Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/92bd84f8-cbba-4591-82f5-747d7ed4019f.roa
File:                     92bd84f8-cbba-4591-82f5-747d7ed4019f.roa (raw, json)
Hash identifier:          7zKdGKTWDoEylEFeE4+WEkDBYpc9XWp1yRh1KKRpP7E=
Subject key identifier:   C0:C5:B1:F1:A1:60:2E:11:07:27:F6:A6:CE:B9:1B:0D:20:46:C2:4B
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       3CBCA41425D4E5817B3671FEE868BEBD72BF2A31
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/92bd84f8-cbba-4591-82f5-747d7ed4019f.roa
Signing time:             Mon 13 Jan 2025 00:00:00 +0000
ROA not before:           Mon 13 Jan 2025 00:00:00 +0000
ROA not after:            Mon 17 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        18.180.0.0/15 maxlen: 15
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 07 Feb 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3c:bc:a4:14:25:d4:e5:81:7b:36:71:fe:e8:68:be:bd:72:bf:2a:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jan 13 00:00:00 2025 GMT
            Not After : Feb 17 23:59:59 2025 GMT
        Subject: CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:a5:3c:97:20:4c:9c:04:e6:82:2a:7d:31:a1:
                    f4:dc:49:b2:7d:ce:01:df:b1:0f:d4:81:e6:1a:33:
                    a0:85:0d:cb:17:57:4c:d7:bd:cd:58:fa:d9:ba:70:
                    46:23:5d:88:63:f2:60:a6:af:e6:fb:d1:85:6f:dd:
                    d3:e9:4e:fb:c5:19:79:bc:58:d3:7f:3f:46:3e:3c:
                    ef:44:5f:dd:cd:b4:86:29:5c:0f:ed:34:41:2f:c7:
                    2f:48:b3:a8:1c:6d:b3:1c:8c:d4:aa:8d:b7:46:77:
                    3f:a8:b2:d6:4d:27:8e:be:e8:c9:bc:d0:88:77:9b:
                    e4:7e:a8:c9:d7:57:93:77:31:ef:a8:e9:b2:bc:d8:
                    0e:ac:fd:c8:30:98:9a:d0:34:ea:5c:54:9c:b4:b8:
                    23:db:70:d1:49:69:55:68:e7:1c:49:92:e6:4f:95:
                    5b:a5:a3:35:bb:63:07:81:c0:9d:74:44:36:bc:02:
                    c6:36:e7:45:00:b7:57:4a:a5:0d:62:4f:4f:eb:b7:
                    07:3c:6f:b5:93:43:c3:c9:85:4f:3f:9a:bb:cc:02:
                    07:2d:c1:fb:5e:9a:84:70:a3:51:24:40:6f:6e:95:
                    7b:8c:18:c8:a6:c9:f5:f9:e2:4f:12:c7:ff:f4:b3:
                    d9:f6:98:75:6c:bc:d5:95:53:c6:09:95:41:f5:d5:
                    ad:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:C5:B1:F1:A1:60:2E:11:07:27:F6:A6:CE:B9:1B:0D:20:46:C2:4B
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/92bd84f8-cbba-4591-82f5-747d7ed4019f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  18.180.0.0/15

    Signature Algorithm: sha256WithRSAEncryption
         4d:c3:a8:50:cc:ba:5b:52:a4:c7:cf:15:f4:ec:90:3a:a9:35:
         a1:18:72:df:a8:2f:49:20:39:d9:e4:28:64:8d:25:c1:d9:78:
         e8:18:68:90:ca:c7:10:0c:7b:30:fa:2c:7f:8c:88:f7:df:11:
         82:84:fc:05:a1:f1:55:36:39:bf:2b:92:5f:ba:bc:1c:27:29:
         4e:41:1a:e0:60:5e:b7:52:e9:bc:42:65:ab:01:67:33:d0:65:
         c5:ee:19:e8:a8:e1:3c:c5:4c:44:c5:32:df:b8:fd:8c:78:3b:
         95:16:99:11:db:cf:18:d7:b1:c0:9e:f7:f4:f6:97:84:6e:fc:
         69:a7:22:0a:7a:af:3a:53:2b:c6:ce:bf:33:f1:31:6c:5e:d4:
         88:c2:91:99:24:a5:8e:47:d1:dd:29:b4:6f:ba:aa:2c:5a:cc:
         3e:80:d9:b5:f1:ee:14:95:2f:cd:5e:fb:11:61:61:66:b8:c3:
         8a:9f:49:4a:71:12:44:82:34:bd:47:b5:f1:8b:63:9a:a8:0e:
         8a:b2:74:8f:0a:96:ce:9c:0f:33:8f:2b:1f:f9:a7:7c:a6:27:
         cf:bc:8a:c4:95:5d:65:79:bd:f9:ce:8b:b6:a4:d7:52:00:9b:
         1d:8e:2c:63:b3:8e:e3:d0:6a:b4:5a:da:49:0f:ec:9e:81:54:
         f2:1e:bc:4f
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUPLykFCXU5YF7NnH+6Gi+vXK/KjEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwMTEzMDAwMDAwWhcNMjUwMjE3MjM1OTU5
WjB6MUkwRwYDVQQFE0AzYmVmYWI1ZDBjMTUxZDgzZjcyYTdhMjM2ZWU5NmRmMDdk
YTllZmViOGVmOTRkZjc3NTE4NjFmNTg5YjA0MjEyMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCHpTyXIEycBOaCKn0xofTcSbJ9zgHfsQ/UgeYaM6CFDcsX
V0zXvc1Y+tm6cEYjXYhj8mCmr+b70YVv3dPpTvvFGXm8WNN/P0Y+PO9EX93NtIYp
XA/tNEEvxy9Is6gcbbMcjNSqjbdGdz+ostZNJ46+6Mm80Ih3m+R+qMnXV5N3Me+o
6bK82A6s/cgwmJrQNOpcVJy0uCPbcNFJaVVo5xxJkuZPlVulozW7YweBwJ10RDa8
AsY250UAt1dKpQ1iT0/rtwc8b7WTQ8PJhU8/mrvMAgctwftemoRwo1EkQG9ulXuM
GMimyfX54k8Sx//0s9n2mHVsvNWVU8YJlUH11a0tAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUwMWx8aFgLhEHJ/amzrkbDSBGwkswHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzkyYmQ4NGY4LWNiYmEtNDU5MS04MmY1LTc0N2Q3ZWQ0MDE5Zi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwEStDANBgkqhkiG9w0BAQsFAAOCAQEATcOoUMy6W1Kkx88V9OyQOqk1oRhy
36gvSSA52eQoZI0lwdl46BhokMrHEAx7MPosf4yI998RgoT8BaHxVTY5vyuSX7q8
HCcpTkEa4GBet1LpvEJlqwFnM9Blxe4Z6KjhPMVMRMUy37j9jHg7lRaZEdvPGNex
wJ739PaXhG78aaciCnqvOlMrxs6/M/ExbF7UiMKRmSSljkfR3Sm0b7qqLFrMPoDZ
tfHuFJUvzV77EWFhZrjDip9JSnESRII0vUe18YtjmqgOirJ0jwqWzpwPM48rH/mn
fKYnz7yKxJVdZXm9+c6LtqTXUgCbHY4sY7OO49BqtFraSQ/snoFU8h68Tw==
-----END CERTIFICATE-----