Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/126efe78-9e9d-4572-92d2-fedc0e5c80fa.roa
File:                     126efe78-9e9d-4572-92d2-fedc0e5c80fa.roa (raw, json)
Hash identifier:          B0DkKJRFmhGWvx3BrszJQegca/IgoatkY8/dIi7QXLw=
Subject key identifier:   F3:1C:DE:F1:B7:04:04:82:45:68:10:22:80:99:8B:B0:FF:5D:C8:E8
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       46E745DC60D2FF4B81BA7552A13F2805BCEC8852
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/126efe78-9e9d-4572-92d2-fedc0e5c80fa.roa
Signing time:             Tue 22 Apr 2025 00:10:28 +0000
ROA not before:           Tue 22 Apr 2025 00:10:28 +0000
ROA not after:            Tue 27 May 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f61:8060::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 27 Apr 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            46:e7:45:dc:60:d2:ff:4b:81:ba:75:52:a1:3f:28:05:bc:ec:88:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Apr 22 00:10:28 2025 GMT
            Not After : May 27 23:59:59 2025 GMT
        Subject: serialNumber=e20b594dba0f6bfd5f825ab95de5aac0879a0207e86a8801e8de03c3d35e56b3, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:d4:6c:c5:25:4f:12:37:76:84:37:4e:e4:8e:
                    4a:10:1e:d0:26:64:92:76:46:5e:91:3f:9f:54:a2:
                    98:3c:a8:b1:93:65:c0:40:2a:0f:d6:74:fb:81:7a:
                    d6:b9:01:b6:13:42:8c:8b:cd:f4:27:b8:83:bc:d6:
                    4b:4a:a8:d9:d3:d9:95:55:ea:a8:fc:cf:68:2c:27:
                    76:ab:b7:bd:00:78:ac:16:66:20:59:77:4a:6c:3c:
                    db:df:7d:65:48:22:50:64:f1:ae:81:db:35:10:f2:
                    07:e9:be:1d:bf:56:3d:48:24:39:08:64:f9:6d:a7:
                    55:3a:bd:c8:c4:c1:5a:46:3f:13:c7:0f:67:16:b7:
                    3b:c8:8d:3f:3c:43:2a:86:ad:21:0f:a8:25:92:9d:
                    dd:91:70:f9:fc:cf:18:36:d1:07:1f:4f:03:df:f8:
                    35:2c:71:8b:52:52:3f:91:8e:1e:94:94:f2:36:9f:
                    09:e1:f1:b9:09:9c:22:cd:e0:0a:7d:9f:dc:20:22:
                    51:34:b8:4c:c7:63:33:cf:15:a8:52:12:9d:77:a5:
                    1b:1e:37:c8:0e:58:94:34:ec:f7:d9:17:a8:da:93:
                    a7:95:71:b9:34:92:46:84:d9:7a:f4:af:11:9c:c4:
                    c5:5c:12:b2:dd:10:cc:24:12:54:c7:6d:ab:f7:39:
                    97:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:1C:DE:F1:B7:04:04:82:45:68:10:22:80:99:8B:B0:FF:5D:C8:E8
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/126efe78-9e9d-4572-92d2-fedc0e5c80fa.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f61:8060::/48

    Signature Algorithm: sha256WithRSAEncryption
         03:ec:a2:1c:c0:bb:15:83:7d:36:4b:b8:e5:c8:b6:52:68:72:
         a5:ed:bb:fb:c4:20:e9:05:1b:08:9a:3f:36:4b:dc:3d:64:ec:
         ff:a6:57:00:01:f5:b0:09:6a:de:5e:04:3e:ca:38:de:9b:f7:
         96:a5:fc:7c:c1:1f:81:bf:ed:59:aa:6c:08:a7:5b:fa:79:15:
         c6:f5:68:3d:42:dd:19:e5:52:16:17:95:fe:f1:5b:6c:b2:82:
         16:f2:19:f5:ea:5f:5c:59:b5:9a:a4:49:36:96:50:5d:c3:ee:
         ad:9d:0a:36:64:83:a7:49:08:02:e4:6e:24:47:3d:1f:a9:76:
         89:bd:a2:60:b2:97:a3:75:dd:b6:4d:b0:3b:9b:ae:d1:f7:e8:
         30:6e:6c:42:29:01:12:c7:c0:23:da:1d:18:22:e4:9b:67:00:
         4a:c0:3c:1b:bb:7d:60:de:65:9b:84:e6:69:54:09:52:87:7d:
         8b:56:50:d0:03:d7:ca:6c:6d:03:b1:e0:8a:78:39:cc:63:61:
         5e:16:83:b9:11:7a:e3:95:de:aa:52:83:e3:1a:66:9b:92:e6:
         40:bd:c5:bd:62:5a:f5:05:2d:7b:88:a7:9d:3b:c0:95:68:28:
         39:8c:ed:55:9d:d2:95:4e:d3:51:94:0c:ce:64:f3:f2:d5:a4:
         b0:53:b2:ae
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIURudF3GDS/0uBunVSoT8oBbzsiFIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNDIyMDAxMDI4WhcNMjUwNTI3MjM1OTU5
WjB6MUkwRwYDVQQFE0BlMjBiNTk0ZGJhMGY2YmZkNWY4MjVhYjk1ZGU1YWFjMDg3
OWEwMjA3ZTg2YTg4MDFlOGRlMDNjM2QzNWU1NmIzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDt1GzFJU8SN3aEN07kjkoQHtAmZJJ2Rl6RP59Uopg8qLGT
ZcBAKg/WdPuBeta5AbYTQoyLzfQnuIO81ktKqNnT2ZVV6qj8z2gsJ3art70AeKwW
ZiBZd0psPNvffWVIIlBk8a6B2zUQ8gfpvh2/Vj1IJDkIZPltp1U6vcjEwVpGPxPH
D2cWtzvIjT88QyqGrSEPqCWSnd2RcPn8zxg20QcfTwPf+DUscYtSUj+Rjh6UlPI2
nwnh8bkJnCLN4Ap9n9wgIlE0uEzHYzPPFahSEp13pRseN8gOWJQ07PfZF6jak6eV
cbk0kkaE2Xr0rxGcxMVcErLdEMwkElTHbav3OZdFAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQU8xze8bcEBIJFaBAigJmLsP9dyOgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzEyNmVmZTc4LTllOWQtNDU3Mi05MmQyLWZlZGMwZTVjODBmYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB9hgGAwDQYJKoZIhvcNAQELBQADggEBAAPsohzAuxWDfTZLuOXItlJo
cqXtu/vEIOkFGwiaPzZL3D1k7P+mVwAB9bAJat5eBD7KON6b95al/HzBH4G/7Vmq
bAinW/p5Fcb1aD1C3RnlUhYXlf7xW2yyghbyGfXqX1xZtZqkSTaWUF3D7q2dCjZk
g6dJCALkbiRHPR+pdom9omCyl6N13bZNsDubrtH36DBubEIpARLHwCPaHRgi5Jtn
AErAPBu7fWDeZZuE5mlUCVKHfYtWUNAD18psbQOx4Ip4OcxjYV4Wg7kReuOV3qpS
g+MaZpuS5kC9xb1iWvUFLXuIp507wJVoKDmM7VWd0pVO01GUDM5k8/LVpLBTsq4=
-----END CERTIFICATE-----