Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/35efcf72-708d-4456-b1d1-8419a2636e00.roa
File:                     35efcf72-708d-4456-b1d1-8419a2636e00.roa (raw, json)
Hash identifier:          aayPEUIezkd4KkafyWr6ez3uxrGBsTXiFTquZTHrLmw=
Subject key identifier:   B9:D6:B5:C5:B3:47:7B:50:ED:73:7C:79:49:6A:65:C8:88:06:C2:8E
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       113651D049D7545E36E6F95D5D44D6B76169B929
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/35efcf72-708d-4456-b1d1-8419a2636e00.roa
Signing time:             Wed 05 Feb 2025 00:00:00 +0000
ROA not before:           Wed 05 Feb 2025 00:00:00 +0000
ROA not after:            Wed 12 Mar 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        2605:9cc0:f03d::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 17 Feb 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            11:36:51:d0:49:d7:54:5e:36:e6:f9:5d:5d:44:d6:b7:61:69:b9:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Feb  5 00:00:00 2025 GMT
            Not After : Mar 12 23:59:59 2025 GMT
        Subject: CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:1f:59:22:18:d6:d5:64:61:18:86:70:dc:c0:
                    6b:30:79:f5:b9:4f:0a:a7:80:df:5e:83:0c:73:3a:
                    30:ad:72:76:60:83:ce:91:9a:3f:dc:24:11:54:f4:
                    a3:09:f2:85:30:7b:ba:46:54:7a:47:8f:a8:04:05:
                    1a:e0:3d:29:ec:2b:92:26:5f:65:44:37:17:6d:13:
                    37:d4:70:e3:0c:58:2c:63:6d:1f:19:d2:54:3a:09:
                    67:4d:dc:83:00:d3:b5:e5:d8:2c:cd:d9:f6:01:2b:
                    a9:0d:14:72:a8:66:aa:bf:d1:7d:0a:f0:82:d2:26:
                    3d:16:a8:1d:c4:db:be:48:3d:b6:6d:16:f8:ef:9e:
                    a7:0e:c4:81:4f:03:68:a8:3a:94:c6:6c:34:f5:56:
                    fd:37:58:01:58:f2:3c:c9:9b:c0:04:db:0b:11:3a:
                    59:4d:69:53:3b:07:f6:c7:a3:c9:cf:f3:f7:b6:34:
                    16:bf:14:5c:1a:ae:3d:2b:e6:a7:62:d9:4d:2d:ba:
                    b8:13:8e:31:e0:c4:7f:d9:d5:da:1f:62:46:5f:f4:
                    73:c6:87:f2:90:70:6d:d9:74:9f:d1:c9:e7:a9:04:
                    00:11:69:f7:35:f7:74:b6:0e:40:14:0b:a1:27:11:
                    cd:41:4e:09:93:9c:91:f7:df:dc:e8:73:9b:8e:7d:
                    0b:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:D6:B5:C5:B3:47:7B:50:ED:73:7C:79:49:6A:65:C8:88:06:C2:8E
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/35efcf72-708d-4456-b1d1-8419a2636e00.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:f03d::/48

    Signature Algorithm: sha256WithRSAEncryption
         1d:07:72:4d:11:ae:fe:df:e2:97:7c:66:e0:bc:52:c2:ed:df:
         af:3d:ab:04:ee:2b:3d:b8:0d:a1:1e:8e:48:e1:3a:a9:2b:60:
         30:c8:20:ef:f2:12:bf:29:97:ef:83:db:56:ca:cf:32:24:4b:
         17:65:ce:d3:24:af:c1:ba:c8:0f:a5:ff:22:cb:38:39:d1:f7:
         44:4b:ad:69:7f:6e:0e:56:b1:0a:32:ac:7a:ce:fb:0b:ef:8a:
         7c:5f:c3:65:0e:f9:48:e2:cd:39:3d:67:ae:0b:ff:7b:a6:c3:
         40:03:6a:9b:10:9d:ec:90:80:42:c2:2e:00:9e:68:91:29:61:
         4d:a0:72:fb:d3:6c:31:8b:be:35:ad:1c:e2:bc:b0:db:3f:48:
         c7:5f:07:c2:86:dc:99:c7:d4:3e:64:51:d6:2f:56:89:a0:b2:
         e1:bf:a0:07:b0:67:f2:b4:49:eb:ae:a6:ea:53:fd:f1:90:c9:
         97:e2:15:cf:0a:05:18:25:c9:48:f1:ec:06:9d:9a:4b:19:a0:
         25:cf:9a:df:2d:18:3b:3c:34:b4:b4:86:7f:e3:e5:86:a3:12:
         1d:e1:cb:09:f7:45:99:c8:51:07:32:10:d4:86:16:f8:1c:76:
         de:a4:65:3a:7d:bb:fa:76:3d:84:b7:41:a0:05:3c:2a:3d:5c:
         96:92:4b:65
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUETZR0EnXVF425vldXUTWt2FpuSkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUwMjA1MDAwMDAwWhcNMjUwMzEyMjM1OTU5
WjB6MUkwRwYDVQQFE0A5NDhhMjMyOTEzOTU5MTcyYzcyYTk2Yjc0MzE4Nzg1ZDVh
ZWNlOTU3YWQ2MjdhMDcxMDZhMTBiZTkwZWRiZGY3MS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDGH1kiGNbVZGEYhnDcwGswefW5TwqngN9egwxzOjCtcnZg
g86Rmj/cJBFU9KMJ8oUwe7pGVHpHj6gEBRrgPSnsK5ImX2VENxdtEzfUcOMMWCxj
bR8Z0lQ6CWdN3IMA07Xl2CzN2fYBK6kNFHKoZqq/0X0K8ILSJj0WqB3E275IPbZt
FvjvnqcOxIFPA2ioOpTGbDT1Vv03WAFY8jzJm8AE2wsROllNaVM7B/bHo8nP8/e2
NBa/FFwarj0r5qdi2U0turgTjjHgxH/Z1dofYkZf9HPGh/KQcG3ZdJ/RyeepBAAR
afc193S2DkAUC6EnEc1BTgmTnJH339zoc5uOfQvRAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUuda1xbNHe1Dtc3x5SWplyIgGwo4wHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiLzM1ZWZjZjcyLTcwOGQtNDQ1Ni1iMWQxLTg0MTlhMjYzNmUwMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzA8D0wDQYJKoZIhvcNAQELBQADggEBAB0Hck0Rrv7f4pd8ZuC8UsLt
3689qwTuKz24DaEejkjhOqkrYDDIIO/yEr8pl++D21bKzzIkSxdlztMkr8G6yA+l
/yLLODnR90RLrWl/bg5WsQoyrHrO+wvvinxfw2UO+UjizTk9Z64L/3umw0ADapsQ
neyQgELCLgCeaJEpYU2gcvvTbDGLvjWtHOK8sNs/SMdfB8KG3JnH1D5kUdYvVomg
suG/oAewZ/K0SeuupupT/fGQyZfiFc8KBRglyUjx7AadmksZoCXPmt8tGDs8NLS0
hn/j5YajEh3hywn3RZnIUQcyENSGFvgcdt6kZTp9u/p2PYS3QaAFPCo9XJaSS2U=
-----END CERTIFICATE-----
Generated at Sun Feb 16 06:36:32 2025 by rpki-client