Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/854cdc18-0507-4635-a2a7-cad1690f9b8b.roa
File:                     854cdc18-0507-4635-a2a7-cad1690f9b8b.roa (raw, json)
Hash identifier:          j7j6yAXFQcdohS5fE1Q14ygvvbXJ1EkKC2CQmiOJSis=
Subject key identifier:   F5:53:43:F2:33:24:EE:0B:96:3B:9D:58:88:CA:1C:DB:31:FE:AC:7C
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       06B7387012B37FAC272FAD3CD835A119F730D5FD
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/854cdc18-0507-4635-a2a7-cad1690f9b8b.roa
Signing time:             Mon 21 Jul 2025 16:20:15 +0000
ROA not before:           Mon 21 Jul 2025 16:20:15 +0000
ROA not after:            Mon 25 Aug 2025 23:59:59 +0000
asID:                     40045
IP address blocks:        2605:9cc0:c0c::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 07 Aug 2025 18:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            06:b7:38:70:12:b3:7f:ac:27:2f:ad:3c:d8:35:a1:19:f7:30:d5:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Jul 21 16:20:15 2025 GMT
            Not After : Aug 25 23:59:59 2025 GMT
        Subject: serialNumber=6696538241f7e977d72bdf4af2bb51ede5d0f3392118c8645a7066701639cb5f, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:f3:10:14:dc:4d:4d:ae:22:13:8f:14:ee:03:
                    ad:e2:20:24:9c:f0:56:a8:2e:6e:68:8b:18:06:e8:
                    c1:f7:02:f9:a6:51:a1:76:62:bb:47:ab:ac:c1:8e:
                    7a:9b:a4:d5:38:b1:b3:70:d9:d8:56:3a:ac:ab:1d:
                    e4:cd:85:db:38:1f:37:cc:9f:66:19:69:c5:47:3e:
                    3e:c8:d5:27:49:66:0a:db:cf:1c:06:48:4d:0f:82:
                    21:b9:f8:ee:a8:79:01:ae:6f:19:3d:01:dc:37:c9:
                    ba:ad:49:3a:4d:40:8f:e6:b0:6f:1d:1a:ca:f7:8b:
                    6b:f0:7a:a4:19:a1:02:3c:5c:e8:0e:ba:14:b3:fc:
                    b6:01:a1:ac:4b:d1:51:e8:fb:5a:0d:c6:ff:8d:5f:
                    f2:98:64:55:1a:fd:55:a3:3e:5c:43:56:50:60:72:
                    b5:52:28:8d:6a:c1:af:9c:36:07:58:2f:6f:33:b2:
                    a8:43:db:76:07:64:ae:71:be:8a:3f:8f:cd:0b:8a:
                    4e:12:70:38:11:bb:f6:83:6b:3a:00:93:e3:1d:e5:
                    60:66:12:ec:2f:51:97:66:c0:58:d7:96:06:a2:1d:
                    af:45:e0:ca:89:f6:04:3e:ab:6c:be:95:ce:ac:5e:
                    17:8e:24:a7:d1:28:4c:1f:c7:04:c3:f2:fb:59:d5:
                    c7:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:53:43:F2:33:24:EE:0B:96:3B:9D:58:88:CA:1C:DB:31:FE:AC:7C
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/854cdc18-0507-4635-a2a7-cad1690f9b8b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:c0c::/48

    Signature Algorithm: sha256WithRSAEncryption
         6d:ce:e9:17:86:aa:d2:8d:f2:37:5a:12:d9:ae:9e:4e:d3:bd:
         ec:9a:9e:af:f2:23:b8:cd:bd:4b:10:c9:70:2d:00:48:49:53:
         77:7f:65:22:07:b5:6b:4d:7b:65:78:6b:7b:31:59:02:89:a5:
         a8:62:95:84:e9:18:40:54:8c:c0:37:f9:19:79:38:62:79:43:
         f1:f8:44:37:0f:df:87:32:9b:c4:6c:b1:0b:3a:f7:e1:b1:f7:
         e7:d7:62:dd:79:05:03:7f:81:59:99:83:74:5e:f3:24:c4:b0:
         64:8d:81:c3:46:55:ca:45:d7:ae:d9:48:57:02:0d:5f:f2:63:
         cf:e4:58:7a:df:f9:ef:59:20:c6:2f:2a:38:4c:48:34:68:b8:
         8d:a2:62:22:4e:53:1d:37:84:74:d5:56:05:18:a3:be:d3:b8:
         c8:ac:7f:72:85:2a:0b:40:56:b5:eb:ec:fb:8d:a7:63:ac:3f:
         a5:d9:c3:18:c5:c2:a1:d1:a0:38:d4:9f:24:16:03:e5:bb:86:
         97:db:d3:90:1a:4c:c7:7f:91:2f:05:4e:ec:0d:9c:6d:71:b1:
         35:68:d2:70:54:a0:f4:40:d9:38:6a:76:df:04:80:76:0d:70:
         b5:a4:48:ec:0f:59:aa:2b:bb:42:92:8a:72:56:b4:80:69:48:
         14:b1:a5:cd
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUBrc4cBKzf6wnL6082DWhGfcw1f0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUwNzIxMTYyMDE1WhcNMjUwODI1MjM1OTU5
WjB6MUkwRwYDVQQFE0A2Njk2NTM4MjQxZjdlOTc3ZDcyYmRmNGFmMmJiNTFlZGU1
ZDBmMzM5MjExOGM4NjQ1YTcwNjY3MDE2MzljYjVmMS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCB8xAU3E1NriITjxTuA63iICSc8FaoLm5oixgG6MH3Avmm
UaF2YrtHq6zBjnqbpNU4sbNw2dhWOqyrHeTNhds4HzfMn2YZacVHPj7I1SdJZgrb
zxwGSE0PgiG5+O6oeQGubxk9Adw3ybqtSTpNQI/msG8dGsr3i2vweqQZoQI8XOgO
uhSz/LYBoaxL0VHo+1oNxv+NX/KYZFUa/VWjPlxDVlBgcrVSKI1qwa+cNgdYL28z
sqhD23YHZK5xvoo/j80Lik4ScDgRu/aDazoAk+Md5WBmEuwvUZdmwFjXlgaiHa9F
4MqJ9gQ+q2y+lc6sXheOJKfRKEwfxwTD8vtZ1cd1AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQU9VND8jMk7guWO51YiMoc2zH+rHwwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiLzg1NGNkYzE4LTA1MDctNDYzNS1hMmE3LWNhZDE2OTBmOWI4Yi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzADAwwDQYJKoZIhvcNAQELBQADggEBAG3O6ReGqtKN8jdaEtmunk7T
veyanq/yI7jNvUsQyXAtAEhJU3d/ZSIHtWtNe2V4a3sxWQKJpahilYTpGEBUjMA3
+Rl5OGJ5Q/H4RDcP34cym8RssQs69+Gx9+fXYt15BQN/gVmZg3Re8yTEsGSNgcNG
VcpF167ZSFcCDV/yY8/kWHrf+e9ZIMYvKjhMSDRouI2iYiJOUx03hHTVVgUYo77T
uMisf3KFKgtAVrXr7PuNp2OsP6XZwxjFwqHRoDjUnyQWA+W7hpfb05AaTMd/kS8F
TuwNnG1xsTVo0nBUoPRA2Thqdt8EgHYNcLWkSOwPWaoru0KSinJWtIBpSBSxpc0=
-----END CERTIFICATE-----