Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/bbf2c21b-bc49-4ba7-a50a-b71669e7c2a7.roa
File:                     bbf2c21b-bc49-4ba7-a50a-b71669e7c2a7.roa (raw, json)
Hash identifier:          xipz4bbxysikAI3O0gGuonIgrv5BX7W5qhfv0Ipf3mw=
Subject key identifier:   3A:30:A2:77:FC:44:D7:C4:50:A9:C4:2A:03:33:64:A5:E4:A4:92:10
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       62B3FBBDE94F562F986F20D6F21ADEB553BD2A21
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/bbf2c21b-bc49-4ba7-a50a-b71669e7c2a7.roa
Signing time:             Mon 08 Apr 2024 00:00:00 +0000
ROA not before:           Mon 08 Apr 2024 00:00:00 +0000
ROA not after:            Mon 13 May 2024 23:59:59 +0000
asID:                     14618
IP address blocks:        18.124.0.0/15 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 21 Apr 2024 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            62:b3:fb:bd:e9:4f:56:2f:98:6f:20:d6:f2:1a:de:b5:53:bd:2a:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Apr  8 00:00:00 2024 GMT
            Not After : May 13 23:59:59 2024 GMT
        Subject: serialNumber=8dc96c2d1a06aa7d53fb930d4becc3f12daf7c919ef9b7961423d69d92faa10b, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:8c:e8:c9:5b:68:5d:ee:f2:58:17:77:eb:66:
                    d2:50:70:be:8d:5a:9d:07:c1:72:67:0c:2e:2a:be:
                    be:57:86:e5:49:48:0b:a3:14:f1:e0:42:a3:ca:7d:
                    6d:70:7a:2a:d9:cc:9e:b7:69:9b:c2:8f:6e:ee:63:
                    fb:33:b6:49:76:2c:e0:21:cd:44:b6:a5:a7:2f:ec:
                    17:79:8a:f2:72:2b:4e:6d:b0:ec:f3:d3:7d:49:7b:
                    e5:8b:c9:66:e6:d6:dd:14:3e:0e:0c:5c:b4:86:e4:
                    1e:a7:a3:fd:a7:12:02:3a:64:57:6d:d3:d6:6a:ed:
                    79:5b:bc:e1:da:36:31:d9:1e:2c:01:94:6f:96:b6:
                    d8:8c:4a:6e:d9:9a:68:9d:1c:3b:78:dd:10:33:c2:
                    88:ec:4c:6a:db:cc:27:89:82:fa:d8:c9:54:c4:1d:
                    5f:a2:fa:8b:9e:68:6e:17:98:31:75:86:e1:87:53:
                    98:28:4d:ae:e9:e0:ea:bd:9c:36:5f:32:f0:b1:ca:
                    f4:84:f4:90:c3:ec:6f:ea:b8:f9:8c:f2:aa:00:bf:
                    fc:d9:47:6a:b6:6f:50:7c:39:cd:ca:14:4c:5c:44:
                    1c:1c:54:c6:f9:7b:56:dd:2b:f4:56:75:db:d0:51:
                    fe:32:47:25:0d:37:c3:33:bc:17:8e:06:74:91:3d:
                    c3:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:30:A2:77:FC:44:D7:C4:50:A9:C4:2A:03:33:64:A5:E4:A4:92:10
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/bbf2c21b-bc49-4ba7-a50a-b71669e7c2a7.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  18.124.0.0/15

    Signature Algorithm: sha256WithRSAEncryption
         36:4d:80:c7:c4:4a:fd:04:c3:0b:dc:f4:79:98:81:f2:eb:ce:
         35:19:43:84:95:d0:86:85:e4:d3:a6:14:04:41:13:f0:fb:71:
         d8:35:b9:42:f9:00:96:4e:4a:91:4b:00:6e:2c:09:50:3f:e8:
         ce:4c:03:76:b5:43:d4:af:81:26:6d:ac:62:4f:af:60:40:79:
         c5:39:21:44:eb:85:40:3b:bd:e0:47:f6:4a:4d:56:f9:b6:3d:
         cb:ee:56:c7:db:4a:1a:bb:c3:8b:60:14:1c:27:fa:01:be:84:
         92:c8:e0:1e:e2:44:8f:bd:5d:10:ef:6f:3b:8c:6e:95:ad:d4:
         0e:1f:0c:bd:4c:36:55:a4:fd:c8:bc:ae:f8:2a:c0:bc:44:ae:
         24:24:39:0f:e1:fd:a8:79:1b:f5:3d:04:e1:84:dc:53:07:21:
         2f:d3:80:59:28:5e:50:f4:f6:37:00:20:ea:3d:7d:00:11:91:
         a4:e2:b0:6d:0b:cc:2d:f0:50:f2:69:9b:fc:b2:bc:cc:5a:62:
         58:31:95:8c:37:7e:28:2a:11:86:f7:03:3b:ef:4a:ba:bf:da:
         e5:d1:aa:d9:b5:e5:f8:4f:f8:d7:64:12:a1:0d:b8:4c:66:6c:
         98:b5:7e:54:69:e0:1f:1c:8e:5f:dc:62:58:fb:6f:2b:89:d5:
         3d:fb:b5:06
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUYrP7velPVi+YbyDW8hretVO9KiEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjQwNDA4MDAwMDAwWhcNMjQwNTEzMjM1OTU5
WjB6MUkwRwYDVQQFE0A4ZGM5NmMyZDFhMDZhYTdkNTNmYjkzMGQ0YmVjYzNmMTJk
YWY3YzkxOWVmOWI3OTYxNDIzZDY5ZDkyZmFhMTBiMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC7jOjJW2hd7vJYF3frZtJQcL6NWp0HwXJnDC4qvr5XhuVJ
SAujFPHgQqPKfW1weirZzJ63aZvCj27uY/sztkl2LOAhzUS2pacv7Bd5ivJyK05t
sOzz031Je+WLyWbm1t0UPg4MXLSG5B6no/2nEgI6ZFdt09Zq7XlbvOHaNjHZHiwB
lG+WttiMSm7ZmmidHDt43RAzwojsTGrbzCeJgvrYyVTEHV+i+oueaG4XmDF1huGH
U5goTa7p4Oq9nDZfMvCxyvSE9JDD7G/quPmM8qoAv/zZR2q2b1B8Oc3KFExcRBwc
VMb5e1bdK/RWddvQUf4yRyUNN8MzvBeOBnSRPcNVAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUOjCid/xE18RQqcQqAzNkpeSkkhAwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2JiZjJjMjFiLWJjNDktNGJhNy1hNTBhLWI3MTY2OWU3YzJhNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwESfDANBgkqhkiG9w0BAQsFAAOCAQEANk2Ax8RK/QTDC9z0eZiB8uvONRlD
hJXQhoXk06YUBEET8Ptx2DW5QvkAlk5KkUsAbiwJUD/ozkwDdrVD1K+BJm2sYk+v
YEB5xTkhROuFQDu94Ef2Sk1W+bY9y+5Wx9tKGrvDi2AUHCf6Ab6EksjgHuJEj71d
EO9vO4xula3UDh8MvUw2VaT9yLyu+CrAvESuJCQ5D+H9qHkb9T0E4YTcUwchL9OA
WSheUPT2NwAg6j19ABGRpOKwbQvMLfBQ8mmb/LK8zFpiWDGVjDd+KCoRhvcDO+9K
ur/a5dGq2bXl+E/412QSoQ24TGZsmLV+VGngHxyOX9xiWPtvK4nVPfu1Bg==
-----END CERTIFICATE-----