Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9515184d-12a2-49fb-b12f-8c4dfdddf2ad.roa
File:                     9515184d-12a2-49fb-b12f-8c4dfdddf2ad.roa (raw, json)
Hash identifier:          gdNZdh0/3FzlZHEbU3BeYa3tehuRo1qZXV/jkgXGSMg=
Subject key identifier:   BA:7C:08:F0:58:03:BF:6F:2B:85:90:FA:D2:AC:58:B6:4B:A0:CB:86
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       6CA69B4CF224B0F51FE92BDADB7389675641C639
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9515184d-12a2-49fb-b12f-8c4dfdddf2ad.roa
Signing time:             Fri 18 Apr 2025 00:30:35 +0000
ROA not before:           Fri 18 Apr 2025 00:30:35 +0000
ROA not after:            Fri 23 May 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        202.174.128.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 27 Apr 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6c:a6:9b:4c:f2:24:b0:f5:1f:e9:2b:da:db:73:89:67:56:41:c6:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Apr 18 00:30:35 2025 GMT
            Not After : May 23 23:59:59 2025 GMT
        Subject: serialNumber=a706dfc07fb018714ec91a71d404a714fa1df346aab7083b613d070f675e343b, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:01:34:7d:5d:0e:7f:8e:98:f6:a3:15:ce:c5:
                    82:a0:80:90:8b:46:ac:2e:97:4c:4d:bd:74:91:96:
                    bd:17:df:bb:56:e4:97:f3:ca:1b:9e:bb:a5:66:30:
                    94:b3:f5:90:32:29:2f:da:4a:80:55:1f:76:2b:07:
                    d4:ba:5d:15:86:b1:56:73:00:71:f0:76:04:7c:cf:
                    0b:81:a2:01:ad:c1:83:d0:df:db:79:cf:f0:87:1d:
                    a1:8b:11:8e:a7:d9:e2:f1:e9:92:69:d1:85:fd:00:
                    30:ed:15:66:ef:d7:a7:5d:bb:59:6d:51:d5:f7:e9:
                    f4:96:95:b0:05:37:7d:8c:e2:cb:05:99:d2:09:df:
                    7a:73:72:e5:6b:fb:47:bc:bb:b2:c9:be:29:34:45:
                    14:60:6c:0d:03:d8:74:87:b0:9c:a0:32:58:d8:c6:
                    55:6f:20:8e:23:33:57:61:f8:01:a8:45:d7:17:9d:
                    6b:e0:57:12:8c:bc:49:00:1d:5f:63:75:59:b6:91:
                    1b:de:d7:db:2e:5f:f5:3f:d0:82:5e:f4:71:e4:29:
                    85:a6:b8:9f:60:33:ac:ce:40:fc:9c:ac:d5:98:1f:
                    a5:19:0c:3a:9a:3d:db:ca:80:47:63:ed:56:9d:50:
                    b3:53:4c:20:ad:3c:c8:29:75:6f:94:b7:70:1f:31:
                    a2:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:7C:08:F0:58:03:BF:6F:2B:85:90:FA:D2:AC:58:B6:4B:A0:CB:86
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9515184d-12a2-49fb-b12f-8c4dfdddf2ad.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.174.128.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c4:15:c8:60:04:16:8f:09:6f:cb:5e:f3:fa:7c:68:ab:f0:d2:
         df:f3:c3:09:76:f0:2c:39:83:9e:7d:ca:49:d6:19:d6:e3:7c:
         74:de:81:ed:6a:a6:52:43:02:8a:42:d3:5d:54:4a:48:42:04:
         b8:50:36:cf:db:4b:2b:4e:74:03:14:b0:3c:e7:91:7d:c1:2d:
         fd:40:e9:37:f4:0e:a5:9a:9c:3c:8a:ba:e2:09:21:99:07:31:
         58:fc:65:f1:16:bb:86:1f:73:a8:b8:3e:f3:04:06:00:b2:94:
         7b:b5:cd:25:ea:7e:7e:a0:22:9a:c9:2d:04:ad:83:9e:44:c5:
         16:14:68:88:b6:7b:2b:58:fd:04:86:19:89:95:e7:37:50:6b:
         7e:f4:05:a0:60:ba:17:da:02:33:d0:67:be:54:61:dc:cf:09:
         5f:6f:37:5c:6d:fc:bd:54:66:61:69:de:af:de:58:4c:82:29:
         34:f8:e3:9d:77:9e:e3:49:2f:9d:dc:8f:c1:43:bd:a4:07:69:
         36:42:02:3b:a4:cd:a1:0d:2c:49:a9:cb:36:48:f7:b7:32:8d:
         02:57:c2:e3:9a:cd:7a:94:7a:03:79:8a:35:73:0f:d8:6c:47:
         c0:00:df:f5:3b:ac:0c:29:a1:0b:c4:5e:4e:98:4a:8a:0d:bd:
         5c:f3:39:b8
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUbKabTPIksPUf6Sva23OJZ1ZBxjkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNDE4MDAzMDM1WhcNMjUwNTIzMjM1OTU5
WjB6MUkwRwYDVQQFE0BhNzA2ZGZjMDdmYjAxODcxNGVjOTFhNzFkNDA0YTcxNGZh
MWRmMzQ2YWFiNzA4M2I2MTNkMDcwZjY3NWUzNDNiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDXATR9XQ5/jpj2oxXOxYKggJCLRqwul0xNvXSRlr0X37tW
5Jfzyhueu6VmMJSz9ZAyKS/aSoBVH3YrB9S6XRWGsVZzAHHwdgR8zwuBogGtwYPQ
39t5z/CHHaGLEY6n2eLx6ZJp0YX9ADDtFWbv16ddu1ltUdX36fSWlbAFN32M4ssF
mdIJ33pzcuVr+0e8u7LJvik0RRRgbA0D2HSHsJygMljYxlVvII4jM1dh+AGoRdcX
nWvgVxKMvEkAHV9jdVm2kRve19suX/U/0IJe9HHkKYWmuJ9gM6zOQPycrNWYH6UZ
DDqaPdvKgEdj7VadULNTTCCtPMgpdW+Ut3AfMaLJAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUunwI8FgDv28rhZD60qxYtkugy4YwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzk1MTUxODRkLTEyYTItNDlmYi1iMTJmLThjNGRmZGRkZjJhZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADKroAwDQYJKoZIhvcNAQELBQADggEBAMQVyGAEFo8Jb8te8/p8aKvw0t/z
wwl28Cw5g559yknWGdbjfHTege1qplJDAopC011USkhCBLhQNs/bSytOdAMUsDzn
kX3BLf1A6Tf0DqWanDyKuuIJIZkHMVj8ZfEWu4Yfc6i4PvMEBgCylHu1zSXqfn6g
IprJLQStg55ExRYUaIi2eytY/QSGGYmV5zdQa370BaBguhfaAjPQZ75UYdzPCV9v
N1xt/L1UZmFp3q/eWEyCKTT44513nuNJL53cj8FDvaQHaTZCAjukzaENLEmpyzZI
97cyjQJXwuOazXqUegN5ijVzD9hsR8AA3/U7rAwpoQvEXk6YSooNvVzzObg=
-----END CERTIFICATE-----