Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6dd9c40d-8be6-4e5b-989a-6f29edd3202c.roa
File:                     6dd9c40d-8be6-4e5b-989a-6f29edd3202c.roa (raw, json)
Hash identifier:          nMn1FEnsKWKsrMfy9oMZBU09IVfWS+pYy2GVff5KxqA=
Subject key identifier:   45:37:BC:28:BD:C0:21:C3:60:2B:02:3A:6D:61:90:55:C2:0B:66:CB
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       54D5903845498BF6A6290C467AA3E85C7821702B
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6dd9c40d-8be6-4e5b-989a-6f29edd3202c.roa
Signing time:             Mon 31 Mar 2025 15:20:16 +0000
ROA not before:           Mon 31 Mar 2025 15:20:16 +0000
ROA not after:            Mon 05 May 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        23.23.64.0/21 maxlen: 21
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 06 Apr 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            54:d5:90:38:45:49:8b:f6:a6:29:0c:46:7a:a3:e8:5c:78:21:70:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 31 15:20:16 2025 GMT
            Not After : May  5 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:f9:d3:eb:3a:77:56:68:9a:38:9a:b7:78:0a:
                    a2:a7:59:59:f4:3d:0e:ea:b4:77:92:df:80:d6:d6:
                    33:1d:c4:39:f1:d6:c4:ba:dc:3a:bc:57:69:72:3a:
                    5d:ea:f0:96:87:f6:6b:c6:8d:c7:4c:54:d4:20:30:
                    d2:92:26:96:e6:10:21:41:9b:d8:c4:b3:e0:4c:98:
                    f9:5d:90:79:a5:86:e0:65:57:ff:eb:8c:06:e8:60:
                    f2:fc:c3:fa:52:b5:2b:a4:29:1c:0f:e0:00:0d:9a:
                    e1:18:6a:05:ed:73:3c:25:dd:c7:96:cc:4a:a3:48:
                    5d:e3:33:de:56:7a:6e:21:a4:49:bb:cc:2b:73:87:
                    f9:f7:f3:39:f6:0b:7b:5e:9c:97:57:d8:b5:2f:be:
                    55:a9:e6:6a:1b:5f:c6:f9:5a:60:74:18:52:0c:fd:
                    09:3a:41:00:22:c5:54:3a:af:7c:fc:2b:42:03:68:
                    69:f4:a1:b6:52:53:54:ac:90:ba:c0:7e:7a:85:b3:
                    fe:4a:5f:83:be:42:50:09:e3:a4:d1:0e:a0:16:4f:
                    4d:38:26:f5:3d:97:0a:06:f7:87:37:a7:9f:9e:6f:
                    fd:b8:13:04:3c:6e:18:46:61:c0:07:82:68:cd:eb:
                    f9:90:3f:35:68:5c:89:b0:e8:8d:6d:f0:ab:1c:4e:
                    19:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:37:BC:28:BD:C0:21:C3:60:2B:02:3A:6D:61:90:55:C2:0B:66:CB
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6dd9c40d-8be6-4e5b-989a-6f29edd3202c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  23.23.64.0/21

    Signature Algorithm: sha256WithRSAEncryption
         b9:d2:55:aa:98:f0:03:af:c7:b5:06:3e:8e:b1:c8:0a:5d:ad:
         49:fe:74:22:4d:e4:26:11:10:6c:cd:0b:b0:8d:0c:96:c8:af:
         9c:73:04:9a:17:1c:e2:aa:6f:2d:c5:84:2a:3d:b3:f3:6e:ca:
         bc:c1:de:5d:02:7b:73:d5:1d:a7:0d:33:94:26:a8:3d:bf:fb:
         39:0e:0b:46:d4:ba:b4:fd:eb:c1:00:b1:4d:77:0a:9c:41:2f:
         25:8c:f7:32:c4:fb:51:8d:44:50:30:76:76:66:63:a8:64:e5:
         d9:dc:8f:42:ff:21:c3:f8:4e:c7:74:08:0d:d2:bc:c5:55:c3:
         e0:ba:d8:a9:0b:be:0b:b3:9c:96:89:90:14:3e:70:97:14:e3:
         25:e2:a8:71:99:8d:88:cc:6a:0e:fe:83:ac:4c:8f:aa:b7:52:
         b5:e4:4d:2f:83:07:b3:25:f3:a4:eb:83:2f:79:98:06:32:cb:
         c2:e7:64:2c:e4:6d:4c:fd:df:fb:98:bd:3f:5c:81:65:15:61:
         9b:3a:1d:0b:ca:4e:18:29:e3:4f:9a:ac:b9:70:14:ad:d9:83:
         f3:38:67:8b:02:a1:39:84:b1:e2:d3:24:14:e4:1b:f2:39:97:
         f7:1c:48:bd:05:ad:5e:b7:92:97:83:a5:fb:ae:d0:e3:26:03:
         11:ac:f5:05
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUVNWQOEVJi/amKQxGeqPoXHghcCswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzMxMTUyMDE2WhcNMjUwNTA1MjM1OTU5
WjB6MUkwRwYDVQQFE0BhNjljYTczZWYxZWQ0NDVhZTYwOTUwOWJkNGFiYjlkMWI3
YzUzYTE4YmQyYzA5Mzg4OGFlZTNiNjE2M2U1NDI3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDg+dPrOndWaJo4mrd4CqKnWVn0PQ7qtHeS34DW1jMdxDnx
1sS63Dq8V2lyOl3q8JaH9mvGjcdMVNQgMNKSJpbmECFBm9jEs+BMmPldkHmlhuBl
V//rjAboYPL8w/pStSukKRwP4AANmuEYagXtczwl3ceWzEqjSF3jM95Wem4hpEm7
zCtzh/n38zn2C3tenJdX2LUvvlWp5mobX8b5WmB0GFIM/Qk6QQAixVQ6r3z8K0ID
aGn0obZSU1SskLrAfnqFs/5KX4O+QlAJ46TRDqAWT004JvU9lwoG94c3p5+eb/24
EwQ8bhhGYcAHgmjN6/mQPzVoXImw6I1t8KscThlrAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQURTe8KL3AIcNgKwI6bWGQVcILZsswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzZkZDljNDBkLThiZTYtNGU1Yi05ODlhLTZmMjllZGQzMjAyYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAMXF0AwDQYJKoZIhvcNAQELBQADggEBALnSVaqY8AOvx7UGPo6xyApdrUn+
dCJN5CYREGzNC7CNDJbIr5xzBJoXHOKqby3FhCo9s/NuyrzB3l0Ce3PVHacNM5Qm
qD2/+zkOC0bUurT968EAsU13CpxBLyWM9zLE+1GNRFAwdnZmY6hk5dncj0L/IcP4
Tsd0CA3SvMVVw+C62KkLvguznJaJkBQ+cJcU4yXiqHGZjYjMag7+g6xMj6q3UrXk
TS+DB7Ml86Trgy95mAYyy8LnZCzkbUz93/uYvT9cgWUVYZs6HQvKThgp40+arLlw
FK3Zg/M4Z4sCoTmEseLTJBTkG/I5l/ccSL0FrV63kpeDpfuu0OMmAxGs9QU=
-----END CERTIFICATE-----