Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/5362b40e-d987-4a9d-8f30-59c3b7075db1.roa
File:                     5362b40e-d987-4a9d-8f30-59c3b7075db1.roa (raw, json)
Hash identifier:          cULG5Euv6TA/T4KwVYzmhSS99WlGO5z5qeEi4rdCQMM=
Subject key identifier:   43:75:10:1F:FA:E2:2F:8E:88:89:11:9C:D4:A2:1F:EB:38:7A:A8:87
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       63C5B6AB3A16A4526E36DEC2830880907E93746C
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/5362b40e-d987-4a9d-8f30-59c3b7075db1.roa
Signing time:             Tue 20 May 2025 18:10:06 +0000
ROA not before:           Tue 20 May 2025 18:10:06 +0000
ROA not after:            Tue 24 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0f0:5530::/44 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 09 Jun 2025 13:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            63:c5:b6:ab:3a:16:a4:52:6e:36:de:c2:83:08:80:90:7e:93:74:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: May 20 18:10:06 2025 GMT
            Not After : Jun 24 23:59:59 2025 GMT
        Subject: serialNumber=62cc2d6b92b8e3a36cd809f8ea836bf343bbf42bb873c334fbcaf450cc9b2d58, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:d7:8a:e8:dc:33:70:9e:f8:30:07:ca:c8:58:
                    0e:db:23:46:64:ef:17:83:3b:07:62:dd:e2:75:76:
                    b9:23:4f:88:15:2c:bc:2f:71:fc:0c:a9:97:34:c3:
                    62:13:c6:28:7a:12:9f:3f:81:51:d9:35:45:8f:68:
                    8a:a9:9f:9d:23:a5:76:cf:fb:c0:b6:a0:84:69:26:
                    ef:22:03:82:e3:a6:00:5d:d8:1e:e7:bb:45:83:49:
                    f1:04:b2:01:83:76:49:35:e9:f0:2a:3d:95:96:a5:
                    ca:8a:7f:92:4f:d7:87:77:1f:26:72:aa:30:63:54:
                    17:01:db:39:c4:85:a2:9a:7f:90:a5:51:59:67:80:
                    56:a8:d5:dd:bd:a2:f5:f1:79:0d:9e:c9:b3:24:cc:
                    9a:0d:64:49:27:20:56:d4:72:73:d1:94:83:a7:41:
                    d8:38:b0:ca:17:87:1d:74:10:e4:2d:c2:3d:73:5f:
                    84:eb:43:66:f0:06:ad:2f:cc:e4:c8:d9:b2:a5:44:
                    53:8d:f7:1e:18:3b:2f:23:e2:71:95:02:64:e4:69:
                    71:f5:b1:06:db:6e:f6:c6:c8:bb:ee:4a:df:e9:3d:
                    fa:f8:da:75:b0:aa:a9:56:7b:c9:35:66:1a:95:51:
                    f4:19:3b:67:c9:4b:01:7e:4e:80:27:e6:54:9d:02:
                    20:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:75:10:1F:FA:E2:2F:8E:88:89:11:9C:D4:A2:1F:EB:38:7A:A8:87
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/5362b40e-d987-4a9d-8f30-59c3b7075db1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:5530::/44

    Signature Algorithm: sha256WithRSAEncryption
         9f:47:78:b6:56:3d:32:ce:7d:e0:d3:8d:45:0b:3c:0d:78:5d:
         0f:17:f6:90:a5:c5:b3:99:ab:26:52:e4:57:09:13:56:2f:a1:
         5e:1d:c1:32:c1:27:75:a2:b7:ec:2c:83:04:ee:9e:de:83:ee:
         4d:84:59:73:d2:f6:80:d4:04:92:c6:32:c8:d7:ad:96:d7:27:
         2f:9f:2a:21:ad:e1:9e:07:f5:af:e7:17:e0:ea:33:aa:4e:09:
         54:16:a9:be:cd:e0:34:d5:14:e6:42:22:c4:41:41:5e:71:ab:
         f0:21:43:a5:74:21:b0:1c:0e:38:1a:94:16:2b:96:cb:e2:1e:
         55:0c:9c:a4:30:d4:38:ff:59:a8:27:ab:1f:a9:7c:15:04:02:
         a7:db:23:6f:7d:36:8b:91:ed:26:ae:7a:96:5d:83:87:16:5b:
         33:ab:e0:6c:09:bf:13:10:4e:0f:17:7a:83:28:be:57:eb:2f:
         9a:0c:aa:41:e9:ff:cc:f2:c4:e1:e0:b9:e2:65:f1:c9:82:b5:
         22:af:e9:fd:80:61:70:5c:5f:5b:db:ca:be:5c:6c:46:18:59:
         62:71:4c:61:b6:14:1d:e6:bf:ef:55:64:5c:9f:c8:00:d7:55:
         68:46:75:30:73:31:3a:f9:c7:04:ac:3b:94:4d:fd:8b:90:0f:
         66:f6:6d:e8
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUY8W2qzoWpFJuNt7CgwiAkH6TdGwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwNTIwMTgxMDA2WhcNMjUwNjI0MjM1OTU5
WjB6MUkwRwYDVQQFE0A2MmNjMmQ2YjkyYjhlM2EzNmNkODA5ZjhlYTgzNmJmMzQz
YmJmNDJiYjg3M2MzMzRmYmNhZjQ1MGNjOWIyZDU4MS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCc14ro3DNwnvgwB8rIWA7bI0Zk7xeDOwdi3eJ1drkjT4gV
LLwvcfwMqZc0w2ITxih6Ep8/gVHZNUWPaIqpn50jpXbP+8C2oIRpJu8iA4LjpgBd
2B7nu0WDSfEEsgGDdkk16fAqPZWWpcqKf5JP14d3HyZyqjBjVBcB2znEhaKaf5Cl
UVlngFao1d29ovXxeQ2eybMkzJoNZEknIFbUcnPRlIOnQdg4sMoXhx10EOQtwj1z
X4TrQ2bwBq0vzOTI2bKlRFON9x4YOy8j4nGVAmTkaXH1sQbbbvbGyLvuSt/pPfr4
2nWwqqlWe8k1ZhqVUfQZO2fJSwF+ToAn5lSdAiD1AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUQ3UQH/riL46IiRGc1KIf6zh6qIcwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2LzUzNjJiNDBlLWQ5ODctNGE5ZC04ZjMwLTU5YzNiNzA3NWRiMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwQmAPDwVTAwDQYJKoZIhvcNAQELBQADggEBAJ9HeLZWPTLOfeDTjUULPA14
XQ8X9pClxbOZqyZS5FcJE1YvoV4dwTLBJ3Wit+wsgwTunt6D7k2EWXPS9oDUBJLG
MsjXrZbXJy+fKiGt4Z4H9a/nF+DqM6pOCVQWqb7N4DTVFOZCIsRBQV5xq/AhQ6V0
IbAcDjgalBYrlsviHlUMnKQw1Dj/Wagnqx+pfBUEAqfbI299NouR7SauepZdg4cW
WzOr4GwJvxMQTg8XeoMovlfrL5oMqkHp/8zyxOHgueJl8cmCtSKv6f2AYXBcX1vb
yr5cbEYYWWJxTGG2FB3mv+9VZFyfyADXVWhGdTBzMTr5xwSsO5RN/YuQD2b2beg=
-----END CERTIFICATE-----