Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b8ae0d6d-16cf-40c3-9a3e-054480e1b35b.roa
File:                     b8ae0d6d-16cf-40c3-9a3e-054480e1b35b.roa (raw, json)
Hash identifier:          Tx3C+BkjiBoJe1NyXSS9IP9cPewM0jiFLTU8RoElb/s=
Subject key identifier:   FE:BC:48:69:F9:10:7A:1E:2E:D8:C2:E1:62:CB:08:74:C1:7F:11:61
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       3651C8BE46C33FCB0A61B885EADAEFBDBEC3364D
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b8ae0d6d-16cf-40c3-9a3e-054480e1b35b.roa
Signing time:             Mon 17 Feb 2025 15:10:11 +0000
ROA not before:           Mon 17 Feb 2025 15:10:11 +0000
ROA not after:            Mon 24 Mar 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        206.134.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 15 Mar 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            36:51:c8:be:46:c3:3f:cb:0a:61:b8:85:ea:da:ef:bd:be:c3:36:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Feb 17 15:10:11 2025 GMT
            Not After : Mar 24 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:d2:02:e5:2a:8e:dc:54:d5:5d:85:e6:ad:e4:
                    e7:50:87:77:0d:70:f8:5c:15:d5:30:06:aa:29:50:
                    08:e3:6e:0d:a9:6c:3e:7e:07:17:dc:52:1d:03:9e:
                    17:73:7e:bf:05:eb:26:f7:a0:4d:b4:c1:5a:75:98:
                    4f:f1:2b:8e:6d:08:7d:7d:c2:13:69:67:8e:8a:ab:
                    09:b7:fe:10:b5:24:e1:22:f4:8c:ac:40:0a:ee:4d:
                    38:71:20:50:31:ef:67:77:1a:38:de:57:5c:21:d6:
                    d3:d0:c4:b0:b5:a3:17:a2:9a:c7:f7:13:4a:5c:7f:
                    a3:10:5f:6e:9a:d0:c6:ed:64:73:f5:d7:83:e9:14:
                    d1:51:1d:48:71:a8:b4:c2:33:20:0f:8b:90:5b:2c:
                    2b:8e:61:e9:be:cb:46:0f:99:fb:b7:59:83:52:db:
                    01:34:66:2b:61:c3:31:ec:61:38:30:19:06:24:09:
                    54:77:bf:bf:dc:50:2e:ce:72:d7:7d:e5:9a:d0:36:
                    85:fd:85:8c:e1:b2:46:11:bc:91:d2:74:c8:c3:77:
                    18:df:18:98:b1:93:11:a2:71:e4:ef:13:dd:03:a7:
                    2d:46:a4:40:a8:a7:2b:76:c5:c8:c6:23:4c:75:f7:
                    c3:e7:44:4c:3e:96:02:b6:cd:ac:ec:07:48:fc:84:
                    d3:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:BC:48:69:F9:10:7A:1E:2E:D8:C2:E1:62:CB:08:74:C1:7F:11:61
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b8ae0d6d-16cf-40c3-9a3e-054480e1b35b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  206.134.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         c7:89:d9:1e:85:4f:dc:58:59:2c:e1:2f:79:93:1e:20:99:b5:
         1f:80:72:7b:b7:c3:fd:dc:27:aa:60:e9:3e:00:77:48:73:27:
         3b:a6:10:a5:90:12:68:52:e6:af:26:e7:dd:9f:69:a5:d8:8c:
         1e:cf:cd:3b:0c:35:0a:ee:e4:19:03:81:cf:37:6f:38:45:cb:
         9a:40:38:90:73:8a:89:89:aa:4f:84:30:03:43:8a:93:db:79:
         41:4e:c8:5f:9d:30:95:a7:f5:35:32:bb:59:7f:a1:ab:59:b5:
         32:da:05:cc:c6:f1:9c:73:e4:20:bc:e0:89:c0:9b:d5:12:67:
         ea:9f:d9:32:98:35:b8:4b:6f:b7:64:0d:b6:e4:8f:82:a9:e0:
         b2:9c:b7:9a:51:4b:60:19:ba:59:38:41:e5:b4:09:66:48:2c:
         0b:8d:4e:71:2c:d2:7d:7e:9b:f0:9f:1b:9e:95:6b:05:d7:ea:
         1c:6e:b0:49:36:3e:ed:64:df:68:30:4e:86:90:b4:00:3a:6b:
         07:09:be:96:1c:6d:8e:c7:d6:f9:52:02:d0:60:6f:3f:8f:ba:
         93:17:8d:ce:73:b7:33:8a:8c:78:f8:ce:74:3e:a5:f2:2e:cf:
         03:8e:81:ed:4a:5c:aa:06:89:4e:96:0f:07:f9:b4:bb:ab:78:
         cc:0c:92:70
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUNlHIvkbDP8sKYbiF6trvvb7DNk0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMjE3MTUxMDExWhcNMjUwMzI0MjM1OTU5
WjB6MUkwRwYDVQQFE0A3MTE3NTQ3MjQzODM3YWUxYTNlMWVlN2YxMWFlODZkZDVl
ZGZiYWU4ZDg3NWUzNDZkNjM1ZTBmNDEyN2M2YTEzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCr0gLlKo7cVNVdheat5OdQh3cNcPhcFdUwBqopUAjjbg2p
bD5+BxfcUh0Dnhdzfr8F6yb3oE20wVp1mE/xK45tCH19whNpZ46Kqwm3/hC1JOEi
9IysQAruTThxIFAx72d3GjjeV1wh1tPQxLC1oxeimsf3E0pcf6MQX26a0MbtZHP1
14PpFNFRHUhxqLTCMyAPi5BbLCuOYem+y0YPmfu3WYNS2wE0ZithwzHsYTgwGQYk
CVR3v7/cUC7Octd95ZrQNoX9hYzhskYRvJHSdMjDdxjfGJixkxGiceTvE90Dpy1G
pECopyt2xcjGI0x198PnREw+lgK2zazsB0j8hNPtAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU/rxIafkQeh4u2MLhYssIdMF/EWEwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2I4YWUwZDZkLTE2Y2YtNDBjMy05YTNlLTA1NDQ4MGUxYjM1Yi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwDOhjANBgkqhkiG9w0BAQsFAAOCAQEAx4nZHoVP3FhZLOEveZMeIJm1H4By
e7fD/dwnqmDpPgB3SHMnO6YQpZASaFLmrybn3Z9ppdiMHs/NOww1Cu7kGQOBzzdv
OEXLmkA4kHOKiYmqT4QwA0OKk9t5QU7IX50wlaf1NTK7WX+hq1m1MtoFzMbxnHPk
ILzgicCb1RJn6p/ZMpg1uEtvt2QNtuSPgqngspy3mlFLYBm6WThB5bQJZkgsC41O
cSzSfX6b8J8bnpVrBdfqHG6wSTY+7WTfaDBOhpC0ADprBwm+lhxtjsfW+VIC0GBv
P4+6kxeNznO3M4qMePjOdD6l8i7PA46B7UpcqgaJTpYPB/m0u6t4zAyScA==
-----END CERTIFICATE-----