Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/bf8d77dc-48f9-49c2-ac2d-febcf8af2bd6.roa
File:                     bf8d77dc-48f9-49c2-ac2d-febcf8af2bd6.roa (raw, json)
Hash identifier:          WsGczxvleQ1oFD1d6O+26WE1MZ6q0PBYTIGSvJGItkA=
Subject key identifier:   63:21:5F:A4:5F:35:E4:B5:87:09:B8:6C:8D:07:11:40:FA:1A:CC:B9
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       31CAB8FCFA99C232BDED13535316F8F65984327B
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/bf8d77dc-48f9-49c2-ac2d-febcf8af2bd6.roa
Signing time:             Sat 17 May 2025 00:40:13 +0000
ROA not before:           Sat 17 May 2025 00:40:13 +0000
ROA not after:            Sat 21 Jun 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:1f00:8050::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 02 Jun 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            31:ca:b8:fc:fa:99:c2:32:bd:ed:13:53:53:16:f8:f6:59:84:32:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: May 17 00:40:13 2025 GMT
            Not After : Jun 21 23:59:59 2025 GMT
        Subject: serialNumber=dd16a80e3aeb4401b0e45147263efbaaf7643134b65508de4fd578424f1a70bd, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:b8:45:7b:34:c1:b2:c2:f9:3e:55:19:4c:54:
                    c2:21:57:fc:3b:c5:1f:c5:ec:a8:1a:ce:8a:8a:4f:
                    a9:51:3b:b6:4b:fe:73:39:42:e9:05:14:ec:38:d2:
                    ad:91:fb:16:56:82:84:43:e7:31:37:e6:66:f6:b3:
                    28:45:a4:d0:19:8e:a3:7b:fd:dd:8f:36:6a:df:66:
                    e6:ae:d0:f1:5b:16:00:5b:0d:eb:1b:1f:95:87:53:
                    2d:7a:b7:3f:64:84:16:f0:30:3a:25:82:f8:cd:3f:
                    9e:fd:88:a6:d1:94:a1:cb:67:bd:9b:a7:20:cf:e9:
                    d0:bf:e4:6a:3c:7d:ce:1c:10:44:92:3f:f9:be:7e:
                    55:7b:e2:37:c6:fb:e6:8c:72:ea:b7:1f:37:f3:64:
                    40:56:0b:84:44:fd:ba:d1:d6:37:6a:97:da:84:59:
                    b2:42:3f:51:1a:80:34:a5:05:ea:da:44:e7:4d:16:
                    be:b1:91:c1:6e:80:6a:d2:98:dd:f1:78:97:f2:63:
                    1e:01:09:63:39:73:d6:6b:97:fa:12:0a:09:01:a1:
                    87:7d:9e:79:22:af:ac:49:74:bf:38:5d:fa:cd:8b:
                    f4:a3:24:64:44:31:79:9f:49:be:98:6d:17:e0:5a:
                    4e:b5:ce:3b:df:f2:79:77:0a:8f:4b:d4:9b:e4:e1:
                    ca:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:21:5F:A4:5F:35:E4:B5:87:09:B8:6C:8D:07:11:40:FA:1A:CC:B9
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/bf8d77dc-48f9-49c2-ac2d-febcf8af2bd6.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f00:8050::/48

    Signature Algorithm: sha256WithRSAEncryption
         a6:a7:dc:9a:18:e7:e9:5a:83:1a:26:c5:04:50:75:88:af:84:
         1f:4f:96:87:2e:07:d4:d7:22:c8:78:d2:9c:80:5c:1b:7e:8e:
         f0:9c:87:e8:2c:69:bc:b6:93:c8:e3:28:c0:1f:83:09:0f:c3:
         7c:4f:42:f2:6b:5e:92:20:a7:0a:46:76:71:12:8f:51:40:2f:
         98:de:65:02:2f:06:69:90:36:b4:ed:56:43:30:15:de:2c:51:
         53:83:0a:f5:bd:75:4d:89:be:42:6b:3f:3c:77:b6:13:5b:8e:
         df:1f:38:8b:b1:f6:45:41:5c:f6:70:9f:12:f2:09:24:cd:85:
         d4:98:d8:62:ac:a1:58:42:d5:77:87:c1:04:eb:73:c4:71:6e:
         0b:23:d8:f9:f7:35:18:94:73:a1:70:20:a3:4a:5e:15:fb:59:
         23:c9:50:d0:24:4f:49:5a:45:75:24:1c:8e:7b:38:49:44:26:
         01:70:dc:b4:b1:cd:48:2d:d2:68:2a:3f:81:de:9f:2a:8d:ba:
         7c:eb:8b:43:f7:10:b7:22:bd:f0:9f:26:06:37:56:47:6f:4f:
         45:9c:32:8b:d0:36:1d:53:07:45:d2:d1:41:d9:5c:48:7d:a7:
         60:d1:71:3d:81:02:d6:b0:cb:d7:23:db:32:59:c3:f5:8c:a8:
         1d:cf:67:43
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUMcq4/PqZwjK97RNTUxb49lmEMnswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNTE3MDA0MDEzWhcNMjUwNjIxMjM1OTU5
WjB6MUkwRwYDVQQFE0BkZDE2YTgwZTNhZWI0NDAxYjBlNDUxNDcyNjNlZmJhYWY3
NjQzMTM0YjY1NTA4ZGU0ZmQ1Nzg0MjRmMWE3MGJkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDMuEV7NMGywvk+VRlMVMIhV/w7xR/F7KgazoqKT6lRO7ZL
/nM5QukFFOw40q2R+xZWgoRD5zE35mb2syhFpNAZjqN7/d2PNmrfZuau0PFbFgBb
DesbH5WHUy16tz9khBbwMDolgvjNP579iKbRlKHLZ72bpyDP6dC/5Go8fc4cEESS
P/m+flV74jfG++aMcuq3HzfzZEBWC4RE/brR1jdql9qEWbJCP1EagDSlBeraROdN
Fr6xkcFugGrSmN3xeJfyYx4BCWM5c9Zrl/oSCgkBoYd9nnkir6xJdL84XfrNi/Sj
JGREMXmfSb6YbRfgWk61zjvf8nl3Co9L1Jvk4cplAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUYyFfpF815LWHCbhsjQcRQPoazLkwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2JmOGQ3N2RjLTQ4ZjktNDljMi1hYzJkLWZlYmNmOGFmMmJkNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB8AgFAwDQYJKoZIhvcNAQELBQADggEBAKan3JoY5+lagxomxQRQdYiv
hB9PlocuB9TXIsh40pyAXBt+jvCch+gsaby2k8jjKMAfgwkPw3xPQvJrXpIgpwpG
dnESj1FAL5jeZQIvBmmQNrTtVkMwFd4sUVODCvW9dU2JvkJrPzx3thNbjt8fOIux
9kVBXPZwnxLyCSTNhdSY2GKsoVhC1XeHwQTrc8Rxbgsj2Pn3NRiUc6FwIKNKXhX7
WSPJUNAkT0laRXUkHI57OElEJgFw3LSxzUgt0mgqP4HenyqNunzri0P3ELcivfCf
JgY3VkdvT0WcMovQNh1TB0XS0UHZXEh9p2DRcT2BAtawy9cj2zJZw/WMqB3PZ0M=
-----END CERTIFICATE-----