Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8a13bd1b-83be-4772-b2ef-75052230daca.roa
File:                     8a13bd1b-83be-4772-b2ef-75052230daca.roa (raw, json)
Hash identifier:          YlN4OB9NFxcNd1Y0DZe0dLm/7fBvvyuxvb0IvQGi+no=
Subject key identifier:   D1:09:AB:83:C2:D2:55:5F:A8:AE:05:8D:16:0E:54:7F:7D:6F:00:40
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       3F96EF8852DC85A069FEC29A61A8193690CF30C1
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8a13bd1b-83be-4772-b2ef-75052230daca.roa
Signing time:             Tue 04 Feb 2025 00:00:00 +0000
ROA not before:           Tue 04 Feb 2025 00:00:00 +0000
ROA not after:            Tue 11 Mar 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:1f1c:c000::/37 maxlen: 37
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 06 Feb 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3f:96:ef:88:52:dc:85:a0:69:fe:c2:9a:61:a8:19:36:90:cf:30:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Feb  4 00:00:00 2025 GMT
            Not After : Mar 11 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:f9:5b:3c:41:33:58:91:37:e7:ad:ef:06:ef:
                    d6:78:cb:0a:9b:b4:48:1f:36:d0:ea:47:0f:4b:fe:
                    27:2d:1d:a7:ee:f9:19:cc:ad:36:64:53:15:29:c9:
                    18:55:1c:c7:db:3c:55:21:7e:50:f9:79:97:88:9a:
                    0f:e1:ba:aa:71:66:ae:60:80:4c:44:85:c7:34:c8:
                    bc:ae:ed:a2:11:1a:9d:da:09:31:9c:b9:dd:26:63:
                    e3:a7:5f:aa:9f:dc:5d:25:24:0f:d5:dd:90:e5:18:
                    db:19:e0:5e:ff:8e:df:79:da:e7:97:17:34:86:fa:
                    59:a5:bd:84:db:88:ca:e0:64:39:fe:70:88:8c:be:
                    76:65:99:fd:19:70:42:f6:4c:22:0d:e6:5a:fb:71:
                    a5:04:ae:49:c0:2b:93:65:e2:75:37:18:6c:1a:1a:
                    56:36:a9:82:02:41:96:70:0d:16:6d:9a:71:91:13:
                    f7:81:d2:a6:81:d7:a5:b1:e1:fe:06:c2:ee:b3:8f:
                    70:8c:0f:04:e5:c2:e3:24:82:82:11:54:aa:6d:90:
                    25:7d:d5:e6:3a:c8:32:55:ef:be:c5:1e:13:f5:17:
                    e4:6b:f5:a2:fd:9e:e7:dc:0d:f8:ba:51:cd:71:91:
                    df:4f:9d:ab:27:87:d3:0c:f1:05:43:4c:5f:23:90:
                    52:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:09:AB:83:C2:D2:55:5F:A8:AE:05:8D:16:0E:54:7F:7D:6F:00:40
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8a13bd1b-83be-4772-b2ef-75052230daca.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f1c:c000::/37

    Signature Algorithm: sha256WithRSAEncryption
         95:b6:73:50:2c:f9:f0:a0:19:f7:d1:17:c4:9a:c0:39:b1:ca:
         20:a5:a8:bf:fa:ae:72:96:9d:9d:13:9a:9b:e9:71:44:58:90:
         cf:83:10:25:e9:48:a6:4d:0d:1f:a9:b6:dc:57:b8:2a:a8:39:
         6d:a5:2d:f1:78:fa:46:b2:49:bb:bb:db:a0:5d:f7:18:f4:bf:
         a9:d4:0f:08:89:14:64:2f:53:5e:0b:16:40:35:6e:c8:94:44:
         1d:99:b0:f5:9c:0f:c7:e7:21:0c:8d:22:34:ca:89:ba:ba:57:
         76:8c:31:58:75:2d:a5:64:5f:2d:9b:da:fb:63:b9:97:71:bb:
         32:57:6d:f7:d6:96:eb:eb:40:2c:87:62:08:94:e0:f5:16:86:
         24:7b:b8:0d:08:7f:66:1d:73:25:70:76:ba:ba:a1:0b:7e:b6:
         23:ed:c0:06:45:70:04:82:85:b3:8c:20:7f:14:1b:c9:24:fc:
         a6:e2:76:97:13:5e:f6:f4:bc:71:da:ba:26:3c:5b:ea:03:6b:
         d7:10:38:89:eb:44:91:ec:59:c1:21:99:bd:4d:e5:2b:69:4c:
         26:25:be:0e:2b:26:c2:00:df:b8:e5:1b:05:d8:14:3d:63:66:
         85:76:c7:45:fc:5b:80:f1:0b:a4:96:0d:f3:8e:f5:7b:e2:27:
         00:ff:63:c1
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUP5bviFLchaBp/sKaYagZNpDPMMEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMjA0MDAwMDAwWhcNMjUwMzExMjM1OTU5
WjB6MUkwRwYDVQQFE0BhY2QxNDJkMDA2MDJiZjI2NDg5YjVkY2NmODJiNzRlYjcy
ZjkyMWU5NThmMjljZGEwMTk4MzU4OGU1ODRiNWNkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDH+Vs8QTNYkTfnre8G79Z4ywqbtEgfNtDqRw9L/ictHafu
+RnMrTZkUxUpyRhVHMfbPFUhflD5eZeImg/huqpxZq5ggExEhcc0yLyu7aIRGp3a
CTGcud0mY+OnX6qf3F0lJA/V3ZDlGNsZ4F7/jt952ueXFzSG+lmlvYTbiMrgZDn+
cIiMvnZlmf0ZcEL2TCIN5lr7caUErknAK5Nl4nU3GGwaGlY2qYICQZZwDRZtmnGR
E/eB0qaB16Wx4f4Gwu6zj3CMDwTlwuMkgoIRVKptkCV91eY6yDJV777FHhP1F+Rr
9aL9nufcDfi6Uc1xkd9Pnasnh9MM8QVDTF8jkFLZAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQU0Qmrg8LSVV+orgWNFg5Uf31vAEAwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzhhMTNiZDFiLTgzYmUtNDc3Mi1iMmVmLTc1MDUyMjMwZGFjYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgMmAB8cwDANBgkqhkiG9w0BAQsFAAOCAQEAlbZzUCz58KAZ99EXxJrAObHK
IKWov/qucpadnROam+lxRFiQz4MQJelIpk0NH6m23Fe4Kqg5baUt8Xj6RrJJu7vb
oF33GPS/qdQPCIkUZC9TXgsWQDVuyJREHZmw9ZwPx+chDI0iNMqJurpXdowxWHUt
pWRfLZva+2O5l3G7Mldt99aW6+tALIdiCJTg9RaGJHu4DQh/Zh1zJXB2urqhC362
I+3ABkVwBIKFs4wgfxQbyST8puJ2lxNe9vS8cdq6Jjxb6gNr1xA4ietEkexZwSGZ
vU3lK2lMJiW+DismwgDfuOUbBdgUPWNmhXbHRfxbgPELpJYN8471e+InAP9jwQ==
-----END CERTIFICATE-----