Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f59b1803-806a-4ef8-8f43-065ae1dea2d5.roa
File:                     f59b1803-806a-4ef8-8f43-065ae1dea2d5.roa (raw, json)
Hash identifier:          fhYCAEWPdIU9ZDKxu1dD7gwbQHn0UbXh8rSO4PxO+VQ=
Subject key identifier:   DB:20:66:65:F3:BB:13:14:8E:07:D3:EE:48:E4:B5:66:8E:2E:41:F6
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       50A76BB2E9A55E5E0C41F797C0E1129B07525EE0
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f59b1803-806a-4ef8-8f43-065ae1dea2d5.roa
Signing time:             Fri 16 May 2025 16:11:29 +0000
ROA not before:           Fri 16 May 2025 16:11:29 +0000
ROA not after:            Fri 20 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        195.38.28.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 02 Jun 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            50:a7:6b:b2:e9:a5:5e:5e:0c:41:f7:97:c0:e1:12:9b:07:52:5e:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: May 16 16:11:29 2025 GMT
            Not After : Jun 20 23:59:59 2025 GMT
        Subject: serialNumber=c50252e837378e20f72755b65239926573a8f075f63a6891153344dabb85ee18, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:99:96:05:ec:e5:1c:44:9f:2d:d6:84:18:78:
                    29:c2:2b:f7:25:8a:00:cd:8a:db:bb:9d:cf:f2:84:
                    2b:ac:72:0a:5e:7e:82:7d:c3:15:31:43:a5:ed:73:
                    22:f5:08:24:ac:fd:a7:7d:c7:78:43:2b:e0:b1:8a:
                    c3:f2:89:2f:d4:85:d8:67:99:58:21:f8:8c:79:6f:
                    bd:ee:0c:bc:25:a6:f3:ca:5c:b3:ad:9c:cc:91:a6:
                    2e:39:de:3e:37:96:c0:69:14:9e:bb:5c:93:31:e4:
                    93:33:50:e6:47:12:30:f6:12:5b:95:cd:b1:95:57:
                    cd:3a:84:ae:c8:c2:96:77:82:8f:a3:bd:47:02:b1:
                    a3:4a:a6:92:f9:23:9c:79:eb:5a:2d:72:17:e7:9f:
                    d3:60:b5:fc:f0:fd:e5:57:94:f6:fe:b7:8b:3d:41:
                    f8:07:3f:9e:f1:e1:f8:d5:07:e1:81:1a:2a:6f:4f:
                    fe:bf:b9:de:8c:09:07:40:8b:3c:5c:8f:1b:41:3b:
                    e8:25:fb:26:c0:37:e2:95:24:77:df:a6:50:3d:5d:
                    04:6a:ab:92:90:ec:b6:03:46:5f:64:0c:62:b3:fb:
                    8f:56:9a:e4:3e:6e:27:3e:4e:e6:d8:1c:67:4c:27:
                    b5:20:59:95:e5:fe:f1:96:47:c2:ad:e6:50:25:ac:
                    c2:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:20:66:65:F3:BB:13:14:8E:07:D3:EE:48:E4:B5:66:8E:2E:41:F6
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f59b1803-806a-4ef8-8f43-065ae1dea2d5.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.38.28.0/23

    Signature Algorithm: sha256WithRSAEncryption
         1e:2f:dc:9c:ab:eb:c7:7d:75:29:3e:35:43:54:ec:7c:7d:c2:
         a6:a1:53:9d:28:b5:98:50:62:e0:64:97:30:93:cd:a2:71:f5:
         d0:23:14:ad:04:98:cf:55:fb:15:b9:b9:08:16:7f:09:bf:b7:
         dc:a1:61:d1:29:0d:cd:2d:65:3a:79:db:78:0e:40:13:72:93:
         62:97:e0:9e:73:e9:bf:79:3a:5f:21:59:8f:95:8a:52:7f:a9:
         39:47:7c:5d:4c:10:8c:69:07:66:80:39:c4:d6:d3:ef:cf:a1:
         03:bc:13:de:2a:c1:f8:c8:28:bd:ad:03:d5:ad:aa:12:0b:e4:
         7e:1c:0f:d0:e8:7e:5d:74:34:1d:65:ff:36:76:c9:d7:ee:42:
         bd:b8:cc:02:84:0d:1b:d7:b0:a2:e6:1a:82:c3:8a:ed:f2:1d:
         33:0d:97:f5:af:27:e2:da:dc:0e:45:0e:72:b6:e9:41:de:cd:
         4f:6b:dd:21:18:7b:0c:d3:63:83:90:ef:89:8f:d0:32:02:7f:
         1a:22:aa:aa:f9:92:55:1b:97:a1:86:2e:6d:27:aa:5a:a4:f3:
         dd:cf:f1:d1:29:43:75:83:f1:20:2c:8f:8f:d9:6b:a2:59:86:
         de:6b:18:b7:17:46:3e:fd:96:c0:0a:da:55:17:72:90:d8:22:
         04:3a:7e:e7
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUUKdrsumlXl4MQfeXwOESmwdSXuAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNTE2MTYxMTI5WhcNMjUwNjIwMjM1OTU5
WjB6MUkwRwYDVQQFE0BjNTAyNTJlODM3Mzc4ZTIwZjcyNzU1YjY1MjM5OTI2NTcz
YThmMDc1ZjYzYTY4OTExNTMzNDRkYWJiODVlZTE4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCwmZYF7OUcRJ8t1oQYeCnCK/cligDNitu7nc/yhCuscgpe
foJ9wxUxQ6XtcyL1CCSs/ad9x3hDK+CxisPyiS/UhdhnmVgh+Ix5b73uDLwlpvPK
XLOtnMyRpi453j43lsBpFJ67XJMx5JMzUOZHEjD2EluVzbGVV806hK7IwpZ3go+j
vUcCsaNKppL5I5x561otchfnn9Ngtfzw/eVXlPb+t4s9QfgHP57x4fjVB+GBGipv
T/6/ud6MCQdAizxcjxtBO+gl+ybAN+KVJHffplA9XQRqq5KQ7LYDRl9kDGKz+49W
muQ+bic+TubYHGdMJ7UgWZXl/vGWR8Kt5lAlrMI1AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU2yBmZfO7ExSOB9PuSOS1Zo4uQfYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2Y1OWIxODAzLTgwNmEtNGVmOC04ZjQzLTA2NWFlMWRlYTJkNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAHDJhwwDQYJKoZIhvcNAQELBQADggEBAB4v3Jyr68d9dSk+NUNU7Hx9wqah
U50otZhQYuBklzCTzaJx9dAjFK0EmM9V+xW5uQgWfwm/t9yhYdEpDc0tZTp523gO
QBNyk2KX4J5z6b95Ol8hWY+VilJ/qTlHfF1MEIxpB2aAOcTW0+/PoQO8E94qwfjI
KL2tA9WtqhIL5H4cD9Dofl10NB1l/zZ2ydfuQr24zAKEDRvXsKLmGoLDiu3yHTMN
l/WvJ+La3A5FDnK26UHezU9r3SEYewzTY4OQ74mP0DICfxoiqqr5klUbl6GGLm0n
qlqk893P8dEpQ3WD8SAsj4/Za6JZht5rGLcXRj79lsAK2lUXcpDYIgQ6fuc=
-----END CERTIFICATE-----