Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/d97115ae-ddd1-48cb-a67e-c95f94b29d25.roa
File:                     d97115ae-ddd1-48cb-a67e-c95f94b29d25.roa (raw, json)
Hash identifier:          rT+YNSwO6SJU0B9Wf3DD+V5PVLRceTeSExeUMdSY+i8=
Subject key identifier:   E5:D2:A4:4D:10:06:E4:E5:44:29:92:05:EF:86:4A:7F:53:79:BF:95
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       5DA1E41D1553C55E4A3317825009134CDC4FFBA5
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/d97115ae-ddd1-48cb-a67e-c95f94b29d25.roa
Signing time:             Mon 27 Jan 2025 00:00:00 +0000
ROA not before:           Mon 27 Jan 2025 00:00:00 +0000
ROA not after:            Mon 03 Mar 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        54.180.0.0/15 maxlen: 15
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 07 Feb 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5d:a1:e4:1d:15:53:c5:5e:4a:33:17:82:50:09:13:4c:dc:4f:fb:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jan 27 00:00:00 2025 GMT
            Not After : Mar  3 23:59:59 2025 GMT
        Subject: CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:a3:2d:e7:28:33:60:6d:9e:19:a8:a0:35:1b:
                    b4:ed:53:23:3b:fb:b1:e8:ee:d9:b4:ee:ea:85:c7:
                    62:e1:95:a3:41:42:0f:c3:e0:fe:6b:9b:60:47:ee:
                    00:02:c4:7f:84:9c:69:25:0c:85:8a:df:5e:f5:3a:
                    b3:9f:5f:7d:ea:bc:10:f9:69:aa:18:83:58:0e:ea:
                    a8:19:b4:1c:ab:33:70:bf:c8:72:e6:05:7e:b7:b5:
                    b5:3d:aa:59:d0:f1:89:67:6c:c0:57:9a:5a:fb:25:
                    9b:b1:a7:73:c5:93:5a:96:58:77:32:8a:c4:0f:0a:
                    18:26:ea:6e:d4:85:a0:89:be:e8:19:a0:95:64:54:
                    07:cf:55:b0:b2:8d:1c:45:59:a8:ca:67:03:5e:52:
                    d4:7a:cb:79:17:a2:c0:db:29:9f:fc:4f:67:45:d0:
                    05:c8:77:65:89:4c:dc:91:98:1f:a0:75:84:4e:be:
                    a5:ba:1a:d0:bd:6a:3c:3d:37:d0:f9:1c:d1:81:ab:
                    a3:6c:22:4e:a2:24:6a:cb:b9:9f:61:61:04:7d:5b:
                    89:13:c4:88:4f:c2:1c:8f:5b:bf:89:4f:85:59:eb:
                    d8:f1:46:5a:ac:ac:90:4f:7c:fd:e8:f2:ef:d6:32:
                    9f:b4:0f:a2:7e:50:a2:0f:c5:08:a9:ea:7e:c5:57:
                    5a:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:D2:A4:4D:10:06:E4:E5:44:29:92:05:EF:86:4A:7F:53:79:BF:95
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/d97115ae-ddd1-48cb-a67e-c95f94b29d25.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.180.0.0/15

    Signature Algorithm: sha256WithRSAEncryption
         9c:b8:19:6b:60:e7:4f:14:70:cc:36:da:20:5c:45:51:db:e2:
         05:48:35:0a:d5:58:aa:53:cb:97:48:f3:ee:e8:8a:3d:1c:d7:
         83:71:7a:89:2e:8c:ca:f9:31:5d:6a:78:fd:7d:b9:aa:8f:8f:
         c1:92:1a:2a:77:c0:91:15:9e:9d:ac:07:dd:bb:9d:10:91:6d:
         0e:f2:dd:e1:a8:a8:b4:4c:c0:7f:bb:5c:52:cc:9b:57:f4:3d:
         39:78:98:2f:43:41:a3:50:88:9b:33:76:59:eb:5f:8e:86:76:
         39:f4:d9:05:d8:87:39:21:3b:77:d2:6f:dc:39:5b:7f:f6:ba:
         6f:27:8d:9f:21:4e:57:86:49:eb:6a:ba:c8:80:3f:61:28:77:
         15:8e:f0:fa:33:84:86:8b:97:3f:07:1d:dc:f7:30:e0:56:aa:
         f4:4e:ac:01:4d:5f:b6:23:2c:91:91:16:5b:9e:ef:81:54:ef:
         cf:f7:3f:a5:e1:ea:61:66:b5:2c:cf:d6:db:41:68:0a:c1:a5:
         0a:30:76:06:b1:3f:48:76:a9:d7:d4:87:50:d3:4e:77:cc:18:
         3a:05:08:cd:d4:a7:2b:31:e1:37:01:bd:66:eb:22:71:51:54:
         e0:fa:c9:af:5d:88:3c:91:5d:e8:5a:ac:b2:56:9c:71:f3:7a:
         cf:f9:c8:fe
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUXaHkHRVTxV5KMxeCUAkTTNxP+6UwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwMTI3MDAwMDAwWhcNMjUwMzAzMjM1OTU5
WjB6MUkwRwYDVQQFE0BkYTk3NWRkMTcwMzk0MjNlMzkyODQwY2ExZTA5N2M2MzNm
NzBhYmNmOWQ2YjIwMzM2YTFkYzViYmI3NmZjNzY3MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCpoy3nKDNgbZ4ZqKA1G7TtUyM7+7Ho7tm07uqFx2LhlaNB
Qg/D4P5rm2BH7gACxH+EnGklDIWK3171OrOfX33qvBD5aaoYg1gO6qgZtByrM3C/
yHLmBX63tbU9qlnQ8YlnbMBXmlr7JZuxp3PFk1qWWHcyisQPChgm6m7UhaCJvugZ
oJVkVAfPVbCyjRxFWajKZwNeUtR6y3kXosDbKZ/8T2dF0AXId2WJTNyRmB+gdYRO
vqW6GtC9ajw9N9D5HNGBq6NsIk6iJGrLuZ9hYQR9W4kTxIhPwhyPW7+JT4VZ69jx
RlqsrJBPfP3o8u/WMp+0D6J+UKIPxQip6n7FV1rRAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU5dKkTRAG5OVEKZIF74ZKf1N5v5UwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2Q5NzExNWFlLWRkZDEtNDhjYi1hNjdlLWM5NWY5NGIyOWQyNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwE2tDANBgkqhkiG9w0BAQsFAAOCAQEAnLgZa2DnTxRwzDbaIFxFUdviBUg1
CtVYqlPLl0jz7uiKPRzXg3F6iS6MyvkxXWp4/X25qo+PwZIaKnfAkRWenawH3bud
EJFtDvLd4aiotEzAf7tcUsybV/Q9OXiYL0NBo1CImzN2WetfjoZ2OfTZBdiHOSE7
d9Jv3Dlbf/a6byeNnyFOV4ZJ62q6yIA/YSh3FY7w+jOEhouXPwcd3Pcw4Faq9E6s
AU1ftiMskZEWW57vgVTvz/c/peHqYWa1LM/W20FoCsGlCjB2BrE/SHap19SHUNNO
d8wYOgUIzdSnKzHhNwG9ZusicVFU4PrJr12IPJFd6FqsslaccfN6z/nI/g==
-----END CERTIFICATE-----