Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8b1dc0cf-b3f2-44ea-b02f-d5965d8c7ac7.roa
File:                     8b1dc0cf-b3f2-44ea-b02f-d5965d8c7ac7.roa (raw, json)
Hash identifier:          FsNBaci8W5OqPqoATJ2f89bVuD4jB0YWygsVkbTnIm0=
Subject key identifier:   69:77:B0:4E:04:EA:55:6B:F0:BC:B2:5C:1B:6B:9B:DB:C7:F7:6F:52
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       36673B816E159E8E88174311304EC54ABDF4805C
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8b1dc0cf-b3f2-44ea-b02f-d5965d8c7ac7.roa
Signing time:             Mon 19 May 2025 18:32:08 +0000
ROA not before:           Mon 19 May 2025 18:32:08 +0000
ROA not after:            Mon 23 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f14::/34 maxlen: 34
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 02 Jun 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            36:67:3b:81:6e:15:9e:8e:88:17:43:11:30:4e:c5:4a:bd:f4:80:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: May 19 18:32:08 2025 GMT
            Not After : Jun 23 23:59:59 2025 GMT
        Subject: serialNumber=c6353a7a9be15b4f7486892e26b6ae0040c0f12648f74e8c300a50ab76d0fe31, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:8a:f8:d2:e9:37:1d:8d:df:3b:82:e4:c3:c6:
                    66:97:b2:29:99:2c:63:10:8f:91:38:e3:d1:c1:cc:
                    b2:37:51:64:a5:75:d5:3e:fc:a0:c2:f0:3c:ed:66:
                    52:f2:1c:d5:c3:a5:54:6f:b5:ec:6e:67:57:ff:5e:
                    e4:b6:86:d4:0b:90:78:58:9a:9a:ad:25:4a:df:02:
                    04:88:ec:89:30:5e:80:35:27:d4:09:f4:eb:62:bc:
                    b1:44:2a:4c:07:66:92:36:7d:c0:fb:88:c8:7b:04:
                    9f:5d:92:30:77:01:33:2f:35:66:f0:06:2e:45:f3:
                    6e:c6:29:2c:d0:03:ec:08:1a:46:83:8b:f7:61:86:
                    b9:23:70:bb:59:d0:a3:8c:93:04:69:36:2a:45:48:
                    f1:05:18:56:b0:6e:ec:6c:52:ff:2d:90:8c:d0:80:
                    31:52:d3:fc:06:63:34:0b:ed:e9:c0:58:98:fe:0d:
                    ce:b2:fe:36:f4:ce:cf:74:54:5d:83:80:ab:a4:c5:
                    a8:63:f8:46:f9:85:33:53:b1:f6:af:5b:7f:48:ea:
                    19:79:0b:18:0c:28:90:f2:3e:22:35:b3:d5:b2:de:
                    c4:42:16:11:bd:3b:57:e4:85:9b:99:69:04:5e:08:
                    51:f7:49:86:8e:d2:57:c0:98:40:a6:27:b6:6c:59:
                    db:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:77:B0:4E:04:EA:55:6B:F0:BC:B2:5C:1B:6B:9B:DB:C7:F7:6F:52
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8b1dc0cf-b3f2-44ea-b02f-d5965d8c7ac7.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f14::/34

    Signature Algorithm: sha256WithRSAEncryption
         41:ef:b7:b2:12:af:1c:88:47:e2:5e:a1:d4:e8:a5:76:1a:62:
         1e:94:aa:7d:47:4a:24:fe:c0:6c:56:df:48:62:b9:60:24:1a:
         4e:b1:93:06:fe:b7:be:f4:2c:d8:79:0b:be:5e:e3:70:a1:f4:
         82:78:ba:50:de:dd:59:3b:17:e6:4a:c2:2e:11:7b:f3:e7:40:
         3a:a1:67:f4:8b:51:d8:78:ff:79:11:2e:53:58:82:1e:3c:54:
         67:01:9e:d4:f5:da:d5:2f:94:2e:bd:7e:79:78:20:4b:b4:21:
         2e:4d:07:de:a2:25:83:eb:15:20:a6:5e:33:68:81:97:50:a6:
         22:55:cd:de:9c:21:34:42:85:08:bd:c1:01:34:7c:97:f2:dc:
         a4:7d:d4:af:fc:9d:92:47:f4:de:cb:35:68:ff:43:3f:36:17:
         a9:28:03:87:c3:7d:bb:05:97:0a:a0:47:28:a0:6c:e1:84:ee:
         b1:2f:d9:b2:5f:7c:05:36:ec:97:83:5c:b3:6c:63:47:6e:a4:
         1a:37:47:02:07:e1:1f:c4:09:1e:04:10:2c:5f:a2:07:73:2c:
         56:7d:78:84:93:0d:88:fb:e6:cc:2e:48:2c:de:6b:43:21:6a:
         e7:21:98:a0:1a:66:d9:b0:68:ef:99:ea:3a:c3:2f:95:78:77:
         53:88:d6:3f
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUNmc7gW4Vno6IF0MRME7FSr30gFwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNTE5MTgzMjA4WhcNMjUwNjIzMjM1OTU5
WjB6MUkwRwYDVQQFE0BjNjM1M2E3YTliZTE1YjRmNzQ4Njg5MmUyNmI2YWUwMDQw
YzBmMTI2NDhmNzRlOGMzMDBhNTBhYjc2ZDBmZTMxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCfivjS6Tcdjd87guTDxmaXsimZLGMQj5E449HBzLI3UWSl
ddU+/KDC8DztZlLyHNXDpVRvtexuZ1f/XuS2htQLkHhYmpqtJUrfAgSI7IkwXoA1
J9QJ9OtivLFEKkwHZpI2fcD7iMh7BJ9dkjB3ATMvNWbwBi5F827GKSzQA+wIGkaD
i/dhhrkjcLtZ0KOMkwRpNipFSPEFGFawbuxsUv8tkIzQgDFS0/wGYzQL7enAWJj+
Dc6y/jb0zs90VF2DgKukxahj+Eb5hTNTsfavW39I6hl5CxgMKJDyPiI1s9Wy3sRC
FhG9O1fkhZuZaQReCFH3SYaO0lfAmECmJ7ZsWdszAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUaXewTgTqVWvwvLJcG2ub28f3b1IwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzhiMWRjMGNmLWIzZjItNDRlYS1iMDJmLWQ1OTY1ZDhjN2FjNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgYmAB8UADANBgkqhkiG9w0BAQsFAAOCAQEAQe+3shKvHIhH4l6h1Oildhpi
HpSqfUdKJP7AbFbfSGK5YCQaTrGTBv63vvQs2HkLvl7jcKH0gni6UN7dWTsX5krC
LhF78+dAOqFn9ItR2Hj/eREuU1iCHjxUZwGe1PXa1S+ULr1+eXggS7QhLk0H3qIl
g+sVIKZeM2iBl1CmIlXN3pwhNEKFCL3BATR8l/LcpH3Ur/ydkkf03ss1aP9DPzYX
qSgDh8N9uwWXCqBHKKBs4YTusS/Zsl98BTbsl4Ncs2xjR26kGjdHAgfhH8QJHgQQ
LF+iB3MsVn14hJMNiPvmzC5ILN5rQyFq5yGYoBpm2bBo75nqOsMvlXh3U4jWPw==
-----END CERTIFICATE-----