Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/717d8d60-b812-4321-a774-df7920ae17ef.roa
File:                     717d8d60-b812-4321-a774-df7920ae17ef.roa (raw, json)
Hash identifier:          ZcXtBQ1ulFUKUoACjHUTeTifaRPphJZVRbn5dwSp1J0=
Subject key identifier:   07:F8:B5:E2:05:6F:4D:0C:FF:68:0F:C8:ED:81:ED:74:4E:10:3B:A4
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       18057600D2D913B952DE8B95F70E1BE42DC0B20A
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/717d8d60-b812-4321-a774-df7920ae17ef.roa
Signing time:             Mon 27 Jan 2025 00:00:00 +0000
ROA not before:           Mon 27 Jan 2025 00:00:00 +0000
ROA not after:            Mon 03 Mar 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        54.160.64.0/18 maxlen: 18
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 07 Feb 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            18:05:76:00:d2:d9:13:b9:52:de:8b:95:f7:0e:1b:e4:2d:c0:b2:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jan 27 00:00:00 2025 GMT
            Not After : Mar  3 23:59:59 2025 GMT
        Subject: CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:0a:c3:41:41:d3:5f:0c:b0:39:86:6c:16:4f:
                    5a:06:6f:e3:35:47:68:ea:d9:48:62:f6:78:58:42:
                    33:c3:df:e8:9d:bc:bd:4e:fe:8f:f0:b9:9d:f1:cd:
                    59:a2:63:91:1a:74:12:7a:31:a6:bd:43:a7:d8:42:
                    5c:18:0a:3c:5a:da:0f:81:2d:da:0f:ab:5e:e5:e7:
                    91:6f:d5:71:37:e3:2d:14:be:10:1d:a6:ff:51:f1:
                    62:eb:fc:90:2c:bd:74:1f:f9:ef:99:6c:cf:ef:9c:
                    01:fb:5a:45:73:9b:73:24:ce:7a:cf:41:dc:4b:87:
                    21:8b:d3:bc:e4:c2:b8:50:83:50:a8:4e:8c:4f:38:
                    18:aa:d8:e7:8c:94:2f:9e:39:e0:ba:d6:df:a8:31:
                    80:e1:d5:2e:71:1f:db:72:bb:19:8e:08:c7:d0:58:
                    99:8b:8a:26:20:bf:08:20:18:7c:53:56:42:2a:e2:
                    87:f0:b2:2c:eb:48:54:fc:04:cb:15:c9:69:4b:63:
                    63:86:e4:f6:32:5a:a9:9f:73:a3:95:fa:8e:57:f1:
                    d8:33:ec:bc:4d:3e:8f:e9:8c:e8:bb:79:e2:f2:ca:
                    a0:fe:d4:fb:a6:59:b2:49:92:46:ea:9e:61:fa:06:
                    aa:1e:39:63:88:f1:bc:c1:77:f3:cc:40:aa:66:60:
                    6c:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:F8:B5:E2:05:6F:4D:0C:FF:68:0F:C8:ED:81:ED:74:4E:10:3B:A4
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/717d8d60-b812-4321-a774-df7920ae17ef.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.160.64.0/18

    Signature Algorithm: sha256WithRSAEncryption
         2c:8d:57:06:ca:9d:7c:66:62:f2:f7:5a:02:5a:24:57:34:86:
         78:21:81:57:97:5d:60:f7:b4:43:55:0e:72:fe:c4:e8:25:d5:
         c0:2a:4e:ae:9a:da:5f:35:9e:28:9d:49:db:4f:06:2c:86:ac:
         3c:ef:e1:67:5c:b1:9d:93:aa:49:c9:72:80:3d:b9:d9:f5:a8:
         9c:c0:9b:c8:fc:e5:c9:ed:03:57:19:03:93:d3:58:3a:28:75:
         bc:ba:44:93:0a:7e:8a:1d:4e:ad:df:5b:87:4c:3e:67:d1:34:
         44:b2:37:e3:a3:f9:99:88:aa:37:90:93:0a:b5:37:d3:9c:69:
         70:c5:90:9e:3c:12:b9:47:ad:70:d1:ac:77:7e:4f:cc:c5:76:
         e9:9a:dc:18:a3:51:a7:2e:34:56:48:f3:36:a6:6a:cf:7b:f4:
         3c:6b:8b:56:3a:48:d4:f9:70:4f:dd:d2:ad:c0:6f:a1:0b:6d:
         60:d2:be:a1:1b:cc:de:21:a9:09:7d:d8:07:30:02:79:90:d5:
         35:6a:b0:67:84:32:7f:11:73:61:73:22:a7:1d:c3:cb:e4:2c:
         e2:c3:b1:9e:60:45:af:0e:2c:22:79:94:15:72:a5:7a:ca:1b:
         7d:1f:af:32:5c:a5:d1:ae:83:f2:75:5f:ad:2f:eb:6a:81:ce:
         16:19:a3:53
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUGAV2ANLZE7lS3ouV9w4b5C3AsgowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwMTI3MDAwMDAwWhcNMjUwMzAzMjM1OTU5
WjB6MUkwRwYDVQQFE0A4ZmE3Y2FiMjljZTc4ZGQxNTM0OTk1ZmQ0NGIxZDEzNTQw
ZDUyMGQ1ZGY2N2I2YmMyNjE4ZDM1ZDRhNmU5ZmRiMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCmCsNBQdNfDLA5hmwWT1oGb+M1R2jq2Uhi9nhYQjPD3+id
vL1O/o/wuZ3xzVmiY5EadBJ6Maa9Q6fYQlwYCjxa2g+BLdoPq17l55Fv1XE34y0U
vhAdpv9R8WLr/JAsvXQf+e+ZbM/vnAH7WkVzm3MkznrPQdxLhyGL07zkwrhQg1Co
ToxPOBiq2OeMlC+eOeC61t+oMYDh1S5xH9tyuxmOCMfQWJmLiiYgvwggGHxTVkIq
4ofwsizrSFT8BMsVyWlLY2OG5PYyWqmfc6OV+o5X8dgz7LxNPo/pjOi7eeLyyqD+
1PumWbJJkkbqnmH6BqoeOWOI8bzBd/PMQKpmYGwlAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUB/i14gVvTQz/aA/I7YHtdE4QO6QwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzcxN2Q4ZDYwLWI4MTItNDMyMS1hNzc0LWRmNzkyMGFlMTdlZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAY2oEAwDQYJKoZIhvcNAQELBQADggEBACyNVwbKnXxmYvL3WgJaJFc0hngh
gVeXXWD3tENVDnL+xOgl1cAqTq6a2l81niidSdtPBiyGrDzv4WdcsZ2TqknJcoA9
udn1qJzAm8j85cntA1cZA5PTWDoodby6RJMKfoodTq3fW4dMPmfRNESyN+Oj+ZmI
qjeQkwq1N9OcaXDFkJ48ErlHrXDRrHd+T8zFduma3BijUacuNFZI8zamas979Dxr
i1Y6SNT5cE/d0q3Ab6ELbWDSvqEbzN4hqQl92AcwAnmQ1TVqsGeEMn8Rc2FzIqcd
w8vkLOLDsZ5gRa8OLCJ5lBVypXrKG30frzJcpdGug/J1X60v62qBzhYZo1M=
-----END CERTIFICATE-----