Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/5683d730-34d6-4d4f-a456-3ae7c5f3e5ab.roa
File:                     5683d730-34d6-4d4f-a456-3ae7c5f3e5ab.roa (raw, json)
Hash identifier:          3G1e12+i7rRFZ2/JBf6pwaa2Vd0D+6mac3id1kSNzlk=
Subject key identifier:   2A:C2:4B:23:F9:34:59:37:20:10:1C:87:4D:82:8A:A4:94:C3:9B:2C
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       53EB570E24A11C8B2F2E5F6F72786727CDD9B1DE
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/5683d730-34d6-4d4f-a456-3ae7c5f3e5ab.roa
Signing time:             Fri 09 May 2025 00:41:50 +0000
ROA not before:           Fri 09 May 2025 00:41:50 +0000
ROA not after:            Fri 13 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        18.61.120.0/22 maxlen: 22
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 10 May 2025 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            53:eb:57:0e:24:a1:1c:8b:2f:2e:5f:6f:72:78:67:27:cd:d9:b1:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May  9 00:41:50 2025 GMT
            Not After : Jun 13 23:59:59 2025 GMT
        Subject: serialNumber=8a0c5aae4ec87dc7df1f9cd08cae2f51179a1c56c4dfdd8fe2505bc89cf77205, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:93:e8:d4:2d:64:be:10:b9:ba:5b:5f:fa:f0:
                    a3:ff:62:29:ba:36:52:bc:01:70:87:d8:81:c3:3c:
                    b8:fb:50:d6:9f:23:4e:d0:17:36:35:52:eb:32:17:
                    f8:57:d3:42:8f:9b:e9:67:6e:b0:75:f6:9c:15:d1:
                    b6:f9:1a:27:5e:ce:8a:5c:64:e3:fc:ca:13:e0:db:
                    a8:cc:e0:2f:7c:97:42:5c:21:69:92:d8:19:34:ff:
                    03:cf:6e:11:fe:94:47:4e:d2:18:95:5f:3e:ca:fa:
                    fa:4e:90:5b:2c:b1:49:96:aa:96:a9:23:2f:8e:17:
                    c5:15:72:48:00:b5:da:47:93:21:2f:47:79:29:05:
                    bf:75:9a:1c:4c:fa:88:d0:44:4b:8e:03:ba:95:1b:
                    72:28:4d:68:c2:48:dd:63:2a:9a:8d:42:81:c7:c9:
                    98:41:8c:dc:24:44:73:b6:4e:18:69:fe:fc:24:2c:
                    e0:52:87:7e:53:59:ff:d3:d3:6a:ba:f7:79:f6:4a:
                    3d:77:dd:91:c1:a1:5c:8a:03:92:a1:ed:d6:64:d3:
                    8b:06:4a:aa:63:44:2a:13:26:d6:3e:af:3c:f3:db:
                    49:b1:be:5a:c0:ac:35:6c:d0:07:a5:52:33:7e:1f:
                    f0:75:56:e5:0c:46:bc:d4:d5:f2:0d:0c:48:27:d2:
                    65:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:C2:4B:23:F9:34:59:37:20:10:1C:87:4D:82:8A:A4:94:C3:9B:2C
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/5683d730-34d6-4d4f-a456-3ae7c5f3e5ab.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  18.61.120.0/22

    Signature Algorithm: sha256WithRSAEncryption
         0d:fe:76:a8:49:dc:8a:c5:fb:be:5a:36:e7:28:ff:e3:43:0d:
         f8:2b:04:73:ba:2c:1d:48:44:ca:9e:66:95:e7:e0:fa:0a:3b:
         a2:da:a7:ec:1d:cb:86:be:06:f3:e5:f5:a2:a2:79:b5:c5:79:
         5e:63:d3:84:86:a7:43:1f:6e:fb:db:6a:0d:0e:73:46:a9:b4:
         4c:b1:80:d5:3e:ce:1f:c5:8b:48:ce:b5:95:ac:e0:e4:b0:ed:
         38:e6:2b:f8:94:dc:50:b2:9e:be:53:c2:9a:26:97:3f:01:32:
         eb:96:cf:89:43:f9:4f:54:8b:0c:b3:80:a6:b5:68:61:bc:b7:
         0c:81:4a:f1:4a:2f:2c:ea:a2:e6:4c:46:29:21:21:1e:5e:2b:
         02:3e:d9:f3:a3:a3:8b:98:6a:4f:3a:ff:03:79:4d:e2:90:d7:
         21:e2:91:82:c0:b7:80:e2:d0:e3:6c:33:99:26:3c:b0:8b:9a:
         9f:26:62:0b:ac:2d:8b:d5:d3:ad:58:86:99:cc:ba:57:99:13:
         27:22:bf:2d:51:e8:f8:e8:f4:28:4b:6c:58:8c:2b:b3:a4:ca:
         ad:51:a8:9c:d9:47:8e:fd:3d:aa:99:67:77:f5:2d:9f:e8:8e:
         79:b4:ae:01:21:be:ad:4a:82:0e:ab:4c:8f:50:42:00:2c:1f:
         10:ae:fd:28
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUU+tXDiShHIsvLl9vcnhnJ83Zsd4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNTA5MDA0MTUwWhcNMjUwNjEzMjM1OTU5
WjB6MUkwRwYDVQQFE0A4YTBjNWFhZTRlYzg3ZGM3ZGYxZjljZDA4Y2FlMmY1MTE3
OWExYzU2YzRkZmRkOGZlMjUwNWJjODljZjc3MjA1MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCtk+jULWS+ELm6W1/68KP/Yim6NlK8AXCH2IHDPLj7UNaf
I07QFzY1UusyF/hX00KPm+lnbrB19pwV0bb5GidezopcZOP8yhPg26jM4C98l0Jc
IWmS2Bk0/wPPbhH+lEdO0hiVXz7K+vpOkFsssUmWqpapIy+OF8UVckgAtdpHkyEv
R3kpBb91mhxM+ojQREuOA7qVG3IoTWjCSN1jKpqNQoHHyZhBjNwkRHO2Thhp/vwk
LOBSh35TWf/T02q693n2Sj133ZHBoVyKA5Kh7dZk04sGSqpjRCoTJtY+rzzz20mx
vlrArDVs0AelUjN+H/B1VuUMRrzU1fINDEgn0mWzAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUKsJLI/k0WTcgEByHTYKKpJTDmywwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzU2ODNkNzMwLTM0ZDYtNGQ0Zi1hNDU2LTNhZTdjNWYzZTVhYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAISPXgwDQYJKoZIhvcNAQELBQADggEBAA3+dqhJ3IrF+75aNuco/+NDDfgr
BHO6LB1IRMqeZpXn4PoKO6Lap+wdy4a+BvPl9aKiebXFeV5j04SGp0Mfbvvbag0O
c0aptEyxgNU+zh/Fi0jOtZWs4OSw7TjmK/iU3FCynr5Twpomlz8BMuuWz4lD+U9U
iwyzgKa1aGG8twyBSvFKLyzqouZMRikhIR5eKwI+2fOjo4uYak86/wN5TeKQ1yHi
kYLAt4Di0ONsM5kmPLCLmp8mYgusLYvV061YhpnMuleZEycivy1R6Pjo9ChLbFiM
K7Okyq1RqJzZR479PaqZZ3f1LZ/ojnm0rgEhvq1Kgg6rTI9QQgAsHxCu/Sg=
-----END CERTIFICATE-----