Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/80130055-d688-403c-8003-8f4222aaeffc.roa
File:                     80130055-d688-403c-8003-8f4222aaeffc.roa (raw, json)
Hash identifier:          JIkx6wS8zUJRMiqdNTjrH/ZtAzcZxy6AzzyPg4fPXbo=
Subject key identifier:   72:56:63:E7:8E:7F:C0:AB:27:B9:CC:66:05:59:65:0E:3E:2D:E1:F3
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       3295664D62F286E21E1397C4D0BD529D681F510D
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/80130055-d688-403c-8003-8f4222aaeffc.roa
Signing time:             Fri 19 Sep 2025 02:12:58 +0000
ROA not before:           Fri 19 Sep 2025 02:12:58 +0000
ROA not after:            Fri 24 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        54.192.23.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Oct 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            32:95:66:4d:62:f2:86:e2:1e:13:97:c4:d0:bd:52:9d:68:1f:51:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Sep 19 02:12:58 2025 GMT
            Not After : Oct 24 23:59:59 2025 GMT
        Subject: serialNumber=1ebf89a664e6ce53bd981e4cb92d596d8415faea746678dc94e7237e358bac0a, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:37:33:2f:93:d4:4c:e3:f1:e1:24:3f:31:c9:
                    ac:aa:87:84:fd:85:e4:65:3c:8a:ff:23:f8:5e:17:
                    93:17:d2:23:63:72:46:d0:87:19:d1:95:38:bf:a9:
                    88:e3:f2:83:79:9a:92:e4:75:60:6a:91:64:b6:ff:
                    a6:5d:9f:d8:cb:ff:47:fa:eb:0b:35:a2:6e:cc:4d:
                    af:a8:d3:b8:fe:6b:8d:25:66:1e:51:09:58:cc:a2:
                    a4:e3:24:0e:73:d2:fa:ee:14:7f:9e:43:f8:76:6a:
                    f0:e0:ef:03:4b:c2:4b:19:a0:21:d2:8e:bc:03:0f:
                    2c:c3:e7:99:84:8c:3e:d7:7f:e5:7c:2e:13:cc:37:
                    91:0b:e0:be:f5:1d:ee:95:4d:af:a7:e7:c4:21:9a:
                    24:21:84:47:16:64:fc:19:7b:aa:f2:02:3b:c2:65:
                    47:d4:96:a5:03:01:45:60:c2:bf:2f:4f:2a:0c:c8:
                    fb:50:01:30:3b:f7:5f:89:3f:d7:8c:d3:79:7d:c9:
                    e6:31:b5:33:96:d3:2c:1c:71:5f:48:e2:90:8d:b8:
                    ca:d3:33:57:0f:5f:50:49:68:50:4a:36:85:d9:63:
                    c7:8a:2e:49:75:b5:39:aa:4d:27:53:13:58:f2:07:
                    f3:0c:59:65:84:a5:41:63:60:82:2d:d0:ed:4a:75:
                    f6:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:56:63:E7:8E:7F:C0:AB:27:B9:CC:66:05:59:65:0E:3E:2D:E1:F3
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/80130055-d688-403c-8003-8f4222aaeffc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.192.23.0/24

    Signature Algorithm: sha256WithRSAEncryption
         13:be:ad:29:92:26:d4:b8:5a:e3:f2:dd:d6:86:5f:98:a0:bd:
         87:bc:9f:74:00:b0:f3:8f:95:85:05:2c:f0:e0:15:5d:89:f8:
         6c:e4:fd:0d:b5:9e:a6:10:02:c8:04:f7:16:7b:c9:1a:06:f9:
         91:2b:53:02:6c:11:4b:b4:57:83:0d:2d:47:11:47:af:c1:63:
         74:a6:f4:5d:17:a4:74:b3:35:dc:07:6b:5b:dc:5a:53:71:80:
         86:6d:f9:91:59:cf:fa:c5:2c:e6:aa:4d:eb:0a:ba:ff:a5:e4:
         34:47:5b:27:85:55:c3:0a:8e:f8:24:4a:c3:19:1d:20:0d:af:
         ba:ca:9a:08:23:05:33:84:cf:40:9f:b7:fd:e6:4f:3b:88:f5:
         d1:1f:f3:4c:32:0e:c5:dd:70:41:4c:87:7d:44:9a:a9:12:ca:
         28:71:c1:67:d8:9d:8e:07:49:c9:2c:3f:30:09:83:c2:f3:f7:
         77:ad:b7:a8:02:3c:52:34:4e:53:23:67:c4:30:91:c1:eb:72:
         c8:63:26:96:53:74:f1:b6:85:6b:e8:6d:4a:91:58:11:0d:b2:
         a0:0f:0e:89:b2:10:4a:b6:53:76:84:c3:46:98:f2:67:55:68:
         e6:83:4c:0b:1f:72:bd:15:01:8e:58:00:02:20:ce:9c:c2:ee:
         c6:20:33:13
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUMpVmTWLyhuIeE5fE0L1SnWgfUQ0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwOTE5MDIxMjU4WhcNMjUxMDI0MjM1OTU5
WjB6MUkwRwYDVQQFE0AxZWJmODlhNjY0ZTZjZTUzYmQ5ODFlNGNiOTJkNTk2ZDg0
MTVmYWVhNzQ2Njc4ZGM5NGU3MjM3ZTM1OGJhYzBhMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCvNzMvk9RM4/HhJD8xyayqh4T9heRlPIr/I/heF5MX0iNj
ckbQhxnRlTi/qYjj8oN5mpLkdWBqkWS2/6Zdn9jL/0f66ws1om7MTa+o07j+a40l
Zh5RCVjMoqTjJA5z0vruFH+eQ/h2avDg7wNLwksZoCHSjrwDDyzD55mEjD7Xf+V8
LhPMN5EL4L71He6VTa+n58QhmiQhhEcWZPwZe6ryAjvCZUfUlqUDAUVgwr8vTyoM
yPtQATA791+JP9eM03l9yeYxtTOW0ywccV9I4pCNuMrTM1cPX1BJaFBKNoXZY8eK
Lkl1tTmqTSdTE1jyB/MMWWWEpUFjYIIt0O1KdfYBAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUclZj545/wKsnucxmBVllDj4t4fMwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzgwMTMwMDU1LWQ2ODgtNDAzYy04MDAzLThmNDIyMmFhZWZmYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAA2wBcwDQYJKoZIhvcNAQELBQADggEBABO+rSmSJtS4WuPy3daGX5igvYe8
n3QAsPOPlYUFLPDgFV2J+Gzk/Q21nqYQAsgE9xZ7yRoG+ZErUwJsEUu0V4MNLUcR
R6/BY3Sm9F0XpHSzNdwHa1vcWlNxgIZt+ZFZz/rFLOaqTesKuv+l5DRHWyeFVcMK
jvgkSsMZHSANr7rKmggjBTOEz0Cft/3mTzuI9dEf80wyDsXdcEFMh31EmqkSyihx
wWfYnY4HScksPzAJg8Lz93ett6gCPFI0TlMjZ8QwkcHrcshjJpZTdPG2hWvobUqR
WBENsqAPDomyEEq2U3aEw0aY8mdVaOaDTAsfcr0VAY5YAAIgzpzC7sYgMxM=
-----END CERTIFICATE-----