Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/92610e0a-b12a-4188-ab1a-ab49004d1c47.roa
File:                     92610e0a-b12a-4188-ab1a-ab49004d1c47.roa (raw, json)
Hash identifier:          RJZ/SeE5NJgOcJ2CelVnBPvJXqJ3gnUCEOUBxvyaKSA=
Subject key identifier:   B4:3E:33:9B:3B:D1:9D:AD:81:9D:96:D2:93:61:FC:77:08:B0:CC:AF
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       40FF63E8C9C1335A0A22A32E988202C396944AAD
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/92610e0a-b12a-4188-ab1a-ab49004d1c47.roa
Signing time:             Fri 09 May 2025 15:31:30 +0000
ROA not before:           Fri 09 May 2025 15:31:30 +0000
ROA not after:            Fri 13 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        52.13.0.0/19 maxlen: 19
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 10 May 2025 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            40:ff:63:e8:c9:c1:33:5a:0a:22:a3:2e:98:82:02:c3:96:94:4a:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May  9 15:31:30 2025 GMT
            Not After : Jun 13 23:59:59 2025 GMT
        Subject: serialNumber=ca33f0c81feba726f349a89d4257349bfd3d98efe5aeb6da013f05e347713a58, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:a9:f9:71:82:40:19:20:5d:6b:25:6f:f3:27:
                    ec:c6:1b:ef:68:40:e5:15:c8:f3:42:89:98:d2:27:
                    7b:23:c2:e4:cd:0e:21:9d:b0:48:93:97:2a:c5:4b:
                    fd:c7:d4:d0:8d:cc:67:df:02:3b:aa:4b:24:05:ba:
                    12:d8:bc:9f:c3:50:85:f9:09:c1:2e:ac:84:07:fd:
                    c9:1e:6d:9e:fc:74:9a:e3:6b:c8:5c:34:46:32:cc:
                    1b:fa:70:3e:61:cc:61:dd:76:32:93:11:ea:b2:a5:
                    07:bf:92:c4:d8:d2:a5:5e:2c:d8:8e:fd:2a:2b:0d:
                    56:04:c7:8e:a5:96:8d:ad:6d:5d:9e:bf:f8:82:0a:
                    0d:41:ec:93:63:f5:21:7e:ca:62:8b:a3:bc:17:a3:
                    2e:65:da:5f:9a:4a:a8:ae:ed:9c:7d:e6:10:a2:45:
                    ca:19:53:22:80:57:24:79:58:8b:f4:34:37:b6:16:
                    50:ad:fd:12:a2:79:6f:a9:cf:28:9f:e5:75:0f:be:
                    27:45:d1:d6:04:0f:54:19:a8:c5:80:75:5c:51:6b:
                    66:5c:49:4e:58:eb:57:4c:13:c9:75:7a:f2:da:3d:
                    7d:15:70:b3:0d:99:a7:7e:e7:49:26:3f:a0:21:7b:
                    e5:de:b8:ab:b0:1c:42:7d:92:75:77:92:b3:b4:fc:
                    1c:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:3E:33:9B:3B:D1:9D:AD:81:9D:96:D2:93:61:FC:77:08:B0:CC:AF
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/92610e0a-b12a-4188-ab1a-ab49004d1c47.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.13.0.0/19

    Signature Algorithm: sha256WithRSAEncryption
         59:f3:44:1c:c1:be:eb:55:fc:1b:c0:71:b4:d1:f4:e7:9b:82:
         02:8e:ee:ab:80:56:3c:54:56:d7:f2:00:aa:6d:a6:54:ec:a9:
         56:cf:9c:0b:d2:07:6a:72:c1:5c:71:15:65:af:8b:c8:ae:cd:
         05:3a:18:23:b6:8f:ce:c9:d6:8b:49:5a:14:f4:a1:c9:1d:9c:
         9f:3a:25:28:18:0f:3b:d8:97:ec:74:ea:bf:d7:b0:21:71:5e:
         7c:f0:7e:4d:65:32:34:08:14:32:99:a0:25:c6:5a:ce:84:14:
         60:39:12:bb:4e:1a:66:96:53:b2:3b:f8:7d:f3:f1:68:f3:25:
         21:1f:19:58:f6:07:15:02:13:c7:02:56:fc:4d:14:44:33:57:
         a5:99:f1:4f:f7:5a:0a:d8:da:bf:8e:fc:72:97:2c:8e:68:38:
         fe:a1:46:3f:13:64:60:0b:f5:d8:55:ba:56:fc:c8:32:9c:65:
         5f:da:5f:10:a2:73:c7:c8:6f:7b:01:ce:4c:06:f9:5c:3f:35:
         95:b4:c4:4c:67:02:5c:4c:e6:7e:38:8a:aa:f4:f1:4d:fc:e2:
         8c:f8:09:1d:4b:a2:27:5b:42:67:da:b8:f1:a2:58:8c:78:0b:
         44:a3:58:a0:3d:99:6c:68:92:35:37:4f:8e:72:10:a3:f6:d7:
         be:a9:f2:a4
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUQP9j6MnBM1oKIqMumIICw5aUSq0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNTA5MTUzMTMwWhcNMjUwNjEzMjM1OTU5
WjB6MUkwRwYDVQQFE0BjYTMzZjBjODFmZWJhNzI2ZjM0OWE4OWQ0MjU3MzQ5YmZk
M2Q5OGVmZTVhZWI2ZGEwMTNmMDVlMzQ3NzEzYTU4MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCRqflxgkAZIF1rJW/zJ+zGG+9oQOUVyPNCiZjSJ3sjwuTN
DiGdsEiTlyrFS/3H1NCNzGffAjuqSyQFuhLYvJ/DUIX5CcEurIQH/ckebZ78dJrj
a8hcNEYyzBv6cD5hzGHddjKTEeqypQe/ksTY0qVeLNiO/SorDVYEx46llo2tbV2e
v/iCCg1B7JNj9SF+ymKLo7wXoy5l2l+aSqiu7Zx95hCiRcoZUyKAVyR5WIv0NDe2
FlCt/RKieW+pzyif5XUPvidF0dYED1QZqMWAdVxRa2ZcSU5Y61dME8l1evLaPX0V
cLMNmad+50kmP6Ahe+XeuKuwHEJ9knV3krO0/BwzAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUtD4zmzvRna2BnZbSk2H8dwiwzK8wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzkyNjEwZTBhLWIxMmEtNDE4OC1hYjFhLWFiNDkwMDRkMWM0Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAU0DQAwDQYJKoZIhvcNAQELBQADggEBAFnzRBzBvutV/BvAcbTR9OebggKO
7quAVjxUVtfyAKptplTsqVbPnAvSB2pywVxxFWWvi8iuzQU6GCO2j87J1otJWhT0
ockdnJ86JSgYDzvYl+x06r/XsCFxXnzwfk1lMjQIFDKZoCXGWs6EFGA5ErtOGmaW
U7I7+H3z8WjzJSEfGVj2BxUCE8cCVvxNFEQzV6WZ8U/3WgrY2r+O/HKXLI5oOP6h
Rj8TZGAL9dhVulb8yDKcZV/aXxCic8fIb3sBzkwG+Vw/NZW0xExnAlxM5n44iqr0
8U384oz4CR1LoidbQmfauPGiWIx4C0SjWKA9mWxokjU3T45yEKP2176p8qQ=
-----END CERTIFICATE-----