Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/59031a63-ea1a-4943-86ab-19221a23ca42.roa
File:                     59031a63-ea1a-4943-86ab-19221a23ca42.roa (raw, json)
Hash identifier:          lNwwgOlXahcsMcYftEmtWIHiT0q5qagcci9OblV09eM=
Subject key identifier:   9B:10:48:6B:D4:04:85:F0:10:68:65:90:A4:0C:74:DF:81:44:9C:06
Certificate issuer:       /CN=c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2
Certificate serial:       73580DF5099B2557118CCD78670AC5A17869814F
Authority key identifier: 1E:5F:2D:62:F8:5A:D2:84:D4:D1:89:25:6B:88:69:E8:E9:11:28:38
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/59031a63-ea1a-4943-86ab-19221a23ca42.roa
Signing time:             Fri 31 Jan 2025 00:00:00 +0000
ROA not before:           Fri 31 Jan 2025 00:00:00 +0000
ROA not after:            Fri 07 Mar 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2606:f40:8000::/39 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/HwZxfSr2LjgJByCEw6-PSJSOQOI.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/HwZxfSr2LjgJByCEw6-PSJSOQOI.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/76fe11d4-d352-4994-8f6c-d6c91b0b8415.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/76fe11d4-d352-4994-8f6c-d6c91b0b8415.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 17 Feb 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            73:58:0d:f5:09:9b:25:57:11:8c:cd:78:67:0a:c5:a1:78:69:81:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2
        Validity
            Not Before: Jan 31 00:00:00 2025 GMT
            Not After : Mar  7 23:59:59 2025 GMT
        Subject: CN=8f95e4d1-f14f-4d61-ae00-67e047d2f102
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:12:39:90:4d:bb:6c:00:26:f4:17:9a:55:2e:
                    53:50:68:9f:33:c8:f5:52:05:7e:d8:39:3a:9a:7c:
                    71:fc:9d:c8:b0:fc:1e:47:2c:81:61:5d:37:bc:f8:
                    04:bb:8f:a0:20:28:8d:d5:a7:2b:21:29:62:50:0d:
                    64:4f:03:34:73:07:f9:21:f4:dd:e9:b1:7d:8c:57:
                    e0:50:57:78:6c:c1:d8:00:f2:66:ff:2c:5d:41:8b:
                    95:ec:4c:32:6b:29:16:4f:fa:7e:25:92:73:74:26:
                    0f:5d:31:ba:42:c0:69:d7:57:a9:16:3f:71:db:47:
                    43:4a:d1:67:73:cf:cc:45:dc:dd:6e:ca:d9:85:5a:
                    5f:25:51:3a:08:ec:57:a1:82:73:79:6d:40:54:03:
                    35:96:00:9f:59:03:4b:93:14:44:63:f8:b9:0d:ad:
                    50:23:51:77:9a:bd:bf:b7:e6:fb:f0:b0:cf:ed:ab:
                    c5:c9:0e:b4:84:34:cf:2a:69:c6:33:b4:52:27:99:
                    da:e6:4b:b6:0b:76:1f:72:af:e6:a2:dc:90:42:72:
                    4f:dd:f2:12:20:66:a2:90:9e:8e:ca:ee:fa:48:2d:
                    7c:44:db:c8:99:74:01:2b:05:8e:d8:fe:29:26:c9:
                    f5:19:fd:5f:6f:67:42:d5:e1:ec:56:f5:e8:59:42:
                    24:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:10:48:6B:D4:04:85:F0:10:68:65:90:A4:0C:74:DF:81:44:9C:06
            X509v3 Authority Key Identifier:
                keyid:1E:5F:2D:62:F8:5A:D2:84:D4:D1:89:25:6B:88:69:E8:E9:11:28:38

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/59031a63-ea1a-4943-86ab-19221a23ca42.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/HwZxfSr2LjgJByCEw6-PSJSOQOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2606:f40:8000::/39

    Signature Algorithm: sha256WithRSAEncryption
         80:00:6c:49:5d:d7:9f:9d:e7:3f:b4:53:df:71:56:62:49:d1:
         9d:67:7c:a3:6b:da:74:79:c9:55:60:36:61:9a:05:74:b0:e3:
         c4:14:c6:6b:47:f1:22:87:95:4f:aa:c8:97:c4:8d:4c:f4:d1:
         97:ec:1c:8a:bf:c8:db:d2:0a:08:8e:f0:58:61:47:73:a4:2a:
         0d:e9:c9:49:6c:d1:23:57:aa:03:82:52:44:7b:ba:c2:09:13:
         dc:b3:58:51:6b:49:2f:2f:d6:d8:0b:6c:8e:76:d1:3b:7a:0d:
         fc:69:95:0f:c5:18:55:b4:b2:86:62:77:eb:62:ad:26:b4:1c:
         57:0b:d8:bd:21:88:2e:34:f0:df:7d:14:f3:d9:fa:5d:94:7f:
         23:e6:b0:06:51:79:5f:25:de:62:bc:72:b8:22:a9:f8:c5:32:
         de:94:92:2a:e2:a7:70:99:c7:2e:79:31:b0:33:53:c1:5d:52:
         1b:1c:2d:7a:26:9d:2b:26:52:17:d2:1c:ff:77:2f:ea:3a:c5:
         b0:8b:e4:da:1a:b6:fb:36:ac:48:14:19:e6:5e:b7:d7:d0:6c:
         dc:d7:60:42:e4:ed:3e:81:e7:1d:b2:46:d3:ae:c9:2c:77:f0:
         af:e8:a5:3b:7e:83:b7:fb:7b:d4:ea:4e:74:d2:32:4f:0a:a7:
         38:a4:f6:64
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUc1gN9QmbJVcRjM14ZwrFoXhpgU8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYzE2N2E4YjNhMDFmMDY3MTdkMmFmNjJlMzgwOTA3MjA4
NGMzYWY4ZjQ4OTQ4ZTQwZTIwHhcNMjUwMTMxMDAwMDAwWhcNMjUwMzA3MjM1OTU5
WjB6MUkwRwYDVQQFE0A2OTU5M2UxZjU0ZGZjYWQ1NWFhMjQxNWM2ZWI2NzYwMjIw
NjY0MmU1MzAzMTIyMzQ3NDVmMmZkNjNjN2YyMzg4MS0wKwYDVQQDEyQ4Zjk1ZTRk
MS1mMTRmLTRkNjEtYWUwMC02N2UwNDdkMmYxMDIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC2EjmQTbtsACb0F5pVLlNQaJ8zyPVSBX7YOTqafHH8nciw
/B5HLIFhXTe8+AS7j6AgKI3VpyshKWJQDWRPAzRzB/kh9N3psX2MV+BQV3hswdgA
8mb/LF1Bi5XsTDJrKRZP+n4lknN0Jg9dMbpCwGnXV6kWP3HbR0NK0Wdzz8xF3N1u
ytmFWl8lUToI7FehgnN5bUBUAzWWAJ9ZA0uTFERj+LkNrVAjUXeavb+35vvwsM/t
q8XJDrSENM8qacYztFInmdrmS7YLdh9yr+ai3JBCck/d8hIgZqKQno7K7vpILXxE
28iZdAErBY7Y/ikmyfUZ/V9vZ0LV4exW9ehZQiRxAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUmxBIa9QEhfAQaGWQpAx034FEnAYwHwYDVR0jBBgwFoAUHl8tYvha0oTU
0Ykla4hp6OkRKDgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
Lzc2ZmUxMWQ0LWQzNTItNDk5NC04ZjZjLWQ2YzkxYjBiODQxNS8wYTNkYjRmZi05
Y2Q4LTRkMDItYTAyNy02ZmE5MDQ5NGEzYTEvYzE2N2E4YjNhMDFmMDY3MTdkMmFm
NjJlMzgwOTA3MjA4NGMzYWY4ZjQ4OTQ4ZTQwZTIuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMmYwNTlhMjEtZDQxYi00ODQ2LWI3YWUtN2Vh
MzhjMzJmZDRjLzU5MDMxYTYzLWVhMWEtNDk0My04NmFiLTE5MjIxYTIzY2E0Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzJmMDU5YTIxLWQ0MWItNDg0Ni1iN2Fl
LTdlYTM4YzMyZmQ0Yy9Id1p4ZlNyMkxqZ0pCeUNFdzYtUFNKU09RT0kuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgEmBg9AgDANBgkqhkiG9w0BAQsFAAOCAQEAgABsSV3Xn53nP7RT33FWYknR
nWd8o2vadHnJVWA2YZoFdLDjxBTGa0fxIoeVT6rIl8SNTPTRl+wcir/I29IKCI7w
WGFHc6QqDenJSWzRI1eqA4JSRHu6wgkT3LNYUWtJLy/W2AtsjnbRO3oN/GmVD8UY
VbSyhmJ362KtJrQcVwvYvSGILjTw330U89n6XZR/I+awBlF5XyXeYrxyuCKp+MUy
3pSSKuKncJnHLnkxsDNTwV1SGxwteiadKyZSF9Ic/3cv6jrFsIvk2hq2+zasSBQZ
5l6319Bs3NdgQuTtPoHnHbJG067JLHfwr+ilO36Dt/t71OpOdNIyTwqnOKT2ZA==
-----END CERTIFICATE-----