Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/99c8e082-8d94-40aa-ab10-227e1c1538ab.roa
File:                     99c8e082-8d94-40aa-ab10-227e1c1538ab.roa (raw, json)
Hash identifier:          v5hEg21sYFolHo2/yDkfD4SlwQ90lXwR4dQF9bALaiI=
Subject key identifier:   71:B8:91:B1:E9:6C:CF:0A:DD:74:26:60:11:70:62:AB:13:28:00:D1
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       32152096FD5C189BE4860C876C8060959B1B532E
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/99c8e082-8d94-40aa-ab10-227e1c1538ab.roa
Signing time:             Mon 13 Jan 2025 00:00:00 +0000
ROA not before:           Mon 13 Jan 2025 00:00:00 +0000
ROA not after:            Mon 17 Feb 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        75.101.162.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 06 Feb 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            32:15:20:96:fd:5c:18:9b:e4:86:0c:87:6c:80:60:95:9b:1b:53:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jan 13 00:00:00 2025 GMT
            Not After : Feb 17 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:0f:8b:17:56:73:58:c4:a5:92:57:e6:5d:33:
                    1b:94:8f:5b:80:95:15:f1:38:e1:d0:1c:2d:c3:fa:
                    77:b5:c9:6c:bd:93:40:53:1d:61:ed:2e:8b:15:05:
                    40:bd:3b:64:c9:b4:f0:4e:26:ed:31:32:12:9e:fc:
                    ab:2d:90:1f:49:f0:26:fe:2c:0d:bc:0e:e1:93:b6:
                    2a:fb:22:32:f0:7a:52:57:0b:db:1d:0e:72:b5:bf:
                    71:79:a6:e4:3f:1b:e9:20:82:42:51:6b:ec:59:8b:
                    73:d5:cc:9d:ed:f2:bb:08:06:d6:f6:a2:2b:a4:d9:
                    3e:07:e4:e5:1e:fd:24:ed:24:48:4e:e4:76:4a:7c:
                    b9:4f:70:1f:f2:49:f8:14:8a:3e:e5:f2:8f:52:9b:
                    54:07:bc:7b:37:ef:6e:7c:bf:b9:f9:3d:ad:0c:8a:
                    6b:80:03:ea:96:a1:3f:7d:d7:ea:2e:54:99:8c:24:
                    7f:ce:f3:30:13:43:34:b2:cd:93:ae:17:d0:bf:35:
                    0d:01:85:8d:89:ee:30:12:fc:c3:7d:eb:9e:9c:4b:
                    3f:5e:55:e8:7d:0a:b1:22:5f:e2:10:bb:f6:9d:ce:
                    0c:d2:96:b9:21:a9:03:07:61:bc:87:4d:71:b6:e8:
                    1a:4a:15:94:85:69:09:bc:e3:88:70:19:3f:d7:54:
                    46:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:B8:91:B1:E9:6C:CF:0A:DD:74:26:60:11:70:62:AB:13:28:00:D1
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/99c8e082-8d94-40aa-ab10-227e1c1538ab.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  75.101.162.0/23

    Signature Algorithm: sha256WithRSAEncryption
         a7:3e:7c:93:ef:99:31:5a:7b:5c:4c:f0:55:48:77:96:82:96:
         52:85:d3:bb:03:5e:e0:67:ea:e1:df:8f:9c:bb:6c:31:db:71:
         4b:9a:10:30:18:91:ff:94:c3:8e:d8:25:ba:27:8e:42:3e:fa:
         97:37:5e:57:ac:75:63:70:34:f3:39:f3:bf:94:8d:33:c8:25:
         cd:09:fd:53:27:d6:8f:85:fc:26:ee:e9:3c:04:1b:32:4b:91:
         a8:0e:16:e2:f0:13:6d:6b:76:f3:30:5a:e2:52:a3:dd:ea:63:
         b8:02:07:08:3c:10:4c:80:cc:2b:f9:f9:dd:a0:b8:9f:79:54:
         a2:9f:75:b2:9f:71:fb:b9:71:f5:ec:42:0c:2d:cd:d7:15:6e:
         f5:e3:ff:b1:da:b8:4b:9a:51:96:08:48:33:97:13:a5:2c:00:
         5d:a6:ab:bf:7e:0c:43:0d:7b:3c:ff:34:ca:d7:94:3b:8b:f6:
         42:9b:df:7f:df:08:1a:aa:19:39:81:80:35:d8:7e:78:20:14:
         1c:8e:ed:f2:8c:13:44:92:72:b3:ea:ec:bc:3e:e7:c7:dc:b6:
         ea:b0:87:f3:a2:ff:ec:ae:41:2b:b1:c2:91:bb:74:c1:58:26:
         ef:5d:93:c0:a1:c6:ba:0e:7d:1b:5f:79:11:ae:8f:e1:83:54:
         7c:4c:1d:e0
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUMhUglv1cGJvkhgyHbIBglZsbUy4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTEzMDAwMDAwWhcNMjUwMjE3MjM1OTU5
WjB6MUkwRwYDVQQFE0AyNzcxYTk2MDFiNTQyMmJkMDVmMzU5MGUyYzNlYzdkZjJj
ZGY2MjBhYzJjYzE2ZDkxOGJkNGNlNGVhOWMwY2MzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDBD4sXVnNYxKWSV+ZdMxuUj1uAlRXxOOHQHC3D+ne1yWy9
k0BTHWHtLosVBUC9O2TJtPBOJu0xMhKe/KstkB9J8Cb+LA28DuGTtir7IjLwelJX
C9sdDnK1v3F5puQ/G+kggkJRa+xZi3PVzJ3t8rsIBtb2oiuk2T4H5OUe/STtJEhO
5HZKfLlPcB/ySfgUij7l8o9Sm1QHvHs37258v7n5Pa0MimuAA+qWoT991+ouVJmM
JH/O8zATQzSyzZOuF9C/NQ0BhY2J7jAS/MN9656cSz9eVeh9CrEiX+IQu/adzgzS
lrkhqQMHYbyHTXG26BpKFZSFaQm844hwGT/XVEaTAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUcbiRselszwrddCZgEXBiqxMoANEwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzk5YzhlMDgyLThkOTQtNDBhYS1hYjEwLTIyN2UxYzE1MzhhYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAFLZaIwDQYJKoZIhvcNAQELBQADggEBAKc+fJPvmTFae1xM8FVId5aCllKF
07sDXuBn6uHfj5y7bDHbcUuaEDAYkf+Uw47YJbonjkI++pc3XlesdWNwNPM587+U
jTPIJc0J/VMn1o+F/Cbu6TwEGzJLkagOFuLwE21rdvMwWuJSo93qY7gCBwg8EEyA
zCv5+d2guJ95VKKfdbKfcfu5cfXsQgwtzdcVbvXj/7HauEuaUZYISDOXE6UsAF2m
q79+DEMNezz/NMrXlDuL9kKb33/fCBqqGTmBgDXYfnggFByO7fKME0SScrPq7Lw+
58fctuqwh/Oi/+yuQSuxwpG7dMFYJu9dk8ChxroOfRtfeRGuj+GDVHxMHeA=
-----END CERTIFICATE-----