Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/ba6294fd-941c-4316-acc0-e4f732862a4c.roa
File:                     ba6294fd-941c-4316-acc0-e4f732862a4c.roa (raw, json)
Hash identifier:          y6SXHfi1BQdmwILZRt6eW9xFp6sG0mmYW3+jEI0Tc/0=
Subject key identifier:   AC:BE:4E:2D:ED:0E:3F:B5:27:B6:DA:7F:97:7A:BE:6F:36:43:DC:7C
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       5D58795F42F4060BAFAE7E89DF7BC32DBE4AB1EB
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/ba6294fd-941c-4316-acc0-e4f732862a4c.roa
Signing time:             Mon 10 Feb 2025 00:00:00 +0000
ROA not before:           Mon 10 Feb 2025 00:00:00 +0000
ROA not after:            Mon 17 Mar 2025 23:59:59 +0000
asID:                     8987
IP address blocks:        2605:9cc0:639::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 17 Feb 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5d:58:79:5f:42:f4:06:0b:af:ae:7e:89:df:7b:c3:2d:be:4a:b1:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Feb 10 00:00:00 2025 GMT
            Not After : Mar 17 23:59:59 2025 GMT
        Subject: CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:c7:ae:ef:78:19:ff:d8:34:45:87:1d:3f:c9:
                    84:62:24:f4:41:97:3e:43:55:e8:06:e8:f0:d1:fa:
                    4b:c3:c7:8b:fd:9c:65:11:3b:95:ec:2d:0c:87:db:
                    16:61:79:6e:61:af:91:2a:87:41:fe:aa:2d:09:2f:
                    c5:c9:8b:46:9f:82:e6:08:f0:59:2d:55:1a:47:2f:
                    f7:bf:b0:bf:da:54:3b:83:24:66:bd:62:70:b9:30:
                    cb:e9:34:90:42:b9:29:74:a7:89:3d:17:bb:58:ca:
                    31:d2:7f:10:71:b3:2c:52:0a:be:68:07:20:2f:5f:
                    7a:38:52:9b:af:0a:d7:3c:88:33:9f:c6:e1:97:5d:
                    7f:88:38:f2:08:67:8e:a9:a2:2c:88:8e:6d:c3:a1:
                    0f:fd:b5:04:de:1a:8e:08:cb:fd:40:6b:ca:c5:ec:
                    98:de:3b:f3:1d:1f:b0:5f:75:6d:a3:5a:4e:50:90:
                    0b:b7:05:5c:c9:f2:ee:3d:16:d9:77:47:8c:6f:9c:
                    6a:4c:ff:ce:51:fe:c6:6b:54:b3:0f:2e:f6:b6:eb:
                    58:19:f7:85:37:37:fd:80:12:7f:fa:2c:ce:b1:ff:
                    e3:cd:f7:9a:18:7e:2d:27:b2:d6:c9:ee:79:ec:ac:
                    f1:10:86:90:b6:07:0a:ce:3b:d1:71:8b:26:13:fc:
                    a0:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:BE:4E:2D:ED:0E:3F:B5:27:B6:DA:7F:97:7A:BE:6F:36:43:DC:7C
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/ba6294fd-941c-4316-acc0-e4f732862a4c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:639::/48

    Signature Algorithm: sha256WithRSAEncryption
         53:ee:9f:f3:f2:f9:38:e1:53:a5:c4:0d:30:00:85:ca:6b:17:
         e0:b1:a0:c1:60:6a:c8:9b:64:44:06:b9:a4:39:49:0f:6f:53:
         05:a9:1d:87:ff:5f:10:d9:28:78:9d:fd:c0:c7:20:b3:ec:08:
         b9:f6:96:10:e7:a3:31:05:30:c8:7e:72:23:dd:f5:ec:ec:74:
         8c:fc:12:d8:a3:46:a5:4c:dc:ee:2d:2c:e5:61:7f:37:fe:c9:
         f1:88:3a:6b:22:d2:4e:a7:d6:c4:1a:e8:fd:ea:ef:3d:06:89:
         3b:c0:ad:0c:8c:74:4f:df:4a:23:13:f8:39:3b:db:4b:9c:c2:
         09:1e:72:3f:79:ac:21:ec:b3:e1:1b:7b:f3:71:16:44:9b:f9:
         55:b7:af:9f:c0:4b:56:3d:32:0d:65:a9:71:81:1a:44:91:e1:
         24:4b:d0:c9:9d:0e:87:23:39:ce:fa:7e:67:71:31:09:c0:d0:
         94:28:d1:e7:cb:9c:45:52:cb:70:4a:3c:a1:60:22:7b:83:95:
         46:ed:57:51:22:25:7b:28:b9:bd:a3:dc:9b:fe:34:3c:61:73:
         58:2f:b4:d1:b6:56:2d:8f:b3:5c:28:cc:f7:73:40:f3:81:29:
         01:f7:58:4d:83:cb:f7:8b:a4:93:48:fc:bd:46:34:9f:c2:c4:
         63:8e:2c:bc
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUXVh5X0L0Bguvrn6J33vDLb5KseswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUwMjEwMDAwMDAwWhcNMjUwMzE3MjM1OTU5
WjB6MUkwRwYDVQQFE0A1YjE2NTljOGNjYjRhYzcwZTZlNzc1YjljODIwMzA3ZWVm
Y2UyMWUwZjM3NjEzMTE4ODExYTNkNzkyODBkZjc3MS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDex67veBn/2DRFhx0/yYRiJPRBlz5DVegG6PDR+kvDx4v9
nGURO5XsLQyH2xZheW5hr5Eqh0H+qi0JL8XJi0afguYI8FktVRpHL/e/sL/aVDuD
JGa9YnC5MMvpNJBCuSl0p4k9F7tYyjHSfxBxsyxSCr5oByAvX3o4UpuvCtc8iDOf
xuGXXX+IOPIIZ46poiyIjm3DoQ/9tQTeGo4Iy/1Aa8rF7JjeO/MdH7BfdW2jWk5Q
kAu3BVzJ8u49Ftl3R4xvnGpM/85R/sZrVLMPLva261gZ94U3N/2AEn/6LM6x/+PN
95oYfi0nstbJ7nnsrPEQhpC2BwrOO9FxiyYT/KCXAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUrL5OLe0OP7Unttp/l3q+bzZD3HwwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiL2JhNjI5NGZkLTk0MWMtNDMxNi1hY2MwLWU0ZjczMjg2MmE0Yy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzABjkwDQYJKoZIhvcNAQELBQADggEBAFPun/Py+TjhU6XEDTAAhcpr
F+CxoMFgasibZEQGuaQ5SQ9vUwWpHYf/XxDZKHid/cDHILPsCLn2lhDnozEFMMh+
ciPd9ezsdIz8EtijRqVM3O4tLOVhfzf+yfGIOmsi0k6n1sQa6P3q7z0GiTvArQyM
dE/fSiMT+Dk720ucwgkecj95rCHss+Ebe/NxFkSb+VW3r5/AS1Y9Mg1lqXGBGkSR
4SRL0MmdDocjOc76fmdxMQnA0JQo0efLnEVSy3BKPKFgInuDlUbtV1EiJXsoub2j
3Jv+NDxhc1gvtNG2Vi2Ps1wozPdzQPOBKQH3WE2Dy/eLpJNI/L1GNJ/CxGOOLLw=
-----END CERTIFICATE-----
Generated at Sun Feb 16 06:37:53 2025 by rpki-client