Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/1471cd7d-f4dc-4f9e-9097-188dfdebcc7e.roa
File:                     1471cd7d-f4dc-4f9e-9097-188dfdebcc7e.roa (raw, json)
Hash identifier:          YkGVnu4QII55UY+mTqRkmffKjYh3fzPxhCSzxtfE03U=
Subject key identifier:   A4:CC:EF:3B:6C:CF:A4:CC:04:02:0A:CF:ED:52:18:EC:E6:97:09:21
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       518ECCC2F0E20051D89B1CFDD77FC1BB306C38CD
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/1471cd7d-f4dc-4f9e-9097-188dfdebcc7e.roa
Signing time:             Fri 24 Jan 2025 00:00:00 +0000
ROA not before:           Fri 24 Jan 2025 00:00:00 +0000
ROA not after:            Fri 28 Feb 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2605:9cc0:402::/47 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 17 Feb 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            51:8e:cc:c2:f0:e2:00:51:d8:9b:1c:fd:d7:7f:c1:bb:30:6c:38:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Jan 24 00:00:00 2025 GMT
            Not After : Feb 28 23:59:59 2025 GMT
        Subject: CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:a5:ca:b9:15:96:21:85:14:ef:d2:13:5f:54:
                    86:48:ff:9f:ac:a2:78:14:93:6f:20:24:e3:9e:57:
                    6e:63:55:9d:c6:86:3b:27:95:56:d4:5b:85:68:19:
                    5e:9d:fd:71:7a:ec:ee:a4:ab:54:82:29:9a:ed:a4:
                    11:43:64:d4:38:71:b0:f4:67:2c:cb:7b:26:c8:af:
                    a4:51:a2:83:2a:ed:cf:68:af:58:f5:29:0b:75:51:
                    fc:d2:e2:a6:9d:e3:1d:df:1d:c9:04:7e:3b:39:18:
                    29:30:3e:b9:48:4e:55:8f:e9:1c:28:7e:db:06:be:
                    8b:3f:21:b9:8b:fd:58:1d:31:93:4e:a6:7b:87:e8:
                    31:92:bf:59:ce:85:36:86:60:73:23:8b:84:00:f8:
                    dc:e3:9b:c3:62:b1:17:18:b1:24:0b:cd:86:b8:e4:
                    3d:6d:95:e9:b1:5f:74:e2:3b:e1:d1:28:1f:21:a3:
                    d0:52:96:ea:6d:34:1b:f4:90:98:c8:29:c1:96:aa:
                    5b:e7:3a:04:cc:45:53:9b:a2:27:73:9c:a8:21:7a:
                    2b:77:62:cb:d6:65:11:2d:53:8e:fb:70:46:dd:90:
                    bb:51:ac:cc:92:1e:3b:8e:3e:38:1a:ab:8f:1c:27:
                    9a:df:00:5a:1b:fd:e0:00:45:4d:b0:40:7a:da:db:
                    97:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:CC:EF:3B:6C:CF:A4:CC:04:02:0A:CF:ED:52:18:EC:E6:97:09:21
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/1471cd7d-f4dc-4f9e-9097-188dfdebcc7e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:402::/47

    Signature Algorithm: sha256WithRSAEncryption
         16:33:90:2b:59:c0:78:15:1f:68:40:a1:84:1c:cc:87:27:35:
         60:e5:f0:80:d1:d0:0d:c9:df:51:5d:19:2c:e0:76:fa:33:14:
         6b:45:3a:f4:38:3e:16:3d:c0:2d:d4:40:cf:3c:8c:6b:4a:69:
         4b:79:b3:92:e1:5a:0b:ea:ef:18:d5:5e:06:ae:be:9f:17:ee:
         e7:d0:6c:d2:05:20:e4:bf:07:8d:f5:81:9e:d4:5f:e6:13:d1:
         44:61:d8:7f:ff:1d:8d:2d:ca:15:50:fd:4d:54:b6:32:18:de:
         60:35:00:8d:ea:88:98:dc:06:45:d8:9e:a3:3e:b1:ec:0a:e0:
         41:02:48:1f:83:0d:43:9b:1f:e2:fc:8c:20:d5:46:b4:22:06:
         9e:76:82:4c:c3:b3:62:d4:72:7f:fb:85:da:6b:d0:7a:0d:4d:
         da:8a:39:43:04:c4:a3:be:87:65:4f:1d:be:65:1c:db:7a:e7:
         48:62:bf:2b:1a:9c:99:8b:1c:5b:67:14:9a:6a:6b:30:b1:36:
         68:cb:6b:d2:6a:f2:00:89:29:92:b6:de:73:a9:33:cf:80:6e:
         37:ee:dc:ba:3e:96:13:51:d6:0e:57:9b:fa:4f:8f:d9:7c:1d:
         6c:5e:b0:0f:42:27:81:61:33:32:7c:fb:5d:67:6c:73:19:0b:
         a4:e2:ef:7e
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUUY7MwvDiAFHYmxz913/BuzBsOM0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUwMTI0MDAwMDAwWhcNMjUwMjI4MjM1OTU5
WjB6MUkwRwYDVQQFE0BmNDAwODRlNTg5NTdiZWY1OWE1OTYzZjc4NTAwZTg5ZWY1
NDk2YjAzNjIxM2NlYjM4ZjQxMGY1MDk0NzFkMDI3MS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCcpcq5FZYhhRTv0hNfVIZI/5+songUk28gJOOeV25jVZ3G
hjsnlVbUW4VoGV6d/XF67O6kq1SCKZrtpBFDZNQ4cbD0ZyzLeybIr6RRooMq7c9o
r1j1KQt1UfzS4qad4x3fHckEfjs5GCkwPrlITlWP6RwoftsGvos/IbmL/VgdMZNO
pnuH6DGSv1nOhTaGYHMji4QA+Nzjm8NisRcYsSQLzYa45D1tlemxX3TiO+HRKB8h
o9BSluptNBv0kJjIKcGWqlvnOgTMRVOboidznKgheit3YsvWZREtU477cEbdkLtR
rMySHjuOPjgaq48cJ5rfAFob/eAARU2wQHra25ebAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUpMzvO2zPpMwEAgrP7VIY7OaXCSEwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiLzE0NzFjZDdkLWY0ZGMtNGY5ZS05MDk3LTE4OGRmZGViY2M3ZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwEmBZzABAIwDQYJKoZIhvcNAQELBQADggEBABYzkCtZwHgVH2hAoYQczIcn
NWDl8IDR0A3J31FdGSzgdvozFGtFOvQ4PhY9wC3UQM88jGtKaUt5s5LhWgvq7xjV
Xgauvp8X7ufQbNIFIOS/B431gZ7UX+YT0URh2H//HY0tyhVQ/U1UtjIY3mA1AI3q
iJjcBkXYnqM+sewK4EECSB+DDUObH+L8jCDVRrQiBp52gkzDs2LUcn/7hdpr0HoN
TdqKOUMExKO+h2VPHb5lHNt650hivysanJmLHFtnFJpqazCxNmjLa9Jq8gCJKZK2
3nOpM8+Abjfu3Lo+lhNR1g5Xm/pPj9l8HWxesA9CJ4FhMzJ8+11nbHMZC6Ti734=
-----END CERTIFICATE-----