Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e5f18579-4226-47e9-b74a-e5c188798d56.roa
File:                     e5f18579-4226-47e9-b74a-e5c188798d56.roa (raw, json)
Hash identifier:          uVWhA5zk8kVTXDhXaoXGm2m810TgEAU9UdPFeuZGJXQ=
Subject key identifier:   D7:C8:3F:5F:88:E5:A1:FD:05:D3:26:21:C8:FC:8E:42:40:AF:4F:5F
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       78F0287E633BAFBB923A306ABB3B565D24430A4E
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e5f18579-4226-47e9-b74a-e5c188798d56.roa
Signing time:             Tue 22 Apr 2025 16:00:13 +0000
ROA not before:           Tue 22 Apr 2025 16:00:13 +0000
ROA not after:            Tue 27 May 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1fff:4000::/39 maxlen: 39
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 27 Apr 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            78:f0:28:7e:63:3b:af:bb:92:3a:30:6a:bb:3b:56:5d:24:43:0a:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Apr 22 16:00:13 2025 GMT
            Not After : May 27 23:59:59 2025 GMT
        Subject: serialNumber=21151b7be0610456264f6d4788b78b223f09dd689dcace593b513a80b8b4b2b6, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:63:52:3a:81:53:17:1f:f3:f8:15:c6:5e:01:
                    ff:0f:0f:07:2d:d8:56:eb:16:d1:9c:c2:03:bf:6d:
                    74:59:b7:bc:cc:09:a2:af:93:53:b8:48:d6:59:b3:
                    e5:d7:a8:23:72:f3:14:8a:90:f4:6b:4a:ae:b2:5d:
                    44:29:0e:06:c3:a7:e2:9c:2c:d9:ba:98:77:ae:5d:
                    d9:73:0d:75:90:63:c7:7c:84:af:d9:96:5b:25:9d:
                    d2:c4:6e:9e:44:23:f9:61:fe:bc:05:0c:b9:60:5c:
                    87:96:77:74:e4:c6:4b:75:24:3f:e2:5a:1c:19:ad:
                    50:a1:a6:0d:44:30:16:37:b8:9f:cb:65:e8:3f:08:
                    40:d4:c8:92:c6:77:a4:e9:a9:f1:49:58:77:2e:f7:
                    11:6e:9e:70:d7:4e:29:88:67:ba:e1:65:cd:9d:9a:
                    cb:97:11:d9:41:eb:07:96:98:a6:67:ca:3b:59:2d:
                    5c:96:9a:4f:36:61:9d:36:a6:c4:af:47:38:31:a8:
                    ed:d0:6e:92:ab:1d:ca:30:ad:a1:7f:bc:14:20:c0:
                    11:f8:6b:e7:97:10:8f:34:13:32:fc:5c:ca:88:26:
                    40:b4:7d:42:a3:a0:ac:79:df:8e:90:bb:f7:66:38:
                    77:86:2c:99:69:d6:42:cf:27:f9:b6:41:c6:c9:07:
                    1d:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:C8:3F:5F:88:E5:A1:FD:05:D3:26:21:C8:FC:8E:42:40:AF:4F:5F
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e5f18579-4226-47e9-b74a-e5c188798d56.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1fff:4000::/39

    Signature Algorithm: sha256WithRSAEncryption
         6d:77:8b:b0:62:38:6b:89:e4:4b:c2:09:51:07:d8:24:3a:1e:
         07:4c:1f:83:4a:8a:39:d5:04:24:f0:5e:42:af:23:78:6b:26:
         a6:6f:09:73:f2:1c:6d:77:f6:51:3a:6a:83:cf:f1:ef:8a:15:
         84:5b:c0:b0:0e:54:e1:94:32:45:3d:79:4e:d8:87:08:99:44:
         7e:54:eb:26:37:05:ba:63:4d:b8:f8:73:15:44:d0:60:16:60:
         61:52:88:b4:c9:56:e2:9b:f9:88:b7:25:54:3b:0b:88:93:34:
         0d:07:34:63:8d:52:2c:97:97:40:b5:79:52:c0:92:2c:4d:7a:
         0b:5d:80:1e:d8:a4:42:e6:e5:48:fc:c2:27:73:5a:2e:9d:83:
         e7:87:2a:57:0a:61:6a:10:87:ab:24:16:0e:12:30:08:9e:9c:
         8a:8e:69:01:98:bf:52:e7:4f:93:3b:51:b2:5e:93:05:ac:04:
         b2:16:09:3c:5d:f5:19:7f:63:21:69:cb:68:d8:1c:5f:8a:6b:
         4a:cb:88:d0:54:00:74:b2:cf:ac:67:ab:d8:67:c6:58:a1:57:
         a8:3e:b8:b5:eb:3b:14:f1:89:cc:ab:f9:0a:cc:0e:40:9e:03:
         d5:a1:f4:0e:b2:11:ff:07:a0:13:37:ab:02:92:67:8a:66:fc:
         13:d1:95:4d
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUePAofmM7r7uSOjBquztWXSRDCk4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNDIyMTYwMDEzWhcNMjUwNTI3MjM1OTU5
WjB6MUkwRwYDVQQFE0AyMTE1MWI3YmUwNjEwNDU2MjY0ZjZkNDc4OGI3OGIyMjNm
MDlkZDY4OWRjYWNlNTkzYjUxM2E4MGI4YjRiMmI2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDLY1I6gVMXH/P4FcZeAf8PDwct2FbrFtGcwgO/bXRZt7zM
CaKvk1O4SNZZs+XXqCNy8xSKkPRrSq6yXUQpDgbDp+KcLNm6mHeuXdlzDXWQY8d8
hK/ZllslndLEbp5EI/lh/rwFDLlgXIeWd3Tkxkt1JD/iWhwZrVChpg1EMBY3uJ/L
Zeg/CEDUyJLGd6TpqfFJWHcu9xFunnDXTimIZ7rhZc2dmsuXEdlB6weWmKZnyjtZ
LVyWmk82YZ02psSvRzgxqO3QbpKrHcowraF/vBQgwBH4a+eXEI80EzL8XMqIJkC0
fUKjoKx5346Qu/dmOHeGLJlp1kLPJ/m2QcbJBx1/AgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQU18g/X4jlof0F0yYhyPyOQkCvT18wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2U1ZjE4NTc5LTQyMjYtNDdlOS1iNzRhLWU1YzE4ODc5OGQ1Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgEmAB//QDANBgkqhkiG9w0BAQsFAAOCAQEAbXeLsGI4a4nkS8IJUQfYJDoe
B0wfg0qKOdUEJPBeQq8jeGsmpm8Jc/IcbXf2UTpqg8/x74oVhFvAsA5U4ZQyRT15
TtiHCJlEflTrJjcFumNNuPhzFUTQYBZgYVKItMlW4pv5iLclVDsLiJM0DQc0Y41S
LJeXQLV5UsCSLE16C12AHtikQublSPzCJ3NaLp2D54cqVwphahCHqyQWDhIwCJ6c
io5pAZi/UudPkztRsl6TBawEshYJPF31GX9jIWnLaNgcX4prSsuI0FQAdLLPrGer
2GfGWKFXqD64tes7FPGJzKv5CswOQJ4D1aH0DrIR/wegEzerApJnimb8E9GVTQ==
-----END CERTIFICATE-----