Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/5247e20e-4480-4c24-b0b9-365d2db6de35.roa
File:                     5247e20e-4480-4c24-b0b9-365d2db6de35.roa (raw, json)
Hash identifier:          sVg/SLB+UehApDH6SWZLDa6JZe4KZd1Ql1l93oir80M=
Subject key identifier:   84:2D:0C:8A:2B:A3:29:AA:29:B4:CA:EF:68:57:C5:AD:42:0E:C5:35
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       267504415241856ECA6E2EF3F56280955626328C
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/5247e20e-4480-4c24-b0b9-365d2db6de35.roa
Signing time:             Fri 11 Apr 2025 00:40:06 +0000
ROA not before:           Fri 11 Apr 2025 00:40:06 +0000
ROA not after:            Fri 16 May 2025 23:59:59 +0000
asID:                     21664
IP address blocks:        2605:9cc0:c15::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 29 Apr 2025 18:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            26:75:04:41:52:41:85:6e:ca:6e:2e:f3:f5:62:80:95:56:26:32:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Apr 11 00:40:06 2025 GMT
            Not After : May 16 23:59:59 2025 GMT
        Subject: serialNumber=56b72a77f6f61f98577f68f0331ee65b157e20228edc104081fda26e873a6290, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:04:62:e4:d2:54:ee:77:2f:62:0d:0e:32:8b:
                    18:f8:be:21:1a:83:21:87:38:f5:de:bf:61:d9:1f:
                    bb:c3:c3:0c:f8:7e:5c:2b:5d:b3:1e:15:af:99:8b:
                    0e:08:42:43:c4:3e:0e:6f:27:36:b1:de:49:bc:36:
                    11:48:1b:b5:3a:9e:52:ce:aa:42:99:f1:c8:8f:d3:
                    ea:43:f7:b9:00:14:f7:58:41:b3:4f:b7:61:94:9a:
                    6c:bd:6b:17:fa:a5:15:b1:ab:c7:92:8f:a3:e2:3e:
                    68:64:41:81:16:0e:e9:47:6f:2c:51:b2:52:ec:a5:
                    e8:71:fd:89:4b:bc:05:7a:9e:52:7d:df:6e:d8:a5:
                    6f:9f:d5:44:33:0f:6f:35:2d:2c:06:ad:98:da:51:
                    23:ee:f0:aa:6a:70:15:86:3a:50:a2:c3:ec:d0:56:
                    52:79:da:d3:21:69:77:75:2d:75:a8:bc:28:47:a6:
                    da:12:ea:bf:2e:6e:4f:0d:ae:5d:e8:ea:95:b7:24:
                    9c:b7:b8:e9:f6:4b:df:f0:3a:a5:9b:10:ab:b1:9d:
                    91:21:a6:90:fd:c3:35:58:3a:e2:a8:27:57:88:a0:
                    78:a3:5c:d7:0a:01:97:38:76:3c:b8:11:78:03:d5:
                    3d:0c:5d:f1:41:c4:72:25:ce:7a:59:8c:37:96:b6:
                    5e:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:2D:0C:8A:2B:A3:29:AA:29:B4:CA:EF:68:57:C5:AD:42:0E:C5:35
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/5247e20e-4480-4c24-b0b9-365d2db6de35.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:c15::/48

    Signature Algorithm: sha256WithRSAEncryption
         8c:29:0c:42:56:6c:6c:3b:ac:d5:9b:c7:13:41:04:3d:c3:b7:
         e7:1c:bb:70:c6:df:4d:2b:10:21:69:56:8f:af:65:20:50:4c:
         a1:14:70:c1:25:fd:e8:9f:20:74:c2:72:43:67:b8:80:80:96:
         e5:64:bb:b2:3d:3a:9b:63:9d:75:be:be:dc:81:6e:b7:d0:8d:
         01:16:ae:56:5b:96:7c:57:bb:06:d3:ec:d8:9a:93:2a:72:fc:
         39:14:b1:3a:d2:59:4e:85:f3:29:e5:c8:68:34:73:c7:b3:4a:
         96:6d:56:b6:3b:8b:3a:a5:3e:92:d0:a8:e2:eb:52:56:b2:4b:
         17:55:05:97:fc:42:6a:8d:41:d9:ce:89:20:fd:d1:6d:d5:68:
         f8:89:a6:cb:b2:f3:ee:7c:00:b0:ff:93:89:ab:99:57:e4:eb:
         45:fd:ab:d5:0f:98:5c:b2:97:7c:2e:e6:97:06:15:40:10:39:
         1c:74:43:2a:c2:82:2c:6f:b8:25:62:ff:c2:71:59:04:6d:5b:
         c7:74:81:c9:b0:44:0d:01:1f:4c:c3:a9:85:7c:90:2d:d9:09:
         7d:97:c6:c5:9b:a2:07:81:e5:8a:b1:17:10:4b:bf:dd:ea:7a:
         04:46:b6:4b:66:40:38:b2:f8:72:74:be:a7:57:1b:c4:f0:e2:
         ab:04:83:0f
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUJnUEQVJBhW7Kbi7z9WKAlVYmMowwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUwNDExMDA0MDA2WhcNMjUwNTE2MjM1OTU5
WjB6MUkwRwYDVQQFE0A1NmI3MmE3N2Y2ZjYxZjk4NTc3ZjY4ZjAzMzFlZTY1YjE1
N2UyMDIyOGVkYzEwNDA4MWZkYTI2ZTg3M2E2MjkwMS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC1BGLk0lTudy9iDQ4yixj4viEagyGHOPXev2HZH7vDwwz4
flwrXbMeFa+Ziw4IQkPEPg5vJzax3km8NhFIG7U6nlLOqkKZ8ciP0+pD97kAFPdY
QbNPt2GUmmy9axf6pRWxq8eSj6PiPmhkQYEWDulHbyxRslLspehx/YlLvAV6nlJ9
327YpW+f1UQzD281LSwGrZjaUSPu8KpqcBWGOlCiw+zQVlJ52tMhaXd1LXWovChH
ptoS6r8ubk8Nrl3o6pW3JJy3uOn2S9/wOqWbEKuxnZEhppD9wzVYOuKoJ1eIoHij
XNcKAZc4djy4EXgD1T0MXfFBxHIlznpZjDeWtl5JAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUhC0MiiujKaoptMrvaFfFrUIOxTUwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiLzUyNDdlMjBlLTQ0ODAtNGMyNC1iMGI5LTM2NWQyZGI2ZGUzNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzADBUwDQYJKoZIhvcNAQELBQADggEBAIwpDEJWbGw7rNWbxxNBBD3D
t+ccu3DG300rECFpVo+vZSBQTKEUcMEl/eifIHTCckNnuICAluVku7I9OptjnXW+
vtyBbrfQjQEWrlZblnxXuwbT7Niakypy/DkUsTrSWU6F8ynlyGg0c8ezSpZtVrY7
izqlPpLQqOLrUlaySxdVBZf8QmqNQdnOiSD90W3VaPiJpsuy8+58ALD/k4mrmVfk
60X9q9UPmFyyl3wu5pcGFUAQORx0QyrCgixvuCVi/8JxWQRtW8d0gcmwRA0BH0zD
qYV8kC3ZCX2XxsWbogeB5YqxFxBLv93qegRGtktmQDiy+HJ0vqdXG8Tw4qsEgw8=
-----END CERTIFICATE-----