Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/494ac592-fba5-41f1-ab2a-ccd1bdb60cab.roa
File:                     494ac592-fba5-41f1-ab2a-ccd1bdb60cab.roa (raw, json)
Hash identifier:          w6Cddc94bXOLpVxVgrdhtkTAvKMSwRkmNznmyYdoIAQ=
Subject key identifier:   A0:EE:37:9B:3D:D6:68:9D:3C:05:B9:43:07:00:0F:83:85:E1:3B:E1
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       55AB6FB19DB3164FFC6256C0BA35B5DA50A0230A
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/494ac592-fba5-41f1-ab2a-ccd1bdb60cab.roa
Signing time:             Tue 15 Apr 2025 00:50:25 +0000
ROA not before:           Tue 15 Apr 2025 00:50:25 +0000
ROA not after:            Tue 20 May 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        173.82.72.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 27 Apr 2025 18:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            55:ab:6f:b1:9d:b3:16:4f:fc:62:56:c0:ba:35:b5:da:50:a0:23:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Apr 15 00:50:25 2025 GMT
            Not After : May 20 23:59:59 2025 GMT
        Subject: serialNumber=30f70348d287b7a55e5dd32605a9cae18d6fac00c37594d954bb453e4dea716d, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:2c:c0:bb:67:b1:59:a4:29:d9:2b:ca:42:1c:
                    68:b4:e6:03:0f:0a:07:2c:3b:e1:8b:23:20:f2:f1:
                    0a:ff:d4:2c:49:df:77:40:60:63:78:d9:96:06:fd:
                    4b:86:9c:f4:0b:f2:5a:70:8c:4b:c9:2f:e3:fd:66:
                    06:03:fc:10:51:09:78:32:e7:b5:8c:6b:8e:5c:42:
                    89:a4:7d:f6:d2:4b:77:7e:25:6b:93:3c:9e:a1:a8:
                    b2:8b:93:6b:8c:f9:3a:04:97:84:00:7f:91:5b:5e:
                    e6:31:a3:19:77:fa:33:cd:6f:ed:5a:6f:09:f6:34:
                    e9:b6:a1:08:e2:d8:c8:c0:e3:d1:06:b3:95:c8:11:
                    db:00:64:ec:09:7d:82:bf:e5:ed:79:89:fb:c0:3f:
                    63:a0:ee:27:58:b8:87:63:6e:f6:fa:5a:90:eb:72:
                    33:2e:a0:59:f3:f0:af:77:55:44:ac:0d:f1:82:a2:
                    b1:c3:5e:d8:64:b1:fa:52:fe:8d:31:af:69:2e:63:
                    ad:55:ec:f7:2f:d6:99:00:bb:ec:fd:29:2a:d8:e7:
                    a6:68:a8:0f:31:cf:e6:b2:4b:67:d4:fb:eb:2f:0e:
                    45:1f:b9:f5:02:1d:c3:ed:ad:dd:b9:59:ce:0e:a4:
                    c5:15:9d:5f:8d:66:f2:dc:d5:da:35:e3:54:39:6d:
                    3c:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:EE:37:9B:3D:D6:68:9D:3C:05:B9:43:07:00:0F:83:85:E1:3B:E1
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/494ac592-fba5-41f1-ab2a-ccd1bdb60cab.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  173.82.72.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0d:b8:b5:60:2d:64:78:90:aa:cf:b6:0a:36:b0:6a:19:d9:70:
         21:63:28:31:fa:b0:82:d7:06:67:6b:a6:ee:fc:3c:3f:85:3e:
         f5:31:9e:20:6b:17:e2:92:82:70:d6:f9:7b:25:7c:1e:ae:8f:
         4c:3d:2b:00:4d:00:20:28:5b:25:d0:24:06:77:21:3b:2a:74:
         ab:f0:19:c7:5d:63:35:d5:1a:d3:9b:11:41:cb:e9:74:11:ea:
         ab:9c:df:c2:97:7f:1e:ff:a9:6b:23:a4:fd:8b:38:9d:40:ca:
         5a:ce:3a:7b:91:c2:c2:22:28:e1:c2:ca:90:78:15:ce:5c:b1:
         b4:2b:45:0f:f9:0e:d6:c2:07:b7:af:a6:c7:98:33:86:9e:a1:
         ad:02:51:34:47:d6:8a:44:21:d5:8c:f8:cb:14:05:a2:17:7c:
         20:01:43:e8:b7:c5:cf:78:30:b6:9c:a7:a8:c8:8d:ee:a7:3b:
         25:9c:92:6f:8f:4a:85:35:be:32:1a:22:3c:72:74:59:52:f4:
         f3:3c:99:d3:82:cc:44:d0:e7:95:b9:13:53:6e:9c:4d:31:5d:
         c3:6f:93:f4:ff:c3:e5:76:d4:69:4b:1e:1e:89:18:03:95:2f:
         d1:29:75:71:00:76:7a:76:5e:ce:e3:4d:6d:1a:42:4b:75:02:
         e5:e7:54:53
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUVatvsZ2zFk/8YlbAujW12lCgIwowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUwNDE1MDA1MDI1WhcNMjUwNTIwMjM1OTU5
WjB6MUkwRwYDVQQFE0AzMGY3MDM0OGQyODdiN2E1NWU1ZGQzMjYwNWE5Y2FlMThk
NmZhYzAwYzM3NTk0ZDk1NGJiNDUzZTRkZWE3MTZkMS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCmLMC7Z7FZpCnZK8pCHGi05gMPCgcsO+GLIyDy8Qr/1CxJ
33dAYGN42ZYG/UuGnPQL8lpwjEvJL+P9ZgYD/BBRCXgy57WMa45cQomkffbSS3d+
JWuTPJ6hqLKLk2uM+ToEl4QAf5FbXuYxoxl3+jPNb+1abwn2NOm2oQji2MjA49EG
s5XIEdsAZOwJfYK/5e15ifvAP2Og7idYuIdjbvb6WpDrcjMuoFnz8K93VUSsDfGC
orHDXthksfpS/o0xr2kuY61V7Pcv1pkAu+z9KSrY56ZoqA8xz+ayS2fU++svDkUf
ufUCHcPtrd25Wc4OpMUVnV+NZvLc1do141Q5bTxhAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUoO43mz3WaJ08BblDBwAPg4XhO+EwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiLzQ5NGFjNTkyLWZiYTUtNDFmMS1hYjJhLWNjZDFiZGI2MGNhYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBACtUkgwDQYJKoZIhvcNAQELBQADggEBAA24tWAtZHiQqs+2CjawahnZcCFj
KDH6sILXBmdrpu78PD+FPvUxniBrF+KSgnDW+XslfB6uj0w9KwBNACAoWyXQJAZ3
ITsqdKvwGcddYzXVGtObEUHL6XQR6quc38KXfx7/qWsjpP2LOJ1AylrOOnuRwsIi
KOHCypB4Fc5csbQrRQ/5DtbCB7evpseYM4aeoa0CUTRH1opEIdWM+MsUBaIXfCAB
Q+i3xc94MLacp6jIje6nOyWckm+PSoU1vjIaIjxydFlS9PM8mdOCzETQ55W5E1Nu
nE0xXcNvk/T/w+V21GlLHh6JGAOVL9EpdXEAdnp2Xs7jTW0aQkt1AuXnVFM=
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:58:53 2025 by rpki-client