Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/dbe635f9-7a83-4748-8a7a-378c042c05e1.roa
File:                     dbe635f9-7a83-4748-8a7a-378c042c05e1.roa (raw, json)
Hash identifier:          jv0r2biohjNN4yhwk8FcxPZqVEVHyZsgvBxCTJYwSco=
Subject key identifier:   E2:17:F5:39:96:DF:7C:03:01:92:77:3D:0B:8F:0D:C0:CF:B3:22:27
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       55BB015EA128A8F81639FDDC7F8C1F98A4CC2238
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/dbe635f9-7a83-4748-8a7a-378c042c05e1.roa
Signing time:             Mon 13 Jan 2025 00:00:00 +0000
ROA not before:           Mon 13 Jan 2025 00:00:00 +0000
ROA not after:            Mon 17 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        13.250.0.0/15 maxlen: 15
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 07 Feb 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            55:bb:01:5e:a1:28:a8:f8:16:39:fd:dc:7f:8c:1f:98:a4:cc:22:38
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jan 13 00:00:00 2025 GMT
            Not After : Feb 17 23:59:59 2025 GMT
        Subject: CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:fe:63:8e:6a:5d:e2:df:f1:27:5b:42:a0:2f:
                    9c:67:00:11:95:3a:de:7e:a1:0c:bb:2a:52:11:64:
                    be:c5:8e:9b:dd:88:0e:5b:0d:b1:ae:c3:f2:30:de:
                    dc:a0:5f:78:04:1b:74:99:be:68:5c:25:69:6e:05:
                    18:8e:a5:1b:6b:57:44:50:af:cf:9b:00:97:67:9f:
                    63:83:c6:66:67:31:59:ab:5f:fa:79:ab:68:5d:2e:
                    13:86:00:c0:07:b8:5d:93:9c:8e:6c:77:27:0a:61:
                    f5:71:3c:4b:a4:9b:31:c9:c7:ca:f2:b7:c4:ca:52:
                    8a:af:4c:fd:c1:16:1f:07:ce:90:d3:b1:21:fe:04:
                    15:e0:71:cd:6a:2e:ce:4a:45:da:35:f6:9b:53:34:
                    98:44:f2:63:68:6e:c5:f8:65:29:c4:23:3e:6a:3b:
                    88:a5:d4:81:36:24:64:97:4f:82:16:63:70:c5:e2:
                    32:c7:0e:98:ac:7f:4a:6c:b1:60:eb:c4:c8:5a:5a:
                    bd:6d:6d:63:e2:02:4b:61:8d:61:77:e5:3c:24:50:
                    90:5f:a4:21:5a:d2:d7:bc:d1:b5:16:09:cd:d8:ea:
                    82:3a:52:f0:f4:1d:9d:5a:e3:7c:41:ed:8d:2b:1c:
                    44:c6:d3:76:49:4a:89:91:d3:c2:e1:75:ef:84:9e:
                    e8:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:17:F5:39:96:DF:7C:03:01:92:77:3D:0B:8F:0D:C0:CF:B3:22:27
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/dbe635f9-7a83-4748-8a7a-378c042c05e1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  13.250.0.0/15

    Signature Algorithm: sha256WithRSAEncryption
         7f:b8:eb:e0:dd:33:25:05:62:5b:ba:f1:22:03:b9:d3:54:51:
         93:90:a7:4e:e4:4f:b8:59:11:13:72:40:c1:93:ed:61:0e:59:
         0d:9e:0c:05:9e:74:a2:21:34:ca:6f:7b:d9:d5:36:0c:c7:72:
         72:6c:5d:10:bf:d9:d7:70:ce:5d:c0:21:3d:05:6e:b9:87:33:
         57:fb:c4:5b:f1:b9:f3:bb:98:71:e6:7c:28:69:59:5b:13:e8:
         4a:1b:ae:55:96:2a:71:4d:d5:d7:ad:71:6d:d6:63:9b:fc:af:
         d4:6d:07:40:f2:d8:0c:20:82:df:c3:88:85:7b:64:8b:40:bc:
         d0:64:2b:2c:f7:eb:31:59:e9:d4:e0:b5:d1:5a:d2:32:aa:26:
         f3:6b:ec:04:c4:32:93:b1:89:c1:95:be:77:da:20:e8:f6:c2:
         10:77:01:d0:9d:20:f9:c8:48:f1:73:ff:d6:2d:dc:06:bf:77:
         14:1a:08:a1:1c:a4:36:e2:c4:6a:a6:67:a8:3c:9f:98:6a:8c:
         3a:de:94:ae:69:b1:93:a4:6f:35:75:41:21:c6:bf:11:28:79:
         1e:fc:8f:4f:cc:db:04:e1:ab:85:57:ec:2e:3a:1e:05:8e:78:
         8e:fd:5a:95:32:bc:2a:c7:e8:d0:0e:8d:0e:56:e3:0e:91:cb:
         8d:c2:a5:28
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUVbsBXqEoqPgWOf3cf4wfmKTMIjgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwMTEzMDAwMDAwWhcNMjUwMjE3MjM1OTU5
WjB6MUkwRwYDVQQFE0AwZTI4MWRiY2U4YzkyYTk0NDkzMGVmNzYyNWQ0ZTY5OWYz
YzU1NmFjZjAzMTI5NzU2NjE0NjMzNjVjY2M1NzVmMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCq/mOOal3i3/EnW0KgL5xnABGVOt5+oQy7KlIRZL7Fjpvd
iA5bDbGuw/Iw3tygX3gEG3SZvmhcJWluBRiOpRtrV0RQr8+bAJdnn2ODxmZnMVmr
X/p5q2hdLhOGAMAHuF2TnI5sdycKYfVxPEukmzHJx8ryt8TKUoqvTP3BFh8HzpDT
sSH+BBXgcc1qLs5KRdo19ptTNJhE8mNobsX4ZSnEIz5qO4il1IE2JGSXT4IWY3DF
4jLHDpisf0pssWDrxMhaWr1tbWPiAkthjWF35TwkUJBfpCFa0te80bUWCc3Y6oI6
UvD0HZ1a43xB7Y0rHETG03ZJSomR08Lhde+EnujLAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU4hf1OZbffAMBknc9C48NwM+zIicwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2RiZTYzNWY5LTdhODMtNDc0OC04YTdhLTM3OGMwNDJjMDVlMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwEN+jANBgkqhkiG9w0BAQsFAAOCAQEAf7jr4N0zJQViW7rxIgO501RRk5Cn
TuRPuFkRE3JAwZPtYQ5ZDZ4MBZ50oiE0ym972dU2DMdycmxdEL/Z13DOXcAhPQVu
uYczV/vEW/G587uYceZ8KGlZWxPoShuuVZYqcU3V161xbdZjm/yv1G0HQPLYDCCC
38OIhXtki0C80GQrLPfrMVnp1OC10VrSMqom82vsBMQyk7GJwZW+d9og6PbCEHcB
0J0g+chI8XP/1i3cBr93FBoIoRykNuLEaqZnqDyfmGqMOt6Urmmxk6RvNXVBIca/
ESh5HvyPT8zbBOGrhVfsLjoeBY54jv1alTK8Ksfo0A6NDlbjDpHLjcKlKA==
-----END CERTIFICATE-----