Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/7bc2d2f7-b790-4846-bad9-b0fa648c2e12.roa
File:                     7bc2d2f7-b790-4846-bad9-b0fa648c2e12.roa (raw, json)
Hash identifier:          AP/jsfLUdWIA75oydAr3cLty2DAdao8HIxvrepcso/g=
Subject key identifier:   B8:61:16:92:DA:05:87:A3:07:38:D6:8F:01:EC:80:9C:00:33:ED:CC
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       4807D3214F6B373C2F3AEF96FE6D8274822BC6B5
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/7bc2d2f7-b790-4846-bad9-b0fa648c2e12.roa
Signing time:             Fri 09 May 2025 16:10:14 +0000
ROA not before:           Fri 09 May 2025 16:10:14 +0000
ROA not after:            Fri 13 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        54.214.192.0/19 maxlen: 19
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 10 May 2025 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            48:07:d3:21:4f:6b:37:3c:2f:3a:ef:96:fe:6d:82:74:82:2b:c6:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May  9 16:10:14 2025 GMT
            Not After : Jun 13 23:59:59 2025 GMT
        Subject: serialNumber=c43084d6cf3414b1739926250d004faeb14cbdd551cdafddabe43d9ed9c1777f, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:e5:d0:02:60:c6:3b:fb:56:19:73:9b:1a:45:
                    44:96:cc:e8:9f:6d:df:a1:ae:32:b2:b2:58:a1:c5:
                    38:bc:dc:89:94:e9:3f:6d:e1:a1:ef:e9:81:3a:5f:
                    47:92:98:a5:f5:77:53:27:89:cd:de:a5:e8:30:8f:
                    69:17:73:35:6b:20:f5:01:cc:3d:c8:2c:bb:45:83:
                    bd:78:dc:1b:58:2c:a0:e7:43:7d:23:89:b5:59:f6:
                    f3:9a:84:39:db:4a:8c:ab:64:20:39:bd:03:63:a4:
                    c2:bb:d6:04:b8:2b:f0:10:0b:d7:be:3a:0e:38:14:
                    f8:73:64:d6:23:de:26:a9:1a:59:d9:3d:94:fb:fa:
                    ed:75:dc:38:d2:bb:53:d5:b0:d8:31:54:38:23:5d:
                    7c:2a:ad:1c:f0:5e:74:29:e4:d0:9a:fe:61:d6:cb:
                    66:9a:6b:57:10:e7:83:6c:b6:f7:f4:46:b9:12:0e:
                    a9:6e:c3:b0:28:12:8e:99:b4:c3:98:70:7d:6e:93:
                    b2:e1:31:c7:89:64:19:71:34:94:f4:5a:d2:b3:3d:
                    c4:01:4e:9e:a3:8e:34:7e:07:5c:d9:29:92:12:af:
                    32:82:f2:03:75:5d:19:79:b7:e0:8e:96:b5:44:e4:
                    43:af:24:a5:63:ec:2c:66:df:1a:de:31:18:49:71:
                    3f:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:61:16:92:DA:05:87:A3:07:38:D6:8F:01:EC:80:9C:00:33:ED:CC
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/7bc2d2f7-b790-4846-bad9-b0fa648c2e12.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.214.192.0/19

    Signature Algorithm: sha256WithRSAEncryption
         98:32:9b:87:c5:fd:10:3b:4e:d1:c7:a5:80:fd:42:84:d3:21:
         fc:bc:f9:7d:ce:85:3e:e6:e1:8b:6e:2f:26:bd:cf:a7:ed:1b:
         a7:41:ad:40:53:04:b7:2c:e2:cc:2a:6d:08:85:f1:e7:3f:f7:
         61:b2:3c:5d:81:4a:46:06:9a:82:10:1a:2b:f8:3c:be:7a:bf:
         02:66:e5:08:16:76:c1:f9:c6:ad:84:cd:ee:62:37:c9:7e:9a:
         81:3f:15:b0:8e:c8:ef:61:78:8d:b2:f9:2d:eb:4e:c9:ca:b4:
         2b:07:49:ea:fa:35:33:10:f2:e6:1b:73:91:e7:ae:24:23:63:
         4b:00:48:f0:92:39:75:8b:b2:84:6d:11:59:1e:43:83:99:77:
         b7:3d:79:35:30:04:63:92:17:cd:ae:2a:b3:ae:79:4e:5c:1a:
         fe:4c:14:ca:a6:bd:f7:e9:e3:1c:11:9a:71:08:ea:56:b6:79:
         33:77:d3:1e:e0:2f:b2:19:41:b2:9f:ad:55:a1:21:b2:d8:49:
         1d:dc:cd:67:7b:a2:ae:7a:92:5e:c9:82:b4:58:67:2a:28:ba:
         a2:b4:2f:68:50:f6:a7:a5:15:e7:21:76:4b:ac:24:74:3f:51:
         1c:b4:34:8a:76:af:6d:fa:c1:2c:2e:23:06:46:04:8b:7e:fe:
         a8:45:ce:0b
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUSAfTIU9rNzwvOu+W/m2CdIIrxrUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNTA5MTYxMDE0WhcNMjUwNjEzMjM1OTU5
WjB6MUkwRwYDVQQFE0BjNDMwODRkNmNmMzQxNGIxNzM5OTI2MjUwZDAwNGZhZWIx
NGNiZGQ1NTFjZGFmZGRhYmU0M2Q5ZWQ5YzE3NzdmMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCr5dACYMY7+1YZc5saRUSWzOifbd+hrjKyslihxTi83ImU
6T9t4aHv6YE6X0eSmKX1d1Mnic3epegwj2kXczVrIPUBzD3ILLtFg7143BtYLKDn
Q30jibVZ9vOahDnbSoyrZCA5vQNjpMK71gS4K/AQC9e+Og44FPhzZNYj3iapGlnZ
PZT7+u113DjSu1PVsNgxVDgjXXwqrRzwXnQp5NCa/mHWy2aaa1cQ54Nstvf0RrkS
Dqluw7AoEo6ZtMOYcH1uk7LhMceJZBlxNJT0WtKzPcQBTp6jjjR+B1zZKZISrzKC
8gN1XRl5t+COlrVE5EOvJKVj7Cxm3xreMRhJcT+dAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUuGEWktoFh6MHONaPAeyAnAAz7cwwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzdiYzJkMmY3LWI3OTAtNDg0Ni1iYWQ5LWIwZmE2NDhjMmUxMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAU21sAwDQYJKoZIhvcNAQELBQADggEBAJgym4fF/RA7TtHHpYD9QoTTIfy8
+X3OhT7m4YtuLya9z6ftG6dBrUBTBLcs4swqbQiF8ec/92GyPF2BSkYGmoIQGiv4
PL56vwJm5QgWdsH5xq2Eze5iN8l+moE/FbCOyO9heI2y+S3rTsnKtCsHSer6NTMQ
8uYbc5HnriQjY0sASPCSOXWLsoRtEVkeQ4OZd7c9eTUwBGOSF82uKrOueU5cGv5M
FMqmvffp4xwRmnEI6la2eTN30x7gL7IZQbKfrVWhIbLYSR3czWd7oq56kl7JgrRY
ZyoouqK0L2hQ9qelFechdkusJHQ/URy0NIp2r236wSwuIwZGBIt+/qhFzgs=
-----END CERTIFICATE-----