Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/503e4ea6-1eb7-413e-af4f-6643fc009258.roa
File:                     503e4ea6-1eb7-413e-af4f-6643fc009258.roa (raw, json)
Hash identifier:          USlXn8F4/qAeM2pzEvJ6RVv4rErFahbf/mv4kxVl/S0=
Subject key identifier:   83:01:C5:5C:CE:52:97:C2:B4:5D:DF:29:30:51:73:EA:F3:A6:D3:C7
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       47E799A617B425EA77C57F097820508A695FC55B
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/503e4ea6-1eb7-413e-af4f-6643fc009258.roa
Signing time:             Fri 07 Feb 2025 00:00:00 +0000
ROA not before:           Fri 07 Feb 2025 00:00:00 +0000
ROA not after:            Fri 14 Mar 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        18.46.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 17 Feb 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            47:e7:99:a6:17:b4:25:ea:77:c5:7f:09:78:20:50:8a:69:5f:c5:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Feb  7 00:00:00 2025 GMT
            Not After : Mar 14 23:59:59 2025 GMT
        Subject: CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fa:60:66:f6:18:79:90:77:3f:6f:99:60:cc:86:
                    ff:4d:72:02:d5:76:de:53:93:1f:f9:e1:7d:00:d2:
                    dc:00:5d:4e:a1:dd:04:23:d8:11:f3:8b:9b:1a:f3:
                    8a:e9:fd:f4:13:71:4e:58:5f:12:02:b9:2d:f6:cd:
                    a3:31:c0:5c:76:36:58:69:a1:be:1c:a4:7a:a0:03:
                    f7:e1:bc:f7:be:92:d2:d6:93:14:51:93:8a:fc:3b:
                    5e:64:75:cc:9d:f4:82:1c:fe:4a:28:55:1e:0d:ad:
                    55:ff:a4:f7:f5:7a:15:2f:0e:c1:56:d7:58:9f:3e:
                    ed:25:29:1d:60:bf:98:5d:5f:53:88:15:a0:c2:46:
                    c0:5b:88:ee:cb:0a:5a:27:9b:af:00:2c:48:76:d0:
                    8f:81:c2:d8:28:d6:d8:40:52:04:12:cb:e1:79:2f:
                    9b:ac:a4:8a:04:6d:e8:39:d1:84:01:a0:13:95:99:
                    a3:ff:87:08:82:95:f7:8e:14:86:69:4f:86:b2:2b:
                    ab:b4:a7:c4:cb:22:af:95:d7:7a:1c:61:95:c8:3c:
                    26:b3:21:17:23:a6:25:19:32:d4:70:b9:fb:8c:da:
                    db:b3:0e:53:95:02:2e:15:2f:89:5a:c5:6d:b8:97:
                    b3:3c:68:fd:de:d9:6e:da:81:ea:10:f4:bf:4a:f3:
                    c5:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:01:C5:5C:CE:52:97:C2:B4:5D:DF:29:30:51:73:EA:F3:A6:D3:C7
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/503e4ea6-1eb7-413e-af4f-6643fc009258.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  18.46.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         2f:fb:82:a8:e6:06:0c:a3:cd:31:3e:36:0e:6e:9c:61:a7:ad:
         c9:a7:12:05:71:38:53:58:f6:3d:c1:3c:a5:d0:18:28:19:54:
         75:db:db:5a:03:eb:2b:65:f1:84:92:86:ed:e7:b9:19:07:b7:
         f5:a7:c1:51:7f:4c:0e:50:48:59:c3:bc:2f:90:17:49:64:d7:
         20:e2:56:a3:d5:5e:27:f1:1f:dd:76:87:ff:09:2c:1d:fb:8b:
         49:6f:65:1a:86:0a:89:c3:58:c4:37:cb:f3:db:2d:3f:59:04:
         14:76:51:16:7f:85:2f:76:11:f7:de:6a:fb:92:28:ee:50:20:
         55:16:3c:91:ed:2a:27:fe:ee:77:35:c9:df:ea:40:de:2c:93:
         0f:e0:c4:89:3d:6e:c9:12:bd:a5:2e:7c:1f:ef:d5:f1:33:2a:
         08:b4:06:dc:55:20:72:7c:00:03:da:da:0a:1d:0b:4c:94:c0:
         ed:99:64:39:ac:eb:c6:e3:01:bc:56:0b:48:5c:01:0a:39:d6:
         3e:25:88:4b:c2:50:8d:19:6f:0a:ea:3f:1c:68:2b:01:e2:2b:
         17:90:44:61:ff:f0:0e:90:9d:76:e4:bc:30:43:1d:10:24:76:
         1d:b3:4c:0b:24:78:9c:34:f4:2e:ba:f5:c2:f2:f3:3c:53:35:
         82:5e:38:14
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUR+eZphe0Jep3xX8JeCBQimlfxVswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwMjA3MDAwMDAwWhcNMjUwMzE0MjM1OTU5
WjB6MUkwRwYDVQQFE0AyNDE0MWQ0NzAyZjViYTk4NjcxNzg5ZGRmODk4MTgyY2M0
ZTY5NjIwNjAxZTY3N2I2ZGJjNDQ5OTU1ZGYwMDY5MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQD6YGb2GHmQdz9vmWDMhv9NcgLVdt5Tkx/54X0A0twAXU6h
3QQj2BHzi5sa84rp/fQTcU5YXxICuS32zaMxwFx2Nlhpob4cpHqgA/fhvPe+ktLW
kxRRk4r8O15kdcyd9IIc/kooVR4NrVX/pPf1ehUvDsFW11ifPu0lKR1gv5hdX1OI
FaDCRsBbiO7LClonm68ALEh20I+Bwtgo1thAUgQSy+F5L5uspIoEbeg50YQBoBOV
maP/hwiClfeOFIZpT4ayK6u0p8TLIq+V13ocYZXIPCazIRcjpiUZMtRwufuM2tuz
DlOVAi4VL4laxW24l7M8aP3e2W7ageoQ9L9K88W9AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUgwHFXM5Sl8K0Xd8pMFFz6vOm08cwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzUwM2U0ZWE2LTFlYjctNDEzZS1hZjRmLTY2NDNmYzAwOTI1OC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwASLjANBgkqhkiG9w0BAQsFAAOCAQEAL/uCqOYGDKPNMT42Dm6cYaetyacS
BXE4U1j2PcE8pdAYKBlUddvbWgPrK2XxhJKG7ee5GQe39afBUX9MDlBIWcO8L5AX
SWTXIOJWo9VeJ/Ef3XaH/wksHfuLSW9lGoYKicNYxDfL89stP1kEFHZRFn+FL3YR
995q+5Io7lAgVRY8ke0qJ/7udzXJ3+pA3iyTD+DEiT1uyRK9pS58H+/V8TMqCLQG
3FUgcnwAA9raCh0LTJTA7ZlkOazrxuMBvFYLSFwBCjnWPiWIS8JQjRlvCuo/HGgr
AeIrF5BEYf/wDpCdduS8MEMdECR2HbNMCyR4nDT0Lrr1wvLzPFM1gl44FA==
-----END CERTIFICATE-----