Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2b47ae49-7e0d-437b-8132-173dee6fae95.roa
File:                     2b47ae49-7e0d-437b-8132-173dee6fae95.roa (raw, json)
Hash identifier:          FqOoNf/QUlkX8XflmwiDHiNNNMCXAkQbYgPNs4+lLf0=
Subject key identifier:   B9:36:97:70:7B:AE:DE:9E:F3:08:86:F7:FE:1A:1A:37:CD:BC:E2:BF
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       73A5FA48AB5F98565D346C9443B8CE9E01AEC016
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2b47ae49-7e0d-437b-8132-173dee6fae95.roa
Signing time:             Mon 21 Apr 2025 17:20:33 +0000
ROA not before:           Mon 21 Apr 2025 17:20:33 +0000
ROA not after:            Mon 26 May 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1fff:8110::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 27 Apr 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            73:a5:fa:48:ab:5f:98:56:5d:34:6c:94:43:b8:ce:9e:01:ae:c0:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Apr 21 17:20:33 2025 GMT
            Not After : May 26 23:59:59 2025 GMT
        Subject: serialNumber=ef8dcfacf4ea8a159ca42449669be0156aae96473dd9ef2e003ad1d049cde3b5, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:4b:67:5f:e8:8d:b4:70:aa:79:13:ae:eb:f7:
                    1b:22:64:2a:62:49:0f:f7:2c:99:14:34:9e:6f:19:
                    fa:ca:4a:18:20:a5:34:b1:e9:21:56:ad:e9:ab:24:
                    aa:ce:1a:58:93:0f:ff:e2:0c:97:5a:98:7b:14:c4:
                    6c:3f:4a:3d:fb:a2:94:6f:95:e9:c8:95:d5:38:ab:
                    94:31:52:35:95:95:9b:78:40:73:e3:a0:00:ab:a0:
                    fb:81:f1:32:02:e5:0c:0f:1e:b5:47:7b:b1:13:91:
                    0c:9e:f7:17:11:f6:f2:b7:51:0d:7d:ea:62:ae:ab:
                    45:d1:6f:4f:6f:c2:e6:35:79:ac:f9:70:f1:59:f8:
                    c2:22:2a:f1:b5:e4:7c:9f:66:80:11:1d:8e:fc:77:
                    f4:e5:82:a2:1f:9e:26:19:a1:59:94:44:35:cc:a4:
                    72:c8:06:be:de:d2:90:b7:97:38:3d:81:65:bf:68:
                    2c:b1:c4:8e:85:a9:b5:fc:2c:db:c2:0b:69:fc:ea:
                    89:b2:13:1b:49:96:a4:ac:d3:83:4e:e6:a6:22:53:
                    da:68:37:14:c0:44:31:09:6e:3d:da:47:11:12:04:
                    df:56:2c:21:0f:80:77:d4:b2:94:5d:9d:43:cf:d6:
                    6f:6f:67:e3:aa:3c:c1:78:6d:c1:16:f4:d7:97:07:
                    41:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:36:97:70:7B:AE:DE:9E:F3:08:86:F7:FE:1A:1A:37:CD:BC:E2:BF
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2b47ae49-7e0d-437b-8132-173dee6fae95.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1fff:8110::/48

    Signature Algorithm: sha256WithRSAEncryption
         ae:c9:44:5c:02:ff:28:10:7a:2e:92:51:16:05:77:a9:f9:fc:
         fd:0d:ac:81:fd:87:de:1c:f5:29:53:aa:99:f7:e3:60:61:67:
         9d:01:e0:f3:ca:b7:54:23:ae:b9:5e:3f:82:2f:f9:f1:3e:e9:
         a7:31:ff:bf:21:b1:10:d9:ce:72:f3:c0:d8:32:9a:65:2a:a1:
         da:2b:74:6b:78:ef:a5:69:b3:29:0a:28:01:67:28:64:31:1f:
         d0:12:16:1d:fc:f4:f4:46:06:2f:47:82:3f:4c:5e:5f:61:72:
         2b:70:f4:57:8b:c6:e7:ca:cb:b3:a6:9e:e1:df:6b:a1:9c:ec:
         2d:5f:a5:51:5c:3a:e8:ce:d1:fc:80:d8:77:18:5b:06:c7:85:
         b5:70:24:44:60:2a:30:92:0e:f6:5c:ca:ab:9c:eb:3b:0e:a1:
         e5:39:ae:19:37:82:b0:c6:0d:82:74:13:d8:8a:31:cd:49:fd:
         5d:69:a7:9f:ed:d8:c9:28:04:a6:7b:78:2f:87:13:c1:69:09:
         fd:9b:47:fc:e3:71:db:52:77:32:f0:77:99:ac:99:8d:f2:fb:
         63:7e:29:b3:10:4c:f7:0b:93:77:3a:ae:72:82:e1:a5:81:51:
         4f:95:bd:e7:84:8d:38:48:b5:e4:f6:4a:1b:4d:d5:52:8f:00:
         38:19:59:e2
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUc6X6SKtfmFZdNGyUQ7jOngGuwBYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNDIxMTcyMDMzWhcNMjUwNTI2MjM1OTU5
WjB6MUkwRwYDVQQFE0BlZjhkY2ZhY2Y0ZWE4YTE1OWNhNDI0NDk2NjliZTAxNTZh
YWU5NjQ3M2RkOWVmMmUwMDNhZDFkMDQ5Y2RlM2I1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDuS2df6I20cKp5E67r9xsiZCpiSQ/3LJkUNJ5vGfrKShgg
pTSx6SFWremrJKrOGliTD//iDJdamHsUxGw/Sj37opRvlenIldU4q5QxUjWVlZt4
QHPjoACroPuB8TIC5QwPHrVHe7ETkQye9xcR9vK3UQ196mKuq0XRb09vwuY1eaz5
cPFZ+MIiKvG15HyfZoARHY78d/TlgqIfniYZoVmURDXMpHLIBr7e0pC3lzg9gWW/
aCyxxI6FqbX8LNvCC2n86omyExtJlqSs04NO5qYiU9poNxTARDEJbj3aRxESBN9W
LCEPgHfUspRdnUPP1m9vZ+OqPMF4bcEW9NeXB0F1AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUuTaXcHuu3p7zCIb3/hoaN8284r8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzJiNDdhZTQ5LTdlMGQtNDM3Yi04MTMyLTE3M2RlZTZmYWU5NS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB//gRAwDQYJKoZIhvcNAQELBQADggEBAK7JRFwC/ygQei6SURYFd6n5
/P0NrIH9h94c9SlTqpn342BhZ50B4PPKt1QjrrleP4Iv+fE+6acx/78hsRDZznLz
wNgymmUqodordGt476VpsykKKAFnKGQxH9ASFh389PRGBi9Hgj9MXl9hcitw9FeL
xufKy7OmnuHfa6Gc7C1fpVFcOujO0fyA2HcYWwbHhbVwJERgKjCSDvZcyquc6zsO
oeU5rhk3grDGDYJ0E9iKMc1J/V1pp5/t2MkoBKZ7eC+HE8FpCf2bR/zjcdtSdzLw
d5msmY3y+2N+KbMQTPcLk3c6rnKC4aWBUU+VveeEjThIteT2ShtN1VKPADgZWeI=
-----END CERTIFICATE-----