Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/db0b227f-9958-4ebb-9f23-65cc24c5c799.roa
File:                     db0b227f-9958-4ebb-9f23-65cc24c5c799.roa (raw, json)
Hash identifier:          nsa60KIYAL9eIEw2VC62S2j5IxsXNjmdpeYY1q/qZw4=
Subject key identifier:   56:FC:B4:7B:E6:B3:C7:DA:05:F7:83:8F:FA:52:45:FB:2A:BC:33:6D
Certificate issuer:       /CN=0ee4583d84d9b4f0824cb80ba8fc1240b4794b515071e9751d
Certificate serial:       3C8D7C0DD76F7F77BBB295ECA9434A289D39F433
Authority key identifier: 7D:84:47:C4:97:8A:0B:4C:73:9B:EB:F6:92:E2:4C:75:DD:3F:BC:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b4e4fec5-3510-4017-90ef-8391412ecd6c/0ee4583d84d9b4f0824cb80ba8fc1240b4794b515071e9751d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/db0b227f-9958-4ebb-9f23-65cc24c5c799.roa
Signing time:             Fri 06 Jun 2025 00:20:31 +0000
ROA not before:           Fri 06 Jun 2025 00:20:31 +0000
ROA not after:            Fri 11 Jul 2025 23:59:59 +0000
asID:                     62785
IP address blocks:        172.96.96.0/20 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/2bTwgky4C6j8EkC0eUtRUHHpdR0.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/2bTwgky4C6j8EkC0eUtRUHHpdR0.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b4e4fec5-3510-4017-90ef-8391412ecd6c/0ee4583d84d9b4f0824cb80ba8fc1240b4794b515071e9751d.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b4e4fec5-3510-4017-90ef-8391412ecd6c/b4e4fec5-3510-4017-90ef-8391412ecd6c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b4e4fec5-3510-4017-90ef-8391412ecd6c/b4e4fec5-3510-4017-90ef-8391412ecd6c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b4e4fec5-3510-4017-90ef-8391412ecd6c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 08 Jun 2025 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3c:8d:7c:0d:d7:6f:7f:77:bb:b2:95:ec:a9:43:4a:28:9d:39:f4:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ee4583d84d9b4f0824cb80ba8fc1240b4794b515071e9751d
        Validity
            Not Before: Jun  6 00:20:31 2025 GMT
            Not After : Jul 11 23:59:59 2025 GMT
        Subject: serialNumber=1d077ae91c189d6ac33450b4dfa4eebcf0b8b843a3202e60eb3d2a661892c039, CN=b0dbbb6a-5472-4b68-ae4d-401518603039
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:90:5f:79:f3:65:48:04:9f:c3:cc:46:d8:c7:
                    33:c7:15:75:a7:dc:cb:97:2a:8d:ec:ab:78:46:44:
                    80:3b:d6:c4:6b:05:51:b2:bb:87:63:aa:da:5a:3c:
                    48:85:91:c8:8a:13:90:8e:e4:5f:7d:d2:af:17:55:
                    18:96:3f:8e:69:c6:10:b3:a3:0b:70:c7:7d:d1:93:
                    5d:58:a0:c4:99:0f:18:3f:06:b4:f2:fd:ab:27:5e:
                    c3:a4:b3:65:70:82:e6:68:29:21:fb:33:67:02:bf:
                    d2:9c:d0:a1:ae:f3:a5:86:29:5e:56:74:c5:07:6c:
                    08:2a:7e:58:0f:4e:be:fd:50:aa:86:cb:a8:90:4d:
                    b4:6b:4f:50:b9:18:07:ce:df:19:5f:7b:bf:be:7e:
                    bb:53:02:04:05:8c:1d:79:1d:00:a3:bc:1e:ec:ed:
                    b7:ea:0f:1d:c7:ac:34:41:99:3a:5e:69:86:02:31:
                    3f:85:1b:d9:5d:91:c0:c8:d7:6f:d8:07:e0:45:4c:
                    7a:01:aa:35:39:b5:32:ab:0b:6d:15:fd:94:8d:66:
                    93:52:0e:9b:fb:c9:62:9d:18:7e:0f:41:ee:1a:05:
                    73:9f:e7:e9:28:32:63:67:fe:66:01:64:db:e5:b2:
                    cf:c5:15:32:74:fa:3d:bc:1c:d5:da:a7:f4:40:a1:
                    6c:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:FC:B4:7B:E6:B3:C7:DA:05:F7:83:8F:FA:52:45:FB:2A:BC:33:6D
            X509v3 Authority Key Identifier:
                keyid:7D:84:47:C4:97:8A:0B:4C:73:9B:EB:F6:92:E2:4C:75:DD:3F:BC:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b4e4fec5-3510-4017-90ef-8391412ecd6c/0ee4583d84d9b4f0824cb80ba8fc1240b4794b515071e9751d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/db0b227f-9958-4ebb-9f23-65cc24c5c799.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/2bTwgky4C6j8EkC0eUtRUHHpdR0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  172.96.96.0/20

    Signature Algorithm: sha256WithRSAEncryption
         03:c7:2f:68:d9:6f:fd:34:c3:43:c9:6f:f3:d1:a0:6e:b8:d1:
         c3:6d:7a:60:29:d4:f5:03:30:ce:95:7c:ba:a5:05:93:61:9e:
         bd:86:35:ed:db:c5:0a:56:cd:51:f7:0f:30:a0:73:b6:57:e8:
         33:38:76:a2:de:04:a6:6b:62:c8:c5:d9:ff:51:82:a1:60:99:
         b5:11:95:68:75:2c:f7:f1:f6:93:92:67:d3:80:9d:4b:20:d9:
         93:2b:f1:b2:a0:ce:9a:fe:42:84:38:c3:bc:7a:0a:68:2b:1a:
         a0:5a:76:f0:bf:bd:e3:e1:bc:2b:ea:c3:55:33:4a:27:5a:ad:
         36:cc:ff:3c:cf:4c:c0:49:03:0f:72:cc:0e:0f:51:4b:05:fa:
         eb:05:ce:93:6b:8c:da:18:43:9f:bb:47:b8:52:1c:fe:c7:c3:
         cc:4c:02:89:f1:0b:11:d9:2c:b6:93:0a:9f:b3:e5:70:83:b5:
         35:9b:e0:c0:13:e6:8d:e5:88:68:ad:5e:8d:63:d7:c3:c0:bc:
         04:1f:3c:e9:36:49:45:00:65:81:20:6c:d3:15:67:85:1f:59:
         39:50:4a:c9:e4:9a:9f:b5:d9:6f:0c:89:66:a8:ab:2f:90:9d:
         3f:4b:20:82:65:81:3b:c6:7b:e9:8c:38:b6:a8:c0:b2:e6:cd:
         65:12:61:f1
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUPI18Dddvf3e7spXsqUNKKJ059DMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMGVlNDU4M2Q4NGQ5YjRmMDgyNGNiODBiYThmYzEyNDBi
NDc5NGI1MTUwNzFlOTc1MWQwHhcNMjUwNjA2MDAyMDMxWhcNMjUwNzExMjM1OTU5
WjB6MUkwRwYDVQQFE0AxZDA3N2FlOTFjMTg5ZDZhYzMzNDUwYjRkZmE0ZWViY2Yw
YjhiODQzYTMyMDJlNjBlYjNkMmE2NjE4OTJjMDM5MS0wKwYDVQQDEyRiMGRiYmI2
YS01NDcyLTRiNjgtYWU0ZC00MDE1MTg2MDMwMzkwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDKkF9582VIBJ/DzEbYxzPHFXWn3MuXKo3sq3hGRIA71sRr
BVGyu4djqtpaPEiFkciKE5CO5F990q8XVRiWP45pxhCzowtwx33Rk11YoMSZDxg/
BrTy/asnXsOks2VwguZoKSH7M2cCv9Kc0KGu86WGKV5WdMUHbAgqflgPTr79UKqG
y6iQTbRrT1C5GAfO3xlfe7++frtTAgQFjB15HQCjvB7s7bfqDx3HrDRBmTpeaYYC
MT+FG9ldkcDI12/YB+BFTHoBqjU5tTKrC20V/ZSNZpNSDpv7yWKdGH4PQe4aBXOf
5+koMmNn/mYBZNvlss/FFTJ0+j28HNXap/RAoWyNAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUVvy0e+azx9oF94OP+lJF+yq8M20wHwYDVR0jBBgwFoAUfYRHxJeKC0xz
m+v2kuJMdd0/vK4wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS9iNGU0ZmVjNS0z
NTEwLTQwMTctOTBlZi04MzkxNDEyZWNkNmMvMGVlNDU4M2Q4NGQ5YjRmMDgyNGNi
ODBiYThmYzEyNDBiNDc5NGI1MTUwNzFlOTc1MWQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZGZkN2Y2ZDMtZTZlOS00OTg3LTlhZTctZDA1
MmM1MzUzODk4L2RiMGIyMjdmLTk5NTgtNGViYi05ZjIzLTY1Y2MyNGM1Yzc5OS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2RmZDdmNmQzLWU2ZTktNDk4Ny05YWU3
LWQwNTJjNTM1Mzg5OC8yYlR3Z2t5NEM2ajhFa0MwZVV0UlVISHBkUjAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBASsYGAwDQYJKoZIhvcNAQELBQADggEBAAPHL2jZb/00w0PJb/PRoG640cNt
emAp1PUDMM6VfLqlBZNhnr2GNe3bxQpWzVH3DzCgc7ZX6DM4dqLeBKZrYsjF2f9R
gqFgmbURlWh1LPfx9pOSZ9OAnUsg2ZMr8bKgzpr+QoQ4w7x6CmgrGqBadvC/vePh
vCvqw1UzSidarTbM/zzPTMBJAw9yzA4PUUsF+usFzpNrjNoYQ5+7R7hSHP7Hw8xM
AonxCxHZLLaTCp+z5XCDtTWb4MAT5o3liGitXo1j18PAvAQfPOk2SUUAZYEgbNMV
Z4UfWTlQSsnkmp+12W8MiWaoqy+QnT9LIIJlgTvGe+mMOLaowLLmzWUSYfE=
-----END CERTIFICATE-----