Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/4c455a0a-a2f3-4993-8823-e7067f11b897.roa
File:                     4c455a0a-a2f3-4993-8823-e7067f11b897.roa (raw, json)
Hash identifier:          o/4zjuBM29GXtb6KsQWDr7XNw6hSkj9HeoTHNogpfIk=
Subject key identifier:   95:63:CE:5A:4B:17:E3:35:C7:EE:E3:3C:6C:A5:A9:91:08:12:E9:94
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       6513C57B4743E7135E68AFF36BCD54AE93C5C195
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/4c455a0a-a2f3-4993-8823-e7067f11b897.roa
Signing time:             Fri 21 Mar 2025 00:50:24 +0000
ROA not before:           Fri 21 Mar 2025 00:50:24 +0000
ROA not after:            Fri 25 Apr 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        173.82.19.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 06 Apr 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            65:13:c5:7b:47:43:e7:13:5e:68:af:f3:6b:cd:54:ae:93:c5:c1:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Mar 21 00:50:24 2025 GMT
            Not After : Apr 25 23:59:59 2025 GMT
        Subject: CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:53:92:22:97:5b:60:41:8b:b9:c6:fa:86:56:
                    db:ad:04:98:75:b0:99:8d:4b:34:6e:89:d3:c7:25:
                    04:6f:57:9d:52:59:04:d2:60:c4:9a:cb:ec:d6:36:
                    17:5e:95:e7:38:e9:66:d0:b2:78:0e:0b:97:80:a8:
                    77:87:28:99:ff:1b:e1:5b:7b:47:c9:b5:60:a8:7b:
                    e9:4c:ca:15:40:93:7a:bd:4a:7e:cf:c0:16:60:bb:
                    64:7e:39:c6:cb:9e:a5:39:01:6c:38:09:34:8f:a9:
                    a9:d3:5d:28:5b:83:77:29:89:bd:a9:b0:70:29:fc:
                    3d:ce:c2:a3:16:e7:8a:71:50:a6:b6:5d:4d:9f:83:
                    08:fc:bf:4c:f9:1c:22:79:7a:72:ff:c3:6b:f5:1a:
                    42:16:d5:70:30:60:26:dd:f9:b5:fa:c8:7c:8c:d7:
                    0b:e9:91:68:13:4d:5c:b4:85:6f:f6:ba:c6:c0:b6:
                    62:2f:55:73:f3:65:56:e0:0b:8f:18:c1:57:4e:cd:
                    43:65:ad:7e:3a:84:46:59:45:8c:55:a0:21:2e:23:
                    80:4f:33:d9:7e:2b:e6:a2:e5:4c:55:cd:0c:4c:5a:
                    8e:4f:b9:dc:9e:e5:d5:24:44:f5:07:26:c5:5c:14:
                    88:f2:c3:db:f9:57:85:cd:6c:ee:56:15:13:7b:16:
                    a3:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:63:CE:5A:4B:17:E3:35:C7:EE:E3:3C:6C:A5:A9:91:08:12:E9:94
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/4c455a0a-a2f3-4993-8823-e7067f11b897.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  173.82.19.0/24

    Signature Algorithm: sha256WithRSAEncryption
         62:b0:be:44:4d:8e:35:0c:a8:2e:b8:93:ad:e4:3a:05:a4:85:
         1f:f0:f8:19:dc:d9:fc:51:48:d6:c4:a7:11:6e:eb:cf:c5:dd:
         5c:c9:ff:64:ad:09:cb:36:bd:9f:97:68:39:c1:a7:f1:6f:24:
         90:b0:6d:02:33:e7:a3:ad:66:f5:fd:f3:b5:31:00:9e:56:34:
         3c:59:0f:04:b8:65:f9:cb:f6:ac:30:21:be:03:9d:b5:ae:34:
         3b:aa:77:ea:6d:ed:30:15:62:06:cf:62:35:4a:5b:5b:da:56:
         35:d1:2d:07:03:3f:8b:af:37:84:db:5e:c7:6d:71:1e:6f:eb:
         6c:4d:d6:d4:ac:5c:ae:1a:97:e2:a6:e9:35:6b:9a:46:0d:e2:
         58:4c:64:aa:7b:99:ec:ab:12:cf:44:1c:0c:02:80:66:16:9b:
         08:ca:a2:33:55:d9:d7:df:9b:5b:f1:8c:6a:93:ea:da:f9:6b:
         d2:fb:38:94:7c:24:ec:e3:7d:65:f8:77:b4:e6:1f:6a:58:3a:
         5e:e8:d8:ad:6c:56:14:63:df:d7:c6:df:fa:23:ae:c6:25:7c:
         df:27:7e:2f:4d:db:d9:8b:6c:c4:d8:78:8c:88:a8:b9:08:c4:
         83:1e:50:8a:a4:a0:bc:0b:fc:4b:2f:1a:64:67:46:41:5c:28:
         b3:5d:60:7b
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUZRPFe0dD5xNeaK/za81UrpPFwZUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUwMzIxMDA1MDI0WhcNMjUwNDI1MjM1OTU5
WjB6MUkwRwYDVQQFE0AwMjkwNDBjMDM3Y2U4YmQyNWRmMTI1MzdkZGIxZjIxZDg2
ZTliMjA0Y2JlMzkwNjFhMzkxMzNhMmNmN2U2ZTQ0MS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCtU5Iil1tgQYu5xvqGVtutBJh1sJmNSzRuidPHJQRvV51S
WQTSYMSay+zWNhdelec46WbQsngOC5eAqHeHKJn/G+Fbe0fJtWCoe+lMyhVAk3q9
Sn7PwBZgu2R+OcbLnqU5AWw4CTSPqanTXShbg3cpib2psHAp/D3OwqMW54pxUKa2
XU2fgwj8v0z5HCJ5enL/w2v1GkIW1XAwYCbd+bX6yHyM1wvpkWgTTVy0hW/2usbA
tmIvVXPzZVbgC48YwVdOzUNlrX46hEZZRYxVoCEuI4BPM9l+K+ai5UxVzQxMWo5P
udye5dUkRPUHJsVcFIjyw9v5V4XNbO5WFRN7FqPlAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUlWPOWksX4zXH7uM8bKWpkQgS6ZQwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiLzRjNDU1YTBhLWEyZjMtNDk5My04ODIzLWU3MDY3ZjExYjg5Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBACtUhMwDQYJKoZIhvcNAQELBQADggEBAGKwvkRNjjUMqC64k63kOgWkhR/w
+Bnc2fxRSNbEpxFu68/F3VzJ/2StCcs2vZ+XaDnBp/FvJJCwbQIz56OtZvX987Ux
AJ5WNDxZDwS4ZfnL9qwwIb4DnbWuNDuqd+pt7TAVYgbPYjVKW1vaVjXRLQcDP4uv
N4TbXsdtcR5v62xN1tSsXK4al+Km6TVrmkYN4lhMZKp7meyrEs9EHAwCgGYWmwjK
ojNV2dffm1vxjGqT6tr5a9L7OJR8JOzjfWX4d7TmH2pYOl7o2K1sVhRj39fG3/oj
rsYlfN8nfi9N29mLbMTYeIyIqLkIxIMeUIqkoLwL/EsvGmRnRkFcKLNdYHs=
-----END CERTIFICATE-----