Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/937e6a5e-74ca-46c3-9e1f-170ee34375c6.roa
File:                     937e6a5e-74ca-46c3-9e1f-170ee34375c6.roa (raw, json)
Hash identifier:          4YhLvZgB+2s/4eK5DO/5oqOWFE/1+mLt4vyGCBQMwzM=
Subject key identifier:   5C:60:D4:3B:5E:94:BE:50:BA:86:3C:B8:7F:9B:BB:62:AF:8E:E9:12
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       455B8AB0BC4823993F3D9381ED3AC9C83B0E0FF6
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/937e6a5e-74ca-46c3-9e1f-170ee34375c6.roa
Signing time:             Tue 13 May 2025 00:50:11 +0000
ROA not before:           Tue 13 May 2025 00:50:11 +0000
ROA not after:            Tue 17 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        52.95.45.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 07 Jun 2025 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            45:5b:8a:b0:bc:48:23:99:3f:3d:93:81:ed:3a:c9:c8:3b:0e:0f:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 13 00:50:11 2025 GMT
            Not After : Jun 17 23:59:59 2025 GMT
        Subject: serialNumber=a732516957adb0fb04c324ed90dd897e3f280cad8bd55cc43126b7eea3928564, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:ea:a0:5a:a3:f4:96:2a:8d:1f:4a:3e:b3:58:
                    c1:19:ac:1f:ae:4e:3d:15:70:18:4f:40:7e:86:d7:
                    4d:94:ca:98:7c:e9:61:8e:63:c0:13:c4:0d:86:18:
                    da:d6:71:24:50:17:17:d0:84:55:83:1f:76:24:cd:
                    3d:df:62:11:7a:8e:ca:55:7b:c2:84:6a:a1:e6:b5:
                    58:39:f3:5a:f9:0e:71:44:81:ba:0d:99:3b:0e:d3:
                    1a:45:6b:50:f2:58:cf:a9:7e:78:3a:72:5e:e8:f2:
                    c4:ad:01:e0:be:63:ba:be:31:35:9a:d8:c7:bb:01:
                    4c:3b:5b:f1:41:2c:61:1b:d6:76:c1:a4:01:ab:82:
                    31:04:c1:76:37:18:2f:3f:87:5c:21:3e:62:4c:8c:
                    13:b3:a9:f6:6b:29:40:bd:78:43:f1:22:1a:49:71:
                    80:b2:58:68:7b:0b:92:2a:62:6e:32:4a:e7:21:05:
                    1a:9e:d8:55:9a:14:17:7b:b5:a0:18:44:d5:db:12:
                    f3:92:b0:78:15:ff:ab:5d:b4:fd:3d:b9:1e:a4:48:
                    d8:d4:25:d0:c7:60:73:5c:94:a9:a3:18:32:10:58:
                    ad:56:ad:56:d0:73:6f:40:10:8d:28:81:3e:e1:31:
                    4f:69:23:c7:c4:c6:e4:9b:c5:26:e3:32:e8:f4:8b:
                    c5:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:60:D4:3B:5E:94:BE:50:BA:86:3C:B8:7F:9B:BB:62:AF:8E:E9:12
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/937e6a5e-74ca-46c3-9e1f-170ee34375c6.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.95.45.0/24

    Signature Algorithm: sha256WithRSAEncryption
         89:7e:90:da:29:bf:7d:6a:4f:e3:fc:33:6f:c3:ea:d9:fd:7f:
         1a:01:47:28:61:ec:99:63:fd:90:79:ad:ef:54:f6:c1:a1:4d:
         88:5d:23:f1:c7:0d:01:86:d8:8d:df:8b:91:3b:31:ce:e8:f8:
         50:51:24:6f:e9:60:76:a6:9f:aa:1f:49:b9:fb:a3:da:a3:01:
         92:90:64:d4:2e:13:fa:23:56:5e:97:46:3e:f3:a2:dc:ff:d2:
         a2:72:da:57:a3:dc:6d:c4:62:c6:63:eb:50:9b:22:5d:d3:fa:
         e3:ba:cb:f2:4c:c3:0b:4f:30:cc:f7:38:3f:fb:fb:b7:18:1d:
         e8:3d:bb:44:56:73:01:d5:90:9f:cf:f9:90:6a:c3:d8:55:b6:
         7d:97:25:5c:67:e2:5f:f3:75:be:83:3d:54:7f:59:1b:4a:d1:
         40:3d:b9:cc:77:e9:09:c1:a3:e8:0b:fd:55:a0:6a:dd:4d:8a:
         61:9e:2f:93:09:e6:68:2b:3d:70:4b:11:c8:4a:77:38:b3:20:
         4f:8a:c6:4a:68:88:14:3e:c6:25:ba:02:12:88:42:08:8e:0c:
         14:21:39:a4:bb:e7:06:fe:44:70:b9:80:f5:b5:02:1d:90:4e:
         c5:36:b9:52:27:a3:2a:91:da:2c:b2:c1:49:88:5a:dc:62:ea:
         76:00:b3:0e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIURVuKsLxII5k/PZOB7TrJyDsOD/YwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNTEzMDA1MDExWhcNMjUwNjE3MjM1OTU5
WjB6MUkwRwYDVQQFE0BhNzMyNTE2OTU3YWRiMGZiMDRjMzI0ZWQ5MGRkODk3ZTNm
MjgwY2FkOGJkNTVjYzQzMTI2YjdlZWEzOTI4NTY0MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCv6qBao/SWKo0fSj6zWMEZrB+uTj0VcBhPQH6G102Uyph8
6WGOY8ATxA2GGNrWcSRQFxfQhFWDH3YkzT3fYhF6jspVe8KEaqHmtVg581r5DnFE
gboNmTsO0xpFa1DyWM+pfng6cl7o8sStAeC+Y7q+MTWa2Me7AUw7W/FBLGEb1nbB
pAGrgjEEwXY3GC8/h1whPmJMjBOzqfZrKUC9eEPxIhpJcYCyWGh7C5IqYm4ySuch
BRqe2FWaFBd7taAYRNXbEvOSsHgV/6tdtP09uR6kSNjUJdDHYHNclKmjGDIQWK1W
rVbQc29AEI0ogT7hMU9pI8fExuSbxSbjMuj0i8WrAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUXGDUO16UvlC6hjy4f5u7Yq+O6RIwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzkzN2U2YTVlLTc0Y2EtNDZjMy05ZTFmLTE3MGVlMzQzNzVjNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAA0Xy0wDQYJKoZIhvcNAQELBQADggEBAIl+kNopv31qT+P8M2/D6tn9fxoB
Ryhh7Jlj/ZB5re9U9sGhTYhdI/HHDQGG2I3fi5E7Mc7o+FBRJG/pYHamn6ofSbn7
o9qjAZKQZNQuE/ojVl6XRj7zotz/0qJy2lej3G3EYsZj61CbIl3T+uO6y/JMwwtP
MMz3OD/7+7cYHeg9u0RWcwHVkJ/P+ZBqw9hVtn2XJVxn4l/zdb6DPVR/WRtK0UA9
ucx36QnBo+gL/VWgat1NimGeL5MJ5mgrPXBLEchKdzizIE+KxkpoiBQ+xiW6AhKI
QgiODBQhOaS75wb+RHC5gPW1Ah2QTsU2uVInoyqR2iyywUmIWtxi6nYAsw4=
-----END CERTIFICATE-----