Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/7c11722a-3aa4-4f88-89d9-e3ef3733a003.roa
File:                     7c11722a-3aa4-4f88-89d9-e3ef3733a003.roa (raw, json)
Hash identifier:          itvxzsq9GSkDwUFx/78vTZ4107hpgzJkoNRj/qI7nNE=
Subject key identifier:   BB:BE:CC:97:96:1A:E9:9E:3B:3A:DD:B2:59:09:B2:1E:24:39:FF:91
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       2CE2B4001CAF0A666A71B349BB6BACFE954B0350
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/7c11722a-3aa4-4f88-89d9-e3ef3733a003.roa
Signing time:             Tue 18 Feb 2025 16:30:31 +0000
ROA not before:           Tue 18 Feb 2025 16:30:31 +0000
ROA not after:            Tue 25 Mar 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2605:9cc0:c12::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 15 Mar 2025 01:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2c:e2:b4:00:1c:af:0a:66:6a:71:b3:49:bb:6b:ac:fe:95:4b:03:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Feb 18 16:30:31 2025 GMT
            Not After : Mar 25 23:59:59 2025 GMT
        Subject: CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:a7:40:4d:c1:2d:90:73:23:27:e4:dd:f8:49:
                    8a:83:da:de:a6:e6:b0:7c:17:50:69:7a:dd:26:63:
                    6a:6e:10:3c:b6:70:e6:3d:8d:34:6e:f2:b2:ab:e0:
                    4a:21:14:d1:1f:f2:72:62:93:ed:aa:49:e8:6b:f5:
                    2a:f5:db:1b:4a:0e:06:12:96:6d:17:57:7f:e7:9d:
                    31:1a:4d:62:ed:f0:0f:04:bc:a3:d1:09:5f:a1:e5:
                    2f:76:e7:10:20:9e:59:fb:65:61:f4:0f:f3:80:16:
                    44:38:da:fb:30:2a:0c:e1:55:8a:b8:4c:d0:c4:ea:
                    56:dd:8f:d5:61:be:18:1b:8b:99:6f:01:e0:3d:34:
                    f2:8d:46:ba:5b:fe:5a:51:53:bf:fc:b0:8d:ce:26:
                    2f:95:e2:a9:d9:bb:e6:07:80:bf:76:e9:12:3d:ec:
                    35:56:90:c3:75:3e:93:06:c1:d0:74:af:bf:29:11:
                    ba:a5:b5:54:fd:89:7d:9b:c0:d1:b1:5a:c9:99:fd:
                    06:1f:e1:14:23:8f:41:ee:c0:00:78:d3:c9:ad:b1:
                    e2:ce:53:5e:99:79:44:12:bc:e3:99:61:07:2a:23:
                    0c:8a:fd:20:f2:d2:4c:90:1a:07:a1:8f:70:f0:2a:
                    ea:34:ed:9e:33:08:10:a1:ea:cd:d3:aa:24:86:ae:
                    ed:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:BE:CC:97:96:1A:E9:9E:3B:3A:DD:B2:59:09:B2:1E:24:39:FF:91
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/7c11722a-3aa4-4f88-89d9-e3ef3733a003.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:c12::/48

    Signature Algorithm: sha256WithRSAEncryption
         95:73:27:03:7c:74:3a:4c:67:c2:2c:fb:59:8a:76:e6:5e:70:
         f6:b1:28:20:3f:bf:99:c1:a0:71:89:4c:36:ec:cd:e1:ab:73:
         0d:46:41:c9:7b:f6:bd:e4:88:d4:17:62:7e:89:fe:74:4a:4e:
         d8:79:1d:eb:0e:57:54:43:6d:b6:7b:52:a4:cb:75:76:8e:23:
         7d:4e:b2:01:ac:fb:00:59:dc:a4:2a:bf:38:8b:84:d8:37:e7:
         28:29:c8:a6:2d:3b:c6:3a:d1:40:1a:76:72:c1:bf:76:87:fd:
         e3:67:7e:47:d7:f9:3b:12:83:f5:8d:38:91:ab:54:26:de:3b:
         74:a3:a4:66:10:61:b4:82:d7:c0:92:b6:b6:c2:53:8a:85:9c:
         3b:ca:93:e5:16:0d:a2:dc:57:cd:d5:99:69:b5:73:e6:c0:84:
         3e:ca:ea:57:67:6e:d1:8e:9b:8e:b9:0a:85:5d:00:84:d9:d5:
         20:0c:9e:6b:36:53:d4:82:49:c3:6d:b2:49:27:8c:25:dc:b6:
         ea:13:5e:59:d9:c1:a5:a3:bb:26:36:03:76:86:7c:c2:db:7f:
         95:37:8a:2a:6d:b0:34:bc:3b:51:f6:a1:f6:d6:87:67:ba:6c:
         78:c8:4f:e9:db:ca:b4:e0:a9:0a:1c:bf:d3:3a:8c:25:37:2f:
         01:64:f3:b2
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIULOK0AByvCmZqcbNJu2us/pVLA1AwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUwMjE4MTYzMDMxWhcNMjUwMzI1MjM1OTU5
WjB6MUkwRwYDVQQFE0BhNTQwMmRkYmE0ZDM0OGYxNzZiYTRjMDQ2MjViMmQ3Njg3
MTg5MDVjMjllZDljZTc1M2RlYmQ0YzFiNjBmZDRhMS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCzp0BNwS2QcyMn5N34SYqD2t6m5rB8F1Bpet0mY2puEDy2
cOY9jTRu8rKr4EohFNEf8nJik+2qSehr9Sr12xtKDgYSlm0XV3/nnTEaTWLt8A8E
vKPRCV+h5S925xAgnln7ZWH0D/OAFkQ42vswKgzhVYq4TNDE6lbdj9Vhvhgbi5lv
AeA9NPKNRrpb/lpRU7/8sI3OJi+V4qnZu+YHgL926RI97DVWkMN1PpMGwdB0r78p
EbqltVT9iX2bwNGxWsmZ/QYf4RQjj0HuwAB408mtseLOU16ZeUQSvOOZYQcqIwyK
/SDy0kyQGgehj3DwKuo07Z4zCBCh6s3TqiSGru27AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUu77Ml5Ya6Z47Ot2yWQmyHiQ5/5EwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiLzdjMTE3MjJhLTNhYTQtNGY4OC04OWQ5LWUzZWYzNzMzYTAwMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzADBIwDQYJKoZIhvcNAQELBQADggEBAJVzJwN8dDpMZ8Is+1mKduZe
cPaxKCA/v5nBoHGJTDbszeGrcw1GQcl79r3kiNQXYn6J/nRKTth5HesOV1RDbbZ7
UqTLdXaOI31OsgGs+wBZ3KQqvziLhNg35ygpyKYtO8Y60UAadnLBv3aH/eNnfkfX
+TsSg/WNOJGrVCbeO3SjpGYQYbSC18CStrbCU4qFnDvKk+UWDaLcV83VmWm1c+bA
hD7K6ldnbtGOm465CoVdAITZ1SAMnms2U9SCScNtskknjCXctuoTXlnZwaWjuyY2
A3aGfMLbf5U3iiptsDS8O1H2ofbWh2e6bHjIT+nbyrTgqQocv9M6jCU3LwFk87I=
-----END CERTIFICATE-----