Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/773c564f-d1a3-43fd-a13c-ad534ef49714.roa
File:                     773c564f-d1a3-43fd-a13c-ad534ef49714.roa (raw, json)
Hash identifier:          GPIOK55+r+6RWIu4d16y2SBUqN3c0k2ZCTUU1zJZVpQ=
Subject key identifier:   6C:3A:D3:E1:8B:35:52:7D:95:DD:A1:5E:12:28:88:7D:98:3D:6C:5B
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       5177DB8F7C8EA5EBD26EAAF9A89B14B74923CE89
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/773c564f-d1a3-43fd-a13c-ad534ef49714.roa
Signing time:             Tue 20 May 2025 16:40:51 +0000
ROA not before:           Tue 20 May 2025 16:40:51 +0000
ROA not after:            Tue 24 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        136.16.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Jun 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            51:77:db:8f:7c:8e:a5:eb:d2:6e:aa:f9:a8:9b:14:b7:49:23:ce:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 20 16:40:51 2025 GMT
            Not After : Jun 24 23:59:59 2025 GMT
        Subject: serialNumber=676267173f5039d0f6f6ea5a0cf6e9811758107cb79cea38c1d50fde50428fc8, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:8f:2e:91:62:41:51:88:0d:0a:d7:e0:10:29:
                    c5:20:41:67:9b:66:5d:c8:37:85:38:c1:c8:07:51:
                    5a:fe:9b:7a:ca:27:02:c5:a8:d8:83:1f:1c:f7:a5:
                    61:e6:2e:70:3a:47:b4:3e:8b:62:4b:c5:ac:5e:62:
                    28:ae:2d:fe:92:b7:50:fb:b0:46:7a:62:34:0b:53:
                    0e:22:54:56:cf:c2:97:8f:52:66:d6:dd:8a:e5:10:
                    eb:d1:a3:5c:e4:c4:4e:35:90:09:65:8e:19:12:1d:
                    9e:5c:83:a2:88:34:47:b3:5c:ff:92:c1:c3:1b:b0:
                    1e:3a:aa:ed:0f:94:fc:50:70:b3:bd:95:54:9b:aa:
                    3c:c1:d6:70:a1:0c:84:cd:c4:de:0a:2a:3b:d3:3a:
                    55:50:b0:37:48:99:d1:b5:4c:cc:08:c1:06:d7:c2:
                    a9:f1:0b:0e:9d:6d:1b:23:0b:9b:c9:19:0e:72:65:
                    c0:e0:0c:4f:44:66:24:71:1a:eb:c9:ce:72:a6:54:
                    ea:b6:1b:a7:d7:31:23:ef:56:85:76:49:38:e6:d9:
                    0a:50:8b:2f:f0:0a:90:24:53:37:07:84:fc:51:5b:
                    e3:4e:e8:b0:c7:68:af:2b:f8:d9:7e:cb:05:3f:e9:
                    ba:ec:eb:8e:36:78:1a:e8:28:96:80:76:8d:ba:c5:
                    13:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:3A:D3:E1:8B:35:52:7D:95:DD:A1:5E:12:28:88:7D:98:3D:6C:5B
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/773c564f-d1a3-43fd-a13c-ad534ef49714.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  136.16.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         83:91:fb:0c:03:7e:6b:7a:04:50:ef:3c:d0:78:cf:a8:13:a2:
         3a:5b:b4:91:5d:02:a2:38:65:7d:2f:c3:09:22:90:3d:ba:13:
         f7:45:45:cd:77:90:0e:82:f9:a8:f9:34:3f:13:73:b9:4e:a4:
         53:a5:02:f4:10:0f:bc:a0:20:61:e8:dd:32:36:9b:f2:0f:7a:
         26:c2:e4:1e:bd:46:4f:93:b3:62:74:10:f2:24:c0:ea:cf:cf:
         a4:eb:a9:ea:78:44:99:41:02:e1:ed:be:0e:5b:c1:29:d3:14:
         d0:8f:d7:f9:a4:52:3b:cf:fb:c7:b3:00:6c:0a:0a:4e:a7:9e:
         6a:65:91:59:fe:37:d7:27:2c:bc:02:99:f8:0a:b1:72:21:83:
         6e:7f:fe:7b:1f:f1:16:09:10:a6:f3:df:ab:87:70:ff:d1:ba:
         02:56:6e:92:8b:ba:86:28:b8:df:23:9f:59:24:bf:1d:fa:03:
         26:9b:38:20:d9:85:d6:ed:83:ed:9f:cf:fa:50:b2:74:3c:be:
         68:f4:72:c1:06:51:e2:91:66:d8:89:83:0e:3e:08:2f:b6:53:
         74:32:59:b9:ff:65:9c:a8:99:a7:10:e0:69:b8:5e:e5:d2:61:
         10:86:1b:8b:b1:1a:1e:0c:cb:27:fd:b5:bb:58:15:72:b8:52:
         22:24:f3:c3
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUUXfbj3yOpevSbqr5qJsUt0kjzokwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNTIwMTY0MDUxWhcNMjUwNjI0MjM1OTU5
WjB6MUkwRwYDVQQFE0A2NzYyNjcxNzNmNTAzOWQwZjZmNmVhNWEwY2Y2ZTk4MTE3
NTgxMDdjYjc5Y2VhMzhjMWQ1MGZkZTUwNDI4ZmM4MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCpjy6RYkFRiA0K1+AQKcUgQWebZl3IN4U4wcgHUVr+m3rK
JwLFqNiDHxz3pWHmLnA6R7Q+i2JLxaxeYiiuLf6St1D7sEZ6YjQLUw4iVFbPwpeP
UmbW3YrlEOvRo1zkxE41kAlljhkSHZ5cg6KINEezXP+SwcMbsB46qu0PlPxQcLO9
lVSbqjzB1nChDITNxN4KKjvTOlVQsDdImdG1TMwIwQbXwqnxCw6dbRsjC5vJGQ5y
ZcDgDE9EZiRxGuvJznKmVOq2G6fXMSPvVoV2STjm2QpQiy/wCpAkUzcHhPxRW+NO
6LDHaK8r+Nl+ywU/6brs6442eBroKJaAdo26xRPrAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUbDrT4Ys1Un2V3aFeEiiIfZg9bFswHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzc3M2M1NjRmLWQxYTMtNDNmZC1hMTNjLWFkNTM0ZWY0OTcxNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCIEDANBgkqhkiG9w0BAQsFAAOCAQEAg5H7DAN+a3oEUO880HjPqBOiOlu0
kV0CojhlfS/DCSKQPboT90VFzXeQDoL5qPk0PxNzuU6kU6UC9BAPvKAgYejdMjab
8g96JsLkHr1GT5OzYnQQ8iTA6s/PpOup6nhEmUEC4e2+DlvBKdMU0I/X+aRSO8/7
x7MAbAoKTqeeamWRWf431ycsvAKZ+AqxciGDbn/+ex/xFgkQpvPfq4dw/9G6AlZu
kou6hii43yOfWSS/HfoDJps4INmF1u2D7Z/P+lCydDy+aPRywQZR4pFm2ImDDj4I
L7ZTdDJZuf9lnKiZpxDgabhe5dJhEIYbi7EaHgzLJ/21u1gVcrhSIiTzww==
-----END CERTIFICATE-----