Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/bf389316-90b4-4557-83e8-b14137f39908.roa
File:                     bf389316-90b4-4557-83e8-b14137f39908.roa (raw, json)
Hash identifier:          riYTvWJjX8fTTA0QnRh+RYYiORXOb6mQ9y3uBW/IWL4=
Subject key identifier:   76:49:0C:56:60:A1:B0:95:D4:E8:AB:14:1D:A0:68:ED:54:B8:4F:53
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0215FC70E2D5690B2163A8C439C4801A342BC596
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/bf389316-90b4-4557-83e8-b14137f39908.roa
Signing time:             Tue 04 Feb 2025 00:00:00 +0000
ROA not before:           Tue 04 Feb 2025 00:00:00 +0000
ROA not after:            Tue 11 Mar 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:1f13:8000::/36 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 17 Feb 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            02:15:fc:70:e2:d5:69:0b:21:63:a8:c4:39:c4:80:1a:34:2b:c5:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Feb  4 00:00:00 2025 GMT
            Not After : Mar 11 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:12:44:d1:2a:d6:05:cf:81:09:3a:e4:28:a0:
                    82:89:49:bc:39:17:5c:36:f0:61:ac:c0:e1:80:eb:
                    55:ee:09:a9:10:3f:b3:1b:24:cc:f1:1a:00:21:b3:
                    3e:2d:09:01:fc:0f:f7:36:df:28:8f:ff:e4:72:48:
                    9a:78:43:fe:a2:4d:50:50:66:ab:5b:21:c5:e2:e4:
                    be:cc:99:50:e5:13:30:ad:0e:67:9c:52:fa:40:51:
                    3f:64:01:43:7e:b4:7f:40:50:30:49:22:61:1c:4d:
                    cd:c0:5d:dd:49:80:28:c7:16:74:46:09:df:32:0d:
                    18:7c:12:e1:6d:4e:34:90:1c:3d:54:d1:1e:37:ad:
                    2e:a0:b0:56:89:d8:b6:62:fe:c1:c2:3a:df:51:25:
                    49:03:de:fd:76:31:33:dc:63:1a:6b:dc:e1:f8:a9:
                    35:8a:7a:28:2f:ba:6b:91:65:55:e9:45:76:59:49:
                    51:87:9d:f1:b5:00:17:cb:2a:9b:70:bf:87:8f:a8:
                    25:f3:cf:89:b4:4c:fb:e2:f0:76:73:7b:a5:ba:ea:
                    bc:4f:80:84:93:25:61:0f:5a:c3:f9:0e:96:ac:be:
                    d0:ae:84:73:eb:72:be:65:29:ef:5f:d9:8c:d1:03:
                    b2:8d:04:fd:90:81:54:25:55:52:ee:06:43:31:69:
                    22:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:49:0C:56:60:A1:B0:95:D4:E8:AB:14:1D:A0:68:ED:54:B8:4F:53
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/bf389316-90b4-4557-83e8-b14137f39908.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f13:8000::/36

    Signature Algorithm: sha256WithRSAEncryption
         25:00:b0:52:00:4e:29:ed:d0:65:0e:d7:2b:49:00:41:5c:2f:
         ed:11:21:6c:df:01:92:05:ec:c2:f8:79:5a:0a:7a:55:83:41:
         72:d4:38:f9:56:99:c1:09:b1:83:2b:bb:33:bf:3d:12:69:33:
         31:45:89:5a:8c:52:76:60:d2:4c:b9:64:68:11:7f:4b:26:e3:
         0e:94:48:6c:bf:f2:4b:0e:cd:78:39:11:1f:dc:9b:bc:8d:5b:
         a7:57:00:97:09:a2:7f:14:b1:7d:30:29:23:f5:59:43:88:d0:
         88:24:0b:c3:03:bb:12:15:1d:59:7b:cb:d6:c5:d2:83:e1:20:
         97:ec:86:8f:4b:5d:b2:43:de:15:58:8b:76:12:20:99:46:00:
         fa:de:56:29:1a:bd:38:d6:8d:7e:4b:b5:89:56:8f:ff:72:9a:
         cc:0f:4d:98:d3:b1:c8:9e:7e:ec:98:69:3e:e8:fa:5c:79:7d:
         cf:46:bd:ab:90:0b:d4:82:8b:f3:85:15:d4:d1:e7:27:1a:5a:
         43:b3:a3:4d:73:e4:e4:c8:8a:a3:78:88:4b:97:5a:fa:ee:f5:
         f3:96:11:fc:42:c1:b9:31:0f:6a:32:29:30:1d:67:b7:2d:e2:
         a2:b8:2f:de:fe:63:d6:e7:64:29:1c:d7:54:8c:04:b3:f2:3e:
         8d:6d:f7:1f
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUAhX8cOLVaQshY6jEOcSAGjQrxZYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMjA0MDAwMDAwWhcNMjUwMzExMjM1OTU5
WjB6MUkwRwYDVQQFE0A5YWRkODgzMGJkZjM2NzYxMTg4YzE3NmMzOGJiZjA0Yjk4
NjgyNzZjNzdhMTIxNjkyMTE3YWI4MzU3ZGY3NGVhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDeEkTRKtYFz4EJOuQooIKJSbw5F1w28GGswOGA61XuCakQ
P7MbJMzxGgAhsz4tCQH8D/c23yiP/+RySJp4Q/6iTVBQZqtbIcXi5L7MmVDlEzCt
DmecUvpAUT9kAUN+tH9AUDBJImEcTc3AXd1JgCjHFnRGCd8yDRh8EuFtTjSQHD1U
0R43rS6gsFaJ2LZi/sHCOt9RJUkD3v12MTPcYxpr3OH4qTWKeigvumuRZVXpRXZZ
SVGHnfG1ABfLKptwv4ePqCXzz4m0TPvi8HZze6W66rxPgISTJWEPWsP5DpasvtCu
hHPrcr5lKe9f2YzRA7KNBP2QgVQlVVLuBkMxaSINAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUdkkMVmChsJXU6KsUHaBo7VS4T1MwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2JmMzg5MzE2LTkwYjQtNDU1Ny04M2U4LWIxNDEzN2YzOTkwOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgQmAB8TgDANBgkqhkiG9w0BAQsFAAOCAQEAJQCwUgBOKe3QZQ7XK0kAQVwv
7REhbN8BkgXswvh5Wgp6VYNBctQ4+VaZwQmxgyu7M789EmkzMUWJWoxSdmDSTLlk
aBF/SybjDpRIbL/ySw7NeDkRH9ybvI1bp1cAlwmifxSxfTApI/VZQ4jQiCQLwwO7
EhUdWXvL1sXSg+Egl+yGj0tdskPeFViLdhIgmUYA+t5WKRq9ONaNfku1iVaP/3Ka
zA9NmNOxyJ5+7JhpPuj6XHl9z0a9q5AL1IKL84UV1NHnJxpaQ7OjTXPk5MiKo3iI
S5da+u7185YR/ELBuTEPajIpMB1nty3iorgv3v5j1udkKRzXVIwEs/I+jW33Hw==
-----END CERTIFICATE-----