Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6c8983ed-f974-40d9-a655-88644fc75ec2.roa
File:                     6c8983ed-f974-40d9-a655-88644fc75ec2.roa (raw, json)
Hash identifier:          oDxSWCIpiQPuO9nl+38OeKuubsDl5Sto5u4OzXy9SBE=
Subject key identifier:   A7:05:F5:8B:B9:07:66:E4:14:54:50:CD:F9:FF:48:80:13:80:A1:43
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       59BBF191F75AC8CCDADF33A78B1573056E8509
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6c8983ed-f974-40d9-a655-88644fc75ec2.roa
Signing time:             Tue 18 Feb 2025 00:10:17 +0000
ROA not before:           Tue 18 Feb 2025 00:10:17 +0000
ROA not after:            Tue 25 Mar 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        198.151.64.0/18 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 15 Mar 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            59:bb:f1:91:f7:5a:c8:cc:da:df:33:a7:8b:15:73:05:6e:85:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Feb 18 00:10:17 2025 GMT
            Not After : Mar 25 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:8d:4c:3e:b2:d0:8f:1f:44:b4:88:af:08:82:
                    a1:b7:7d:d1:f2:2b:78:e9:63:48:d3:8c:bc:24:5c:
                    fe:45:ff:59:b8:25:f6:7f:e6:8d:4e:32:da:0f:3e:
                    35:d5:49:19:41:3c:b2:8b:14:16:73:0d:28:a4:31:
                    0d:85:58:84:18:df:f5:df:9a:b2:46:0d:e0:0a:07:
                    63:b5:f6:f2:73:c9:de:9d:70:d2:e6:ac:fe:fc:55:
                    5d:7f:d0:49:37:ef:a5:94:a6:aa:d3:b3:bf:7e:2d:
                    61:c1:02:c9:04:0e:7c:58:51:46:61:86:97:46:3f:
                    31:06:bd:49:bc:22:64:4a:cc:b7:6c:ff:f4:70:4d:
                    95:00:2c:92:db:84:7f:f9:bf:7c:8f:34:6c:90:af:
                    7e:a0:da:b2:f8:85:36:eb:fb:c6:96:82:eb:2e:35:
                    51:d5:ea:28:0f:9b:b8:82:67:3d:3e:ca:e0:09:c1:
                    da:b6:fe:30:1d:4e:2a:90:3a:58:7d:b5:20:b0:3d:
                    ec:3c:b5:cc:9a:d2:0d:95:1c:a2:ec:ef:42:40:81:
                    f4:e7:a1:b3:b2:b9:f5:e6:44:cc:a3:17:2b:ec:f1:
                    64:75:c1:7b:e6:6b:3e:12:a1:7b:71:c8:82:b3:04:
                    75:74:f7:9f:0d:35:77:21:82:a2:4e:32:f9:6f:ae:
                    2a:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:05:F5:8B:B9:07:66:E4:14:54:50:CD:F9:FF:48:80:13:80:A1:43
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6c8983ed-f974-40d9-a655-88644fc75ec2.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  198.151.64.0/18

    Signature Algorithm: sha256WithRSAEncryption
         27:d8:81:9d:c2:40:30:4c:b7:63:0b:d6:af:bf:cc:d8:93:fa:
         09:84:93:6e:1c:88:fb:49:46:ff:2f:b4:6a:f6:4d:0d:95:50:
         57:a9:36:e2:d4:a8:68:75:69:1b:03:66:4f:27:4d:b9:a7:22:
         29:97:84:0b:b0:07:7b:15:03:cb:45:91:fa:a7:f6:f9:bf:69:
         12:fc:e6:77:fb:47:85:0a:31:bb:4a:9b:9d:ed:61:da:50:35:
         4a:d2:8d:70:a7:9d:a4:19:51:9e:7b:88:2c:fb:eb:fe:34:7d:
         09:fe:82:61:88:3d:2b:39:08:c0:36:25:b2:24:55:be:70:54:
         a8:e6:50:7a:23:00:b8:6a:08:e1:31:74:2a:72:3b:cb:cc:59:
         c0:97:e0:7d:8b:3d:42:0e:07:56:42:35:f0:43:8f:99:4c:6b:
         65:9f:f9:bd:19:60:d6:16:d6:ce:d9:06:8c:69:bf:fd:e3:32:
         34:72:4a:d0:0a:fd:93:e9:4d:1c:00:15:26:f2:cc:7c:3e:a8:
         f7:d8:f6:63:69:7e:14:51:3f:a6:fe:0c:9b:7a:f3:f7:2e:2e:
         fb:07:15:39:b8:18:66:c6:1e:88:f9:9c:11:2e:4d:2f:04:d3:
         e8:a5:14:32:49:cd:a3:90:b6:0f:f1:af:fa:2d:77:94:e7:2b:
         55:f7:6c:56
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgITWbvxkfdayMza3zOnixVzBW6FCTANBgkqhkiG9w0BAQsF
ADA9MTswOQYDVQQDEzI2ZWQ4OGNhZDExZmVhYzc3NDQ5ZjAxOGQ0MmJlMzU4ZWIz
NzEwN2RiZThjYjcxZDBhNzAeFw0yNTAyMTgwMDEwMTdaFw0yNTAzMjUyMzU5NTla
MHoxSTBHBgNVBAUTQDI1YjZmMDgwYWUzYmRkMjdjYmQxODI0OGE2YzkwYWQ0MGEz
MjNkODJlYTkwZDM5MzAxMTMwZTc3MDBmYTY1ZDcxLTArBgNVBAMTJGIyNWM5NzBm
LWQ4MTMtNDQ1Yy1iZmUyLTYyNjY4NTE4Yzg3ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK6NTD6y0I8fRLSIrwiCobd90fIreOljSNOMvCRc/kX/Wbgl
9n/mjU4y2g8+NdVJGUE8sosUFnMNKKQxDYVYhBjf9d+askYN4AoHY7X28nPJ3p1w
0uas/vxVXX/QSTfvpZSmqtOzv34tYcECyQQOfFhRRmGGl0Y/MQa9SbwiZErMt2z/
9HBNlQAsktuEf/m/fI80bJCvfqDasviFNuv7xpaC6y41UdXqKA+buIJnPT7K4AnB
2rb+MB1OKpA6WH21ILA97Dy1zJrSDZUcouzvQkCB9Oehs7K59eZEzKMXK+zxZHXB
e+ZrPhKhe3HIgrMEdXT3nw01dyGCok4y+W+uKicCAwEAAaOCArEwggKtMB0GA1Ud
DgQWBBSnBfWLuQdm5BRUUM35/0iAE4ChQzAfBgNVHSMEGDAWgBQQXdeNVXhAq0Nd
vRUhII8p+kk/rjAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHg
BggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2Fy
aW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMv
MmEyNDY5NDctMmQ2Mi00YTZjLWJhMDUtODcxODdmMDA5OWIyLzFiYTMwMmI4LThk
YWItNDkxZC1iOWVkLWQ3YzkyZDAzMGQ4Mi82ZWQ4OGNhZDExZmVhYzc3NDQ5ZjAx
OGQ0MmJlMzU4ZWIzNzEwN2RiZThjYjcxZDBhNy5jZXIwgZ4GCCsGAQUFBwELBIGR
MIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8yMGFhMzI5Yi1mYzUyLTRjNjEtYmY1My0wOTcy
NWMwNDI5NDIvNmM4OTgzZWQtZjk3NC00MGQ5LWE2NTUtODg2NDRmYzc1ZWMyLnJv
YTCBiAYDVR0fBIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0
LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMt
MDk3MjVjMDQyOTQyL19xeDNSSjhCalVLLU5ZNnpjUWZiNk10eDBLYy5jcmwwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEBsaXQDANBgkqhkiG9w0BAQsFAAOCAQEAJ9iBncJAMEy3YwvWr7/M2JP6CYST
bhyI+0lG/y+0avZNDZVQV6k24tSoaHVpGwNmTydNuaciKZeEC7AHexUDy0WR+qf2
+b9pEvzmd/tHhQoxu0qbne1h2lA1StKNcKedpBlRnnuILPvr/jR9Cf6CYYg9KzkI
wDYlsiRVvnBUqOZQeiMAuGoI4TF0KnI7y8xZwJfgfYs9Qg4HVkI18EOPmUxrZZ/5
vRlg1hbWztkGjGm//eMyNHJK0Ar9k+lNHAAVJvLMfD6o99j2Y2l+FFE/pv4Mm3rz
9y4u+wcVObgYZsYeiPmcES5NLwTT6KUUMknNo5C2D/Gv+i13lOcrVfdsVg==
-----END CERTIFICATE-----