Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/5badb39b-b8ba-4eb1-b806-461be5bd804c.roa
File:                     5badb39b-b8ba-4eb1-b806-461be5bd804c.roa (raw, json)
Hash identifier:          sIAASmPXPpCVejXV+7z8727wyqIv+ecqYdmaVwP94GY=
Subject key identifier:   5E:03:71:55:62:55:66:06:FA:0F:9D:8B:F5:9C:55:EE:DB:1A:59:BE
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       72E088795580395810FCF7A4F3F2DC5CB322E419
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/5badb39b-b8ba-4eb1-b806-461be5bd804c.roa
Signing time:             Tue 20 May 2025 17:40:19 +0000
ROA not before:           Tue 20 May 2025 17:40:19 +0000
ROA not after:            Tue 24 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        173.82.7.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 15 Jun 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            72:e0:88:79:55:80:39:58:10:fc:f7:a4:f3:f2:dc:5c:b3:22:e4:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: May 20 17:40:19 2025 GMT
            Not After : Jun 24 23:59:59 2025 GMT
        Subject: serialNumber=424e45820c7556ecc95ed4c581df308683d38ad03f655a61f5441f5cc6468678, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:d1:c4:04:9d:fe:d5:b9:88:fb:bc:1b:1c:ec:
                    de:80:63:a0:22:50:70:a5:2e:fd:87:e6:49:e8:e9:
                    e3:76:a1:81:bd:cc:d4:5c:c6:bb:e7:14:10:76:1b:
                    44:93:ea:f3:d0:f5:ee:35:ce:02:fc:a1:cb:4e:3c:
                    ed:2f:a8:9a:ee:77:26:2e:a8:57:54:88:3e:33:51:
                    b6:b8:61:ca:61:6e:7c:69:40:6b:d0:3b:43:bd:0a:
                    20:04:97:12:0e:c3:03:2e:4a:ad:6d:44:f4:43:78:
                    b9:a7:18:54:2d:26:34:ae:04:7b:61:ba:00:5c:f8:
                    e3:a2:57:a5:22:49:2d:9d:f9:90:eb:29:6a:cd:05:
                    ad:ee:85:79:54:81:01:11:ce:0d:5f:53:bc:53:cb:
                    a5:22:c2:4f:5d:2a:0e:31:40:82:07:5c:81:20:81:
                    ea:b0:82:df:6f:7b:d9:ef:07:8c:c2:2b:d5:6e:d6:
                    fe:e6:2e:3c:4f:7e:76:5c:bb:ee:89:df:d5:20:25:
                    ba:2a:a3:96:e1:a3:67:0d:6a:db:12:12:c8:b3:b0:
                    5f:a0:dc:c1:9b:e5:57:e6:e2:a6:4f:1b:4a:bf:6b:
                    f1:bd:dc:35:7d:30:dd:9e:87:0c:9b:5e:31:03:f0:
                    7a:54:01:51:be:0d:75:d0:df:59:59:8c:2e:bc:b9:
                    07:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:03:71:55:62:55:66:06:FA:0F:9D:8B:F5:9C:55:EE:DB:1A:59:BE
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/5badb39b-b8ba-4eb1-b806-461be5bd804c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  173.82.7.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4d:77:8c:f8:bb:05:78:1d:d7:a6:c3:3e:f0:95:17:af:75:80:
         5b:d0:88:1e:e0:74:7f:32:c9:89:b4:1e:b6:6a:c9:b4:e3:40:
         a6:ff:ea:ac:db:9f:76:88:0d:9c:89:de:8c:44:e1:d7:6b:56:
         5a:12:b9:ab:df:5a:06:17:44:d8:ac:37:ac:78:d5:2d:70:b4:
         fd:af:44:c5:a3:aa:8e:d6:07:f1:b8:3d:16:67:30:e9:7e:a2:
         5f:90:49:2f:69:1a:60:33:c2:3e:c5:4a:e6:78:ee:c1:c5:79:
         99:10:63:92:6b:39:27:9d:b4:8a:4b:04:6a:df:47:3e:75:70:
         5d:48:ed:fb:24:2f:40:b7:41:fd:46:eb:d8:10:7d:3f:e2:04:
         7a:23:e5:1c:cd:e1:ad:b2:0b:7f:83:54:c1:b3:36:47:95:31:
         9f:9c:12:d4:a3:e0:28:29:22:c2:d1:06:16:2c:39:bc:4e:f6:
         28:cd:66:0c:87:82:00:3b:79:b3:05:71:f4:cd:3f:72:5b:00:
         5b:31:a6:7b:b6:03:e9:44:36:bb:7a:6e:1d:5b:f4:d6:80:ba:
         c0:bb:0b:15:44:8e:0a:17:5a:01:c5:e6:c8:3f:7a:09:7a:9b:
         39:53:bb:79:7b:b0:e1:14:a4:4b:4f:99:c7:83:05:bd:64:73:
         72:2f:79:88
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUcuCIeVWAOVgQ/Pek8/LcXLMi5BkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUwNTIwMTc0MDE5WhcNMjUwNjI0MjM1OTU5
WjB6MUkwRwYDVQQFE0A0MjRlNDU4MjBjNzU1NmVjYzk1ZWQ0YzU4MWRmMzA4Njgz
ZDM4YWQwM2Y2NTVhNjFmNTQ0MWY1Y2M2NDY4Njc4MS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDA0cQEnf7VuYj7vBsc7N6AY6AiUHClLv2H5kno6eN2oYG9
zNRcxrvnFBB2G0ST6vPQ9e41zgL8octOPO0vqJrudyYuqFdUiD4zUba4Ycphbnxp
QGvQO0O9CiAElxIOwwMuSq1tRPRDeLmnGFQtJjSuBHthugBc+OOiV6UiSS2d+ZDr
KWrNBa3uhXlUgQERzg1fU7xTy6Uiwk9dKg4xQIIHXIEggeqwgt9ve9nvB4zCK9Vu
1v7mLjxPfnZcu+6J39UgJboqo5bho2cNatsSEsizsF+g3MGb5Vfm4qZPG0q/a/G9
3DV9MN2ehwybXjED8HpUAVG+DXXQ31lZjC68uQetAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUXgNxVWJVZgb6D52L9ZxV7tsaWb4wHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiLzViYWRiMzliLWI4YmEtNGViMS1iODA2LTQ2MWJlNWJkODA0Yy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBACtUgcwDQYJKoZIhvcNAQELBQADggEBAE13jPi7BXgd16bDPvCVF691gFvQ
iB7gdH8yyYm0HrZqybTjQKb/6qzbn3aIDZyJ3oxE4ddrVloSuavfWgYXRNisN6x4
1S1wtP2vRMWjqo7WB/G4PRZnMOl+ol+QSS9pGmAzwj7FSuZ47sHFeZkQY5JrOSed
tIpLBGrfRz51cF1I7fskL0C3Qf1G69gQfT/iBHoj5RzN4a2yC3+DVMGzNkeVMZ+c
EtSj4CgpIsLRBhYsObxO9ijNZgyHggA7ebMFcfTNP3JbAFsxpnu2A+lENrt6bh1b
9NaAusC7CxVEjgoXWgHF5sg/egl6mzlTu3l7sOEUpEtPmceDBb1kc3IveYg=
-----END CERTIFICATE-----