Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/d9bda163-e4c4-4a0b-a17b-80c77fecb3d5.roa
File:                     d9bda163-e4c4-4a0b-a17b-80c77fecb3d5.roa (raw, json)
Hash identifier:          LJD4MWldSyXAg7sJhLq8SJjgPQ0O6s7i5y58xSKKatI=
Subject key identifier:   F5:61:32:C1:6E:F3:30:2C:7B:FB:E0:BC:BB:78:EF:4E:71:D8:B9:18
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       2947E705E19F0F81A7FA9769D75BB84635CBA123
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/d9bda163-e4c4-4a0b-a17b-80c77fecb3d5.roa
Signing time:             Fri 31 Jan 2025 00:00:00 +0000
ROA not before:           Fri 31 Jan 2025 00:00:00 +0000
ROA not after:            Fri 07 Mar 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        54.237.192.0/19 maxlen: 19
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 07 Feb 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            29:47:e7:05:e1:9f:0f:81:a7:fa:97:69:d7:5b:b8:46:35:cb:a1:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jan 31 00:00:00 2025 GMT
            Not After : Mar  7 23:59:59 2025 GMT
        Subject: CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:09:00:f0:ac:e8:e3:26:5a:39:54:fb:8d:9d:
                    17:87:0c:e1:87:3a:77:64:ee:eb:5d:e2:9a:d7:fb:
                    4c:41:18:6f:f9:80:e1:63:be:df:76:84:97:8f:1f:
                    c3:13:0e:e6:bf:0e:a5:d2:ed:6b:bc:fe:04:52:9e:
                    4c:e6:a7:09:ec:f9:ba:09:58:bb:94:98:ec:ab:d8:
                    e1:dd:30:71:79:66:d0:c8:f1:4e:19:d8:ce:3f:48:
                    97:17:d2:48:b8:bb:b2:72:3b:a8:f9:85:d2:a0:42:
                    d5:dc:a8:39:25:3c:fb:60:54:c9:68:7b:d3:2f:d8:
                    cb:a4:5f:3b:7f:38:b9:e1:0e:86:b7:df:45:0f:79:
                    c5:9a:c1:58:2d:99:73:41:5c:dd:c8:14:e8:0d:24:
                    f5:5c:34:30:f8:42:4d:85:45:98:e3:36:a6:64:8c:
                    67:15:f1:9f:00:1c:c5:61:08:cd:79:a7:bc:2e:e4:
                    f7:53:fe:fd:36:89:19:6a:bb:a4:32:f1:3e:25:ff:
                    45:68:de:ad:c5:5e:27:bb:4b:c6:eb:57:18:df:44:
                    fb:54:38:6c:4a:3e:5f:07:db:78:06:c9:2f:dc:ab:
                    cd:3b:4e:00:bf:96:a1:0a:af:ad:f3:aa:0c:5a:97:
                    1c:2e:2b:d6:24:48:21:4b:73:7f:de:8c:18:fd:7e:
                    65:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:61:32:C1:6E:F3:30:2C:7B:FB:E0:BC:BB:78:EF:4E:71:D8:B9:18
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/d9bda163-e4c4-4a0b-a17b-80c77fecb3d5.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.237.192.0/19

    Signature Algorithm: sha256WithRSAEncryption
         6e:9c:f2:10:21:23:e0:83:3f:1a:b5:c3:8e:5c:15:9f:18:d8:
         6d:e2:2e:4b:7b:8a:c2:ba:0e:53:fe:2f:ab:8c:9f:50:61:9d:
         9a:8d:57:d3:e0:be:42:dd:20:02:38:08:fc:bf:79:cc:4f:11:
         db:76:cb:15:20:a1:60:5f:dc:94:85:2c:c7:fc:8d:60:b0:5a:
         7c:9a:3e:c0:23:9b:e6:76:18:93:e8:21:95:61:1b:c8:2f:68:
         0f:77:e1:01:28:f7:a7:05:8a:43:1a:3d:42:6e:74:ce:28:46:
         08:f8:ad:21:3a:ff:66:5a:f2:36:49:97:f6:17:51:7c:a2:ee:
         b2:cb:4e:60:74:6b:07:ff:2a:27:f0:3c:e4:90:a4:2b:8c:39:
         bf:c5:d6:31:5d:fe:29:03:b6:8f:13:3c:8e:5f:29:2e:51:5a:
         96:15:a4:bb:fb:48:cd:e2:7e:82:0f:42:b1:9a:9e:99:70:b0:
         4a:05:b9:84:eb:a3:68:36:7b:48:1f:a9:08:b9:d7:dc:94:3f:
         08:f3:e7:85:3f:f6:62:4a:b9:18:c6:cf:7c:c9:e7:82:d0:1f:
         82:6f:f7:21:04:2c:86:c0:01:f9:00:e8:49:35:59:57:93:8a:
         f1:ea:37:83:a3:72:b3:db:be:e1:d8:ea:b0:09:ea:88:53:b9:
         01:2e:7d:02
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUKUfnBeGfD4Gn+pdp11u4RjXLoSMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwMTMxMDAwMDAwWhcNMjUwMzA3MjM1OTU5
WjB6MUkwRwYDVQQFE0A5NTNhNDEyYTc2ZDZkMjgzYTA0MjZhYmQwYWU5NWMwYzc0
OWYwMzRiNzgxMjAxYzI5ZmNkMThmYjJlNDRhN2NhMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCPCQDwrOjjJlo5VPuNnReHDOGHOndk7utd4prX+0xBGG/5
gOFjvt92hJePH8MTDua/DqXS7Wu8/gRSnkzmpwns+boJWLuUmOyr2OHdMHF5ZtDI
8U4Z2M4/SJcX0ki4u7JyO6j5hdKgQtXcqDklPPtgVMloe9Mv2MukXzt/OLnhDoa3
30UPecWawVgtmXNBXN3IFOgNJPVcNDD4Qk2FRZjjNqZkjGcV8Z8AHMVhCM15p7wu
5PdT/v02iRlqu6Qy8T4l/0Vo3q3FXie7S8brVxjfRPtUOGxKPl8H23gGyS/cq807
TgC/lqEKr63zqgxalxwuK9YkSCFLc3/ejBj9fmU3AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU9WEywW7zMCx7++C8u3jvTnHYuRgwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2Q5YmRhMTYzLWU0YzQtNGEwYi1hMTdiLTgwYzc3ZmVjYjNkNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAU27cAwDQYJKoZIhvcNAQELBQADggEBAG6c8hAhI+CDPxq1w45cFZ8Y2G3i
Lkt7isK6DlP+L6uMn1BhnZqNV9PgvkLdIAI4CPy/ecxPEdt2yxUgoWBf3JSFLMf8
jWCwWnyaPsAjm+Z2GJPoIZVhG8gvaA934QEo96cFikMaPUJudM4oRgj4rSE6/2Za
8jZJl/YXUXyi7rLLTmB0awf/KifwPOSQpCuMOb/F1jFd/ikDto8TPI5fKS5RWpYV
pLv7SM3ifoIPQrGanplwsEoFuYTro2g2e0gfqQi519yUPwjz54U/9mJKuRjGz3zJ
54LQH4Jv9yEELIbAAfkA6Ek1WVeTivHqN4OjcrPbvuHY6rAJ6ohTuQEufQI=
-----END CERTIFICATE-----