Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/2c7618fa-8c2c-44d2-a193-ec13ad938a49.roa
File:                     2c7618fa-8c2c-44d2-a193-ec13ad938a49.roa (raw, json)
Hash identifier:          TyxjILst1LSB0fla2wTx6FMsKRzc9wHJFryN3GTo6q0=
Subject key identifier:   2D:30:A7:9A:2F:68:5B:8A:90:A9:07:94:B0:36:46:3A:CE:00:46:3A
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       695B764DD406425CFC10D7C42E7EF51A52DDFFB4
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/2c7618fa-8c2c-44d2-a193-ec13ad938a49.roa
Signing time:             Wed 05 Mar 2025 00:51:00 +0000
ROA not before:           Wed 05 Mar 2025 00:51:00 +0000
ROA not after:            Wed 09 Apr 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        15.162.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 15 Mar 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            69:5b:76:4d:d4:06:42:5c:fc:10:d7:c4:2e:7e:f5:1a:52:dd:ff:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Mar  5 00:51:00 2025 GMT
            Not After : Apr  9 23:59:59 2025 GMT
        Subject: CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:7b:ca:21:55:57:cd:d1:e0:76:a7:56:db:76:
                    14:29:0a:68:86:69:b6:d1:7b:8e:3c:44:8d:17:0d:
                    cc:ea:c3:85:0a:a3:c3:76:f4:ab:42:ff:fe:ee:b3:
                    cc:1d:82:de:00:9a:c2:2f:22:ad:f6:27:aa:00:84:
                    b7:1e:b0:bb:75:68:89:de:7a:b3:8e:e9:5f:15:f5:
                    82:87:b0:ce:2d:85:7f:45:8d:5a:8d:5e:46:4e:dc:
                    f7:6a:c3:99:57:9f:56:08:fa:95:b0:67:3a:f0:fb:
                    9c:3e:b5:8c:2c:84:0c:8f:71:26:c9:79:3a:cb:81:
                    71:c0:9d:8b:67:cc:e3:2e:a1:50:a7:61:0f:28:85:
                    42:d9:5d:e5:8f:02:18:09:04:ea:c5:20:b6:d7:d8:
                    77:83:ca:b5:01:3c:58:ca:1e:51:24:c5:ce:b6:aa:
                    f9:89:dd:b2:8b:48:d4:19:d1:14:54:7f:10:cd:8a:
                    85:8c:55:ed:c5:bd:25:94:dc:29:4a:ca:e5:bf:1b:
                    4e:a7:56:f1:8d:61:18:38:f6:07:fe:b1:03:5d:51:
                    11:4d:2e:cb:e9:e3:0c:64:b6:78:0d:b2:6c:44:b2:
                    82:02:ed:50:20:0a:84:2e:72:6b:cd:72:8e:36:3f:
                    84:98:36:f1:7b:a6:69:d9:e9:ea:c1:84:79:bc:f2:
                    04:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:30:A7:9A:2F:68:5B:8A:90:A9:07:94:B0:36:46:3A:CE:00:46:3A
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/2c7618fa-8c2c-44d2-a193-ec13ad938a49.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  15.162.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         3d:17:31:11:6f:af:ff:47:6f:17:b2:15:3c:19:f4:ff:dd:f1:
         17:86:5a:75:44:e6:f1:06:5a:61:cb:21:1e:b1:f8:8e:73:d3:
         41:81:e7:eb:06:1f:64:e8:ec:ab:c4:e4:5d:0a:76:25:2b:23:
         ac:cd:c5:3e:31:99:45:b8:40:70:82:e6:a5:ef:46:83:d0:f9:
         0e:8f:e0:a0:7d:48:b8:0b:58:f8:31:c6:8f:7f:2e:7e:7d:b5:
         69:52:f5:8d:29:08:0d:08:db:d0:b6:ec:99:eb:a5:f9:8b:80:
         ee:da:7b:a1:f0:72:86:ad:26:23:fe:5f:a7:4c:12:3b:96:f6:
         9e:3f:6a:e2:09:70:14:fc:2e:70:39:cc:89:a9:f6:d7:c5:76:
         08:83:28:95:91:1d:6f:32:75:1d:72:e9:77:d0:18:02:b7:1f:
         7f:92:3f:2f:0a:02:2f:d8:e9:45:62:f7:80:f7:41:f3:27:ca:
         6f:04:c6:48:0b:68:10:ba:2d:06:36:38:7a:be:7b:b3:a9:28:
         b0:84:f3:8f:49:21:74:0f:97:63:22:51:b2:8b:72:ce:57:e6:
         5a:bd:f0:73:76:5d:97:66:6c:d4:95:cd:37:e3:9c:11:18:6c:
         0d:50:26:93:c3:17:5f:c8:96:37:01:6a:6e:62:98:67:b0:c4:
         fe:80:0d:73
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUaVt2TdQGQlz8ENfELn71GlLd/7QwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwMzA1MDA1MTAwWhcNMjUwNDA5MjM1OTU5
WjB6MUkwRwYDVQQFE0BjYmFlZDI1MWYxMTliMzE1NTlkMGFkM2RmMmZhMGM0OGYw
NmNkZWFmNjhjY2UyZTAzYTdjZTk3Mjg2YzljYzljMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC0e8ohVVfN0eB2p1bbdhQpCmiGabbRe448RI0XDczqw4UK
o8N29KtC//7us8wdgt4AmsIvIq32J6oAhLcesLt1aIneerOO6V8V9YKHsM4thX9F
jVqNXkZO3Pdqw5lXn1YI+pWwZzrw+5w+tYwshAyPcSbJeTrLgXHAnYtnzOMuoVCn
YQ8ohULZXeWPAhgJBOrFILbX2HeDyrUBPFjKHlEkxc62qvmJ3bKLSNQZ0RRUfxDN
ioWMVe3FvSWU3ClKyuW/G06nVvGNYRg49gf+sQNdURFNLsvp4wxktngNsmxEsoIC
7VAgCoQucmvNco42P4SYNvF7pmnZ6erBhHm88gQvAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQULTCnmi9oW4qQqQeUsDZGOs4ARjowHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzJjNzYxOGZhLThjMmMtNDRkMi1hMTkzLWVjMTNhZDkzOGE0OS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAPojANBgkqhkiG9w0BAQsFAAOCAQEAPRcxEW+v/0dvF7IVPBn0/93xF4Za
dUTm8QZaYcshHrH4jnPTQYHn6wYfZOjsq8TkXQp2JSsjrM3FPjGZRbhAcILmpe9G
g9D5Do/goH1IuAtY+DHGj38ufn21aVL1jSkIDQjb0Lbsmeul+YuA7tp7ofByhq0m
I/5fp0wSO5b2nj9q4glwFPwucDnMian218V2CIMolZEdbzJ1HXLpd9AYArcff5I/
LwoCL9jpRWL3gPdB8yfKbwTGSAtoELotBjY4er57s6kosITzj0khdA+XYyJRsoty
zlfmWr3wc3Zdl2Zs1JXNN+OcERhsDVAmk8MXX8iWNwFqbmKYZ7DE/oANcw==
-----END CERTIFICATE-----