Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/7eff8448-121e-4d53-91a5-ae9c96443ba5.roa
File:                     7eff8448-121e-4d53-91a5-ae9c96443ba5.roa (raw, json)
Hash identifier:          XmekVuY1ZCXB0K1a9BKZ+u0eowFCxxSOyDy7V6mQUSA=
Subject key identifier:   5A:C6:91:FE:B0:61:FC:32:53:F4:73:45:FB:98:0A:77:2F:9F:A6:46
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       5393A75B22ED8D90FC81DBA497F8FF3CC596EAF5
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/7eff8448-121e-4d53-91a5-ae9c96443ba5.roa
Signing time:             Fri 11 Jul 2025 18:00:11 +0000
ROA not before:           Fri 11 Jul 2025 18:00:11 +0000
ROA not after:            Fri 15 Aug 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        173.82.71.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 05 Aug 2025 18:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            53:93:a7:5b:22:ed:8d:90:fc:81:db:a4:97:f8:ff:3c:c5:96:ea:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Jul 11 18:00:11 2025 GMT
            Not After : Aug 15 23:59:59 2025 GMT
        Subject: serialNumber=921790384e5939283099310f2d1d22c99c5383d37263b9c555221d2baebf9489, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:e3:3f:8c:06:a0:a6:84:e9:f6:68:a8:60:c5:
                    9c:9f:11:05:a1:20:9a:e5:01:fd:f4:8e:cb:97:1d:
                    72:f1:c6:3b:4b:3b:60:af:a7:a9:5b:37:53:1c:0a:
                    b9:a0:73:e9:ae:df:09:fd:3b:c6:7b:22:fe:af:7c:
                    1a:13:5a:96:77:d3:51:37:e9:b6:69:12:ff:46:92:
                    e3:22:a0:3c:84:9e:54:c8:03:b8:48:d1:18:e1:d1:
                    36:0a:fd:eb:fe:05:ec:26:d6:36:2a:dd:57:6c:05:
                    33:7a:46:82:66:fa:e7:fd:21:2b:d0:bb:c2:43:92:
                    be:30:d7:c1:8d:f9:35:28:14:a8:1e:fe:2c:63:72:
                    51:16:84:90:34:47:be:96:e2:a2:dd:6b:9f:0f:19:
                    f4:96:49:11:20:95:fb:b4:99:2c:46:5e:a2:de:19:
                    e1:d8:74:70:11:07:70:95:c9:92:cb:4c:c9:19:f0:
                    c9:42:48:ad:72:df:8b:0a:b5:d4:d5:69:a4:98:09:
                    63:8f:99:89:c4:e1:0f:c8:55:45:ed:8f:dc:e1:38:
                    50:ff:fc:a8:dd:35:61:d5:f0:39:33:29:d3:57:e2:
                    41:d4:1e:1b:04:04:c5:ea:1b:ce:60:9e:c4:6d:f1:
                    2c:67:6a:8e:33:e7:74:3d:d6:e8:6b:9e:03:66:e8:
                    30:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:C6:91:FE:B0:61:FC:32:53:F4:73:45:FB:98:0A:77:2F:9F:A6:46
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/7eff8448-121e-4d53-91a5-ae9c96443ba5.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  173.82.71.0/24

    Signature Algorithm: sha256WithRSAEncryption
         83:81:0f:24:99:1b:df:0f:b8:00:90:66:a4:53:92:76:84:ea:
         8a:14:ea:74:b4:45:30:5c:7b:0c:1c:50:b5:a3:0f:58:e2:5e:
         02:68:fd:96:c5:b7:5c:51:8b:1a:9c:15:cd:ee:97:0a:90:97:
         0a:75:f0:3a:f7:eb:1b:0c:44:ff:d1:0c:56:b0:00:1b:42:9d:
         2f:14:ff:06:5a:59:7b:ec:46:3d:61:0a:2e:c1:a8:1f:b2:e0:
         ad:e4:f7:d8:e8:70:1a:2f:9e:02:65:45:a6:01:9c:5a:4d:3e:
         f5:43:43:f7:ae:7d:54:e7:d8:1e:87:92:16:32:26:56:30:18:
         3c:15:5e:12:29:bf:d0:e1:8a:90:71:e2:53:db:64:c9:f9:af:
         31:73:a2:da:91:04:5c:c5:81:c8:9f:d7:52:b0:f1:b9:94:7b:
         5f:7a:37:cb:76:0e:2c:04:c1:a7:bc:24:bb:52:da:d5:d6:5c:
         61:37:e3:e5:21:0c:9b:ef:7c:c2:ec:67:8d:6d:13:f1:b4:77:
         92:9b:1d:87:5b:9c:32:56:4e:47:3b:d3:78:ca:08:9d:a4:b6:
         a7:b3:15:4a:2f:15:c2:37:28:cf:72:49:81:86:d9:d4:0d:46:
         d0:11:15:80:aa:47:c6:fd:de:24:87:b7:ab:6b:5b:40:6f:25:
         3a:e5:e3:87
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUU5OnWyLtjZD8gdukl/j/PMWW6vUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUwNzExMTgwMDExWhcNMjUwODE1MjM1OTU5
WjB6MUkwRwYDVQQFE0A5MjE3OTAzODRlNTkzOTI4MzA5OTMxMGYyZDFkMjJjOTlj
NTM4M2QzNzI2M2I5YzU1NTIyMWQyYmFlYmY5NDg5MS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDN4z+MBqCmhOn2aKhgxZyfEQWhIJrlAf30jsuXHXLxxjtL
O2Cvp6lbN1McCrmgc+mu3wn9O8Z7Iv6vfBoTWpZ301E36bZpEv9GkuMioDyEnlTI
A7hI0Rjh0TYK/ev+Bewm1jYq3VdsBTN6RoJm+uf9ISvQu8JDkr4w18GN+TUoFKge
/ixjclEWhJA0R76W4qLda58PGfSWSREglfu0mSxGXqLeGeHYdHARB3CVyZLLTMkZ
8MlCSK1y34sKtdTVaaSYCWOPmYnE4Q/IVUXtj9zhOFD//KjdNWHV8DkzKdNX4kHU
HhsEBMXqG85gnsRt8Sxnao4z53Q91uhrngNm6DCzAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUWsaR/rBh/DJT9HNF+5gKdy+fpkYwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiLzdlZmY4NDQ4LTEyMWUtNGQ1My05MWE1LWFlOWM5NjQ0M2JhNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBACtUkcwDQYJKoZIhvcNAQELBQADggEBAIOBDySZG98PuACQZqRTknaE6ooU
6nS0RTBcewwcULWjD1jiXgJo/ZbFt1xRixqcFc3ulwqQlwp18Dr36xsMRP/RDFaw
ABtCnS8U/wZaWXvsRj1hCi7BqB+y4K3k99jocBovngJlRaYBnFpNPvVDQ/eufVTn
2B6HkhYyJlYwGDwVXhIpv9DhipBx4lPbZMn5rzFzotqRBFzFgcif11Kw8bmUe196
N8t2DiwEwae8JLtS2tXWXGE34+UhDJvvfMLsZ41tE/G0d5KbHYdbnDJWTkc703jK
CJ2ktqezFUovFcI3KM9ySYGG2dQNRtARFYCqR8b93iSHt6trW0BvJTrl44c=
-----END CERTIFICATE-----