Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/5d3c2c57-431d-4beb-a017-c45ae96853be.roa
File:                     5d3c2c57-431d-4beb-a017-c45ae96853be.roa (raw, json)
Hash identifier:          G6FPlLm2oeGo7J/YXuLjXDgrQDTR2TfBHvUfWrNiVJI=
Subject key identifier:   07:02:2E:75:8C:37:D5:40:3C:6D:A1:9C:B8:01:EA:02:EB:32:B9:7E
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       79B77C5D92D41464285746E3C7F3B65387D6A81E
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/5d3c2c57-431d-4beb-a017-c45ae96853be.roa
Signing time:             Mon 10 Feb 2025 00:00:00 +0000
ROA not before:           Mon 10 Feb 2025 00:00:00 +0000
ROA not after:            Mon 17 Mar 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        54.182.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 17 Feb 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            79:b7:7c:5d:92:d4:14:64:28:57:46:e3:c7:f3:b6:53:87:d6:a8:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Feb 10 00:00:00 2025 GMT
            Not After : Mar 17 23:59:59 2025 GMT
        Subject: CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:14:a7:f2:38:4d:15:ad:19:ad:4f:da:70:fb:
                    80:b1:f0:b1:a8:0d:18:5e:8d:04:1f:63:55:1f:fb:
                    b0:c7:89:e2:95:2e:c3:5f:ce:15:38:18:37:98:e0:
                    d3:76:03:c9:9b:4d:e4:b2:be:08:05:94:33:23:f7:
                    11:21:4b:26:6a:9e:78:24:aa:0e:a1:9b:c6:58:49:
                    20:f1:d7:7d:48:aa:82:8f:a2:b5:d7:27:c1:bf:36:
                    4c:cb:70:cc:90:49:34:4b:0c:19:86:a7:3a:9c:61:
                    5b:f7:12:3c:32:3f:29:83:50:b3:19:61:ef:be:54:
                    39:0b:eb:4e:0b:4f:c1:63:d6:ca:80:d3:1c:31:1f:
                    22:c3:88:9b:99:09:e6:9f:42:93:42:81:65:28:70:
                    92:d0:02:22:58:68:4c:73:d4:54:8e:45:93:21:6b:
                    c9:11:a1:8d:5b:e7:e3:bc:d4:25:f5:a1:65:1c:22:
                    04:ef:1c:30:a7:1a:24:e9:f8:d0:f6:c2:4e:34:ec:
                    d3:cc:54:72:2d:9a:f1:af:36:9a:c6:2d:89:d0:06:
                    0a:6a:99:dd:22:f3:68:f8:a3:1a:2c:32:b8:b1:9d:
                    01:53:0b:01:50:ec:5c:01:69:b5:4d:2f:60:6c:8b:
                    1c:04:49:31:74:c9:70:b9:6d:5e:03:a3:66:8a:82:
                    46:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:02:2E:75:8C:37:D5:40:3C:6D:A1:9C:B8:01:EA:02:EB:32:B9:7E
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/5d3c2c57-431d-4beb-a017-c45ae96853be.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.182.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         1e:f9:4e:ad:92:36:28:f0:85:11:56:a6:61:f6:75:fd:96:3c:
         8a:50:d8:eb:e4:93:ad:ce:ab:83:96:60:10:65:ef:68:97:f3:
         af:1c:65:8d:98:9b:91:3b:6a:30:a4:d5:3c:d1:07:27:51:f0:
         b4:e0:b9:3e:3f:ad:b7:49:9b:89:31:0a:71:a0:0f:f7:b6:69:
         22:e6:38:db:f2:7a:62:0c:f5:c6:3e:d3:59:8d:3e:e0:d6:bf:
         b9:0f:63:87:77:bc:5d:f5:69:46:34:3e:a5:7e:41:0a:e2:a8:
         76:9b:04:90:e1:e6:1b:d7:79:97:a1:99:85:82:11:ee:36:87:
         97:e4:28:43:77:f0:ea:99:22:a5:a1:19:2c:a6:4f:91:d0:f4:
         2d:9f:61:9e:27:83:58:eb:a5:7a:0c:de:34:21:be:04:24:de:
         c5:81:af:91:6b:08:30:61:64:8f:b2:f8:f4:f0:e8:d1:b3:f7:
         c8:bd:0e:ab:be:34:40:c8:e9:b1:0a:dc:f2:b5:8a:12:a6:41:
         f0:ad:b0:bc:2f:bd:44:da:4d:41:f9:1c:2a:b9:7b:e9:e8:42:
         f4:58:4a:51:7d:8e:0b:f0:82:78:81:a2:4d:f2:15:5c:fd:e0:
         64:ca:87:c8:ff:82:38:60:3f:ed:9b:f9:11:e1:cd:40:b5:00:
         34:21:fd:4a
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUebd8XZLUFGQoV0bjx/O2U4fWqB4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwMjEwMDAwMDAwWhcNMjUwMzE3MjM1OTU5
WjB6MUkwRwYDVQQFE0A4NzY2MTE5YTJhZTJhZjVhZTE4ZTZhODU2NGNjY2NlMzlj
NjUxZjMxYjBkYWNhMTZjYzFmMDk1OTJhM2ZmMWY4MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCnFKfyOE0VrRmtT9pw+4Cx8LGoDRhejQQfY1Uf+7DHieKV
LsNfzhU4GDeY4NN2A8mbTeSyvggFlDMj9xEhSyZqnngkqg6hm8ZYSSDx131IqoKP
orXXJ8G/NkzLcMyQSTRLDBmGpzqcYVv3EjwyPymDULMZYe++VDkL604LT8Fj1sqA
0xwxHyLDiJuZCeafQpNCgWUocJLQAiJYaExz1FSORZMha8kRoY1b5+O81CX1oWUc
IgTvHDCnGiTp+ND2wk407NPMVHItmvGvNprGLYnQBgpqmd0i82j4oxosMrixnQFT
CwFQ7FwBabVNL2BsixwESTF0yXC5bV4Do2aKgkaNAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUBwIudYw31UA8baGcuAHqAusyuX4wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzVkM2MyYzU3LTQzMWQtNGJlYi1hMDE3LWM0NWFlOTY4NTNiZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA2tjANBgkqhkiG9w0BAQsFAAOCAQEAHvlOrZI2KPCFEVamYfZ1/ZY8ilDY
6+STrc6rg5ZgEGXvaJfzrxxljZibkTtqMKTVPNEHJ1HwtOC5Pj+tt0mbiTEKcaAP
97ZpIuY42/J6Ygz1xj7TWY0+4Na/uQ9jh3e8XfVpRjQ+pX5BCuKodpsEkOHmG9d5
l6GZhYIR7jaHl+QoQ3fw6pkipaEZLKZPkdD0LZ9hnieDWOulegzeNCG+BCTexYGv
kWsIMGFkj7L49PDo0bP3yL0Oq740QMjpsQrc8rWKEqZB8K2wvC+9RNpNQfkcKrl7
6ehC9FhKUX2OC/CCeIGiTfIVXP3gZMqHyP+COGA/7Zv5EeHNQLUANCH9Sg==
-----END CERTIFICATE-----