Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/e5c3a2d1-6b82-4e9d-894b-f8bbabceae8f.roa
File:                     e5c3a2d1-6b82-4e9d-894b-f8bbabceae8f.roa (raw, json)
Hash identifier:          /CBCTWhiaKVyG7VZ+/nCX4AZBhRloJ9QgLNR60pwQoM=
Subject key identifier:   0A:65:7A:57:81:98:D9:BC:1A:71:89:DE:40:D2:9D:79:90:55:92:57
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       61E7A1EB2D1CAB3A78A1BE5A194565929F93D56D
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/e5c3a2d1-6b82-4e9d-894b-f8bbabceae8f.roa
Signing time:             Mon 13 Jan 2025 00:00:00 +0000
ROA not before:           Mon 13 Jan 2025 00:00:00 +0000
ROA not after:            Mon 17 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        18.189.0.0/16 maxlen: 16
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 07 Feb 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            61:e7:a1:eb:2d:1c:ab:3a:78:a1:be:5a:19:45:65:92:9f:93:d5:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jan 13 00:00:00 2025 GMT
            Not After : Feb 17 23:59:59 2025 GMT
        Subject: CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:b1:8d:38:6c:7f:c9:91:35:82:b5:a6:6d:63:
                    d1:ad:4e:84:81:42:57:31:5d:3e:7d:70:d0:55:50:
                    41:f1:22:69:33:9d:ea:4a:68:ef:59:54:2a:0a:e2:
                    dd:df:f8:4f:5b:8b:70:53:e4:da:33:a2:0d:83:ca:
                    f5:a4:20:73:2a:bf:f5:be:bb:a8:47:a1:eb:ba:e7:
                    01:5b:ae:8d:c5:1b:65:3c:9e:c3:19:19:20:89:fa:
                    5f:19:fa:51:d9:dc:87:cd:16:41:52:0f:c3:86:c4:
                    53:b6:7b:3a:90:51:40:53:da:b6:64:19:d4:60:0d:
                    81:d1:3a:31:76:69:95:95:76:cc:28:6f:a6:fc:b7:
                    2e:67:d2:0c:3b:e0:0c:8c:b2:03:cc:38:d9:b8:cb:
                    62:5f:3c:30:75:53:5f:2a:00:e1:87:28:bf:1c:45:
                    eb:41:0e:14:fb:bc:7c:f6:f5:6e:26:9d:66:c6:95:
                    ed:7a:02:8a:48:72:5f:09:a0:2d:b8:c4:cf:3e:b7:
                    e5:8f:06:f1:a6:03:d3:53:07:70:88:1b:18:e4:11:
                    77:1e:11:ee:81:d1:06:71:9b:1c:96:37:5c:af:1c:
                    49:a1:0d:de:0c:ac:c2:e6:58:a3:78:e7:8a:b6:b2:
                    d0:f2:aa:e4:36:9f:ff:f8:a4:19:fb:32:c6:90:51:
                    8d:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:65:7A:57:81:98:D9:BC:1A:71:89:DE:40:D2:9D:79:90:55:92:57
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/e5c3a2d1-6b82-4e9d-894b-f8bbabceae8f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  18.189.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         6d:18:4e:e6:34:33:44:0f:1e:ef:92:8f:e1:65:18:0b:12:fc:
         8d:5b:76:77:fc:8d:ef:d4:91:05:50:5f:bd:b9:88:1e:d7:ea:
         19:b0:8c:74:e9:73:8b:4f:01:74:84:dc:28:42:94:ec:4b:8d:
         85:c5:c9:bf:cb:65:d8:41:f5:7c:a3:7b:63:c2:00:86:9b:71:
         a8:fa:d9:f0:a9:a3:07:04:65:d2:ca:f7:d7:a5:05:6c:88:90:
         21:cd:b0:7b:5f:40:56:8a:9f:82:f9:3b:1d:53:d6:55:40:9b:
         95:44:c3:d6:ae:b5:55:2a:d6:9e:c9:b3:12:2a:7f:c4:c1:f9:
         9b:ab:eb:94:1c:bf:0f:74:56:2f:89:50:03:01:fa:76:b2:9e:
         29:cf:bd:32:a1:0a:69:ce:fb:de:d7:5f:db:38:8f:3f:a6:9d:
         44:d9:3f:b1:f3:bc:eb:b4:63:08:27:62:05:2f:1e:ba:de:94:
         6b:67:38:ac:15:c1:fa:e1:b7:ba:5a:05:4c:1c:ed:ae:df:e1:
         5f:50:0a:9e:40:f7:c6:6a:99:6a:73:fc:50:06:dc:92:3b:2c:
         0e:84:46:c7:d0:d5:c3:87:54:0b:19:19:2f:b7:4d:2a:7d:f8:
         b7:74:72:26:6e:7c:f9:11:b7:3d:69:10:42:85:71:65:bb:7a:
         0c:39:98:70
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUYeeh6y0cqzp4ob5aGUVlkp+T1W0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwMTEzMDAwMDAwWhcNMjUwMjE3MjM1OTU5
WjB6MUkwRwYDVQQFE0BkYTZmNWQwYzk0NDQzOGNiMDRjZGQzMzIyOTliNGM3MDZl
ZDRlNWRhM2RkNGU4NzBjZjRhNGY1NWFlYzk4NzAxMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDesY04bH/JkTWCtaZtY9GtToSBQlcxXT59cNBVUEHxImkz
nepKaO9ZVCoK4t3f+E9bi3BT5Nozog2DyvWkIHMqv/W+u6hHoeu65wFbro3FG2U8
nsMZGSCJ+l8Z+lHZ3IfNFkFSD8OGxFO2ezqQUUBT2rZkGdRgDYHROjF2aZWVdswo
b6b8ty5n0gw74AyMsgPMONm4y2JfPDB1U18qAOGHKL8cRetBDhT7vHz29W4mnWbG
le16AopIcl8JoC24xM8+t+WPBvGmA9NTB3CIGxjkEXceEe6B0QZxmxyWN1yvHEmh
Dd4MrMLmWKN454q2stDyquQ2n//4pBn7MsaQUY0XAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUCmV6V4GY2bwacYneQNKdeZBVklcwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2U1YzNhMmQxLTZiODItNGU5ZC04OTRiLWY4YmJhYmNlYWU4Zi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwASvTANBgkqhkiG9w0BAQsFAAOCAQEAbRhO5jQzRA8e75KP4WUYCxL8jVt2
d/yN79SRBVBfvbmIHtfqGbCMdOlzi08BdITcKEKU7EuNhcXJv8tl2EH1fKN7Y8IA
hptxqPrZ8KmjBwRl0sr316UFbIiQIc2we19AVoqfgvk7HVPWVUCblUTD1q61VSrW
nsmzEip/xMH5m6vrlBy/D3RWL4lQAwH6drKeKc+9MqEKac773tdf2ziPP6adRNk/
sfO867RjCCdiBS8eut6Ua2c4rBXB+uG3uloFTBztrt/hX1AKnkD3xmqZanP8UAbc
kjssDoRGx9DVw4dUCxkZL7dNKn34t3RyJm58+RG3PWkQQoVxZbt6DDmYcA==
-----END CERTIFICATE-----