Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e06c10d5-25fa-4779-8d71-f83b48e0f4a8.roa
File:                     e06c10d5-25fa-4779-8d71-f83b48e0f4a8.roa (raw, json)
Hash identifier:          qFYjmSv8KZkhMl3pGj121RQSuDmuQk5+RD1GSvqsyko=
Subject key identifier:   6E:40:F3:83:BA:D1:E7:04:29:72:B6:4A:C5:F0:59:74:14:C6:6E:D6
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       43ECDAB6330D2E13B8409F8FD423E0D218469D19
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e06c10d5-25fa-4779-8d71-f83b48e0f4a8.roa
Signing time:             Sat 15 Mar 2025 00:11:50 +0000
ROA not before:           Sat 15 Mar 2025 00:11:50 +0000
ROA not after:            Sat 19 Apr 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1ff8:2000::/40 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 06 Apr 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            43:ec:da:b6:33:0d:2e:13:b8:40:9f:8f:d4:23:e0:d2:18:46:9d:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 15 00:11:50 2025 GMT
            Not After : Apr 19 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:b6:d9:83:b4:33:51:51:27:be:df:af:93:53:
                    37:b5:e8:61:b9:8c:5e:ea:21:4d:78:c3:7c:21:49:
                    0d:bf:6a:fd:06:a2:8d:94:db:96:7c:22:6e:3f:48:
                    28:eb:36:11:5d:03:a1:2e:2b:61:4f:68:f2:c8:23:
                    52:3e:5c:50:31:d8:e4:c3:6a:c1:cc:71:3e:93:92:
                    25:fd:01:c7:e8:b4:b2:02:29:c2:cb:5d:f0:fd:77:
                    39:f2:d9:93:82:f2:45:75:d5:2a:88:46:35:10:f1:
                    6c:6e:46:ef:7c:52:a9:10:15:2c:b0:01:92:5c:8a:
                    17:58:d6:37:df:01:46:c2:d4:b2:3c:0a:62:1c:64:
                    a2:7b:2c:09:4d:a6:7e:96:c1:65:ab:fd:45:49:e3:
                    c1:17:c9:26:c9:5c:e6:f2:c2:f3:fd:fa:84:d1:f7:
                    9f:00:c8:fa:cf:29:3e:bb:f9:c5:0c:02:09:20:4c:
                    79:29:58:05:06:e9:d2:8c:99:28:6a:97:24:b8:0e:
                    9d:c6:58:56:4c:f4:cf:d2:2a:9e:66:98:e8:86:bf:
                    f9:57:bd:45:3f:22:40:0e:39:dc:c8:68:ad:3c:7b:
                    2b:bc:eb:1c:c8:36:63:d7:53:fd:7e:1b:06:fd:7e:
                    9d:72:e6:a6:34:50:e4:60:30:ea:db:31:d2:e7:91:
                    d4:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:40:F3:83:BA:D1:E7:04:29:72:B6:4A:C5:F0:59:74:14:C6:6E:D6
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e06c10d5-25fa-4779-8d71-f83b48e0f4a8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1ff8:2000::/40

    Signature Algorithm: sha256WithRSAEncryption
         6c:49:9b:cc:14:3e:d7:ec:31:c9:0a:62:d6:73:88:63:3e:37:
         83:55:db:5c:c7:d8:9b:b7:8a:9a:fa:70:69:9d:f6:3c:23:90:
         cc:96:b4:fe:a7:2e:ad:2a:70:00:71:9d:ef:94:97:86:31:7f:
         71:00:d8:6e:98:74:95:0b:dc:fe:a3:e6:c6:2f:0f:2a:17:f7:
         b1:07:2b:d7:15:1a:8f:db:0b:f2:83:a4:0c:28:dc:80:9c:d5:
         c8:58:d9:40:e5:bf:67:4e:30:5a:56:1a:5f:de:0f:5b:c5:4f:
         f4:7e:d4:f3:ce:6b:0d:1b:f5:8a:de:cd:e0:46:e3:fb:95:6b:
         7c:ad:86:2a:19:e2:1f:17:25:51:71:4d:9c:6a:b0:34:e3:11:
         ad:ca:73:db:c7:a4:fd:73:7e:9f:4f:1b:4c:77:81:36:54:90:
         3b:9d:d2:cc:51:86:5d:a8:d2:7f:bd:6e:9a:23:e9:ba:0e:5e:
         07:d1:1e:48:61:57:bf:96:14:23:b6:f6:52:30:24:b4:4a:70:
         c3:62:1a:10:1b:da:18:d7:03:1c:e9:ef:24:19:82:91:5f:c3:
         07:2f:c6:99:28:57:2c:6b:f8:b4:5f:bf:65:28:1d:fb:26:41:
         55:22:1d:9a:8d:c2:7d:fd:08:e1:f4:e0:49:e6:3c:d6:73:73:
         98:98:54:31
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUQ+zatjMNLhO4QJ+P1CPg0hhGnRkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzE1MDAxMTUwWhcNMjUwNDE5MjM1OTU5
WjB6MUkwRwYDVQQFE0BmNjFkYTkzMmNkZmFlNDVmODJhYWI4NmY5YzhmZjU1MGE0
YjRjODlmMTEyMWY1MzlkZTU4NTMwYzE0OWUyNTZiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCWttmDtDNRUSe+36+TUze16GG5jF7qIU14w3whSQ2/av0G
oo2U25Z8Im4/SCjrNhFdA6EuK2FPaPLII1I+XFAx2OTDasHMcT6TkiX9AcfotLIC
KcLLXfD9dzny2ZOC8kV11SqIRjUQ8WxuRu98UqkQFSywAZJcihdY1jffAUbC1LI8
CmIcZKJ7LAlNpn6WwWWr/UVJ48EXySbJXObywvP9+oTR958AyPrPKT67+cUMAgkg
THkpWAUG6dKMmShqlyS4Dp3GWFZM9M/SKp5mmOiGv/lXvUU/IkAOOdzIaK08eyu8
6xzINmPXU/1+Gwb9fp1y5qY0UORgMOrbMdLnkdSRAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUbkDzg7rR5wQpcrZKxfBZdBTGbtYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2UwNmMxMGQ1LTI1ZmEtNDc3OS04ZDcxLWY4M2I0OGUwZjRhOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB/4IDANBgkqhkiG9w0BAQsFAAOCAQEAbEmbzBQ+1+wxyQpi1nOIYz43
g1XbXMfYm7eKmvpwaZ32PCOQzJa0/qcurSpwAHGd75SXhjF/cQDYbph0lQvc/qPm
xi8PKhf3sQcr1xUaj9sL8oOkDCjcgJzVyFjZQOW/Z04wWlYaX94PW8VP9H7U885r
DRv1it7N4Ebj+5VrfK2GKhniHxclUXFNnGqwNOMRrcpz28ek/XN+n08bTHeBNlSQ
O53SzFGGXajSf71umiPpug5eB9EeSGFXv5YUI7b2UjAktEpww2IaEBvaGNcDHOnv
JBmCkV/DBy/GmShXLGv4tF+/ZSgd+yZBVSIdmo3Cff0I4fTgSeY81nNzmJhUMQ==
-----END CERTIFICATE-----