Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/a86c8ffa-34ab-4a01-8f63-86207fe44159.roa
File:                     a86c8ffa-34ab-4a01-8f63-86207fe44159.roa (raw, json)
Hash identifier:          7H3dVeCoiZtSRnHhF/58snv8vVTqpJ570p4Iit+Frck=
Subject key identifier:   9B:5B:DF:C2:5E:7B:1B:80:8E:9A:3D:2D:9E:92:27:F4:F7:AE:67:E9
Certificate issuer:       /CN=c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2
Certificate serial:       1D786D6192DB183F0BA39744491DF6E389813D07
Authority key identifier: 1E:5F:2D:62:F8:5A:D2:84:D4:D1:89:25:6B:88:69:E8:E9:11:28:38
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/a86c8ffa-34ab-4a01-8f63-86207fe44159.roa
Signing time:             Wed 16 Apr 2025 00:10:08 +0000
ROA not before:           Wed 16 Apr 2025 00:10:08 +0000
ROA not after:            Wed 21 May 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2606:f40::/39 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/HwZxfSr2LjgJByCEw6-PSJSOQOI.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/HwZxfSr2LjgJByCEw6-PSJSOQOI.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/76fe11d4-d352-4994-8f6c-d6c91b0b8415.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/76fe11d4-d352-4994-8f6c-d6c91b0b8415.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 27 Apr 2025 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1d:78:6d:61:92:db:18:3f:0b:a3:97:44:49:1d:f6:e3:89:81:3d:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2
        Validity
            Not Before: Apr 16 00:10:08 2025 GMT
            Not After : May 21 23:59:59 2025 GMT
        Subject: serialNumber=0bd0220d87a66710512774cb104ace4bea9c5f78adda98764f66e93ffc275066, CN=8f95e4d1-f14f-4d61-ae00-67e047d2f102
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:9b:24:c9:c4:c2:73:90:8e:e9:69:c5:78:70:
                    17:22:a8:66:b0:db:9b:89:9b:f3:b0:58:0b:86:26:
                    24:13:1f:2e:4a:e1:66:d0:3c:fd:27:6e:f5:8f:68:
                    22:2a:e9:70:f0:52:9f:3e:f6:8d:6c:1c:d6:c9:8f:
                    19:6e:56:6c:a4:98:f8:d6:c7:8b:e8:6e:76:56:10:
                    76:2b:cb:29:f4:c7:0a:88:b9:42:73:11:19:1e:7f:
                    14:6b:03:f9:a4:55:74:e2:0f:f9:fd:59:98:ea:f6:
                    93:16:63:4b:55:3f:9b:b7:28:31:84:62:79:d4:b3:
                    23:f3:46:19:c1:7e:78:75:57:c3:87:78:08:59:aa:
                    44:00:99:9b:af:82:ad:c4:8c:64:46:98:1a:64:92:
                    19:98:a0:9f:f1:df:2b:3b:09:ee:b4:0a:a4:db:cf:
                    09:69:bd:1d:ac:a5:a4:5d:b2:33:c2:98:0c:dd:ad:
                    b8:fd:24:c4:7e:27:11:66:1a:12:1d:3d:15:2b:27:
                    85:c6:41:49:38:fb:4d:ee:ae:47:74:5e:d6:a5:69:
                    5e:ad:6e:f2:33:7c:0c:3d:9f:a2:0b:e5:8a:11:c1:
                    c3:a3:85:da:55:2d:2b:6e:28:19:49:db:05:63:e3:
                    46:60:53:ef:68:a8:57:11:2d:78:b6:b9:d6:4d:49:
                    cf:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:5B:DF:C2:5E:7B:1B:80:8E:9A:3D:2D:9E:92:27:F4:F7:AE:67:E9
            X509v3 Authority Key Identifier:
                keyid:1E:5F:2D:62:F8:5A:D2:84:D4:D1:89:25:6B:88:69:E8:E9:11:28:38

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/a86c8ffa-34ab-4a01-8f63-86207fe44159.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/HwZxfSr2LjgJByCEw6-PSJSOQOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2606:f40::/39

    Signature Algorithm: sha256WithRSAEncryption
         37:ba:b0:19:69:91:2c:fd:56:fe:a5:82:47:fe:d0:08:a6:0d:
         63:47:af:2e:3c:85:bd:80:6b:b1:3e:01:0e:95:50:b5:2c:16:
         e8:d3:66:b1:ff:6d:94:5a:95:56:84:f9:9c:e0:f2:5f:0a:64:
         88:29:80:f8:68:05:3e:5f:fc:9e:7f:73:52:7a:b8:b6:96:bf:
         15:c4:41:b5:a4:ac:91:e2:b3:dc:12:cf:af:04:d2:1f:0a:71:
         a4:3c:a7:21:9b:de:0e:e0:a8:71:8a:94:4e:b5:7b:09:a0:cc:
         37:30:3a:5d:a6:69:57:dd:1a:57:30:ab:c2:80:fb:a1:19:1f:
         06:46:b6:fa:57:97:cc:52:15:34:5d:0a:8d:93:15:fb:11:0e:
         53:29:17:bb:31:2a:a6:99:4c:19:8b:54:ac:44:56:8e:e9:08:
         37:ca:f7:5c:98:26:50:e6:31:ac:a6:c4:df:e1:80:fb:ee:0e:
         2a:a8:04:d3:fe:e6:e4:82:e7:0d:85:70:4e:e0:2b:de:47:71:
         7b:60:89:9f:db:e5:4e:93:1b:c4:30:a1:71:64:49:f4:b9:fe:
         8f:56:f8:b7:b3:68:c9:36:aa:42:8a:07:a9:c8:37:02:d9:63:
         bf:df:84:8e:c9:92:45:80:c5:39:2d:3d:1d:a0:e8:a8:c1:31:
         7a:35:7d:d3
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUHXhtYZLbGD8Lo5dESR3244mBPQcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYzE2N2E4YjNhMDFmMDY3MTdkMmFmNjJlMzgwOTA3MjA4
NGMzYWY4ZjQ4OTQ4ZTQwZTIwHhcNMjUwNDE2MDAxMDA4WhcNMjUwNTIxMjM1OTU5
WjB6MUkwRwYDVQQFE0AwYmQwMjIwZDg3YTY2NzEwNTEyNzc0Y2IxMDRhY2U0YmVh
OWM1Zjc4YWRkYTk4NzY0ZjY2ZTkzZmZjMjc1MDY2MS0wKwYDVQQDEyQ4Zjk1ZTRk
MS1mMTRmLTRkNjEtYWUwMC02N2UwNDdkMmYxMDIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCRmyTJxMJzkI7pacV4cBciqGaw25uJm/OwWAuGJiQTHy5K
4WbQPP0nbvWPaCIq6XDwUp8+9o1sHNbJjxluVmykmPjWx4vobnZWEHYryyn0xwqI
uUJzERkefxRrA/mkVXTiD/n9WZjq9pMWY0tVP5u3KDGEYnnUsyPzRhnBfnh1V8OH
eAhZqkQAmZuvgq3EjGRGmBpkkhmYoJ/x3ys7Ce60CqTbzwlpvR2spaRdsjPCmAzd
rbj9JMR+JxFmGhIdPRUrJ4XGQUk4+03urkd0XtalaV6tbvIzfAw9n6IL5YoRwcOj
hdpVLStuKBlJ2wVj40ZgU+9oqFcRLXi2udZNSc+FAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUm1vfwl57G4COmj0tnpIn9PeuZ+kwHwYDVR0jBBgwFoAUHl8tYvha0oTU
0Ykla4hp6OkRKDgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
Lzc2ZmUxMWQ0LWQzNTItNDk5NC04ZjZjLWQ2YzkxYjBiODQxNS8wYTNkYjRmZi05
Y2Q4LTRkMDItYTAyNy02ZmE5MDQ5NGEzYTEvYzE2N2E4YjNhMDFmMDY3MTdkMmFm
NjJlMzgwOTA3MjA4NGMzYWY4ZjQ4OTQ4ZTQwZTIuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMmYwNTlhMjEtZDQxYi00ODQ2LWI3YWUtN2Vh
MzhjMzJmZDRjL2E4NmM4ZmZhLTM0YWItNGEwMS04ZjYzLTg2MjA3ZmU0NDE1OS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzJmMDU5YTIxLWQ0MWItNDg0Ni1iN2Fl
LTdlYTM4YzMyZmQ0Yy9Id1p4ZlNyMkxqZ0pCeUNFdzYtUFNKU09RT0kuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgEmBg9AADANBgkqhkiG9w0BAQsFAAOCAQEAN7qwGWmRLP1W/qWCR/7QCKYN
Y0evLjyFvYBrsT4BDpVQtSwW6NNmsf9tlFqVVoT5nODyXwpkiCmA+GgFPl/8nn9z
Unq4tpa/FcRBtaSskeKz3BLPrwTSHwpxpDynIZveDuCocYqUTrV7CaDMNzA6XaZp
V90aVzCrwoD7oRkfBka2+leXzFIVNF0KjZMV+xEOUykXuzEqpplMGYtUrERWjukI
N8r3XJgmUOYxrKbE3+GA++4OKqgE0/7m5ILnDYVwTuAr3kdxe2CJn9vlTpMbxDCh
cWRJ9Ln+j1b4t7NoyTaqQooHqcg3Atljv9+EjsmSRYDFOS09HaDoqMExejV90w==
-----END CERTIFICATE-----