Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6c512c1b-f3e3-4cc4-adf7-022feda26799.roa
File:                     6c512c1b-f3e3-4cc4-adf7-022feda26799.roa (raw, json)
Hash identifier:          LCIDVSCgpnuQqORkcquQCdUeT//Eqm0pQa+SLjtQV/o=
Subject key identifier:   89:D6:6F:95:32:E4:E1:2F:38:68:E3:27:12:9C:69:C0:98:F3:1D:9B
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       7AEFBA76C1554B2E515B985D61C12A4641769547
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6c512c1b-f3e3-4cc4-adf7-022feda26799.roa
Signing time:             Tue 02 Sep 2025 00:30:29 +0000
ROA not before:           Tue 02 Sep 2025 00:30:29 +0000
ROA not after:            Tue 07 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        79.73.0.0/18 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 07 Sep 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7a:ef:ba:76:c1:55:4b:2e:51:5b:98:5d:61:c1:2a:46:41:76:95:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Sep  2 00:30:29 2025 GMT
            Not After : Oct  7 23:59:59 2025 GMT
        Subject: serialNumber=bdc63809ba86262d42190f00ff99f4c5a0335331c102bd93f4e8a4900105b47d, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:17:41:ae:db:c9:0c:fc:78:36:da:0c:95:1e:
                    f4:89:2f:ea:1a:a7:bb:10:78:58:60:37:f9:fd:36:
                    de:a1:82:cc:90:bb:d8:b6:63:8a:49:42:88:c3:77:
                    28:83:2d:8e:ed:c5:2c:42:29:d8:7f:97:8e:5f:a4:
                    f0:10:c2:e2:5a:7f:d4:1c:86:64:5a:df:58:25:c1:
                    03:f2:89:37:05:a7:04:33:88:b3:74:36:9c:cb:20:
                    36:28:23:63:c6:b8:c6:10:50:95:29:f5:e1:79:6a:
                    9b:78:10:ed:ff:b2:6c:16:a4:e8:cd:d6:70:60:be:
                    71:7c:7a:75:9b:80:e1:cc:3d:d9:7d:19:70:f0:52:
                    7b:af:1a:cb:dc:75:50:82:fa:b4:81:7a:21:85:91:
                    cc:c5:f7:6b:23:7b:53:56:7c:21:d0:ae:c3:57:d5:
                    30:7a:49:3c:36:a2:b2:ce:b3:88:c0:0c:c8:3d:07:
                    c2:99:25:e5:c7:b3:c6:aa:21:f8:75:11:52:bb:98:
                    26:e1:88:67:9f:ad:81:de:b0:85:d8:8e:69:69:ae:
                    f1:86:2b:4b:a2:73:e0:41:a6:a1:a0:92:e1:20:3a:
                    39:80:00:c9:87:4e:f1:d7:44:79:82:c6:1b:e3:52:
                    4c:1b:36:92:a2:51:4d:4a:02:2b:19:80:4c:fb:29:
                    32:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:D6:6F:95:32:E4:E1:2F:38:68:E3:27:12:9C:69:C0:98:F3:1D:9B
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6c512c1b-f3e3-4cc4-adf7-022feda26799.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  79.73.0.0/18

    Signature Algorithm: sha256WithRSAEncryption
         46:eb:91:54:40:06:e5:b7:a9:b1:bb:73:8d:2d:0c:ce:ef:7c:
         e3:7b:0e:78:f7:9e:ed:3c:fb:4b:70:1d:ed:9a:98:3a:1a:28:
         92:37:22:cf:0c:37:fb:1c:fe:9d:6e:dd:5e:f2:c0:58:27:1a:
         ed:81:8d:34:f2:83:3c:9d:93:54:06:a0:0e:f5:46:75:e9:7a:
         59:0a:8b:9f:2e:09:82:8b:e9:ff:89:96:dd:49:a5:90:b0:f0:
         17:22:7b:d0:5a:1d:89:b2:95:ab:ce:1b:47:a3:69:a6:6c:c0:
         3d:c0:a5:3b:96:57:21:29:c0:2e:ce:19:38:df:9c:60:c0:c2:
         00:c2:66:e6:ce:9b:2f:4f:fa:eb:79:12:bf:8b:ad:35:00:85:
         ef:f6:80:cd:db:33:56:53:2e:16:4b:59:31:b1:23:67:c2:9b:
         10:e1:69:7b:b0:5b:ed:74:5c:e1:70:4a:f6:aa:60:45:c9:69:
         ea:b8:98:08:4f:1e:e3:4b:ff:d7:8c:d7:c6:21:cf:73:d7:84:
         27:65:b7:1f:64:30:e4:e8:23:79:4b:ea:fa:d1:b0:5b:39:a1:
         e0:ed:41:43:72:d1:f1:d8:13:45:6a:ae:a7:09:b7:6f:ed:ed:
         d9:6f:53:25:39:ed:3a:02:93:c7:e8:8e:0a:08:56:d5:79:fc:
         d0:1a:9d:d0
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUeu+6dsFVSy5RW5hdYcEqRkF2lUcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwOTAyMDAzMDI5WhcNMjUxMDA3MjM1OTU5
WjB6MUkwRwYDVQQFE0BiZGM2MzgwOWJhODYyNjJkNDIxOTBmMDBmZjk5ZjRjNWEw
MzM1MzMxYzEwMmJkOTNmNGU4YTQ5MDAxMDViNDdkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDFF0Gu28kM/Hg22gyVHvSJL+oap7sQeFhgN/n9Nt6hgsyQ
u9i2Y4pJQojDdyiDLY7txSxCKdh/l45fpPAQwuJaf9QchmRa31glwQPyiTcFpwQz
iLN0NpzLIDYoI2PGuMYQUJUp9eF5apt4EO3/smwWpOjN1nBgvnF8enWbgOHMPdl9
GXDwUnuvGsvcdVCC+rSBeiGFkczF92sje1NWfCHQrsNX1TB6STw2orLOs4jADMg9
B8KZJeXHs8aqIfh1EVK7mCbhiGefrYHesIXYjmlprvGGK0uic+BBpqGgkuEgOjmA
AMmHTvHXRHmCxhvjUkwbNpKiUU1KAisZgEz7KTIPAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUidZvlTLk4S84aOMnEpxpwJjzHZswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzZjNTEyYzFiLWYzZTMtNGNjNC1hZGY3LTAyMmZlZGEyNjc5OS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAZPSQAwDQYJKoZIhvcNAQELBQADggEBAEbrkVRABuW3qbG7c40tDM7vfON7
Dnj3nu08+0twHe2amDoaKJI3Is8MN/sc/p1u3V7ywFgnGu2BjTTygzydk1QGoA71
RnXpelkKi58uCYKL6f+Jlt1JpZCw8Bcie9BaHYmylavOG0ejaaZswD3ApTuWVyEp
wC7OGTjfnGDAwgDCZubOmy9P+ut5Er+LrTUAhe/2gM3bM1ZTLhZLWTGxI2fCmxDh
aXuwW+10XOFwSvaqYEXJaeq4mAhPHuNL/9eM18Yhz3PXhCdltx9kMOToI3lL6vrR
sFs5oeDtQUNy0fHYE0VqrqcJt2/t7dlvUyU57ToCk8fojgoIVtV5/NAandA=
-----END CERTIFICATE-----