Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/8bae045f-365b-43cf-99fc-12cbcbce5f67.roa
File:                     8bae045f-365b-43cf-99fc-12cbcbce5f67.roa (raw, json)
Hash identifier:          RyhDowMr7pGxTy90TeUulvNcsjqpJS33s29blBoXLo0=
Subject key identifier:   A7:96:DF:03:B7:BC:57:CC:1A:36:A7:BD:D7:37:4D:D2:B9:6C:E0:E4
Certificate issuer:       /CN=0ee4583d84d9b4f0824cb80ba8fc1240b4794b515071e9751d
Certificate serial:       1560AA5F59FDA62CEB4A97D97C1F1922E364789F
Authority key identifier: 7D:84:47:C4:97:8A:0B:4C:73:9B:EB:F6:92:E2:4C:75:DD:3F:BC:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b4e4fec5-3510-4017-90ef-8391412ecd6c/0ee4583d84d9b4f0824cb80ba8fc1240b4794b515071e9751d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/8bae045f-365b-43cf-99fc-12cbcbce5f67.roa
Signing time:             Sat 22 Mar 2025 00:10:29 +0000
ROA not before:           Sat 22 Mar 2025 00:10:29 +0000
ROA not after:            Sat 26 Apr 2025 23:59:59 +0000
asID:                     62785
IP address blocks:        172.96.104.0/21 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/2bTwgky4C6j8EkC0eUtRUHHpdR0.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/2bTwgky4C6j8EkC0eUtRUHHpdR0.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b4e4fec5-3510-4017-90ef-8391412ecd6c/0ee4583d84d9b4f0824cb80ba8fc1240b4794b515071e9751d.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b4e4fec5-3510-4017-90ef-8391412ecd6c/b4e4fec5-3510-4017-90ef-8391412ecd6c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b4e4fec5-3510-4017-90ef-8391412ecd6c/b4e4fec5-3510-4017-90ef-8391412ecd6c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b4e4fec5-3510-4017-90ef-8391412ecd6c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 06 Apr 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            15:60:aa:5f:59:fd:a6:2c:eb:4a:97:d9:7c:1f:19:22:e3:64:78:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ee4583d84d9b4f0824cb80ba8fc1240b4794b515071e9751d
        Validity
            Not Before: Mar 22 00:10:29 2025 GMT
            Not After : Apr 26 23:59:59 2025 GMT
        Subject: CN=b0dbbb6a-5472-4b68-ae4d-401518603039
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:71:f2:21:35:87:d4:c1:fa:10:59:e0:c8:4e:
                    6b:00:3e:51:21:35:2f:cb:17:81:72:47:bd:5e:70:
                    19:85:1f:58:6d:f9:b0:f7:40:d2:6c:03:54:16:bd:
                    42:70:0a:61:6e:f5:18:52:8a:19:52:1c:52:5b:3d:
                    97:c7:ac:42:c3:45:07:f9:8a:ff:e1:eb:f1:14:8a:
                    a5:05:17:7d:ed:87:cb:e7:28:22:94:b2:22:25:66:
                    61:76:a2:83:de:52:d7:80:b9:49:9a:04:cb:c4:6d:
                    5e:f1:aa:d4:18:51:11:ca:34:ca:6d:fd:e1:1b:62:
                    d0:d3:15:c4:ba:a1:46:43:97:f2:04:ca:18:d3:73:
                    28:4a:17:21:0c:f1:b1:6c:f5:ae:f0:43:68:9c:6c:
                    97:14:26:6d:3c:a3:45:3a:72:5e:9c:4e:a7:61:37:
                    fb:99:83:4e:91:f4:f6:9b:99:70:97:a4:2e:42:df:
                    75:ee:a8:02:8e:4f:37:55:a2:5f:71:50:9c:d9:db:
                    f6:be:54:64:06:88:26:32:b8:e8:70:de:70:af:1c:
                    7a:49:0f:1f:3d:ee:a1:a8:68:fc:e3:ac:b3:da:c6:
                    77:d6:03:86:98:d7:fb:a6:2e:26:ff:c2:8e:de:5b:
                    9c:8f:6c:ef:82:34:49:2b:cb:d3:8d:67:aa:6b:fa:
                    fd:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:96:DF:03:B7:BC:57:CC:1A:36:A7:BD:D7:37:4D:D2:B9:6C:E0:E4
            X509v3 Authority Key Identifier:
                keyid:7D:84:47:C4:97:8A:0B:4C:73:9B:EB:F6:92:E2:4C:75:DD:3F:BC:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b4e4fec5-3510-4017-90ef-8391412ecd6c/0ee4583d84d9b4f0824cb80ba8fc1240b4794b515071e9751d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/8bae045f-365b-43cf-99fc-12cbcbce5f67.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/2bTwgky4C6j8EkC0eUtRUHHpdR0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  172.96.104.0/21

    Signature Algorithm: sha256WithRSAEncryption
         51:21:1a:cc:a4:de:55:89:74:37:6b:d6:84:f3:eb:30:57:59:
         95:74:90:d8:2b:f1:92:77:44:2d:a8:6e:86:af:99:b9:9b:e9:
         bc:7f:80:ac:eb:58:db:a3:85:ea:03:a2:11:37:13:36:e4:37:
         8d:3d:03:63:c6:3f:1b:7c:a9:c7:20:fc:2c:6c:be:0f:17:de:
         87:b2:7d:75:74:0f:79:83:28:17:3c:76:d7:38:ea:a9:66:53:
         02:24:62:68:22:29:6d:e6:2f:ef:c4:a4:ea:96:11:86:82:f0:
         33:2f:c6:15:8a:06:82:ba:f2:20:bb:50:d7:bb:29:5f:8a:72:
         4d:17:21:d7:29:78:56:27:e7:73:d6:0b:2f:03:3c:24:3e:00:
         f1:58:b9:d3:2d:c6:a6:f8:14:36:16:20:01:9e:75:b9:ba:a5:
         0e:81:8f:36:94:bb:3a:fd:22:c8:a5:77:59:80:d0:c7:37:a5:
         36:9f:e0:ad:17:d2:ee:5a:4f:4e:1f:39:7c:7e:45:3c:3d:b9:
         5f:4f:10:d3:1b:4c:55:bd:50:bf:cf:c2:29:b6:17:e1:3d:77:
         62:5f:cd:12:30:df:f5:7f:05:f6:89:10:40:fe:7b:b9:9e:65:
         9f:2f:bf:a6:94:25:5f:82:5a:e7:d5:09:04:c8:92:56:8f:fd:
         b9:99:f3:a5
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUFWCqX1n9pizrSpfZfB8ZIuNkeJ8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMGVlNDU4M2Q4NGQ5YjRmMDgyNGNiODBiYThmYzEyNDBi
NDc5NGI1MTUwNzFlOTc1MWQwHhcNMjUwMzIyMDAxMDI5WhcNMjUwNDI2MjM1OTU5
WjB6MUkwRwYDVQQFE0BiODE3ZDFhMGRjY2U0NGRmNGRlNmY4OGQ3MWMzNGRmNGE0
OGMxM2YyOTRhYTMzOTZhZTdkNmEzODlmOTM5MTVhMS0wKwYDVQQDEyRiMGRiYmI2
YS01NDcyLTRiNjgtYWU0ZC00MDE1MTg2MDMwMzkwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCOcfIhNYfUwfoQWeDITmsAPlEhNS/LF4FyR71ecBmFH1ht
+bD3QNJsA1QWvUJwCmFu9RhSihlSHFJbPZfHrELDRQf5iv/h6/EUiqUFF33th8vn
KCKUsiIlZmF2ooPeUteAuUmaBMvEbV7xqtQYURHKNMpt/eEbYtDTFcS6oUZDl/IE
yhjTcyhKFyEM8bFs9a7wQ2icbJcUJm08o0U6cl6cTqdhN/uZg06R9PabmXCXpC5C
33XuqAKOTzdVol9xUJzZ2/a+VGQGiCYyuOhw3nCvHHpJDx897qGoaPzjrLPaxnfW
A4aY1/umLib/wo7eW5yPbO+CNEkry9ONZ6pr+v3fAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUp5bfA7e8V8waNqe91zdN0rls4OQwHwYDVR0jBBgwFoAUfYRHxJeKC0xz
m+v2kuJMdd0/vK4wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS9iNGU0ZmVjNS0z
NTEwLTQwMTctOTBlZi04MzkxNDEyZWNkNmMvMGVlNDU4M2Q4NGQ5YjRmMDgyNGNi
ODBiYThmYzEyNDBiNDc5NGI1MTUwNzFlOTc1MWQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZGZkN2Y2ZDMtZTZlOS00OTg3LTlhZTctZDA1
MmM1MzUzODk4LzhiYWUwNDVmLTM2NWItNDNjZi05OWZjLTEyY2JjYmNlNWY2Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2RmZDdmNmQzLWU2ZTktNDk4Ny05YWU3
LWQwNTJjNTM1Mzg5OC8yYlR3Z2t5NEM2ajhFa0MwZVV0UlVISHBkUjAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAOsYGgwDQYJKoZIhvcNAQELBQADggEBAFEhGsyk3lWJdDdr1oTz6zBXWZV0
kNgr8ZJ3RC2oboavmbmb6bx/gKzrWNujheoDohE3EzbkN409A2PGPxt8qccg/Cxs
vg8X3oeyfXV0D3mDKBc8dtc46qlmUwIkYmgiKW3mL+/EpOqWEYaC8DMvxhWKBoK6
8iC7UNe7KV+Kck0XIdcpeFYn53PWCy8DPCQ+APFYudMtxqb4FDYWIAGedbm6pQ6B
jzaUuzr9Isild1mA0Mc3pTaf4K0X0u5aT04fOXx+RTw9uV9PENMbTFW9UL/Pwim2
F+E9d2JfzRIw3/V/BfaJEED+e7meZZ8vv6aUJV+CWufVCQTIklaP/bmZ86U=
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:25:04 2025 by rpki-client