Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/81f20b3f-a3c5-41dd-8d1c-0a6bb7cea300.roa
File:                     81f20b3f-a3c5-41dd-8d1c-0a6bb7cea300.roa (raw, json)
Hash identifier:          zrfNItfOaa6r/OjvZfcOvRWVgQPpkfQs7F5VST3TjKk=
Subject key identifier:   A7:39:AB:FD:A5:5E:6C:40:49:C3:B2:B4:72:63:F3:6F:D1:00:CB:B7
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       223D6DBA020988F766E58BAAFE291D7CBC30CC3D
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/81f20b3f-a3c5-41dd-8d1c-0a6bb7cea300.roa
Signing time:             Sat 10 May 2025 00:21:35 +0000
ROA not before:           Sat 10 May 2025 00:21:35 +0000
ROA not after:            Sat 14 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        66.63.192.0/19 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 02 Jun 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            22:3d:6d:ba:02:09:88:f7:66:e5:8b:aa:fe:29:1d:7c:bc:30:cc:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: May 10 00:21:35 2025 GMT
            Not After : Jun 14 23:59:59 2025 GMT
        Subject: serialNumber=aa37db424274a1164ca145904ff8e69dc4ea62c05068f15e092df2f9ccc85f64, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:55:1e:2f:9b:fd:be:33:2c:52:34:0a:dc:63:
                    bc:c4:f1:d4:74:82:e3:90:e6:f5:b6:a8:3f:12:59:
                    d8:51:73:9f:df:58:10:79:0c:b7:48:f5:dd:e8:32:
                    cb:a0:e1:e3:70:37:d2:a6:d4:f8:b1:d0:e1:09:5b:
                    52:60:0f:3b:3f:43:e7:77:7d:e4:ad:75:30:19:8a:
                    97:3e:35:d7:08:9c:13:34:66:d0:e1:d2:94:ec:25:
                    8a:a2:f3:52:74:83:fd:0a:a5:f9:90:89:5d:1b:5d:
                    8a:f3:25:f0:8d:80:ad:b2:2a:71:f7:fc:e2:2a:8c:
                    34:e8:93:cc:65:90:8c:b8:10:25:83:7c:ac:d5:94:
                    c4:d6:1d:05:fb:88:1f:7e:20:53:16:f2:be:c4:43:
                    0a:1a:fd:46:ee:e2:30:47:48:34:a2:76:1a:29:b2:
                    4f:85:ce:13:f6:19:a7:ef:a1:21:0d:64:aa:38:ec:
                    0b:45:14:e7:7f:24:e2:6c:b0:aa:81:e7:c9:e1:6e:
                    24:ac:37:3d:13:c0:56:79:48:d0:77:27:51:b3:5d:
                    f4:8c:ee:61:37:a2:70:dc:93:34:0d:84:0a:4f:68:
                    12:17:bc:2d:cd:74:a1:72:3f:16:1c:50:e9:3f:d7:
                    27:a4:5d:c4:c9:88:44:cb:d6:5d:b4:0c:f4:a0:0a:
                    87:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:39:AB:FD:A5:5E:6C:40:49:C3:B2:B4:72:63:F3:6F:D1:00:CB:B7
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/81f20b3f-a3c5-41dd-8d1c-0a6bb7cea300.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  66.63.192.0/19

    Signature Algorithm: sha256WithRSAEncryption
         6e:52:42:07:d2:66:e8:93:b5:7b:cb:a8:f8:e6:ac:4b:c2:90:
         eb:7a:39:b5:be:35:60:08:04:0c:6d:b5:16:a1:8b:fc:fe:43:
         aa:6b:fc:99:9e:34:2c:e4:c3:ad:74:a9:48:79:bb:28:13:c2:
         06:7d:18:6f:b0:7e:a8:8d:04:01:1e:34:a7:fd:86:60:70:c6:
         c2:e9:20:30:05:17:10:8d:0c:32:2e:c4:1c:12:fb:ce:6c:8d:
         1d:57:45:9a:2d:f1:06:3f:17:5b:2e:50:4a:2f:8f:42:e5:1c:
         08:2b:fe:1f:da:da:ea:54:03:6d:e5:b8:16:2e:37:8b:82:65:
         be:f3:c3:2c:79:39:d6:f8:25:56:fb:40:e4:93:b8:75:88:60:
         0d:5c:39:dc:7f:61:e6:a6:aa:fc:31:dd:d3:60:8e:19:11:5b:
         a0:a9:f4:13:91:ad:83:3c:fc:24:26:a1:ff:c3:97:8b:63:6a:
         c9:08:89:ba:83:de:c9:cd:57:44:18:bc:7d:28:e3:75:b6:1e:
         73:22:0c:fc:7e:7e:70:28:e3:95:e0:e5:70:7e:a1:e6:a1:5f:
         60:72:bd:00:13:c4:a8:aa:ec:74:b0:c0:0c:f3:79:47:f8:56:
         1b:40:a0:d6:bf:9b:1e:34:fd:7e:87:ea:0a:f8:56:49:ff:88:
         db:f6:d2:81
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUIj1tugIJiPdm5Yuq/ikdfLwwzD0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNTEwMDAyMTM1WhcNMjUwNjE0MjM1OTU5
WjB6MUkwRwYDVQQFE0BhYTM3ZGI0MjQyNzRhMTE2NGNhMTQ1OTA0ZmY4ZTY5ZGM0
ZWE2MmMwNTA2OGYxNWUwOTJkZjJmOWNjYzg1ZjY0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC2VR4vm/2+MyxSNArcY7zE8dR0guOQ5vW2qD8SWdhRc5/f
WBB5DLdI9d3oMsug4eNwN9Km1Pix0OEJW1JgDzs/Q+d3feStdTAZipc+NdcInBM0
ZtDh0pTsJYqi81J0g/0KpfmQiV0bXYrzJfCNgK2yKnH3/OIqjDTok8xlkIy4ECWD
fKzVlMTWHQX7iB9+IFMW8r7EQwoa/Ubu4jBHSDSidhopsk+FzhP2GafvoSENZKo4
7AtFFOd/JOJssKqB58nhbiSsNz0TwFZ5SNB3J1GzXfSM7mE3onDckzQNhApPaBIX
vC3NdKFyPxYcUOk/1yekXcTJiETL1l20DPSgCofDAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUpzmr/aVebEBJw7K0cmPzb9EAy7cwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzgxZjIwYjNmLWEzYzUtNDFkZC04ZDFjLTBhNmJiN2NlYTMwMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAVCP8AwDQYJKoZIhvcNAQELBQADggEBAG5SQgfSZuiTtXvLqPjmrEvCkOt6
ObW+NWAIBAxttRahi/z+Q6pr/JmeNCzkw610qUh5uygTwgZ9GG+wfqiNBAEeNKf9
hmBwxsLpIDAFFxCNDDIuxBwS+85sjR1XRZot8QY/F1suUEovj0LlHAgr/h/a2upU
A23luBYuN4uCZb7zwyx5Odb4JVb7QOSTuHWIYA1cOdx/Yeamqvwx3dNgjhkRW6Cp
9BORrYM8/CQmof/Dl4tjaskIibqD3snNV0QYvH0o43W2HnMiDPx+fnAo45Xg5XB+
oeahX2ByvQATxKiq7HSwwAzzeUf4VhtAoNa/mx40/X6H6gr4Vkn/iNv20oE=
-----END CERTIFICATE-----