Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/48a5c303-790e-4793-8605-635e3316bc86.roa
File:                     48a5c303-790e-4793-8605-635e3316bc86.roa (raw, json)
Hash identifier:          f9tCGQmuXO2mADbNmm1ac25ySZegzUkWb0od4JAmFec=
Subject key identifier:   40:93:3D:17:FE:95:B8:35:2A:23:04:68:5C:1D:13:51:D6:4D:9A:FE
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       0F45ED51D16054A8C1753BFBCF865005AA3BCBE8
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/48a5c303-790e-4793-8605-635e3316bc86.roa
Signing time:             Mon 27 Jan 2025 00:00:00 +0000
ROA not before:           Mon 27 Jan 2025 00:00:00 +0000
ROA not after:            Mon 03 Mar 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        54.160.0.0/13 maxlen: 13
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 07 Feb 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0f:45:ed:51:d1:60:54:a8:c1:75:3b:fb:cf:86:50:05:aa:3b:cb:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jan 27 00:00:00 2025 GMT
            Not After : Mar  3 23:59:59 2025 GMT
        Subject: CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:71:bf:b5:8d:2f:02:70:53:fb:14:c2:e9:5d:
                    13:fd:4e:7f:e7:bb:66:91:d6:42:b3:ca:54:de:ce:
                    84:9c:80:e4:8c:36:38:6e:ac:26:fe:8a:69:04:b4:
                    77:ae:45:37:4e:4c:a8:f1:74:b4:36:e2:6d:3e:7f:
                    d9:6d:67:64:fc:04:2a:02:72:ac:51:97:15:59:e7:
                    3d:a9:9e:7e:6d:cb:dc:71:f1:2f:44:23:2e:3c:c3:
                    86:cb:87:1f:cc:d7:a0:e2:ff:5b:ea:b9:48:01:c9:
                    f2:79:5f:ed:fc:52:42:eb:df:15:9f:43:22:46:cc:
                    ad:45:2d:7a:b7:bc:74:ab:43:96:72:9d:b0:ca:04:
                    6e:08:df:21:1e:04:22:28:eb:49:cb:79:67:76:ea:
                    fb:06:96:84:df:87:ac:58:28:52:c6:a2:37:7c:bf:
                    b5:c6:e7:5c:b4:1f:08:ca:7c:4f:24:9d:54:8f:ba:
                    1a:af:43:2d:69:0a:5b:62:7b:d7:e5:8e:15:53:53:
                    19:ea:71:db:1e:8e:0d:6f:97:6e:15:58:58:c7:9e:
                    31:05:bf:78:4d:a2:c8:29:09:29:9f:99:4d:94:dc:
                    77:6f:0d:60:23:62:e9:24:60:81:d2:a8:30:17:d9:
                    27:b8:0c:62:35:1b:5c:24:a9:a5:1b:6e:49:f5:9b:
                    e2:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:93:3D:17:FE:95:B8:35:2A:23:04:68:5C:1D:13:51:D6:4D:9A:FE
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/48a5c303-790e-4793-8605-635e3316bc86.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.160.0.0/13

    Signature Algorithm: sha256WithRSAEncryption
         0f:f5:bf:b4:35:0a:78:86:7f:7c:5a:fa:01:41:3e:28:2e:e5:
         23:ab:83:03:1d:63:34:60:e2:06:89:02:37:d4:03:54:7f:3e:
         64:13:7c:37:32:91:03:5c:e5:9c:01:3e:1b:ec:ea:37:d1:c7:
         b3:ab:0d:27:f3:fb:78:b4:ae:f7:17:c5:15:94:cc:e7:3a:11:
         12:eb:f6:be:36:9a:1e:58:a9:43:11:3b:a9:47:16:79:3b:b7:
         6b:41:55:65:ca:93:1f:e1:50:f2:34:b7:c3:13:53:48:eb:19:
         ce:0e:b7:71:37:65:32:ed:9d:bc:01:46:be:d6:78:dc:ba:78:
         c6:61:c9:59:11:5b:6f:87:23:ee:8f:d7:a4:5e:d6:f1:9e:e7:
         e0:b0:8c:96:5c:c7:4c:ef:be:22:14:d9:bd:a9:3c:4e:d4:6e:
         34:7b:b8:70:f3:c8:40:27:da:fc:28:71:f5:18:4d:96:9f:50:
         08:de:32:6b:0b:6c:a5:4c:3c:78:53:8f:66:8c:cc:c7:14:84:
         5e:95:28:eb:32:a1:26:32:ff:94:c7:f1:98:8a:36:ab:62:c6:
         f6:b6:11:83:0f:b4:11:9a:9c:74:21:70:83:f7:d1:dc:40:cf:
         70:cb:2e:f7:e8:e8:53:db:ec:f2:3e:41:ae:34:1e:8d:59:45:
         28:96:33:d5
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUD0XtUdFgVKjBdTv7z4ZQBao7y+gwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwMTI3MDAwMDAwWhcNMjUwMzAzMjM1OTU5
WjB6MUkwRwYDVQQFE0BlYmNjMWU5ZDYxMGQyNmQ0Y2RhNjhhNzk0MzBlMTRkNWY3
ZmEwY2ZiNGZlNjM5OGU0ZGVjYTIxYmFiYzFjYTFjMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCZcb+1jS8CcFP7FMLpXRP9Tn/nu2aR1kKzylTezoScgOSM
NjhurCb+imkEtHeuRTdOTKjxdLQ24m0+f9ltZ2T8BCoCcqxRlxVZ5z2pnn5ty9xx
8S9EIy48w4bLhx/M16Di/1vquUgByfJ5X+38UkLr3xWfQyJGzK1FLXq3vHSrQ5Zy
nbDKBG4I3yEeBCIo60nLeWd26vsGloTfh6xYKFLGojd8v7XG51y0HwjKfE8knVSP
uhqvQy1pCltie9fljhVTUxnqcdsejg1vl24VWFjHnjEFv3hNosgpCSmfmU2U3Hdv
DWAjYukkYIHSqDAX2Se4DGI1G1wkqaUbbkn1m+KlAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUQJM9F/6VuDUqIwRoXB0TUdZNmv4wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzQ4YTVjMzAzLTc5MGUtNDc5My04NjA1LTYzNWUzMzE2YmM4Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwM2oDANBgkqhkiG9w0BAQsFAAOCAQEAD/W/tDUKeIZ/fFr6AUE+KC7lI6uD
Ax1jNGDiBokCN9QDVH8+ZBN8NzKRA1zlnAE+G+zqN9HHs6sNJ/P7eLSu9xfFFZTM
5zoREuv2vjaaHlipQxE7qUcWeTu3a0FVZcqTH+FQ8jS3wxNTSOsZzg63cTdlMu2d
vAFGvtZ43Lp4xmHJWRFbb4cj7o/XpF7W8Z7n4LCMllzHTO++IhTZvak8TtRuNHu4
cPPIQCfa/Chx9RhNlp9QCN4yawtspUw8eFOPZozMxxSEXpUo6zKhJjL/lMfxmIo2
q2LG9rYRgw+0EZqcdCFwg/fR3EDPcMsu9+joU9vs8j5BrjQejVlFKJYz1Q==
-----END CERTIFICATE-----