Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/df2bbec5-2a0a-4fce-b92a-c11585f2f6d2.roa
File:                     df2bbec5-2a0a-4fce-b92a-c11585f2f6d2.roa (raw, json)
Hash identifier:          qepurZscvzvRk3adJ0povzR0ynb9z61Y7Nj20EhsHOQ=
Subject key identifier:   99:EE:2A:7E:15:A5:3C:81:5A:EB:2F:6A:F3:91:C7:F1:35:85:82:FD
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       75AAF9D27FA6E34243FD8AF22C681D8DD31018E8
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/df2bbec5-2a0a-4fce-b92a-c11585f2f6d2.roa
Signing time:             Fri 07 Feb 2025 00:00:00 +0000
ROA not before:           Fri 07 Feb 2025 00:00:00 +0000
ROA not after:            Fri 14 Mar 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        56.252.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 17 Feb 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            75:aa:f9:d2:7f:a6:e3:42:43:fd:8a:f2:2c:68:1d:8d:d3:10:18:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Feb  7 00:00:00 2025 GMT
            Not After : Mar 14 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:15:27:12:2e:6b:98:c5:c5:56:dd:70:7d:78:
                    fc:38:08:fb:2a:88:02:45:d1:fc:8e:aa:0e:7a:0e:
                    c7:58:dd:b6:09:35:8e:bb:39:fe:ab:2a:23:21:b6:
                    61:79:86:1e:90:16:52:da:cf:51:d1:a0:8a:1e:39:
                    4c:7c:f8:94:0d:2a:3b:b2:2e:a9:7c:61:77:ea:ce:
                    c4:08:7d:1a:c7:c9:cb:fa:a8:45:51:2e:d9:eb:80:
                    64:62:1a:4e:56:e4:bd:fe:bd:5f:f7:a5:aa:19:cc:
                    12:eb:56:5c:00:d1:54:80:4d:4d:7d:7c:1e:cd:d0:
                    d5:ce:52:ee:08:e1:8b:fc:e0:3f:66:2a:fe:99:95:
                    8c:0d:39:e2:31:38:07:7c:ae:58:8d:bb:50:63:28:
                    ed:8c:99:55:7c:42:a1:d8:a2:cb:25:3a:a6:93:14:
                    17:1a:68:5e:7b:02:06:69:f6:f7:b2:f5:c2:96:c0:
                    a9:93:4d:a8:56:5d:b1:f9:b5:01:4d:07:7b:a7:ad:
                    40:3c:6c:a5:a3:f4:66:62:db:de:dc:93:9e:df:93:
                    a5:e2:13:a0:e7:62:d5:c1:76:36:f0:1f:57:25:80:
                    31:75:5f:62:df:0c:55:d3:6a:bb:13:99:49:a1:18:
                    c6:b8:91:9c:60:11:aa:74:f4:79:5b:ae:e9:6d:ff:
                    52:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:EE:2A:7E:15:A5:3C:81:5A:EB:2F:6A:F3:91:C7:F1:35:85:82:FD
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/df2bbec5-2a0a-4fce-b92a-c11585f2f6d2.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.252.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         5e:54:3f:1a:b0:4b:2a:9f:0e:14:52:e0:2e:be:55:ff:12:0f:
         b6:7f:83:21:0e:57:a1:f8:31:86:d3:c3:ed:16:8e:23:9c:0f:
         65:69:91:d3:68:e6:12:7d:af:8c:9e:fd:b2:1d:63:b9:4c:c0:
         77:07:0d:12:f6:86:63:f7:8a:79:7f:e8:5a:1b:f8:96:f3:e2:
         4a:75:17:f5:18:48:d1:f2:9e:19:25:bd:33:fb:ac:4d:9f:30:
         a7:e1:eb:7f:2c:9f:3c:24:aa:64:d9:a2:7f:bf:37:c0:c3:eb:
         56:63:e0:a3:17:e6:44:a6:69:2f:e9:34:a0:32:9a:72:7e:70:
         1c:d1:56:80:b4:41:11:5e:47:83:8a:dc:1b:ce:e1:18:91:4a:
         0c:c7:8a:c9:db:71:86:73:30:41:e4:10:17:b7:8c:3f:04:37:
         0f:e9:f5:14:c7:b5:7f:c4:f6:fa:79:af:e0:e6:d3:93:33:e6:
         77:a1:52:8f:13:5c:9d:dd:a7:7a:0c:d7:f1:5d:88:3e:b1:0e:
         5b:6c:0d:6d:b4:2c:3f:67:d8:ef:47:74:c8:3c:b8:6d:56:21:
         da:c2:4d:71:3e:49:84:f4:80:51:89:3c:d2:c9:d4:f9:4c:41:
         46:bc:24:42:30:a9:53:91:ef:fa:f0:de:92:61:bc:b3:ca:06:
         7f:6c:43:b3
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUdar50n+m40JD/YryLGgdjdMQGOgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMjA3MDAwMDAwWhcNMjUwMzE0MjM1OTU5
WjB6MUkwRwYDVQQFE0A4MjIzNTUzMjYwMTQ2YWZiMjVlM2YzZGJkOWY3MjA3NzVh
NDU2NWRiMDZjMDZiZTUxMjA0NGY4ZjkyMjk5NjhhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCeFScSLmuYxcVW3XB9ePw4CPsqiAJF0fyOqg56DsdY3bYJ
NY67Of6rKiMhtmF5hh6QFlLaz1HRoIoeOUx8+JQNKjuyLql8YXfqzsQIfRrHycv6
qEVRLtnrgGRiGk5W5L3+vV/3paoZzBLrVlwA0VSATU19fB7N0NXOUu4I4Yv84D9m
Kv6ZlYwNOeIxOAd8rliNu1BjKO2MmVV8QqHYosslOqaTFBcaaF57AgZp9vey9cKW
wKmTTahWXbH5tQFNB3unrUA8bKWj9GZi297ck57fk6XiE6DnYtXBdjbwH1clgDF1
X2LfDFXTarsTmUmhGMa4kZxgEap09Hlbrult/1JTAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUme4qfhWlPIFa6y9q85HH8TWFgv0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2RmMmJiZWM1LTJhMGEtNGZjZS1iOTJhLWMxMTU4NWYyZjZkMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4/DANBgkqhkiG9w0BAQsFAAOCAQEAXlQ/GrBLKp8OFFLgLr5V/xIPtn+D
IQ5XofgxhtPD7RaOI5wPZWmR02jmEn2vjJ79sh1juUzAdwcNEvaGY/eKeX/oWhv4
lvPiSnUX9RhI0fKeGSW9M/usTZ8wp+HrfyyfPCSqZNmif783wMPrVmPgoxfmRKZp
L+k0oDKacn5wHNFWgLRBEV5Hg4rcG87hGJFKDMeKydtxhnMwQeQQF7eMPwQ3D+n1
FMe1f8T2+nmv4ObTkzPmd6FSjxNcnd2negzX8V2IPrEOW2wNbbQsP2fY70d0yDy4
bVYh2sJNcT5JhPSAUYk80snU+UxBRrwkQjCpU5Hv+vDekmG8s8oGf2xDsw==
-----END CERTIFICATE-----