Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/fc6c513c-18c6-4cc7-9b28-a83b394fe8aa.roa
File:                     fc6c513c-18c6-4cc7-9b28-a83b394fe8aa.roa (raw, json)
Hash identifier:          JAQzd1KxqPSoaPgW3z8vb39S4EApVWahwAkQnriuAQQ=
Subject key identifier:   DA:72:29:B6:EE:79:88:F2:5A:F6:C1:29:46:D9:91:BA:8F:96:69:B3
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       536C1C813FB660990286A53D6E9166AEA8FE82F2
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/fc6c513c-18c6-4cc7-9b28-a83b394fe8aa.roa
Signing time:             Fri 09 May 2025 00:31:53 +0000
ROA not before:           Fri 09 May 2025 00:31:53 +0000
ROA not after:            Fri 13 Jun 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        15.181.96.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 10 May 2025 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            53:6c:1c:81:3f:b6:60:99:02:86:a5:3d:6e:91:66:ae:a8:fe:82:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May  9 00:31:53 2025 GMT
            Not After : Jun 13 23:59:59 2025 GMT
        Subject: serialNumber=281b8330fbb62ff50a1a017863d784c8c443489e39ae1143324b30697644c86e, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:82:15:14:4a:12:ff:7f:e7:8c:83:14:cc:a3:
                    24:7b:4a:eb:52:a4:ce:68:9a:b8:fc:4b:d4:86:39:
                    a1:0e:aa:65:f7:3c:38:10:c0:bd:b5:60:a5:a7:0a:
                    9b:1a:da:c8:6f:56:a8:07:dc:53:31:03:59:03:0e:
                    5e:18:29:57:c5:24:85:1b:2d:41:78:4a:b5:ec:b7:
                    cc:23:51:3e:83:c1:67:a6:a1:0a:18:b7:a5:da:85:
                    1a:44:45:d8:53:36:43:fe:b3:9b:4f:ed:ff:f8:fb:
                    18:67:67:22:8d:a0:39:4f:df:57:a1:a9:25:fc:0a:
                    6d:e4:65:c8:f7:22:07:60:b6:99:fc:3d:7a:4f:59:
                    35:a2:19:f6:f7:5b:f8:d1:45:f2:20:1a:71:d7:d4:
                    10:f4:89:69:25:8e:2b:bd:42:48:94:7f:94:10:48:
                    56:be:1b:8f:c9:7c:c2:c2:b1:87:8b:46:8b:b5:44:
                    2e:3d:3d:e6:c7:0f:1d:79:b2:85:95:a8:90:65:97:
                    58:ce:5a:3e:e4:e3:d5:c9:1f:3d:59:0f:40:f7:16:
                    8b:c7:c3:b7:35:8b:03:0e:fe:9e:6b:f2:99:cb:04:
                    03:58:d4:ee:9d:32:b8:22:4b:46:0f:c3:e3:6c:40:
                    0b:ac:2d:dc:8f:d6:e6:5a:9e:13:13:a4:c9:ac:60:
                    49:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:72:29:B6:EE:79:88:F2:5A:F6:C1:29:46:D9:91:BA:8F:96:69:B3
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/fc6c513c-18c6-4cc7-9b28-a83b394fe8aa.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  15.181.96.0/23

    Signature Algorithm: sha256WithRSAEncryption
         8f:3b:6d:c7:c3:af:39:b0:4e:d4:23:59:0f:49:f7:b0:f2:8e:
         16:93:c2:70:7f:74:02:24:ec:d1:a0:18:4e:57:98:6a:67:82:
         5c:94:f4:98:54:95:22:50:3d:f0:51:4e:f2:a1:5f:bf:1d:f0:
         de:65:af:48:9e:88:12:0f:82:3a:81:81:23:18:ff:70:5e:81:
         10:7e:5e:6b:69:40:ac:60:f2:fc:ce:26:87:d5:92:75:33:bf:
         95:2d:f6:3d:33:77:e5:06:e6:ff:52:d9:c4:a0:0d:96:0e:2a:
         7b:32:e0:97:a7:7e:c6:4c:28:4d:4e:a1:59:83:34:e4:06:f3:
         b2:40:e0:bf:87:72:88:ad:f4:a8:c7:32:a8:73:b1:d4:92:e8:
         b0:68:5d:40:eb:1b:7b:a6:b0:d8:2e:f6:39:ff:e3:64:14:0e:
         33:6c:5a:e1:38:d9:3d:5c:58:96:40:13:5d:bb:f3:bb:66:21:
         ec:d8:4e:0c:31:ac:ca:b6:6b:25:af:d8:6e:da:4c:9f:cf:ed:
         88:00:96:ce:cd:27:f7:f4:c7:04:fe:94:df:d2:7f:0b:84:af:
         11:3d:85:5d:f6:0d:0e:27:41:63:1e:fa:38:ee:53:34:b1:4d:
         66:5a:92:ef:20:9b:dc:fb:f6:d4:b3:e7:c5:95:92:a4:14:54:
         28:21:5d:41
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUU2wcgT+2YJkChqU9bpFmrqj+gvIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNTA5MDAzMTUzWhcNMjUwNjEzMjM1OTU5
WjB6MUkwRwYDVQQFE0AyODFiODMzMGZiYjYyZmY1MGExYTAxNzg2M2Q3ODRjOGM0
NDM0ODllMzlhZTExNDMzMjRiMzA2OTc2NDRjODZlMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC5ghUUShL/f+eMgxTMoyR7SutSpM5omrj8S9SGOaEOqmX3
PDgQwL21YKWnCpsa2shvVqgH3FMxA1kDDl4YKVfFJIUbLUF4SrXst8wjUT6DwWem
oQoYt6XahRpERdhTNkP+s5tP7f/4+xhnZyKNoDlP31ehqSX8Cm3kZcj3Igdgtpn8
PXpPWTWiGfb3W/jRRfIgGnHX1BD0iWkljiu9QkiUf5QQSFa+G4/JfMLCsYeLRou1
RC49PebHDx15soWVqJBll1jOWj7k49XJHz1ZD0D3FovHw7c1iwMO/p5r8pnLBANY
1O6dMrgiS0YPw+NsQAusLdyP1uZanhMTpMmsYElhAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU2nIptu55iPJa9sEpRtmRuo+WabMwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2ZjNmM1MTNjLTE4YzYtNGNjNy05YjI4LWE4M2IzOTRmZThhYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAEPtWAwDQYJKoZIhvcNAQELBQADggEBAI87bcfDrzmwTtQjWQ9J97DyjhaT
wnB/dAIk7NGgGE5XmGpnglyU9JhUlSJQPfBRTvKhX78d8N5lr0ieiBIPgjqBgSMY
/3BegRB+XmtpQKxg8vzOJofVknUzv5Ut9j0zd+UG5v9S2cSgDZYOKnsy4JenfsZM
KE1OoVmDNOQG87JA4L+Hcoit9KjHMqhzsdSS6LBoXUDrG3umsNgu9jn/42QUDjNs
WuE42T1cWJZAE12787tmIezYTgwxrMq2ayWv2G7aTJ/P7YgAls7NJ/f0xwT+lN/S
fwuErxE9hV32DQ4nQWMe+jjuUzSxTWZaku8gm9z79tSz58WVkqQUVCghXUE=
-----END CERTIFICATE-----