Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/ed476547-2d09-41f7-bf7d-96921284c993.roa
File:                     ed476547-2d09-41f7-bf7d-96921284c993.roa (raw, json)
Hash identifier:          9XcfLS61CvkPz4fmkAu4TkaJacWieAk4xLe1Z3TS1aE=
Subject key identifier:   63:79:73:01:6B:F3:D7:D3:D6:B7:C5:82:D4:8E:F4:1E:4C:37:03:E8
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       8112CB39D6A3BE2C86B9DB93AFD40B2764F846
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/ed476547-2d09-41f7-bf7d-96921284c993.roa
Signing time:             Mon 27 Jan 2025 00:00:00 +0000
ROA not before:           Mon 27 Jan 2025 00:00:00 +0000
ROA not after:            Mon 03 Mar 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        54.184.0.0/15 maxlen: 15
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 07 Feb 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            81:12:cb:39:d6:a3:be:2c:86:b9:db:93:af:d4:0b:27:64:f8:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jan 27 00:00:00 2025 GMT
            Not After : Mar  3 23:59:59 2025 GMT
        Subject: CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:61:9e:d9:20:69:9b:57:34:84:23:d9:06:67:
                    40:7d:14:b0:67:76:0f:1e:09:0e:9f:53:94:27:d6:
                    67:c4:e8:b9:c4:c1:54:87:15:d9:6d:a8:5a:ae:7d:
                    b4:03:89:57:f6:f1:b1:01:c6:da:56:78:72:6f:07:
                    09:90:ad:e3:a2:cc:7a:76:30:b2:88:d2:08:f8:e9:
                    f8:0f:3c:98:f4:e1:9c:ba:be:69:cf:8a:8d:90:75:
                    15:24:e3:a9:8a:3e:2b:df:a6:3a:14:16:44:55:ad:
                    6d:38:55:bf:d7:f6:bc:b2:4c:bf:1e:19:f0:1e:6e:
                    1d:30:76:53:97:9f:08:54:17:64:de:fa:30:7d:ab:
                    d3:7b:73:b2:2e:6d:cb:15:3a:b3:61:44:75:cd:37:
                    fd:05:62:7f:44:68:2b:99:29:bf:8c:b6:65:52:7c:
                    26:56:d1:23:5a:7c:15:6b:ec:ff:19:8b:c1:7a:7b:
                    fe:8a:1d:5a:3a:7b:5b:c1:af:72:e6:80:32:67:8f:
                    a6:09:f6:13:a4:81:26:6d:48:e4:34:d5:af:31:6e:
                    fe:99:1d:ca:a0:a0:db:db:96:b5:d8:82:7f:13:d7:
                    f0:06:b2:3a:4e:ac:e6:78:39:c5:d5:8f:f2:32:98:
                    fb:d6:36:ca:de:41:09:3d:c7:de:b5:77:22:46:4d:
                    89:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:79:73:01:6B:F3:D7:D3:D6:B7:C5:82:D4:8E:F4:1E:4C:37:03:E8
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/ed476547-2d09-41f7-bf7d-96921284c993.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.184.0.0/15

    Signature Algorithm: sha256WithRSAEncryption
         59:91:a7:fd:78:e1:bd:b8:e3:cb:8f:87:bb:98:24:52:cf:a0:
         6c:8b:93:fb:e7:7d:c0:51:0d:93:80:b8:e5:2f:49:09:c9:8f:
         f5:d5:2f:7d:1a:09:ce:30:bb:62:b6:ed:5f:58:0a:57:9a:b1:
         3d:0c:38:bc:1b:11:08:a3:98:bd:d9:17:55:51:9f:70:ee:23:
         68:94:75:a4:4a:51:d1:0b:72:41:4a:72:3d:8c:2e:3f:25:72:
         a1:dc:96:42:ff:06:83:cf:23:0a:5b:f3:a8:c4:2d:da:1a:aa:
         cb:d9:84:23:e0:dd:df:ef:53:43:e6:6b:c9:1f:b2:43:c8:29:
         e0:d6:93:f0:ff:77:a4:e9:c9:26:04:f9:fe:f5:4e:12:4a:6e:
         b6:9a:70:31:60:21:0b:98:d4:31:be:fa:b5:32:e7:32:34:fd:
         14:b3:f6:3b:e4:95:37:32:ad:88:2b:f5:b5:0b:84:ce:19:d5:
         9c:4e:3d:bf:35:ff:61:ac:f0:b2:e9:74:35:3d:f9:48:af:74:
         d6:6d:04:22:e2:35:3c:5a:68:81:b5:0a:0a:d9:0b:a2:fd:ae:
         8e:22:20:b2:dd:86:84:98:36:66:c6:c6:5c:df:14:21:f3:84:
         b8:1e:e3:38:81:2c:f8:ae:4e:d5:c6:3e:14:1a:ca:89:49:27:
         9b:d9:d6:2e
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUAIESyznWo74shrnbk6/UCydk+EYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwMTI3MDAwMDAwWhcNMjUwMzAzMjM1OTU5
WjB6MUkwRwYDVQQFE0BjMTlmMmY1OGIxYThjMTJmNjQ2NjZkOGE0ZDgxODE0YjRm
ZWRlZDNmZDM5NGIwMzcyYzE5YzNlNmVkNzY1YmQ3MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDAYZ7ZIGmbVzSEI9kGZ0B9FLBndg8eCQ6fU5Qn1mfE6LnE
wVSHFdltqFqufbQDiVf28bEBxtpWeHJvBwmQreOizHp2MLKI0gj46fgPPJj04Zy6
vmnPio2QdRUk46mKPivfpjoUFkRVrW04Vb/X9ryyTL8eGfAebh0wdlOXnwhUF2Te
+jB9q9N7c7IubcsVOrNhRHXNN/0FYn9EaCuZKb+MtmVSfCZW0SNafBVr7P8Zi8F6
e/6KHVo6e1vBr3LmgDJnj6YJ9hOkgSZtSOQ01a8xbv6ZHcqgoNvblrXYgn8T1/AG
sjpOrOZ4OcXVj/IymPvWNsreQQk9x961dyJGTYmxAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUY3lzAWvz19PWt8WC1I70Hkw3A+gwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2VkNDc2NTQ3LTJkMDktNDFmNy1iZjdkLTk2OTIxMjg0Yzk5My5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwE2uDANBgkqhkiG9w0BAQsFAAOCAQEAWZGn/Xjhvbjjy4+Hu5gkUs+gbIuT
++d9wFENk4C45S9JCcmP9dUvfRoJzjC7YrbtX1gKV5qxPQw4vBsRCKOYvdkXVVGf
cO4jaJR1pEpR0QtyQUpyPYwuPyVyodyWQv8Gg88jClvzqMQt2hqqy9mEI+Dd3+9T
Q+ZryR+yQ8gp4NaT8P93pOnJJgT5/vVOEkputppwMWAhC5jUMb76tTLnMjT9FLP2
O+SVNzKtiCv1tQuEzhnVnE49vzX/Yazwsul0NT35SK901m0EIuI1PFpogbUKCtkL
ov2ujiIgst2GhJg2ZsbGXN8UIfOEuB7jOIEs+K5O1cY+FBrKiUknm9nWLg==
-----END CERTIFICATE-----