Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/b17bf491-58d8-4391-b7a8-e39988877ceb.roa
File:                     b17bf491-58d8-4391-b7a8-e39988877ceb.roa (raw, json)
Hash identifier:          uT+s6ssmI6xeGLlaNBlK2aJCus0BkeovWIL6Bz0AAG8=
Subject key identifier:   1A:B7:D2:7A:96:CD:83:6B:46:7C:55:13:5D:EF:CC:36:B8:AF:24:24
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       3D7E93A1FEF9252D77FA07CAEE2CA323B35313FA
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/b17bf491-58d8-4391-b7a8-e39988877ceb.roa
Signing time:             Tue 18 Feb 2025 16:21:02 +0000
ROA not before:           Tue 18 Feb 2025 16:21:02 +0000
ROA not after:            Tue 25 Mar 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2605:9cc0:c0a::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 15 Mar 2025 01:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3d:7e:93:a1:fe:f9:25:2d:77:fa:07:ca:ee:2c:a3:23:b3:53:13:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Feb 18 16:21:02 2025 GMT
            Not After : Mar 25 23:59:59 2025 GMT
        Subject: CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:cc:2b:a8:84:b6:13:de:09:22:7b:e7:1d:49:
                    79:08:2c:cf:e3:e1:1d:0c:6e:ac:2b:f2:b3:f6:9e:
                    ad:f1:9d:b5:37:8e:dd:1c:56:3f:03:0e:11:33:4f:
                    0d:f2:f0:c4:a3:06:c7:02:64:f7:e4:c7:5c:b6:97:
                    f8:3b:05:41:a0:5c:59:3f:78:78:c4:40:09:f4:9c:
                    64:00:70:a8:43:5b:7a:9b:f7:d8:2f:97:89:cf:87:
                    5d:91:85:10:1d:1e:9f:53:08:03:55:66:0b:d6:f1:
                    23:74:8d:56:43:60:08:e6:4c:20:d1:a4:af:8d:65:
                    cc:e5:f9:b1:60:05:f5:ed:87:ad:fb:b7:03:a4:f9:
                    6a:89:ed:d3:b1:a0:9f:44:a6:2b:2c:cc:c4:b5:bd:
                    73:30:27:a9:34:10:79:9b:d1:da:2d:57:3f:0e:25:
                    88:66:8a:9d:fd:1e:16:9d:c7:54:37:0e:67:61:e4:
                    d8:29:7b:fe:ef:da:ee:88:1c:c6:0d:3d:82:38:b4:
                    8f:35:1e:6f:3d:d2:c4:ea:52:bb:67:08:0a:84:c5:
                    10:dd:13:53:93:5b:6c:48:7e:74:43:0b:05:0d:9b:
                    a5:9f:6d:cd:8d:f7:06:c0:4e:ee:01:87:c3:82:f2:
                    40:33:bd:9e:7a:c2:27:3b:26:3c:91:9b:ec:b8:71:
                    28:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:B7:D2:7A:96:CD:83:6B:46:7C:55:13:5D:EF:CC:36:B8:AF:24:24
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/b17bf491-58d8-4391-b7a8-e39988877ceb.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:c0a::/48

    Signature Algorithm: sha256WithRSAEncryption
         15:34:a8:dc:ad:ed:b7:3f:02:7c:2d:94:9c:6f:c6:df:b2:10:
         44:a7:d6:9c:ca:78:8a:15:ac:ce:88:c4:f5:14:16:82:44:e4:
         d4:60:54:6c:ff:c4:9e:71:e5:18:01:a5:71:4f:8c:bc:f7:c9:
         ed:57:08:19:76:20:9c:7b:a3:d9:e6:d8:a9:be:32:94:c9:33:
         4d:78:e4:30:3a:27:b5:ec:c1:da:f8:6b:70:77:e3:f4:71:dc:
         d9:a2:ff:e7:7c:da:87:7c:6b:b4:17:50:0a:99:6a:4d:ce:21:
         a7:ae:82:d6:a7:ba:09:d7:3c:8c:aa:1c:70:bb:ea:2c:ed:fb:
         5a:d0:60:ba:88:a0:83:7d:96:1b:c2:b6:99:16:fe:45:a9:60:
         ab:8f:5e:ca:90:66:2f:56:03:c9:87:7d:b2:63:b9:f9:46:06:
         fa:8c:48:7d:63:73:c7:d1:7a:6e:df:16:65:da:d3:08:26:80:
         47:87:45:af:30:bb:38:95:3f:1d:54:83:3a:fa:47:a7:32:73:
         13:25:d4:24:ed:d1:56:61:9f:60:df:d2:3a:dd:e5:be:92:ea:
         51:e5:1a:d6:dd:91:f7:c6:6e:40:1c:75:85:8b:93:cf:b8:f8:
         1c:36:16:9d:68:4b:1d:b9:83:64:1c:68:95:62:13:57:48:2e:
         15:69:37:09
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUPX6Tof75JS13+gfK7iyjI7NTE/owDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUwMjE4MTYyMTAyWhcNMjUwMzI1MjM1OTU5
WjB6MUkwRwYDVQQFE0BmZmEzM2M5MjIzNDk5ZWNkY2M1NDljMDJlNjJmYzY1YTAy
ZWQ1YjhlNmZjMWY3YjlhZTk1MTU0Y2Q5ZDViYzNmMS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCuzCuohLYT3gkie+cdSXkILM/j4R0Mbqwr8rP2nq3xnbU3
jt0cVj8DDhEzTw3y8MSjBscCZPfkx1y2l/g7BUGgXFk/eHjEQAn0nGQAcKhDW3qb
99gvl4nPh12RhRAdHp9TCANVZgvW8SN0jVZDYAjmTCDRpK+NZczl+bFgBfXth637
twOk+WqJ7dOxoJ9EpisszMS1vXMwJ6k0EHmb0dotVz8OJYhmip39Hhadx1Q3Dmdh
5Ngpe/7v2u6IHMYNPYI4tI81Hm890sTqUrtnCAqExRDdE1OTW2xIfnRDCwUNm6Wf
bc2N9wbATu4Bh8OC8kAzvZ56wic7JjyRm+y4cSjdAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUGrfSepbNg2tGfFUTXe/MNrivJCQwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiL2IxN2JmNDkxLTU4ZDgtNDM5MS1iN2E4LWUzOTk4ODg3N2NlYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzADAowDQYJKoZIhvcNAQELBQADggEBABU0qNyt7bc/AnwtlJxvxt+y
EESn1pzKeIoVrM6IxPUUFoJE5NRgVGz/xJ5x5RgBpXFPjLz3ye1XCBl2IJx7o9nm
2Km+MpTJM0145DA6J7Xswdr4a3B34/Rx3Nmi/+d82od8a7QXUAqZak3OIaeugtan
ugnXPIyqHHC76izt+1rQYLqIoIN9lhvCtpkW/kWpYKuPXsqQZi9WA8mHfbJjuflG
BvqMSH1jc8fRem7fFmXa0wgmgEeHRa8wuziVPx1Ugzr6R6cycxMl1CTt0VZhn2Df
0jrd5b6S6lHlGtbdkffGbkAcdYWLk8+4+Bw2Fp1oSx25g2QcaJViE1dILhVpNwk=
-----END CERTIFICATE-----