Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/717f5e93-b9de-4290-9c65-f643bb0d3642.roa
File:                     717f5e93-b9de-4290-9c65-f643bb0d3642.roa (raw, json)
Hash identifier:          3Tb6MRc933YC2EA0R6h7J6eRYNY8h19LzG5ahuoQpqs=
Subject key identifier:   7D:2A:E8:6C:66:3D:2A:37:A0:1F:31:BB:5D:C1:C0:1D:3F:10:FE:6E
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       2A65A775363D71C38661399CAF33F5F49135B9BA
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/717f5e93-b9de-4290-9c65-f643bb0d3642.roa
Signing time:             Tue 20 May 2025 17:40:20 +0000
ROA not before:           Tue 20 May 2025 17:40:20 +0000
ROA not after:            Tue 24 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        173.82.8.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 15 Jun 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2a:65:a7:75:36:3d:71:c3:86:61:39:9c:af:33:f5:f4:91:35:b9:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: May 20 17:40:20 2025 GMT
            Not After : Jun 24 23:59:59 2025 GMT
        Subject: serialNumber=aacbcc72bdd157bbaa88e93e96b1eee086f550f4908b15786c9b6ccac440beb6, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:0a:aa:0c:80:0b:64:0b:d9:18:72:c8:fa:2a:
                    3b:b5:6d:5a:71:75:9b:24:f1:a1:f5:c7:a8:70:b8:
                    f5:47:7f:23:cc:ed:2a:79:2a:44:8a:c1:29:48:fb:
                    79:5d:3f:0a:fb:5d:ce:ee:05:06:a0:a2:2d:71:a9:
                    3e:36:21:97:ff:03:99:14:c6:b9:e8:bf:c1:62:21:
                    df:5f:bd:62:6a:25:3a:e9:b6:5b:58:05:be:7e:aa:
                    e6:04:b6:01:55:f3:37:c0:f1:31:d0:87:ff:d0:d8:
                    ca:d0:1a:1e:0d:f2:27:67:da:0f:8f:43:ca:bf:49:
                    85:bf:ed:7b:05:26:02:b3:bf:ee:e5:2f:71:c1:b2:
                    aa:8f:0c:b3:b9:9f:79:e1:3f:cc:8b:3f:9a:27:fd:
                    2b:8b:ea:4b:ef:0c:1f:63:78:e9:e6:b9:63:35:5d:
                    de:9b:f0:9e:1b:80:8e:e6:51:e0:71:1f:76:a9:8f:
                    e7:09:67:69:80:c6:ae:21:e0:f7:e4:ff:c2:8f:b4:
                    d9:2b:c3:5c:91:4d:9f:a8:d6:90:7e:05:e6:79:ae:
                    d8:b6:b9:38:81:09:68:79:95:27:ad:76:55:20:c4:
                    79:81:bb:34:9c:97:73:05:19:d3:83:f9:11:79:63:
                    68:0c:e1:89:05:71:43:d6:ac:a7:35:05:cf:5b:0b:
                    85:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:2A:E8:6C:66:3D:2A:37:A0:1F:31:BB:5D:C1:C0:1D:3F:10:FE:6E
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/717f5e93-b9de-4290-9c65-f643bb0d3642.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  173.82.8.0/24

    Signature Algorithm: sha256WithRSAEncryption
         50:d5:8a:b7:69:65:8b:ee:c9:fa:de:2f:1b:28:29:b1:90:11:
         62:f0:80:c5:6f:29:7c:31:3c:26:83:37:d0:04:91:1d:9d:fc:
         70:78:97:7e:5a:3d:da:04:e8:08:66:77:bc:da:8e:f1:42:ad:
         20:1a:49:71:30:01:c0:b7:11:28:dd:30:1f:be:e7:ea:5d:45:
         21:25:3e:75:d0:41:ab:e6:49:24:00:e8:b3:3a:ff:58:90:e3:
         21:b2:e0:0b:cc:0d:be:29:17:eb:23:21:7a:1c:6a:34:01:7e:
         7b:97:71:2a:86:9c:86:b7:8e:11:74:5a:ea:80:4e:35:e0:89:
         f5:b3:62:5b:d6:c7:46:62:37:4f:a1:99:a0:34:43:a0:17:23:
         d8:36:b5:d8:78:25:0c:66:d5:a8:ae:38:93:cc:30:ff:0a:0a:
         7f:b9:e0:bf:ef:16:06:16:25:85:8b:88:5e:64:48:24:11:dd:
         b3:20:5d:70:3d:db:4b:9a:c3:a6:4e:0c:7d:3e:fd:05:99:8a:
         73:5d:88:fb:99:db:51:b9:41:86:83:fe:c9:b7:0c:9b:d0:52:
         7b:0b:a8:3c:91:d4:88:6b:da:8f:82:bc:96:f1:e6:32:27:eb:
         9e:32:f2:23:f0:ce:41:0e:6f:2b:e7:36:cc:db:f8:ef:00:2a:
         01:dc:46:75
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUKmWndTY9ccOGYTmcrzP19JE1ubowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUwNTIwMTc0MDIwWhcNMjUwNjI0MjM1OTU5
WjB6MUkwRwYDVQQFE0BhYWNiY2M3MmJkZDE1N2JiYWE4OGU5M2U5NmIxZWVlMDg2
ZjU1MGY0OTA4YjE1Nzg2YzliNmNjYWM0NDBiZWI2MS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDgCqoMgAtkC9kYcsj6Kju1bVpxdZsk8aH1x6hwuPVHfyPM
7Sp5KkSKwSlI+3ldPwr7Xc7uBQagoi1xqT42IZf/A5kUxrnov8FiId9fvWJqJTrp
tltYBb5+quYEtgFV8zfA8THQh//Q2MrQGh4N8idn2g+PQ8q/SYW/7XsFJgKzv+7l
L3HBsqqPDLO5n3nhP8yLP5on/SuL6kvvDB9jeOnmuWM1Xd6b8J4bgI7mUeBxH3ap
j+cJZ2mAxq4h4Pfk/8KPtNkrw1yRTZ+o1pB+BeZ5rti2uTiBCWh5lSetdlUgxHmB
uzScl3MFGdOD+RF5Y2gM4YkFcUPWrKc1Bc9bC4WXAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUfSrobGY9KjegHzG7XcHAHT8Q/m4wHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiLzcxN2Y1ZTkzLWI5ZGUtNDI5MC05YzY1LWY2NDNiYjBkMzY0Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBACtUggwDQYJKoZIhvcNAQELBQADggEBAFDVirdpZYvuyfreLxsoKbGQEWLw
gMVvKXwxPCaDN9AEkR2d/HB4l35aPdoE6Ahmd7zajvFCrSAaSXEwAcC3ESjdMB++
5+pdRSElPnXQQavmSSQA6LM6/1iQ4yGy4AvMDb4pF+sjIXocajQBfnuXcSqGnIa3
jhF0WuqATjXgifWzYlvWx0ZiN0+hmaA0Q6AXI9g2tdh4JQxm1aiuOJPMMP8KCn+5
4L/vFgYWJYWLiF5kSCQR3bMgXXA920uaw6ZODH0+/QWZinNdiPuZ21G5QYaD/sm3
DJvQUnsLqDyR1Ihr2o+CvJbx5jIn654y8iPwzkEObyvnNszb+O8AKgHcRnU=
-----END CERTIFICATE-----