Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/b135e8de-4e6c-4d15-87c3-51709cb5a460.roa
File:                     b135e8de-4e6c-4d15-87c3-51709cb5a460.roa (raw, json)
Hash identifier:          yzyI/s/APcdrOm1smNFMpk+BMQ9TNCyLSCHy7Z6AhxI=
Subject key identifier:   DC:FF:B2:62:27:A9:31:73:9B:2E:F4:1F:A5:C5:A1:4C:10:F4:AE:4A
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       693A83731B718EE22BFF89CDF6BAA52A401CD46A
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/b135e8de-4e6c-4d15-87c3-51709cb5a460.roa
Signing time:             Fri 25 Apr 2025 17:30:26 +0000
ROA not before:           Fri 25 Apr 2025 17:30:26 +0000
ROA not after:            Fri 30 May 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2605:9cc0:39c::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 10 May 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            69:3a:83:73:1b:71:8e:e2:2b:ff:89:cd:f6:ba:a5:2a:40:1c:d4:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Apr 25 17:30:26 2025 GMT
            Not After : May 30 23:59:59 2025 GMT
        Subject: serialNumber=f8b4ba16b2fe9f7e11a57f51d14605c3353010781100308c0403f0ee696314a2, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:58:0c:73:7e:46:cd:af:2c:db:df:2b:01:12:
                    a8:e7:64:2f:4f:42:ab:c7:cd:6b:d9:b0:da:b4:c2:
                    b1:8e:d2:b1:60:dc:29:ef:1a:b8:34:d9:84:ad:04:
                    6c:75:6e:73:4f:87:ec:f9:03:b0:1c:60:bc:77:2d:
                    b3:69:c8:23:a8:1f:e7:5d:0f:0f:7a:0c:05:84:34:
                    a0:53:36:7d:5f:8d:c7:df:18:cc:ec:dc:50:22:29:
                    d3:10:57:43:d2:72:a0:4f:ab:ac:fd:e0:ec:18:56:
                    21:ce:fb:0d:3f:a9:5f:de:d0:e3:68:a6:38:76:7a:
                    d7:e0:0e:6c:1b:0d:b5:17:75:0e:ed:3b:61:00:e8:
                    b8:3a:61:5f:18:82:9c:8b:9d:12:01:9a:5f:63:72:
                    fe:7b:05:af:9f:7b:8d:03:93:b6:f8:1b:f5:80:bc:
                    0b:4f:36:30:8d:48:40:16:f0:4c:9e:35:d2:c0:ab:
                    b4:c4:95:09:b8:fb:fb:f5:61:a2:84:75:da:65:7e:
                    79:86:9a:dd:b7:6b:11:bb:81:86:f4:8d:3b:8f:74:
                    4b:a2:a9:e5:b8:45:d8:a9:03:4e:0a:01:5c:5f:d2:
                    61:36:18:39:84:4c:1c:b1:26:b2:86:51:8b:ab:10:
                    79:5b:d9:be:2a:91:80:f8:fe:38:39:38:32:29:33:
                    8d:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:FF:B2:62:27:A9:31:73:9B:2E:F4:1F:A5:C5:A1:4C:10:F4:AE:4A
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/b135e8de-4e6c-4d15-87c3-51709cb5a460.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:39c::/48

    Signature Algorithm: sha256WithRSAEncryption
         9e:31:3e:84:73:c1:9c:70:90:c4:47:53:e2:29:0f:cb:87:5c:
         61:f0:a7:5d:fd:9e:77:b8:5c:c3:93:29:5b:ec:4d:e4:6e:3b:
         0d:68:45:8a:42:37:82:30:5d:02:2c:8d:ae:d1:d9:47:b5:01:
         66:3d:83:16:cd:11:cd:63:1d:5f:74:4f:fa:69:9f:83:71:45:
         ac:44:34:10:3f:92:ca:4e:d5:fa:ba:34:f3:68:68:3a:b1:e1:
         0d:84:c0:d7:a9:a2:f6:e5:92:c9:f6:6a:8b:17:ec:86:5e:ac:
         a2:0e:24:0b:a5:10:0a:1c:80:0c:b9:7b:02:40:dd:a3:e6:7e:
         c2:3e:a7:11:e6:b4:27:15:fe:94:29:9b:c4:6f:29:35:38:5b:
         14:58:2b:80:0b:82:3b:75:a6:d1:46:bf:41:cc:19:1f:c5:b1:
         ad:13:f2:46:3c:e2:3a:36:91:20:47:31:45:e0:17:53:93:3b:
         05:f5:74:b8:aa:52:35:f6:3e:c7:8c:db:d0:5a:9e:59:ad:fd:
         2a:ec:0e:54:ae:5e:de:2b:e2:16:ea:82:21:30:97:1c:40:25:
         d3:90:c7:18:e2:9b:5a:f2:b6:17:ec:d0:b2:aa:b5:bd:1c:01:
         88:a8:54:d5:e7:7a:29:6c:f4:8c:c0:6e:ad:b7:b8:21:8b:20:
         6e:d9:ee:2b
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUaTqDcxtxjuIr/4nN9rqlKkAc1GowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUwNDI1MTczMDI2WhcNMjUwNTMwMjM1OTU5
WjB6MUkwRwYDVQQFE0BmOGI0YmExNmIyZmU5ZjdlMTFhNTdmNTFkMTQ2MDVjMzM1
MzAxMDc4MTEwMDMwOGMwNDAzZjBlZTY5NjMxNGEyMS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDXWAxzfkbNryzb3ysBEqjnZC9PQqvHzWvZsNq0wrGO0rFg
3CnvGrg02YStBGx1bnNPh+z5A7AcYLx3LbNpyCOoH+ddDw96DAWENKBTNn1fjcff
GMzs3FAiKdMQV0PScqBPq6z94OwYViHO+w0/qV/e0ONopjh2etfgDmwbDbUXdQ7t
O2EA6Lg6YV8YgpyLnRIBml9jcv57Ba+fe40Dk7b4G/WAvAtPNjCNSEAW8EyeNdLA
q7TElQm4+/v1YaKEddplfnmGmt23axG7gYb0jTuPdEuiqeW4RdipA04KAVxf0mE2
GDmETByxJrKGUYurEHlb2b4qkYD4/jg5ODIpM42JAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQU3P+yYiepMXObLvQfpcWhTBD0rkowHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiL2IxMzVlOGRlLTRlNmMtNGQxNS04N2MzLTUxNzA5Y2I1YTQ2MC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzAA5wwDQYJKoZIhvcNAQELBQADggEBAJ4xPoRzwZxwkMRHU+IpD8uH
XGHwp139nne4XMOTKVvsTeRuOw1oRYpCN4IwXQIsja7R2Ue1AWY9gxbNEc1jHV90
T/ppn4NxRaxENBA/kspO1fq6NPNoaDqx4Q2EwNepovblksn2aosX7IZerKIOJAul
EAocgAy5ewJA3aPmfsI+pxHmtCcV/pQpm8RvKTU4WxRYK4ALgjt1ptFGv0HMGR/F
sa0T8kY84jo2kSBHMUXgF1OTOwX1dLiqUjX2PseM29Banlmt/SrsDlSuXt4r4hbq
giEwlxxAJdOQxxjim1rythfs0LKqtb0cAYioVNXneils9IzAbq23uCGLIG7Z7is=
-----END CERTIFICATE-----