Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0301e067-da19-4fd1-bbbc-72ecabcde612.roa
File:                     0301e067-da19-4fd1-bbbc-72ecabcde612.roa (raw, json)
Hash identifier:          NHY3/BQ9DuWDv3230cnqFGVAkT+XrlznVWUr+FOQEn4=
Subject key identifier:   AD:D7:8F:AE:35:10:94:33:3E:9B:8F:A1:B7:B2:F7:AB:17:38:17:6C
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       5359EA5D49C5410C7460E804D0D7EC3D0881A58D
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0301e067-da19-4fd1-bbbc-72ecabcde612.roa
Signing time:             Wed 11 Jun 2025 00:10:47 +0000
ROA not before:           Wed 11 Jun 2025 00:10:47 +0000
ROA not after:            Wed 16 Jul 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        192.43.184.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 16 Jun 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            53:59:ea:5d:49:c5:41:0c:74:60:e8:04:d0:d7:ec:3d:08:81:a5:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jun 11 00:10:47 2025 GMT
            Not After : Jul 16 23:59:59 2025 GMT
        Subject: serialNumber=804312d07d17b38c65542e535a26a91a1847d8168d8f6dfd8d616ead4384b251, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:46:8d:f3:2d:a3:29:1b:7b:24:c3:fd:dc:6e:
                    c9:fe:15:ca:a0:1b:8a:d1:16:e3:51:43:06:a5:fa:
                    3e:93:fa:be:78:60:1f:d6:1f:c2:2e:e3:8a:d5:e5:
                    77:96:14:74:23:c9:15:ad:42:d8:13:e4:de:39:52:
                    c9:a0:67:3d:fc:48:89:2f:8b:83:9b:6e:49:65:1e:
                    af:b5:38:ab:ca:27:cf:7c:f6:e2:c8:bb:c9:9e:6f:
                    7d:7b:d7:d2:a3:30:6f:4f:4c:6c:8a:31:d3:b0:95:
                    2c:8d:0a:84:4f:d3:bb:b6:ee:31:19:08:4c:7d:a9:
                    da:93:c5:f0:a9:b0:ce:6f:d2:64:95:ed:54:e9:29:
                    fc:c8:d9:50:61:ed:9d:09:90:8f:5e:5f:00:4b:9a:
                    77:b6:a1:64:bf:2e:87:71:53:c5:90:15:78:d0:61:
                    9e:d0:c0:20:ce:8d:ab:27:ff:36:76:4b:83:ff:1b:
                    fe:fc:01:67:d6:32:79:1d:4b:15:3a:91:0c:2b:39:
                    64:9c:8d:af:78:ce:d7:22:f6:59:ab:fa:ab:4a:98:
                    2c:c2:71:e9:a6:a1:8e:95:c8:2e:eb:38:e7:49:16:
                    71:3e:3d:d6:b8:b6:af:bc:93:b9:33:b9:c2:77:06:
                    b5:d6:25:4c:b5:ec:44:2a:2d:b5:da:90:28:06:d0:
                    7f:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:D7:8F:AE:35:10:94:33:3E:9B:8F:A1:B7:B2:F7:AB:17:38:17:6C
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0301e067-da19-4fd1-bbbc-72ecabcde612.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.43.184.0/24

    Signature Algorithm: sha256WithRSAEncryption
         aa:0b:20:f5:ea:6d:3b:36:09:96:99:ba:27:3c:1d:bf:22:95:
         bf:e5:87:47:0b:c7:f4:8b:b8:ed:45:81:c8:af:5d:4f:b3:f1:
         0a:83:f3:5b:28:c6:f0:3d:39:f8:7a:3e:c3:c3:52:26:f6:63:
         58:d7:df:1e:d6:5d:af:26:d9:39:d0:5e:cc:fc:42:e8:0a:59:
         67:35:a3:c5:a5:ba:77:a3:16:f6:fc:14:9b:5e:b4:38:ba:e3:
         62:09:a0:84:a0:1e:3b:2b:e4:ac:6a:c7:3a:ef:5f:75:18:e0:
         8c:d6:23:f7:8b:79:89:b5:d1:c3:2e:c4:00:5b:19:e8:9c:ca:
         83:02:24:85:1b:67:f0:57:65:30:4a:c8:9c:36:e8:7b:94:90:
         f2:eb:ee:43:01:1b:95:0f:8f:65:ef:72:9d:a4:b8:21:a6:f4:
         a6:ce:25:bd:6a:d8:d6:17:5a:b8:e7:3c:f1:f6:05:41:1d:bd:
         43:26:45:b4:21:42:41:d6:4f:d3:ac:4f:3e:11:9d:01:77:26:
         e2:1d:58:d6:f2:26:a5:2b:a9:66:eb:56:97:e0:9a:70:08:d7:
         af:25:e4:2a:28:e3:b1:27:9a:73:e6:85:7e:6b:8e:45:d8:8c:
         28:96:2d:65:08:c7:8b:a1:67:d4:0c:0d:20:ca:ff:8e:79:21:
         c3:9f:1a:1a
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUU1nqXUnFQQx0YOgE0NfsPQiBpY0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNjExMDAxMDQ3WhcNMjUwNzE2MjM1OTU5
WjB6MUkwRwYDVQQFE0A4MDQzMTJkMDdkMTdiMzhjNjU1NDJlNTM1YTI2YTkxYTE4
NDdkODE2OGQ4ZjZkZmQ4ZDYxNmVhZDQzODRiMjUxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDFRo3zLaMpG3skw/3cbsn+FcqgG4rRFuNRQwal+j6T+r54
YB/WH8Iu44rV5XeWFHQjyRWtQtgT5N45UsmgZz38SIkvi4ObbkllHq+1OKvKJ898
9uLIu8meb31719KjMG9PTGyKMdOwlSyNCoRP07u27jEZCEx9qdqTxfCpsM5v0mSV
7VTpKfzI2VBh7Z0JkI9eXwBLmne2oWS/LodxU8WQFXjQYZ7QwCDOjasn/zZ2S4P/
G/78AWfWMnkdSxU6kQwrOWScja94ztci9lmr+qtKmCzCcemmoY6VyC7rOOdJFnE+
Pda4tq+8k7kzucJ3BrXWJUy17EQqLbXakCgG0H9nAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUrdePrjUQlDM+m4+ht7L3qxc4F2wwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzAzMDFlMDY3LWRhMTktNGZkMS1iYmJjLTcyZWNhYmNkZTYxMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADAK7gwDQYJKoZIhvcNAQELBQADggEBAKoLIPXqbTs2CZaZuic8Hb8ilb/l
h0cLx/SLuO1FgcivXU+z8QqD81soxvA9Ofh6PsPDUib2Y1jX3x7WXa8m2TnQXsz8
QugKWWc1o8WlunejFvb8FJtetDi642IJoISgHjsr5KxqxzrvX3UY4IzWI/eLeYm1
0cMuxABbGeicyoMCJIUbZ/BXZTBKyJw26HuUkPLr7kMBG5UPj2Xvcp2kuCGm9KbO
Jb1q2NYXWrjnPPH2BUEdvUMmRbQhQkHWT9OsTz4RnQF3JuIdWNbyJqUrqWbrVpfg
mnAI168l5Coo47EnmnPmhX5rjkXYjCiWLWUIx4uhZ9QMDSDK/455IcOfGho=
-----END CERTIFICATE-----