Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e0aba60b-aaf0-4d0c-ba8e-e61e702347bb.roa
File:                     e0aba60b-aaf0-4d0c-ba8e-e61e702347bb.roa (raw, json)
Hash identifier:          5xf2yd7FD011uN06c8qojMB8djnkpFDwfmqgR9jeUKM=
Subject key identifier:   83:FB:2D:C1:5D:66:12:4C:99:77:8E:56:55:F3:56:2C:DB:EC:E1:CB
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       4F3D75C250E9571037FFBCF335871560325DA4F0
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e0aba60b-aaf0-4d0c-ba8e-e61e702347bb.roa
Signing time:             Wed 19 Feb 2025 00:20:19 +0000
ROA not before:           Wed 19 Feb 2025 00:20:19 +0000
ROA not after:            Wed 26 Mar 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        16.192.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 15 Mar 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4f:3d:75:c2:50:e9:57:10:37:ff:bc:f3:35:87:15:60:32:5d:a4:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Feb 19 00:20:19 2025 GMT
            Not After : Mar 26 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:d8:c4:1c:5c:12:e7:a3:25:39:76:75:99:59:
                    83:d8:9b:31:e1:01:44:bb:00:5d:a7:ad:ef:66:f5:
                    e8:87:7e:92:50:bf:6a:01:77:54:f0:16:2b:73:ab:
                    d6:78:a3:0e:db:ab:d3:fa:d6:0a:a3:fb:25:5e:39:
                    71:00:41:d4:79:fc:67:38:10:d8:d6:d6:73:90:53:
                    f5:9f:1d:05:fc:c5:16:db:36:e6:36:e9:51:46:cb:
                    bb:6b:0e:cf:a9:2e:45:4b:11:9a:96:67:73:ba:7b:
                    23:56:f7:b7:69:3f:ee:83:37:ef:0f:ca:83:68:5d:
                    b3:79:bb:cd:7b:27:f3:ed:87:66:1d:50:f3:fc:ad:
                    cf:32:85:f4:b3:5e:fc:a2:48:47:a6:b7:e0:ae:ae:
                    bc:51:06:35:5f:4a:6a:eb:c8:b7:b5:aa:5c:7a:2c:
                    4d:6c:b6:1b:92:1a:42:eb:ab:ff:5d:71:34:cc:27:
                    f4:2a:b3:33:c4:65:18:7a:52:b5:fa:3a:62:87:5c:
                    22:59:a9:37:b8:d7:55:e7:43:ed:9f:73:bc:92:58:
                    aa:40:90:64:26:03:75:5c:68:9d:a1:99:1a:0a:77:
                    5b:5e:71:a7:1c:e4:17:73:6d:4e:82:db:1e:73:87:
                    14:06:70:c5:11:b7:10:e1:d8:aa:36:47:84:98:2e:
                    89:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:FB:2D:C1:5D:66:12:4C:99:77:8E:56:55:F3:56:2C:DB:EC:E1:CB
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e0aba60b-aaf0-4d0c-ba8e-e61e702347bb.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.192.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         7e:e5:d1:85:c5:c5:48:81:57:e9:cc:20:c2:fe:28:9d:ee:2e:
         13:a0:ab:b6:d4:8b:59:4b:5f:dc:81:dd:19:ef:98:35:de:55:
         ca:14:6a:53:43:af:f3:05:62:8f:58:a9:3d:5e:4a:c1:23:e8:
         f3:6c:34:ee:29:3a:62:85:ed:14:4a:02:5c:e1:a1:9c:63:b1:
         da:fa:aa:d4:d6:b8:e4:60:ae:8e:d5:10:c5:a4:eb:9d:a0:1b:
         0a:cd:59:21:42:33:9f:02:f2:5e:11:91:fe:3c:c2:7f:f1:41:
         e3:de:28:17:2b:bc:a9:9f:8d:35:1d:e5:01:96:a2:c6:e9:4c:
         e3:29:cd:b4:08:68:c5:92:7a:ef:aa:59:19:97:5b:58:6f:40:
         cb:93:4b:c0:06:f1:cd:63:47:ad:bf:2b:2d:d7:83:14:4a:d2:
         19:38:18:32:00:e1:8c:e2:fa:51:73:e3:b5:60:cb:a2:ba:52:
         0c:db:70:bc:ea:6e:59:0c:e9:ed:24:69:f4:34:36:24:6c:d4:
         e2:d4:83:6b:e0:a8:79:7b:22:28:e5:b8:49:85:5c:6f:9d:f6:
         11:33:2c:36:81:38:e9:66:ef:70:7d:7e:82:00:a0:e8:30:f4:
         9b:b5:f7:a2:f3:98:37:a9:a0:63:cb:9b:86:dd:c9:5c:d6:ee:
         78:f9:62:6c
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUTz11wlDpVxA3/7zzNYcVYDJdpPAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMjE5MDAyMDE5WhcNMjUwMzI2MjM1OTU5
WjB6MUkwRwYDVQQFE0A4NDA3ZmYwNjYxZmJjYmE0NTk4YjMyMzM2ODQ0MDAyNDkx
MzMwZjVmODQ4NmQyMmNkNjMwMjY3ZGVmNzZhOGE3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC/2MQcXBLnoyU5dnWZWYPYmzHhAUS7AF2nre9m9eiHfpJQ
v2oBd1TwFitzq9Z4ow7bq9P61gqj+yVeOXEAQdR5/Gc4ENjW1nOQU/WfHQX8xRbb
NuY26VFGy7trDs+pLkVLEZqWZ3O6eyNW97dpP+6DN+8PyoNoXbN5u817J/Pth2Yd
UPP8rc8yhfSzXvyiSEemt+CurrxRBjVfSmrryLe1qlx6LE1sthuSGkLrq/9dcTTM
J/QqszPEZRh6UrX6OmKHXCJZqTe411XnQ+2fc7ySWKpAkGQmA3VcaJ2hmRoKd1te
cacc5BdzbU6C2x5zhxQGcMURtxDh2Ko2R4SYLolBAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUg/stwV1mEkyZd45WVfNWLNvs4cswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2UwYWJhNjBiLWFhZjAtNGQwYy1iYThlLWU2MWU3MDIzNDdiYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQwDANBgkqhkiG9w0BAQsFAAOCAQEAfuXRhcXFSIFX6cwgwv4one4uE6Cr
ttSLWUtf3IHdGe+YNd5VyhRqU0Ov8wVij1ipPV5KwSPo82w07ik6YoXtFEoCXOGh
nGOx2vqq1Na45GCujtUQxaTrnaAbCs1ZIUIznwLyXhGR/jzCf/FB494oFyu8qZ+N
NR3lAZaixulM4ynNtAhoxZJ676pZGZdbWG9Ay5NLwAbxzWNHrb8rLdeDFErSGTgY
MgDhjOL6UXPjtWDLorpSDNtwvOpuWQzp7SRp9DQ2JGzU4tSDa+CoeXsiKOW4SYVc
b532ETMsNoE46WbvcH1+ggCg6DD0m7X3ovOYN6mgY8ubht3JXNbuePlibA==
-----END CERTIFICATE-----