Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/5f0772d8-f455-463e-9417-4ddc13856c48.roa
File:                     5f0772d8-f455-463e-9417-4ddc13856c48.roa (raw, json)
Hash identifier:          GY809Myn6jxH0WpFzz7HJCKsqKdV+U2s5pCs+WQbi9A=
Subject key identifier:   85:D9:50:52:00:C2:52:CB:DA:BD:CC:06:4B:92:27:B6:5A:63:12:87
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       2D15AB2AAB9A445DC71E2EEB19B0693980C558D5
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/5f0772d8-f455-463e-9417-4ddc13856c48.roa
Signing time:             Fri 07 Mar 2025 00:30:13 +0000
ROA not before:           Fri 07 Mar 2025 00:30:13 +0000
ROA not after:            Fri 11 Apr 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        18.148.0.0/14 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 15 Mar 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2d:15:ab:2a:ab:9a:44:5d:c7:1e:2e:eb:19:b0:69:39:80:c5:58:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Mar  7 00:30:13 2025 GMT
            Not After : Apr 11 23:59:59 2025 GMT
        Subject: CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:5a:d9:e4:56:75:b9:71:62:07:47:9f:cd:0b:
                    62:bf:fd:51:6d:bd:f0:01:32:70:d6:e4:c5:85:19:
                    70:5c:11:a3:28:b9:52:2e:19:6d:bc:18:a0:92:b4:
                    bc:d3:66:c8:f9:2f:5d:85:f3:e4:5e:c5:b4:88:8b:
                    87:7c:30:02:19:68:8f:32:0b:71:15:17:e0:9f:61:
                    9a:d8:df:b0:ea:8c:82:cb:74:de:d1:86:92:86:bc:
                    c8:7d:c1:78:88:03:a5:1e:22:ff:df:57:ce:01:a3:
                    16:32:c0:2f:aa:6c:ab:27:24:50:31:69:74:a8:13:
                    01:9b:67:53:87:c7:56:00:80:a3:be:3e:0b:d2:60:
                    80:2d:64:20:da:31:7b:43:6b:98:35:dc:36:1c:72:
                    f0:88:dc:02:d8:e7:56:79:6a:5b:d9:fd:e0:76:77:
                    84:f9:24:d6:6c:0c:8a:57:ab:b1:91:c5:58:1f:d6:
                    fb:9e:79:2e:a9:ad:07:d6:d1:20:e7:5b:6c:06:ec:
                    ba:f1:11:f1:fd:e2:68:09:c7:cd:a7:f8:06:48:45:
                    81:d2:cc:91:d5:c5:3b:b0:a8:be:71:14:c5:b2:c8:
                    69:d6:34:64:68:7f:fd:60:b0:0c:95:12:97:77:53:
                    9f:ea:6b:6c:43:d3:35:89:8e:ed:36:a0:cb:50:15:
                    56:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:D9:50:52:00:C2:52:CB:DA:BD:CC:06:4B:92:27:B6:5A:63:12:87
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/5f0772d8-f455-463e-9417-4ddc13856c48.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  18.148.0.0/14

    Signature Algorithm: sha256WithRSAEncryption
         1a:52:b6:8c:01:07:e2:a1:9c:e0:a6:ea:f1:b9:13:43:c0:2f:
         0c:c2:0e:02:8a:99:62:1c:c8:0e:ab:da:c7:b2:63:ba:00:10:
         3d:ae:3c:18:1c:dc:d1:24:dd:46:b7:8a:49:b1:01:96:57:69:
         b7:81:44:a6:71:36:b4:36:c4:48:58:6d:c1:55:d4:6a:52:b0:
         aa:a3:4e:d4:0b:12:7a:20:5a:cd:99:16:55:01:6c:68:23:98:
         1e:a9:86:21:6e:87:ab:04:5b:c2:ff:fe:25:31:fc:cf:0d:82:
         b2:9a:2b:49:53:e2:2f:1a:6b:d6:44:4c:52:e3:30:5c:a4:26:
         56:ea:25:18:6a:03:a0:83:af:ae:be:bd:f6:40:16:af:28:14:
         94:8b:ac:f2:4b:84:3b:43:fa:12:51:0b:c9:34:c4:94:8d:61:
         09:b6:0e:68:65:d3:8c:dd:56:80:1a:4e:4e:43:06:45:d7:e9:
         be:52:18:af:69:61:cc:52:35:41:f4:5d:20:9d:71:24:59:5a:
         9c:2c:32:b6:f9:a1:5f:ce:46:c2:9a:1a:0d:bd:66:63:12:03:
         ef:da:d0:47:2b:f1:90:85:ba:74:b7:67:e9:3e:56:87:31:c6:
         81:6a:32:3b:a3:59:f8:a9:ad:f7:fc:e6:f8:3a:b3:21:cd:0e:
         8d:8f:8b:51
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIULRWrKquaRF3HHi7rGbBpOYDFWNUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwMzA3MDAzMDEzWhcNMjUwNDExMjM1OTU5
WjB6MUkwRwYDVQQFE0AzOGIwNjAxYTdjNGRjY2EwNjYwMDY1MzBiZTBhZmI1Y2My
NzI2M2EzM2M2YTIyMDhlNTkxOTZhYjdjYWM3ZDJhMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC0WtnkVnW5cWIHR5/NC2K//VFtvfABMnDW5MWFGXBcEaMo
uVIuGW28GKCStLzTZsj5L12F8+RexbSIi4d8MAIZaI8yC3EVF+CfYZrY37DqjILL
dN7RhpKGvMh9wXiIA6UeIv/fV84BoxYywC+qbKsnJFAxaXSoEwGbZ1OHx1YAgKO+
PgvSYIAtZCDaMXtDa5g13DYccvCI3ALY51Z5alvZ/eB2d4T5JNZsDIpXq7GRxVgf
1vueeS6prQfW0SDnW2wG7LrxEfH94mgJx82n+AZIRYHSzJHVxTuwqL5xFMWyyGnW
NGRof/1gsAyVEpd3U5/qa2xD0zWJju02oMtQFVZ5AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUhdlQUgDCUsvavcwGS5IntlpjEocwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzVmMDc3MmQ4LWY0NTUtNDYzZS05NDE3LTRkZGMxMzg1NmM0OC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwISlDANBgkqhkiG9w0BAQsFAAOCAQEAGlK2jAEH4qGc4Kbq8bkTQ8AvDMIO
AoqZYhzIDqvax7JjugAQPa48GBzc0STdRreKSbEBlldpt4FEpnE2tDbESFhtwVXU
alKwqqNO1AsSeiBazZkWVQFsaCOYHqmGIW6HqwRbwv/+JTH8zw2CsporSVPiLxpr
1kRMUuMwXKQmVuolGGoDoIOvrr699kAWrygUlIus8kuEO0P6ElELyTTElI1hCbYO
aGXTjN1WgBpOTkMGRdfpvlIYr2lhzFI1QfRdIJ1xJFlanCwytvmhX85GwpoaDb1m
YxID79rQRyvxkIW6dLdn6T5WhzHGgWoyO6NZ+Kmt9/zm+DqzIc0OjY+LUQ==
-----END CERTIFICATE-----