Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e5820bae-05d9-4969-ba5c-057ac64a8fa5.roa
File:                     e5820bae-05d9-4969-ba5c-057ac64a8fa5.roa (raw, json)
Hash identifier:          VeQrqystWgsQxG6SN8MCRLTPX2Lfr9TOX0wqqZRdSQ0=
Subject key identifier:   1A:8A:30:05:26:2B:22:2E:F9:55:E8:27:0A:41:84:0A:80:E0:F6:2F
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0EEF1F77D03980E655B106F92FCE795E4625FDA0
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e5820bae-05d9-4969-ba5c-057ac64a8fa5.roa
Signing time:             Mon 21 Apr 2025 18:11:57 +0000
ROA not before:           Mon 21 Apr 2025 18:11:57 +0000
ROA not after:            Mon 26 May 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f00:50c0::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 28 Apr 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0e:ef:1f:77:d0:39:80:e6:55:b1:06:f9:2f:ce:79:5e:46:25:fd:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Apr 21 18:11:57 2025 GMT
            Not After : May 26 23:59:59 2025 GMT
        Subject: serialNumber=18cc0a729b8c2a1ee69d041566e35386726807f00d48f08f7bf908d94c28a53d, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:86:e5:2a:72:7a:fa:08:12:32:22:3e:ca:9f:
                    14:15:c3:aa:90:59:46:27:0c:84:30:4a:32:90:fc:
                    8a:35:84:98:73:4d:78:b1:53:e5:dc:3a:11:92:76:
                    1c:e3:f6:d9:d4:3a:6a:53:f3:ee:66:f8:ab:f5:36:
                    ce:bc:c7:2a:3e:ec:a9:2f:60:7e:52:f8:22:8a:5d:
                    a0:97:3c:82:31:a9:45:7a:38:c0:e1:14:98:db:52:
                    e5:82:be:3c:e1:9b:64:06:94:62:93:2e:60:c5:3a:
                    31:9b:58:99:a3:63:16:35:93:d0:db:12:e5:4f:32:
                    59:db:14:a4:89:b3:b1:14:3b:ff:18:89:cf:b8:60:
                    c1:5c:f3:8d:64:49:20:07:61:d6:71:e3:c1:6c:b1:
                    bc:bf:ff:a8:0c:f2:c1:43:43:8e:9d:ff:7b:a6:23:
                    6e:7b:ea:a5:21:aa:cb:6d:b5:1e:eb:cd:c6:ff:5f:
                    e7:bb:d2:97:26:c6:8b:c7:07:36:a2:a1:25:16:ac:
                    6f:be:31:7a:24:6e:f0:3d:4a:3d:c3:ab:0d:a6:a0:
                    4d:cc:7d:eb:f6:b6:ff:ed:bb:f2:4e:ce:b5:90:8d:
                    ab:95:c4:5a:a2:6c:23:e3:57:da:13:38:65:d5:a6:
                    06:3b:74:7f:be:d4:3c:5e:2c:5c:7f:22:98:08:42:
                    dc:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:8A:30:05:26:2B:22:2E:F9:55:E8:27:0A:41:84:0A:80:E0:F6:2F
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e5820bae-05d9-4969-ba5c-057ac64a8fa5.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f00:50c0::/48

    Signature Algorithm: sha256WithRSAEncryption
         a1:fb:c4:b9:a7:47:10:ba:5e:cc:0a:0a:35:fa:a3:ac:7d:5a:
         69:f8:f1:c8:f5:a8:9a:20:bb:ef:74:8b:32:3d:f4:90:aa:e7:
         ad:37:4e:57:a5:89:f7:84:84:0a:9f:08:5c:0c:79:72:b1:5c:
         28:e5:c3:a2:59:59:8f:5e:96:5d:ea:5a:e5:42:71:9c:f8:a6:
         85:20:63:dd:a0:10:bd:73:9a:a3:9e:b7:cf:42:5a:a0:8a:7e:
         4b:f2:7d:b7:7a:0f:b1:fb:f7:a7:0c:0a:f9:66:64:f3:b0:93:
         ce:36:05:6b:8f:e5:14:7f:1d:08:41:dc:de:c2:9a:55:8c:c4:
         e2:b0:11:b9:e9:03:15:01:23:46:4d:1a:a7:54:80:9c:4f:83:
         fc:ed:3f:fa:00:11:02:74:61:ee:1a:53:f6:b7:66:07:c4:97:
         51:f6:75:1f:d4:38:38:ed:5c:a3:23:fe:cf:8a:0e:c8:39:23:
         f9:6b:b4:aa:b1:f9:05:5d:5d:60:14:6a:44:67:9c:92:35:2e:
         34:fc:e1:a1:27:1e:cf:57:8d:60:af:f7:0a:cd:12:86:9e:a0:
         78:ce:d2:10:bb:67:0c:52:12:f4:18:3f:0f:f8:30:45:ae:fe:
         2c:76:32:1f:29:a4:7d:87:06:31:86:71:67:ba:c4:72:e9:a4:
         0f:20:db:b2
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUDu8fd9A5gOZVsQb5L855XkYl/aAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNDIxMTgxMTU3WhcNMjUwNTI2MjM1OTU5
WjB6MUkwRwYDVQQFE0AxOGNjMGE3MjliOGMyYTFlZTY5ZDA0MTU2NmUzNTM4Njcy
NjgwN2YwMGQ0OGYwOGY3YmY5MDhkOTRjMjhhNTNkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDFhuUqcnr6CBIyIj7KnxQVw6qQWUYnDIQwSjKQ/Io1hJhz
TXixU+XcOhGSdhzj9tnUOmpT8+5m+Kv1Ns68xyo+7KkvYH5S+CKKXaCXPIIxqUV6
OMDhFJjbUuWCvjzhm2QGlGKTLmDFOjGbWJmjYxY1k9DbEuVPMlnbFKSJs7EUO/8Y
ic+4YMFc841kSSAHYdZx48Fssby//6gM8sFDQ46d/3umI2576qUhqstttR7rzcb/
X+e70pcmxovHBzaioSUWrG++MXokbvA9Sj3Dqw2moE3Mfev2tv/tu/JOzrWQjauV
xFqibCPjV9oTOGXVpgY7dH++1DxeLFx/IpgIQtyFAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUGoowBSYrIi75VegnCkGECoDg9i8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2U1ODIwYmFlLTA1ZDktNDk2OS1iYTVjLTA1N2FjNjRhOGZhNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB8AUMAwDQYJKoZIhvcNAQELBQADggEBAKH7xLmnRxC6XswKCjX6o6x9
Wmn48cj1qJogu+90izI99JCq5603TlelifeEhAqfCFwMeXKxXCjlw6JZWY9ell3q
WuVCcZz4poUgY92gEL1zmqOet89CWqCKfkvyfbd6D7H796cMCvlmZPOwk842BWuP
5RR/HQhB3N7CmlWMxOKwEbnpAxUBI0ZNGqdUgJxPg/ztP/oAEQJ0Ye4aU/a3ZgfE
l1H2dR/UODjtXKMj/s+KDsg5I/lrtKqx+QVdXWAUakRnnJI1LjT84aEnHs9XjWCv
9wrNEoaeoHjO0hC7ZwxSEvQYPw/4MEWu/ix2Mh8ppH2HBjGGcWe6xHLppA8g27I=
-----END CERTIFICATE-----