Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5dbc6e6b-7d6a-44fc-9de5-03134fd3cea4.roa
File:                     5dbc6e6b-7d6a-44fc-9de5-03134fd3cea4.roa (raw, json)
Hash identifier:          0gBKny6fRN7MYyzEZ7k6JWL70ke0huLYqMUsMxVoWzU=
Subject key identifier:   FA:A3:65:C3:A9:8D:B2:33:BF:B6:A9:8F:50:BD:DE:24:E5:E0:46:05
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       706F83913FF5B98E4ED62CC4D9A00F5A8B495F28
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5dbc6e6b-7d6a-44fc-9de5-03134fd3cea4.roa
Signing time:             Fri 07 Feb 2025 00:00:00 +0000
ROA not before:           Fri 07 Feb 2025 00:00:00 +0000
ROA not after:            Fri 14 Mar 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f1f:8000::/36 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 17 Feb 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            70:6f:83:91:3f:f5:b9:8e:4e:d6:2c:c4:d9:a0:0f:5a:8b:49:5f:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Feb  7 00:00:00 2025 GMT
            Not After : Mar 14 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:80:c6:88:26:85:15:ae:dc:82:4a:f2:0f:33:
                    39:29:56:35:4e:74:fd:3f:20:44:88:6d:98:6f:c2:
                    5e:18:5c:42:50:c4:52:92:f3:5a:94:bb:d6:8a:ca:
                    66:23:f9:cd:c9:3a:54:e9:ec:b0:89:aa:7d:07:45:
                    0e:d3:25:66:53:fe:48:aa:db:1c:1c:eb:e7:56:74:
                    48:d8:b0:91:ea:9c:3d:e3:68:f2:e6:1a:12:e0:af:
                    73:80:d6:05:5a:4b:c6:23:78:0f:ca:ca:94:aa:8c:
                    d9:9f:4e:00:8d:a3:39:76:4c:8a:aa:57:b7:ad:0b:
                    8f:e9:62:25:f1:b9:8b:c4:ca:3e:f4:e8:0f:e6:07:
                    73:15:f6:0a:00:ac:ab:b2:53:c4:d7:c1:84:b5:53:
                    3c:d0:90:d2:0d:54:34:f0:ed:09:c1:b1:02:a4:02:
                    38:4b:03:62:cb:3c:99:85:26:85:99:db:91:69:83:
                    7e:a9:19:80:2e:c7:26:7d:29:d8:af:80:11:cf:bc:
                    52:1f:ac:88:65:9a:57:2b:44:63:11:1c:5c:b1:f9:
                    3a:05:d5:ea:3e:5f:b1:e8:8b:af:39:95:c1:51:56:
                    19:25:1d:0c:e6:f8:7e:0f:2b:f8:c4:22:92:8f:c5:
                    82:21:91:4b:8f:8d:20:f4:3a:68:13:87:ad:65:0d:
                    06:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:A3:65:C3:A9:8D:B2:33:BF:B6:A9:8F:50:BD:DE:24:E5:E0:46:05
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5dbc6e6b-7d6a-44fc-9de5-03134fd3cea4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f1f:8000::/36

    Signature Algorithm: sha256WithRSAEncryption
         d3:73:e4:72:c5:25:24:e6:e9:87:65:1f:79:fb:03:05:80:64:
         5a:35:08:18:d3:b1:5e:be:8c:65:6b:48:1c:a0:0c:71:df:3a:
         ae:5b:47:73:e6:1a:cc:fe:40:97:1a:70:35:46:c1:3d:52:cf:
         8d:d7:f1:b8:cb:f0:8c:3d:e6:51:a1:b1:3e:b7:48:a5:8c:84:
         db:f9:f0:94:0f:a5:49:fb:c7:ce:2e:66:b9:f2:f0:15:33:ac:
         be:67:8e:82:28:bb:98:52:2e:c4:84:32:a7:af:1d:e3:f4:e8:
         b5:07:12:53:3f:4d:39:28:8d:6e:32:61:a1:b3:12:02:7c:6e:
         a6:54:bd:40:61:37:70:6c:19:a6:34:2d:4d:2c:02:cf:d0:4b:
         d4:11:24:c6:c8:4e:f2:ad:54:1a:3a:b3:2e:b4:9b:d9:1a:6a:
         16:5d:44:88:fc:23:0b:9f:81:99:23:c0:0c:55:a6:25:58:25:
         d0:c3:97:2c:a4:5c:96:ca:73:94:87:2c:6d:89:5d:6c:21:c7:
         6f:48:9d:89:98:1e:16:d5:72:8d:1c:2e:c2:d5:74:45:e2:5e:
         2a:40:68:ab:3b:b2:19:62:62:98:99:0c:ed:29:1a:7b:e9:32:
         76:53:4c:e1:b7:c8:ed:3a:14:4c:3c:2c:e3:42:84:c2:8f:d9:
         49:b7:2c:25
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUcG+DkT/1uY5O1izE2aAPWotJXygwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMjA3MDAwMDAwWhcNMjUwMzE0MjM1OTU5
WjB6MUkwRwYDVQQFE0BkNjI4OTc2YjZkYmJhN2VmMTJlMzA5ZTJhYjY0ODUxYWIw
ZDJlNmViNzU1YzVlZDUxNDVhYTJkNjQ2NzY0Y2MxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDKgMaIJoUVrtyCSvIPMzkpVjVOdP0/IESIbZhvwl4YXEJQ
xFKS81qUu9aKymYj+c3JOlTp7LCJqn0HRQ7TJWZT/kiq2xwc6+dWdEjYsJHqnD3j
aPLmGhLgr3OA1gVaS8YjeA/KypSqjNmfTgCNozl2TIqqV7etC4/pYiXxuYvEyj70
6A/mB3MV9goArKuyU8TXwYS1UzzQkNINVDTw7QnBsQKkAjhLA2LLPJmFJoWZ25Fp
g36pGYAuxyZ9KdivgBHPvFIfrIhlmlcrRGMRHFyx+ToF1eo+X7Hoi685lcFRVhkl
HQzm+H4PK/jEIpKPxYIhkUuPjSD0OmgTh61lDQYNAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQU+qNlw6mNsjO/tqmPUL3eJOXgRgUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzVkYmM2ZTZiLTdkNmEtNDRmYy05ZGU1LTAzMTM0ZmQzY2VhNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgQmAB8fgDANBgkqhkiG9w0BAQsFAAOCAQEA03PkcsUlJObph2UfefsDBYBk
WjUIGNOxXr6MZWtIHKAMcd86rltHc+YazP5AlxpwNUbBPVLPjdfxuMvwjD3mUaGx
PrdIpYyE2/nwlA+lSfvHzi5mufLwFTOsvmeOgii7mFIuxIQyp68d4/TotQcSUz9N
OSiNbjJhobMSAnxuplS9QGE3cGwZpjQtTSwCz9BL1BEkxshO8q1UGjqzLrSb2Rpq
Fl1EiPwjC5+BmSPADFWmJVgl0MOXLKRclspzlIcsbYldbCHHb0idiZgeFtVyjRwu
wtV0ReJeKkBoqzuyGWJimJkM7Skae+kydlNM4bfI7ToUTDws40KEwo/ZSbcsJQ==
-----END CERTIFICATE-----