Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9a9db74d-2685-478a-8752-9a852c0bc6fc.roa
File:                     9a9db74d-2685-478a-8752-9a852c0bc6fc.roa (raw, json)
Hash identifier:          Tp6ZGO/uVQol7Rn0NpzULG+svsC5oKmCPStP4Nkw3DM=
Subject key identifier:   58:32:08:9B:48:10:B9:9D:12:FD:0D:1E:B5:52:AA:F1:11:D3:61:8E
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       3725CF5841CB6DECD67D2E65B8855FC70E8892B4
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9a9db74d-2685-478a-8752-9a852c0bc6fc.roa
Signing time:             Mon 02 Jun 2025 15:40:20 +0000
ROA not before:           Mon 02 Jun 2025 15:40:20 +0000
ROA not after:            Mon 07 Jul 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        50.16.160.0/20 maxlen: 20
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 16 Jun 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            37:25:cf:58:41:cb:6d:ec:d6:7d:2e:65:b8:85:5f:c7:0e:88:92:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jun  2 15:40:20 2025 GMT
            Not After : Jul  7 23:59:59 2025 GMT
        Subject: serialNumber=34b7ae5583675335159db0e449f7558b249fb0d0d6b499972f9f75542451bf43, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:3f:89:f0:c0:8d:32:32:87:f1:5a:d6:b8:23:
                    84:0b:9a:41:3d:9b:ac:94:26:e7:a5:6a:a4:04:e9:
                    53:09:30:d1:92:d8:50:db:be:7f:5b:bf:b8:40:81:
                    a0:ca:32:86:4e:44:21:a4:c2:ca:39:53:83:23:67:
                    92:87:82:a0:b8:47:f7:9f:2f:4c:26:c4:da:1e:55:
                    3b:51:10:14:58:84:a4:b7:31:28:6f:b9:ce:ce:4e:
                    b6:b4:c0:cb:f2:b2:c4:ec:22:01:87:48:8d:e2:30:
                    4f:5e:8c:1f:73:22:a4:99:02:8b:c7:fd:54:9b:05:
                    28:c1:22:1f:0c:71:09:ab:92:40:0b:36:a6:6f:15:
                    22:22:e8:6c:40:d5:6d:10:77:62:11:04:78:ee:ba:
                    88:d8:85:87:ce:c1:7a:b0:09:09:90:c6:76:42:9c:
                    8c:f9:ae:9b:e6:2d:bf:97:72:f4:fd:b8:1a:44:ae:
                    cb:9c:bf:63:24:13:05:a1:c6:7b:0c:a8:85:2c:bf:
                    a9:8a:c8:c0:fb:cc:fc:f0:54:d5:2b:5b:86:6d:01:
                    b2:e4:2e:5b:c7:c1:5e:98:c5:a1:b4:ab:b4:fe:c0:
                    74:52:58:15:13:59:66:65:00:9c:31:da:95:fa:7d:
                    49:45:dd:37:10:06:b0:ea:3b:73:e6:b9:a1:b1:e6:
                    33:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:32:08:9B:48:10:B9:9D:12:FD:0D:1E:B5:52:AA:F1:11:D3:61:8E
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9a9db74d-2685-478a-8752-9a852c0bc6fc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  50.16.160.0/20

    Signature Algorithm: sha256WithRSAEncryption
         9f:b1:5d:27:6a:35:5c:2f:cd:1b:13:63:ba:d4:f2:35:e8:52:
         f3:7e:fc:62:02:8a:20:4c:e7:09:48:4a:63:d5:1e:0e:98:5a:
         0b:67:0d:96:5c:ef:ac:b8:1d:92:b6:3d:74:53:d9:a5:7b:0d:
         c5:15:78:24:88:ea:4c:19:8e:38:bb:85:d7:0e:fe:49:70:0c:
         9f:7e:38:0c:49:ea:1d:a9:45:43:cf:db:e9:4f:fb:df:39:12:
         c6:26:be:a0:fe:9e:8f:76:6b:42:b0:22:37:6c:8b:50:57:57:
         5c:77:99:14:51:47:34:8b:00:85:e4:a2:ea:ea:fd:49:98:6e:
         30:4a:0e:e4:51:18:c9:5f:27:3b:07:e4:49:59:78:d0:a5:ea:
         4a:bc:cf:2c:f4:d8:a5:42:3d:b4:ec:17:99:d3:30:97:df:34:
         98:d6:ea:9f:6f:74:b7:34:6d:eb:e6:25:98:1f:36:4b:9f:e3:
         73:90:80:f2:46:34:69:f2:a6:b5:e7:4e:2c:7c:0d:f9:bf:6a:
         34:aa:0e:35:bf:d3:98:0d:3a:63:0f:4e:86:79:1d:47:6e:e1:
         c7:68:4f:91:98:eb:ee:ef:60:89:31:1e:8c:16:f2:28:e0:82:
         9a:d8:14:df:78:49:1a:dc:86:dc:30:b5:b1:e1:07:56:b5:87:
         4e:20:3e:82
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUNyXPWEHLbezWfS5luIVfxw6IkrQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNjAyMTU0MDIwWhcNMjUwNzA3MjM1OTU5
WjB6MUkwRwYDVQQFE0AzNGI3YWU1NTgzNjc1MzM1MTU5ZGIwZTQ0OWY3NTU4YjI0
OWZiMGQwZDZiNDk5OTcyZjlmNzU1NDI0NTFiZjQzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCUP4nwwI0yMofxWta4I4QLmkE9m6yUJuelaqQE6VMJMNGS
2FDbvn9bv7hAgaDKMoZORCGkwso5U4MjZ5KHgqC4R/efL0wmxNoeVTtREBRYhKS3
MShvuc7OTra0wMvyssTsIgGHSI3iME9ejB9zIqSZAovH/VSbBSjBIh8McQmrkkAL
NqZvFSIi6GxA1W0Qd2IRBHjuuojYhYfOwXqwCQmQxnZCnIz5rpvmLb+XcvT9uBpE
rsucv2MkEwWhxnsMqIUsv6mKyMD7zPzwVNUrW4ZtAbLkLlvHwV6YxaG0q7T+wHRS
WBUTWWZlAJwx2pX6fUlF3TcQBrDqO3PmuaGx5jPHAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUWDIIm0gQuZ0S/Q0etVKq8RHTYY4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzlhOWRiNzRkLTI2ODUtNDc4YS04NzUyLTlhODUyYzBiYzZmYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAQyEKAwDQYJKoZIhvcNAQELBQADggEBAJ+xXSdqNVwvzRsTY7rU8jXoUvN+
/GICiiBM5wlISmPVHg6YWgtnDZZc76y4HZK2PXRT2aV7DcUVeCSI6kwZjji7hdcO
/klwDJ9+OAxJ6h2pRUPP2+lP+985EsYmvqD+no92a0KwIjdsi1BXV1x3mRRRRzSL
AIXkourq/UmYbjBKDuRRGMlfJzsH5ElZeNCl6kq8zyz02KVCPbTsF5nTMJffNJjW
6p9vdLc0bevmJZgfNkuf43OQgPJGNGnyprXnTix8Dfm/ajSqDjW/05gNOmMPToZ5
HUdu4cdoT5GY6+7vYIkxHowW8ijggprYFN94SRrchtwwtbHhB1a1h04gPoI=
-----END CERTIFICATE-----