Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/dd6f8923-ba0b-407d-a9e8-8c832583a0dd.roa
File:                     dd6f8923-ba0b-407d-a9e8-8c832583a0dd.roa (raw, json)
Hash identifier:          7oDfaozah1BHSTt09oVJ25mignioJBC7FhcfZSbo8p0=
Subject key identifier:   97:B3:32:10:AA:54:86:19:66:AE:67:FA:73:B1:08:94:9B:53:2A:79
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       49662A6F5ED24AD675C5141215FCB242DC256FA8
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/dd6f8923-ba0b-407d-a9e8-8c832583a0dd.roa
Signing time:             Wed 20 Sep 2023 00:00:00 +0000
ROA not before:           Wed 20 Sep 2023 00:00:00 +0000
ROA not after:            Wed 25 Oct 2023 23:59:59 +0000
asID:                     16509
IP address blocks:        2605:9cc0:544::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 21 Sep 2023 12:00:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            49:66:2a:6f:5e:d2:4a:d6:75:c5:14:12:15:fc:b2:42:dc:25:6f:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Sep 20 00:00:00 2023 GMT
            Not After : Oct 25 23:59:59 2023 GMT
        Subject: serialNumber=ea4ce9e870f75ef48b52944d28535f3afe4532e91d96f42cb3b59d391f80ef77, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:0a:a1:03:04:84:61:2d:d9:a2:f8:34:83:1b:
                    b3:95:15:a0:1a:f8:91:79:fb:cb:67:78:68:9d:58:
                    97:18:f9:78:26:a0:fe:db:0d:18:5c:fb:15:4c:69:
                    90:f7:40:11:8a:98:93:97:47:55:4d:63:9a:8d:68:
                    08:29:dc:03:f4:33:cf:6a:0b:1f:56:ff:06:64:ac:
                    ef:6f:7d:70:8e:0b:24:4d:e1:8d:2f:25:29:b8:af:
                    08:66:98:44:24:b5:15:c9:85:e6:22:e6:4d:e2:73:
                    f0:da:84:88:7b:69:de:cd:b2:68:23:43:81:53:1e:
                    c1:c9:7e:d1:74:55:b0:5c:0b:d2:75:95:34:07:41:
                    c5:28:6f:08:ff:2d:4d:c5:aa:91:56:a6:bc:b8:64:
                    65:59:f3:13:9b:1a:0a:bb:8d:82:a3:9c:40:6e:db:
                    78:23:78:3c:6a:6f:52:3a:3d:7d:f9:72:f7:26:7f:
                    fa:1f:ff:a4:ea:12:84:c8:99:88:e3:70:d6:86:f3:
                    23:fe:36:27:85:96:df:66:91:bd:82:4a:9b:2d:df:
                    be:32:ef:7f:14:96:0a:74:79:80:45:14:cb:08:2d:
                    1d:0f:a2:e7:ef:3f:d8:d1:76:8c:b8:50:d5:c1:69:
                    fe:38:b9:a6:d2:96:31:f3:e1:f3:7a:cc:35:d8:39:
                    a3:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:B3:32:10:AA:54:86:19:66:AE:67:FA:73:B1:08:94:9B:53:2A:79
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/dd6f8923-ba0b-407d-a9e8-8c832583a0dd.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:544::/48

    Signature Algorithm: sha256WithRSAEncryption
         7f:7c:de:7a:96:52:34:7b:57:f3:d3:02:a2:cf:ff:5f:e6:26:
         f7:33:98:68:2b:28:55:52:41:3c:e1:38:cd:93:e6:43:3c:67:
         cf:77:70:45:40:d5:e2:03:86:79:4d:f1:90:74:35:50:1b:dc:
         59:0a:3d:ef:f1:ce:54:f7:11:bd:4d:04:3c:7a:bf:1e:34:1c:
         22:a9:38:2a:8b:d0:6f:87:38:50:68:61:3e:fa:2c:93:2e:fa:
         64:1e:56:b2:53:fa:69:b1:ac:66:dc:ed:be:03:d9:c7:da:f2:
         dc:e7:13:e0:5f:1e:9d:98:88:a8:2e:33:9a:7d:c9:21:fc:19:
         0b:9a:e8:42:d8:b2:44:c3:a9:18:c6:fe:a1:80:84:90:67:6d:
         a9:dd:4c:4a:79:de:d3:4e:02:66:d3:18:5d:9c:94:ae:f1:23:
         82:cf:f9:28:c8:25:92:d3:68:57:44:80:09:fc:5b:73:15:dd:
         68:97:94:cc:b6:03:23:aa:dc:df:a7:92:d5:b3:65:b2:a5:ec:
         a4:92:b5:b1:5e:a2:49:7e:86:03:e3:24:08:c5:e1:37:67:e0:
         d9:55:13:3f:c3:6c:d6:b8:f2:82:89:48:47:56:eb:7f:0f:e6:
         c4:ab:ca:a3:d5:9b:49:9e:54:70:cd:c2:9c:e7:40:d1:e4:e9:
         9f:40:37:4c
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUSWYqb17SStZ1xRQSFfyyQtwlb6gwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjMwOTIwMDAwMDAwWhcNMjMxMDI1MjM1OTU5
WjB6MUkwRwYDVQQFE0BlYTRjZTllODcwZjc1ZWY0OGI1Mjk0NGQyODUzNWYzYWZl
NDUzMmU5MWQ5NmY0MmNiM2I1OWQzOTFmODBlZjc3MS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDMCqEDBIRhLdmi+DSDG7OVFaAa+JF5+8tneGidWJcY+Xgm
oP7bDRhc+xVMaZD3QBGKmJOXR1VNY5qNaAgp3AP0M89qCx9W/wZkrO9vfXCOCyRN
4Y0vJSm4rwhmmEQktRXJheYi5k3ic/DahIh7ad7NsmgjQ4FTHsHJftF0VbBcC9J1
lTQHQcUobwj/LU3FqpFWpry4ZGVZ8xObGgq7jYKjnEBu23gjeDxqb1I6PX35cvcm
f/of/6TqEoTImYjjcNaG8yP+NieFlt9mkb2CSpst374y738Ulgp0eYBFFMsILR0P
oufvP9jRdoy4UNXBaf44uabSljHz4fN6zDXYOaM9AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUl7MyEKpUhhlmrmf6c7EIlJtTKnkwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiL2RkNmY4OTIzLWJhMGItNDA3ZC1hOWU4LThjODMyNTgzYTBkZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzABUQwDQYJKoZIhvcNAQELBQADggEBAH983nqWUjR7V/PTAqLP/1/m
JvczmGgrKFVSQTzhOM2T5kM8Z893cEVA1eIDhnlN8ZB0NVAb3FkKPe/xzlT3Eb1N
BDx6vx40HCKpOCqL0G+HOFBoYT76LJMu+mQeVrJT+mmxrGbc7b4D2cfa8tznE+Bf
Hp2YiKguM5p9ySH8GQua6ELYskTDqRjG/qGAhJBnbandTEp53tNOAmbTGF2clK7x
I4LP+SjIJZLTaFdEgAn8W3MV3WiXlMy2AyOq3N+nktWzZbKl7KSStbFeokl+hgPj
JAjF4Tdn4NlVEz/DbNa48oKJSEdW638P5sSryqPVm0meVHDNwpznQNHk6Z9AN0w=
-----END CERTIFICATE-----