Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/03b59a1e-6268-4607-a6c1-69e6de80cf4a.roa
File:                     03b59a1e-6268-4607-a6c1-69e6de80cf4a.roa (raw, json)
Hash identifier:          cQLo4iB1fm6cuGDDkKNtgS+z6EEuVnCY0762L2IxnkM=
Subject key identifier:   04:4E:09:81:01:FC:F7:7D:43:9A:44:73:9D:45:EF:D7:04:15:87:B9
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       4E326BDE9CACE0F4B8111D49CEE6B1BF98501172
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/03b59a1e-6268-4607-a6c1-69e6de80cf4a.roa
Signing time:             Tue 04 Mar 2025 23:20:22 +0000
ROA not before:           Tue 04 Mar 2025 23:20:22 +0000
ROA not after:            Tue 08 Apr 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0f0:551d::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 15 Mar 2025 13:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4e:32:6b:de:9c:ac:e0:f4:b8:11:1d:49:ce:e6:b1:bf:98:50:11:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Mar  4 23:20:22 2025 GMT
            Not After : Apr  8 23:59:59 2025 GMT
        Subject: CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:97:c6:ff:be:4e:57:aa:76:1d:6a:88:1a:67:
                    2c:a8:d2:5a:a8:17:f2:e1:49:ec:27:b2:19:66:51:
                    6d:63:8c:18:d4:63:90:27:f4:c3:7c:96:50:1e:1e:
                    68:d2:81:a6:10:95:b1:87:dd:e4:40:70:89:9a:58:
                    5f:2f:bf:5c:58:6d:3d:c7:dd:8f:27:11:24:b9:01:
                    f5:06:05:02:45:d8:2e:92:4b:e9:8f:74:75:7d:87:
                    95:8f:31:9f:50:f8:0e:f2:95:9e:e8:26:1c:08:62:
                    6c:1d:d8:c6:b6:6b:4b:28:96:4e:0c:9d:0f:f4:62:
                    c2:45:3a:59:5e:43:21:6f:6c:9c:9f:ae:91:b2:df:
                    99:61:e4:6a:d0:0d:40:b3:36:64:95:8d:13:e0:fb:
                    e6:aa:eb:25:c0:46:ea:42:7c:5e:06:81:53:85:ea:
                    6c:d2:f9:df:57:83:ff:b0:c8:d2:c2:e3:74:0c:ee:
                    40:02:69:59:0d:46:d9:82:42:ea:ab:bd:a9:64:2a:
                    c2:78:0e:36:41:5d:b5:95:c9:89:61:0a:12:b2:c1:
                    c8:dc:76:f6:1a:80:58:a9:00:a3:87:9f:42:a4:e5:
                    a6:57:e3:1c:34:7f:af:e4:c6:30:19:a6:98:9e:b9:
                    48:cd:d9:20:88:c0:d1:74:bd:cb:0b:fb:95:a8:dc:
                    10:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:4E:09:81:01:FC:F7:7D:43:9A:44:73:9D:45:EF:D7:04:15:87:B9
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/03b59a1e-6268-4607-a6c1-69e6de80cf4a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:551d::/48

    Signature Algorithm: sha256WithRSAEncryption
         97:c6:d8:d6:e7:f6:7e:38:ab:78:be:81:24:c1:fc:7a:dd:aa:
         0a:f7:d5:0c:75:ee:ef:a1:56:53:3c:e9:ea:64:a4:88:26:3e:
         95:ee:5f:c5:86:50:99:0c:e5:53:3a:75:be:46:50:a3:6c:c4:
         50:84:34:3f:d5:08:ef:39:49:ba:44:9c:bb:6b:27:7c:4d:83:
         0e:38:9e:09:cf:92:d7:d3:44:7f:6f:9b:ee:65:7a:8b:cd:f2:
         ff:f1:86:23:ad:85:ce:55:76:1b:49:36:37:5b:86:a4:9f:7f:
         65:5d:19:ed:8c:77:bf:b9:fb:65:67:b6:41:ec:ce:28:80:8a:
         3a:bc:8c:bd:e2:fe:86:c6:da:29:f0:de:65:2c:86:b2:1b:e2:
         b8:c6:72:bd:f9:f1:a9:73:6b:81:71:47:ab:5f:04:23:e8:da:
         e9:19:a7:87:40:86:dc:75:fc:36:39:90:74:dc:66:c4:e8:60:
         53:98:35:8d:92:77:c9:1d:a8:6e:b6:f7:01:14:89:eb:bd:4b:
         9a:55:35:2e:65:ef:05:1a:c1:62:29:7b:96:f2:f7:76:ae:54:
         3f:51:d9:c1:6d:eb:86:1b:c4:6e:3a:9f:a0:f7:4e:7d:e1:bd:
         68:ad:a0:fd:ce:15:af:be:23:d4:8d:bc:98:93:1d:ef:8f:9b:
         c9:36:7f:13
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUTjJr3pys4PS4ER1Jzuaxv5hQEXIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwMzA0MjMyMDIyWhcNMjUwNDA4MjM1OTU5
WjB6MUkwRwYDVQQFE0A4MWU2Yzg0ZGQ1Zjg3NGQzZWI2MGQ1ZTRiYzEyMzI2NDYy
MTkwZTc0OTk1ZTg1YTE5MTc3NWIyNmQwNDhlMDg3MS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC6l8b/vk5XqnYdaogaZyyo0lqoF/LhSewnshlmUW1jjBjU
Y5An9MN8llAeHmjSgaYQlbGH3eRAcImaWF8vv1xYbT3H3Y8nESS5AfUGBQJF2C6S
S+mPdHV9h5WPMZ9Q+A7ylZ7oJhwIYmwd2Ma2a0solk4MnQ/0YsJFOlleQyFvbJyf
rpGy35lh5GrQDUCzNmSVjRPg++aq6yXARupCfF4GgVOF6mzS+d9Xg/+wyNLC43QM
7kACaVkNRtmCQuqrvalkKsJ4DjZBXbWVyYlhChKywcjcdvYagFipAKOHn0Kk5aZX
4xw0f6/kxjAZppieuUjN2SCIwNF0vcsL+5Wo3BDvAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUBE4JgQH8931DmkRznUXv1wQVh7kwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2LzAzYjU5YTFlLTYyNjgtNDYwNy1hNmMxLTY5ZTZkZTgwY2Y0YS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDwVR0wDQYJKoZIhvcNAQELBQADggEBAJfG2Nbn9n44q3i+gSTB/Hrd
qgr31Qx17u+hVlM86epkpIgmPpXuX8WGUJkM5VM6db5GUKNsxFCEND/VCO85SbpE
nLtrJ3xNgw44ngnPktfTRH9vm+5leovN8v/xhiOthc5VdhtJNjdbhqSff2VdGe2M
d7+5+2VntkHsziiAijq8jL3i/obG2inw3mUshrIb4rjGcr358alza4FxR6tfBCPo
2ukZp4dAhtx1/DY5kHTcZsToYFOYNY2Sd8kdqG629wEUieu9S5pVNS5l7wUawWIp
e5by93auVD9R2cFt64YbxG46n6D3Tn3hvWitoP3OFa++I9SNvJiTHe+Pm8k2fxM=
-----END CERTIFICATE-----