Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/067db7a0-98da-4f57-9f73-acefae7c5ebb.roa
File:                     067db7a0-98da-4f57-9f73-acefae7c5ebb.roa (raw, json)
Hash identifier:          TdN7zpvWEb+DpQMe2JbySDqY5Zh1AzUP8lD2+zSZ0jE=
Subject key identifier:   D8:AB:51:57:9E:81:12:F8:11:0E:25:65:B3:51:F0:91:D6:74:69:DD
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       7D93301B63846DACBBA8F268E0F83A73EA8C35F7
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/067db7a0-98da-4f57-9f73-acefae7c5ebb.roa
Signing time:             Tue 22 Apr 2025 00:51:15 +0000
ROA not before:           Tue 22 Apr 2025 00:51:15 +0000
ROA not after:            Tue 27 May 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1ff6:8000::/39 maxlen: 39
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 27 Apr 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7d:93:30:1b:63:84:6d:ac:bb:a8:f2:68:e0:f8:3a:73:ea:8c:35:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Apr 22 00:51:15 2025 GMT
            Not After : May 27 23:59:59 2025 GMT
        Subject: serialNumber=a7eeba7d9312f7f9111ae7a5fb19a50197449e6b78a52562ceaaa097cef667c7, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:d0:6f:c7:39:96:f7:4c:60:e9:3e:8e:45:fb:
                    02:00:ea:47:17:da:ae:21:bc:df:66:d8:3b:b9:08:
                    f6:bc:40:75:f0:df:de:9f:f4:66:80:50:e8:40:e5:
                    fc:26:c8:df:fb:c1:1c:8d:b0:6e:b4:f9:f7:77:58:
                    2f:4f:b2:0c:92:53:fa:8b:93:b7:2e:8e:7c:f9:6d:
                    de:ec:18:31:88:f7:06:84:c9:f3:c4:e9:ba:46:3a:
                    a9:2b:f0:94:28:50:09:82:5b:ff:56:86:5a:aa:24:
                    08:24:17:0e:16:22:13:ba:68:f3:57:9e:6e:af:4f:
                    46:6a:95:eb:6e:03:8c:45:83:ff:8c:42:9c:6e:f9:
                    60:5e:a6:bb:d8:65:c4:ea:5d:f7:ef:05:5a:44:f7:
                    36:8a:aa:4e:f2:19:a1:b0:04:6c:08:71:a9:a1:b8:
                    26:d4:0b:ec:fe:a7:97:0b:d3:a7:06:2a:8d:63:27:
                    ff:a3:53:41:da:b6:ec:52:6a:4d:af:53:63:48:a6:
                    00:d1:3e:a7:06:99:f1:79:e0:19:e8:c9:04:e9:94:
                    6b:69:36:09:bf:6b:41:f1:fd:e1:7e:21:a5:77:78:
                    72:f8:32:92:15:0c:68:5f:e9:61:93:b4:e7:72:aa:
                    1f:de:3e:ef:45:29:bc:ec:1e:c5:cc:dd:e6:6f:69:
                    41:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:AB:51:57:9E:81:12:F8:11:0E:25:65:B3:51:F0:91:D6:74:69:DD
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/067db7a0-98da-4f57-9f73-acefae7c5ebb.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1ff6:8000::/39

    Signature Algorithm: sha256WithRSAEncryption
         d2:f8:3c:3a:9f:50:b1:48:d9:3e:46:a0:db:9c:11:72:2d:af:
         ac:62:55:15:3d:58:91:af:37:6e:25:33:5f:12:2d:43:52:c7:
         51:6d:70:1b:23:66:cd:e8:31:56:80:fa:34:9f:b7:60:a0:0d:
         6f:e6:8d:3c:bc:a3:5a:21:a4:62:51:36:a6:50:5c:af:f9:ff:
         3d:23:46:9b:1a:dd:6b:be:c3:ff:a7:2a:31:25:15:27:a5:01:
         07:b6:22:dd:9c:73:0e:d6:8c:7e:9b:80:9b:32:ef:c6:ce:30:
         c1:f7:78:58:4a:8b:38:37:f5:47:b3:af:dd:99:46:15:81:f2:
         be:74:52:49:57:84:3b:2d:da:09:05:41:d5:96:8f:40:59:f9:
         5e:c7:ae:5e:ca:fe:6f:d5:ba:fb:b3:5f:48:54:db:f2:f6:fd:
         7a:e9:f8:00:77:cb:fb:9a:59:12:40:ba:81:02:15:b0:2e:09:
         a9:f2:3d:cb:1f:40:f1:9f:a1:31:e6:15:7e:54:7d:de:d7:d5:
         7c:1e:94:0d:65:ae:76:b3:ac:e3:f4:d2:69:a3:1f:e6:c9:b2:
         4e:07:df:76:03:50:80:bf:db:85:b2:d4:8e:b7:bf:5d:cb:e4:
         2d:e2:87:41:b0:02:3d:02:88:96:d4:75:29:df:52:97:d5:f6:
         f7:96:58:d5
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUfZMwG2OEbay7qPJo4Pg6c+qMNfcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNDIyMDA1MTE1WhcNMjUwNTI3MjM1OTU5
WjB6MUkwRwYDVQQFE0BhN2VlYmE3ZDkzMTJmN2Y5MTExYWU3YTVmYjE5YTUwMTk3
NDQ5ZTZiNzhhNTI1NjJjZWFhYTA5N2NlZjY2N2M3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCQ0G/HOZb3TGDpPo5F+wIA6kcX2q4hvN9m2Du5CPa8QHXw
396f9GaAUOhA5fwmyN/7wRyNsG60+fd3WC9PsgySU/qLk7cujnz5bd7sGDGI9waE
yfPE6bpGOqkr8JQoUAmCW/9WhlqqJAgkFw4WIhO6aPNXnm6vT0ZqletuA4xFg/+M
Qpxu+WBeprvYZcTqXffvBVpE9zaKqk7yGaGwBGwIcamhuCbUC+z+p5cL06cGKo1j
J/+jU0HatuxSak2vU2NIpgDRPqcGmfF54BnoyQTplGtpNgm/a0Hx/eF+IaV3eHL4
MpIVDGhf6WGTtOdyqh/ePu9FKbzsHsXM3eZvaUHTAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQU2KtRV56BEvgRDiVls1HwkdZ0ad0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzA2N2RiN2EwLTk4ZGEtNGY1Ny05ZjczLWFjZWZhZTdjNWViYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgEmAB/2gDANBgkqhkiG9w0BAQsFAAOCAQEA0vg8Op9QsUjZPkag25wRci2v
rGJVFT1Yka83biUzXxItQ1LHUW1wGyNmzegxVoD6NJ+3YKANb+aNPLyjWiGkYlE2
plBcr/n/PSNGmxrda77D/6cqMSUVJ6UBB7Yi3ZxzDtaMfpuAmzLvxs4wwfd4WEqL
ODf1R7Ov3ZlGFYHyvnRSSVeEOy3aCQVB1ZaPQFn5XseuXsr+b9W6+7NfSFTb8vb9
eun4AHfL+5pZEkC6gQIVsC4JqfI9yx9A8Z+hMeYVflR93tfVfB6UDWWudrOs4/TS
aaMf5smyTgffdgNQgL/bhbLUjre/XcvkLeKHQbACPQKIltR1Kd9Sl9X295ZY1Q==
-----END CERTIFICATE-----