Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/96a3c178-d217-4ac6-ab8e-43c1be9bec09.roa
File:                     96a3c178-d217-4ac6-ab8e-43c1be9bec09.roa (raw, json)
Hash identifier:          V1+bINeDe2u23wtkJnlE1tDqUDFNewqoNLB1hyERYfk=
Subject key identifier:   96:43:54:33:AD:B8:F8:14:6C:F6:42:51:D6:18:9F:36:BA:7D:62:1A
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       41C608814B080B73DC46F3EF5980F3EE0673B73A
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/96a3c178-d217-4ac6-ab8e-43c1be9bec09.roa
Signing time:             Mon 17 Mar 2025 15:10:39 +0000
ROA not before:           Mon 17 Mar 2025 15:10:39 +0000
ROA not after:            Mon 21 Apr 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        15.177.105.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 10 Apr 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            41:c6:08:81:4b:08:0b:73:dc:46:f3:ef:59:80:f3:ee:06:73:b7:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Mar 17 15:10:39 2025 GMT
            Not After : Apr 21 23:59:59 2025 GMT
        Subject: CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:5e:0c:76:0f:c9:c4:71:87:00:4b:8b:88:c4:
                    23:8f:f3:66:63:ec:21:6f:20:57:86:06:92:62:ec:
                    5f:46:14:03:69:ae:73:37:bb:13:9c:37:57:41:4b:
                    82:86:6a:27:71:b5:06:30:23:03:7a:ba:5f:a7:90:
                    10:f9:75:f6:98:39:de:cc:21:09:dc:d8:1d:c9:58:
                    c4:97:e8:18:ad:3c:8d:47:2a:70:af:06:a0:c6:44:
                    ba:02:fc:47:19:12:c2:23:ab:09:81:36:19:9f:98:
                    f8:76:a9:43:aa:41:c5:0a:2e:36:3b:fc:fe:74:62:
                    6c:47:32:ff:41:d3:3e:26:d6:5f:c1:14:b3:45:64:
                    8a:c1:57:ec:c7:9a:5a:32:61:b7:2b:3a:25:9e:a9:
                    41:0c:40:04:f4:78:02:46:d6:fd:af:30:75:ef:5d:
                    92:e6:71:4b:54:21:42:9b:29:e0:71:be:fc:84:18:
                    91:59:5a:80:9d:6d:08:0c:4e:67:08:7a:5c:10:70:
                    cd:8c:19:d5:06:94:2e:f3:c9:43:25:2c:fe:cb:c0:
                    35:c1:f8:48:85:3b:ac:61:f6:47:4d:2d:99:6b:ad:
                    56:cd:7e:a0:7e:8d:10:66:ab:2e:4a:8e:d6:93:2b:
                    91:51:b9:60:15:0c:5c:f3:59:28:2d:64:4d:ee:13:
                    f6:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:43:54:33:AD:B8:F8:14:6C:F6:42:51:D6:18:9F:36:BA:7D:62:1A
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/96a3c178-d217-4ac6-ab8e-43c1be9bec09.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  15.177.105.0/24

    Signature Algorithm: sha256WithRSAEncryption
         30:9f:f7:7d:c5:e7:2f:55:6b:07:52:a1:45:8e:98:97:5a:41:
         11:ce:e3:06:d1:e4:9b:ed:86:02:8f:32:88:48:27:a5:3c:6c:
         8d:c0:33:4e:3d:ba:6a:8b:ed:c5:b8:42:27:2f:45:0c:0c:2a:
         c6:06:06:90:4a:94:4e:e4:42:0a:32:09:f1:eb:36:14:fb:5e:
         2b:e2:b0:4e:24:80:7a:7e:92:e7:20:fb:11:6b:ee:19:5e:30:
         14:a1:91:33:d8:35:64:e9:05:f1:e4:a0:42:60:f2:ee:0c:8d:
         af:43:f0:ba:6c:96:9d:52:90:91:a3:2e:72:1b:cd:be:a7:40:
         8a:38:44:d4:ea:f8:e1:69:65:89:a3:25:47:16:27:b2:ab:d3:
         d1:c5:19:34:5b:f3:d0:84:4f:86:83:de:6c:f7:56:5d:69:e7:
         da:04:c8:f5:7a:d2:48:86:2a:1e:05:9a:28:3b:ee:7f:1f:70:
         4c:be:d8:b1:47:a2:1a:72:10:6c:c3:26:48:a1:21:74:8f:8e:
         d7:f2:96:c3:26:36:c2:94:94:b1:81:08:f7:b2:ce:bd:0d:ac:
         4a:51:66:64:21:78:6d:75:a1:c8:a4:50:0f:3d:96:dc:e7:41:
         c6:53:ab:c8:43:62:b2:68:7f:3c:e2:cb:f0:a6:84:a4:ef:81:
         1b:35:ae:3a
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUQcYIgUsIC3PcRvPvWYDz7gZztzowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwMzE3MTUxMDM5WhcNMjUwNDIxMjM1OTU5
WjB6MUkwRwYDVQQFE0BiNTIyYWZlMzBkMzhlZWFkMGU4MjFhNjY2YjMyNWNkNGVm
YjVlZGNlY2U5ZTlmYTFhOTA2NzNmNTI5YmJiMDlkMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDJXgx2D8nEcYcAS4uIxCOP82Zj7CFvIFeGBpJi7F9GFANp
rnM3uxOcN1dBS4KGaidxtQYwIwN6ul+nkBD5dfaYOd7MIQnc2B3JWMSX6BitPI1H
KnCvBqDGRLoC/EcZEsIjqwmBNhmfmPh2qUOqQcUKLjY7/P50YmxHMv9B0z4m1l/B
FLNFZIrBV+zHmloyYbcrOiWeqUEMQAT0eAJG1v2vMHXvXZLmcUtUIUKbKeBxvvyE
GJFZWoCdbQgMTmcIelwQcM2MGdUGlC7zyUMlLP7LwDXB+EiFO6xh9kdNLZlrrVbN
fqB+jRBmqy5KjtaTK5FRuWAVDFzzWSgtZE3uE/anAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUlkNUM624+BRs9kJR1hifNrp9YhowHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzk2YTNjMTc4LWQyMTctNGFjNi1hYjhlLTQzYzFiZTliZWMwOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAPsWkwDQYJKoZIhvcNAQELBQADggEBADCf933F5y9VawdSoUWOmJdaQRHO
4wbR5JvthgKPMohIJ6U8bI3AM049umqL7cW4QicvRQwMKsYGBpBKlE7kQgoyCfHr
NhT7XivisE4kgHp+kucg+xFr7hleMBShkTPYNWTpBfHkoEJg8u4Mja9D8Lpslp1S
kJGjLnIbzb6nQIo4RNTq+OFpZYmjJUcWJ7Kr09HFGTRb89CET4aD3mz3Vl1p59oE
yPV60kiGKh4Fmig77n8fcEy+2LFHohpyEGzDJkihIXSPjtfylsMmNsKUlLGBCPey
zr0NrEpRZmQheG11ocikUA89ltznQcZTq8hDYrJofzziy/CmhKTvgRs1rjo=
-----END CERTIFICATE-----