Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/fe12b81e-8bc0-47c3-9290-fe66bde475a4.roa
File:                     fe12b81e-8bc0-47c3-9290-fe66bde475a4.roa (raw, json)
Hash identifier:          bM2NCHa6uCTJh1pLoQN2TjOD1QBK5hfQKBuLPLE2HgE=
Subject key identifier:   58:47:ED:18:80:92:75:61:35:88:48:56:67:B0:69:09:03:81:A3:07
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       7F621724CA14378DD8A78B2ABBF933B80EED3309
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/fe12b81e-8bc0-47c3-9290-fe66bde475a4.roa
Signing time:             Fri 31 Jan 2025 00:00:00 +0000
ROA not before:           Fri 31 Jan 2025 00:00:00 +0000
ROA not after:            Fri 07 Mar 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        15.230.130.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 07 Feb 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7f:62:17:24:ca:14:37:8d:d8:a7:8b:2a:bb:f9:33:b8:0e:ed:33:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jan 31 00:00:00 2025 GMT
            Not After : Mar  7 23:59:59 2025 GMT
        Subject: CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:0f:64:03:d4:21:b2:ea:ef:03:50:ea:6a:b6:
                    00:c8:15:99:7e:cf:77:2f:68:24:80:d0:a8:3c:d0:
                    be:a8:32:4e:18:25:11:50:55:55:64:33:94:41:bf:
                    2c:41:77:c5:fe:eb:52:cb:1e:b4:70:1c:a5:19:8b:
                    a6:20:ff:80:f4:e1:24:7f:6a:2b:75:52:29:89:9f:
                    25:44:80:96:27:df:cd:cc:b3:dd:74:15:72:95:a7:
                    97:8a:42:19:8a:11:dc:75:56:d4:d3:ac:cd:bf:a1:
                    92:45:09:14:74:8f:64:66:63:19:9c:c3:4a:a6:45:
                    6d:55:7e:6d:bd:4f:87:ee:c0:3f:bd:4f:35:e6:08:
                    fa:2c:a6:b3:40:04:e1:e8:45:3a:0e:99:7f:70:19:
                    fb:63:3d:a0:ee:b2:63:c8:b3:95:c6:07:44:f7:45:
                    1d:c6:18:d0:21:2d:af:24:80:84:05:b0:ba:78:07:
                    cf:5a:69:ff:ac:2f:80:57:99:3b:5c:28:6d:fb:65:
                    eb:fd:ac:a4:6c:88:40:52:50:03:be:5c:0d:db:99:
                    e4:75:29:7f:9b:d1:be:4e:4c:4f:17:0d:86:52:54:
                    7f:7f:9e:d3:3d:7d:6a:12:d1:91:6b:77:4a:f9:6f:
                    21:cd:e9:0e:60:d9:2a:aa:45:83:f8:c4:fb:96:03:
                    74:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:47:ED:18:80:92:75:61:35:88:48:56:67:B0:69:09:03:81:A3:07
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/fe12b81e-8bc0-47c3-9290-fe66bde475a4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  15.230.130.0/24

    Signature Algorithm: sha256WithRSAEncryption
         18:a3:93:0a:c0:8b:5c:67:6b:e4:7b:d9:df:ee:7c:b9:fa:ca:
         46:6d:65:ed:e3:e8:65:b2:df:48:21:41:4f:bb:d9:ee:57:b6:
         dc:5e:eb:7c:4e:f6:1a:6c:ec:ec:c1:3f:5b:83:20:a2:fe:84:
         72:bf:ff:7d:06:b6:24:79:c6:50:d8:5e:aa:53:08:98:e7:1b:
         9f:dc:77:d4:11:4c:c2:59:19:84:7f:2e:e9:70:64:54:4b:4d:
         0e:2e:2b:58:fa:7d:55:ed:19:84:f8:1f:86:47:8c:74:bf:57:
         18:30:60:fa:f4:38:67:c3:c7:0c:75:d7:47:fe:f7:7c:f3:39:
         67:86:9d:d0:9e:a6:64:a0:61:13:13:a3:54:70:3f:f0:86:68:
         54:4a:b9:ab:22:46:74:28:3b:1b:4d:1e:d5:d9:92:b4:bc:70:
         7f:b3:e3:08:db:95:35:c4:26:81:92:24:78:52:b4:d6:b9:51:
         a2:d8:96:4a:77:c4:0a:88:86:a1:7f:c5:72:39:dc:4e:ce:bc:
         7c:bc:28:09:f3:6f:38:52:1f:7e:ef:fd:e4:39:ec:09:a8:3b:
         17:4f:2e:31:ad:e0:93:c9:9b:cb:2a:11:d6:59:c3:6e:ea:78:
         8a:0a:c5:d0:a6:97:d3:0f:ed:c7:f5:7e:bd:8e:73:4a:bc:7e:
         34:58:23:49
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUf2IXJMoUN43Yp4squ/kzuA7tMwkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwMTMxMDAwMDAwWhcNMjUwMzA3MjM1OTU5
WjB6MUkwRwYDVQQFE0AyMDFjZTMxMWY4MWU1Y2I2YWIzNjQ3YjI3NzhlMTZlMjlm
ZjZkYTlkODA1NmM3ZDU2Yjk4OTZiZmFjMGIxNDM4MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDGD2QD1CGy6u8DUOpqtgDIFZl+z3cvaCSA0Kg80L6oMk4Y
JRFQVVVkM5RBvyxBd8X+61LLHrRwHKUZi6Yg/4D04SR/ait1UimJnyVEgJYn383M
s910FXKVp5eKQhmKEdx1VtTTrM2/oZJFCRR0j2RmYxmcw0qmRW1Vfm29T4fuwD+9
TzXmCPosprNABOHoRToOmX9wGftjPaDusmPIs5XGB0T3RR3GGNAhLa8kgIQFsLp4
B89aaf+sL4BXmTtcKG37Zev9rKRsiEBSUAO+XA3bmeR1KX+b0b5OTE8XDYZSVH9/
ntM9fWoS0ZFrd0r5byHN6Q5g2SqqRYP4xPuWA3QzAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUWEftGICSdWE1iEhWZ7BpCQOBowcwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2ZlMTJiODFlLThiYzAtNDdjMy05MjkwLWZlNjZiZGU0NzVhNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAP5oIwDQYJKoZIhvcNAQELBQADggEBABijkwrAi1xna+R72d/ufLn6ykZt
Ze3j6GWy30ghQU+72e5Xttxe63xO9hps7OzBP1uDIKL+hHK//30GtiR5xlDYXqpT
CJjnG5/cd9QRTMJZGYR/LulwZFRLTQ4uK1j6fVXtGYT4H4ZHjHS/VxgwYPr0OGfD
xwx110f+93zzOWeGndCepmSgYRMTo1RwP/CGaFRKuasiRnQoOxtNHtXZkrS8cH+z
4wjblTXEJoGSJHhStNa5UaLYlkp3xAqIhqF/xXI53E7OvHy8KAnzbzhSH37v/eQ5
7AmoOxdPLjGt4JPJm8sqEdZZw27qeIoKxdCml9MP7cf1fr2Oc0q8fjRYI0k=
-----END CERTIFICATE-----