Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/78bfeba9-7b52-480f-986d-6608da14c76d.roa
File:                     78bfeba9-7b52-480f-986d-6608da14c76d.roa (raw, json)
Hash identifier:          Qe7+jiIRIg85of96iud1VrHlSS/AhZHw5ZEHk7vyyvQ=
Subject key identifier:   60:19:C7:2F:C6:38:C8:C3:FD:FC:58:CC:88:7B:F8:DF:CD:91:3C:03
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       6F628D62B633AB717DA1382035ADD2EB228DAAEF
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/78bfeba9-7b52-480f-986d-6608da14c76d.roa
Signing time:             Mon 12 May 2025 15:40:19 +0000
ROA not before:           Mon 12 May 2025 15:40:19 +0000
ROA not after:            Mon 16 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        15.230.95.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 03 Jun 2025 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6f:62:8d:62:b6:33:ab:71:7d:a1:38:20:35:ad:d2:eb:22:8d:aa:ef
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 12 15:40:19 2025 GMT
            Not After : Jun 16 23:59:59 2025 GMT
        Subject: serialNumber=dfa05bc304a5f2438f29f4d1ad40a6ee6a1b5bd1804b0eb0a04b33c54f3cfe02, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:28:01:66:c8:13:03:c5:71:b6:ab:b3:d2:ec:
                    1e:1a:ff:e9:ee:50:fe:bb:a1:80:2c:81:4f:a2:a6:
                    cd:22:e1:06:86:f0:31:bc:2f:ce:73:3b:0e:d4:33:
                    d1:9c:73:9b:84:51:ea:29:90:6d:c3:bc:eb:be:c0:
                    22:c9:11:0f:77:68:ba:63:f8:61:19:7c:33:fd:bf:
                    98:ed:9f:c2:75:23:ea:8f:23:1c:e0:26:81:2b:dd:
                    7b:ef:07:b6:56:48:5f:ba:ae:dd:e7:23:a9:9f:fa:
                    8d:5a:d0:9c:5e:eb:c4:71:88:89:93:ae:10:d1:2c:
                    37:3d:0e:44:eb:8f:08:9c:2a:5a:86:49:99:4d:b9:
                    63:b9:81:2d:a8:6d:6b:d6:4a:14:1c:d6:07:b2:aa:
                    4f:82:10:53:d4:62:ab:67:00:77:f5:8e:99:cf:a3:
                    09:f4:a9:3e:bd:f4:9d:83:0c:a1:1f:09:ea:67:23:
                    94:a3:56:11:0b:1f:d9:86:de:d5:ee:1e:2d:aa:14:
                    b9:cf:61:17:6f:cf:73:fb:84:2e:4e:65:f1:95:ef:
                    e2:02:38:11:1d:a1:6c:2e:4e:fd:46:75:eb:ef:07:
                    d5:85:60:13:c4:fb:13:7a:df:f4:f6:50:66:b7:89:
                    f6:b7:ce:dc:24:24:7e:73:ff:92:49:e1:9f:58:57:
                    ff:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:19:C7:2F:C6:38:C8:C3:FD:FC:58:CC:88:7B:F8:DF:CD:91:3C:03
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/78bfeba9-7b52-480f-986d-6608da14c76d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  15.230.95.0/24

    Signature Algorithm: sha256WithRSAEncryption
         03:54:d9:3c:1f:c4:8a:e4:75:72:63:94:24:52:1f:cd:7a:ab:
         be:b5:bc:44:45:eb:08:9b:7c:7e:ee:9b:c2:b7:30:2f:a1:d5:
         bc:ba:2a:9c:f8:fa:ce:1c:c2:25:2a:ed:9d:55:25:ea:ba:35:
         e4:b2:21:ba:de:44:3b:5b:a7:41:1b:36:74:94:a4:9f:b9:91:
         c8:71:c5:37:93:6a:e7:da:12:04:08:c1:0a:d7:ab:39:4c:07:
         ab:3f:5d:89:33:51:0b:f6:6c:f9:80:87:d2:98:0d:d7:b9:21:
         79:56:4b:e8:82:5b:3a:57:9a:f7:77:d6:13:4f:3f:cb:9e:07:
         77:25:86:e7:f6:63:93:d0:05:d0:24:7f:15:d4:95:8c:43:2c:
         be:34:fc:26:2e:78:de:9d:7c:ba:2a:31:ea:37:ec:48:bc:df:
         78:44:4e:be:72:cc:46:9e:69:d1:7d:29:fc:3c:18:5f:15:72:
         34:94:65:fa:8b:59:4d:af:4d:ba:09:62:4e:f4:be:50:be:73:
         12:5f:43:96:0b:d2:22:b6:64:e3:8a:7b:6e:0f:fe:72:28:55:
         9d:61:49:f0:80:1a:94:59:f7:6e:43:e4:19:a4:89:08:cf:06:
         58:43:06:59:c9:65:40:ed:be:50:91:d2:70:6c:e1:5d:6a:93:
         6d:a3:cc:17
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUb2KNYrYzq3F9oTggNa3S6yKNqu8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNTEyMTU0MDE5WhcNMjUwNjE2MjM1OTU5
WjB6MUkwRwYDVQQFE0BkZmEwNWJjMzA0YTVmMjQzOGYyOWY0ZDFhZDQwYTZlZTZh
MWI1YmQxODA0YjBlYjBhMDRiMzNjNTRmM2NmZTAyMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC9KAFmyBMDxXG2q7PS7B4a/+nuUP67oYAsgU+ips0i4QaG
8DG8L85zOw7UM9Gcc5uEUeopkG3DvOu+wCLJEQ93aLpj+GEZfDP9v5jtn8J1I+qP
IxzgJoEr3XvvB7ZWSF+6rt3nI6mf+o1a0Jxe68RxiImTrhDRLDc9DkTrjwicKlqG
SZlNuWO5gS2obWvWShQc1geyqk+CEFPUYqtnAHf1jpnPown0qT699J2DDKEfCepn
I5SjVhELH9mG3tXuHi2qFLnPYRdvz3P7hC5OZfGV7+ICOBEdoWwuTv1GdevvB9WF
YBPE+xN63/T2UGa3ifa3ztwkJH5z/5JJ4Z9YV/9hAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUYBnHL8Y4yMP9/FjMiHv4382RPAMwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzc4YmZlYmE5LTdiNTItNDgwZi05ODZkLTY2MDhkYTE0Yzc2ZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAP5l8wDQYJKoZIhvcNAQELBQADggEBAANU2TwfxIrkdXJjlCRSH816q761
vERF6wibfH7um8K3MC+h1by6Kpz4+s4cwiUq7Z1VJeq6NeSyIbreRDtbp0EbNnSU
pJ+5kchxxTeTaufaEgQIwQrXqzlMB6s/XYkzUQv2bPmAh9KYDde5IXlWS+iCWzpX
mvd31hNPP8ueB3clhuf2Y5PQBdAkfxXUlYxDLL40/CYueN6dfLoqMeo37Ei833hE
Tr5yzEaeadF9Kfw8GF8VcjSUZfqLWU2vTboJYk70vlC+cxJfQ5YL0iK2ZOOKe24P
/nIoVZ1hSfCAGpRZ925D5BmkiQjPBlhDBlnJZUDtvlCR0nBs4V1qk22jzBc=
-----END CERTIFICATE-----