F4:3D:A8:D9:79:A4:03:EC:6F:F1:F5:B6
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/197db50e-a85a-4e13-b89b-2e27b2a468c8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.150.104.0/23

    Signature Algorithm: sha256WithRSAEncryption
         08:f0:d8:88:f2:a4:14:8a:31:c6:7c:d6:a7:f4:97:4b:0e:cb:
         60:bc:09:9f:76:5e:ef:75:79:36:0c:90:db:dd:ea:1f:8f:03:
         90:80:4b:a1:77:25:33:3d:73:12:4e:55:8d:2c:cd:a9:78:49:
         90:30:a3:ba:04:36:8d:e2:35:f9:75:f0:2f:ef:76:33:f0:3d:
         58:42:f0:0f:ab:3d:79:ae:53:77:7d:9c:ae:83:15:32:6f:14:
         dd:f6:72:a7:52:54:87:8d:6e:a4:92:2a:e6:70:bd:74:fe:2b:
         80:f1:3e:91:79:37:01:d8:49:c0:95:85:b0:93:e2:c5:65:ca:
         68:e9:e9:a0:0b:85:b2:b7:bc:80:95:91:be:73:ff:a4:a9:31:
         a4:8d:f6:fb:50:df:ef:89:1c:83:a4:fb:2d:ab:29:f4:b2:89:
         eb:87:cd:c7:11:93:96:ac:4c:8c:5a:e7:92:b5:72:8e:5a:cf:
         d6:9d:57:79:2e:77:4f:e3:6d:3b:1b:fc:bf:19:4c:be:88:43:
         26:de:ae:e7:7c:64:4d:89:98:0e:ef:f5:7e:e1:4e:0c:5a:a3:
         69:3e:9a:18:9f:53:6e:5a:46:fb:2c:a1:4d:5d:a6:2c:c3:92:
         ff:a0:8f:5d:33:f8:9b:93:a6:0e:28:20:8c:35:41:c9:9b:a5:
         76:b9:15:d5
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUT79/Gt1QWuup9G7ENAYexS2HtVowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzIxMDAyMjEzWhcNMjUwNDI1MjM1OTU5
WjB6MUkwRwYDVQQFE0A0MGRjYzRkY2U4NGMyMzk3MGY3ZjhlOGUwZWM5ZTQ4ZTg1
YmFiNTM5MTgxMmNlYTBlYTE3OWQzMzQ3ZDdiMzgzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDOMwXF8LcZq6HtiqOu6w6QXVteoiOdQmVBQUDr1DfYe2g4
2peCLaIIvibzXMYOqzWnNfXy6AL+y4ma7J/LxNXX5xEgGmB/Ll3hEN1OXvxXvHu6
yHifrwCh5bmg3uB1O4+ZZJSnwizFr/6wTDwR6H77DMQ56HU1J400B5NdUBkoqnFw
pP19mvkYRAUiw4l+5nqu0Gkj6tiFGdlFu76rRJ/jufrLbaduGn4YXv/Gk308hUJE
rgvC11w7/qC0A0Xk8kvyH+8QXPS4lBUSvAlIN1IQQZwEuKIxfsDwwakTn/ewADIH
LWf2iKvaBuhQzbl6Z5paJw20lRR7XOcVrjkTEb2DAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUnrZuVGnseSD0PajZeaQD7G/x9bYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzE5N2RiNTBlLWE4NWEtNGUxMy1iODliLTJlMjdiMmE0NjhjOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAFjlmgwDQYJKoZIhvcNAQELBQADggEBAAjw2IjypBSKMcZ81qf0l0sOy2C8
CZ92Xu91eTYMkNvd6h+PA5CAS6F3JTM9cxJOVY0szal4SZAwo7oENo3iNfl18C/v
djPwPVhC8A+rPXmuU3d9nK6DFTJvFN32cqdSVIeNbqSSKuZwvXT+K4DxPpF5NwHY
ScCVhbCT4sVlymjp6aALhbK3vICVkb5z/6SpMaSN9vtQ3++JHIOk+y2rKfSyieuH
zccRk5asTIxa55K1co5az9adV3kud0/jbTsb/L8ZTL6IQyberud8ZE2JmA7v9X7h
Tgxao2k+mhifU25aRvssoU1dpizDkv+gj10z+JuTpg4oIIw1QcmbpXa5FdU=
-----END CERTIFICATE-----