Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/9b93eae4-d00c-47ae-8fdb-bc1f1cd1d0c6.roa
File:                     9b93eae4-d00c-47ae-8fdb-bc1f1cd1d0c6.roa (raw, json)
Hash identifier:          xxZ+oZTVgl5bDHXxZyveAnRWSFtvY61zLgBR/Q2ptak=
Subject key identifier:   E8:62:11:93:6E:53:C0:88:C6:E3:47:AE:5D:4B:21:07:27:24:38:20
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       4BDD567B43606961DE7C093F53BF6BD2004C7A57
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/9b93eae4-d00c-47ae-8fdb-bc1f1cd1d0c6.roa
Signing time:             Fri 23 May 2025 00:30:27 +0000
ROA not before:           Fri 23 May 2025 00:30:27 +0000
ROA not after:            Fri 27 Jun 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2605:9cc0:639::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 16 Jun 2025 18:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4b:dd:56:7b:43:60:69:61:de:7c:09:3f:53:bf:6b:d2:00:4c:7a:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: May 23 00:30:27 2025 GMT
            Not After : Jun 27 23:59:59 2025 GMT
        Subject: serialNumber=68aa13c093a6c9f5265f6a692f3dd5f9b9dec265ce9a2c4385d8bd62d78ee5ec, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:d4:fb:5b:6a:e4:8b:4d:27:96:4c:46:8f:06:
                    97:69:46:c9:16:81:9c:cc:e9:10:c5:cc:88:9c:be:
                    42:f3:70:eb:52:31:ac:5b:d0:0b:e8:76:a1:bc:de:
                    50:cf:c5:9b:4e:0c:9e:2b:e5:a3:0e:46:04:74:46:
                    00:d4:7b:3a:46:96:49:04:2e:dc:8b:80:db:54:b4:
                    8f:23:b3:50:8a:32:24:6f:5b:4c:7e:da:ec:74:0e:
                    2e:6e:ca:9c:6c:cc:03:bb:8a:0f:87:f1:40:3b:07:
                    be:8b:f4:c3:96:c6:31:67:60:66:47:c1:98:15:c6:
                    52:18:d1:89:81:e0:10:c6:59:7d:e6:94:e5:70:2a:
                    99:9c:1f:66:cd:1f:d6:20:2a:66:e4:04:5c:0c:db:
                    07:d7:8d:4a:47:87:e3:09:11:8b:98:52:07:ef:99:
                    4a:da:4c:2f:30:8b:d7:73:10:85:e6:f1:f7:a4:2f:
                    21:bf:21:eb:cd:78:75:d6:af:b3:dc:f4:51:dd:fa:
                    41:c4:04:70:e5:03:b9:66:cd:20:b6:2a:84:79:80:
                    66:64:38:56:27:60:e5:ec:64:fc:91:c9:64:b9:b7:
                    b6:03:c5:04:87:4c:a1:8e:bc:b6:fe:29:03:52:75:
                    f6:1e:36:a9:e1:f8:42:2c:a5:15:f3:ec:4f:a0:50:
                    d8:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:62:11:93:6E:53:C0:88:C6:E3:47:AE:5D:4B:21:07:27:24:38:20
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/9b93eae4-d00c-47ae-8fdb-bc1f1cd1d0c6.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:639::/48

    Signature Algorithm: sha256WithRSAEncryption
         7a:a7:4a:e9:9f:5e:e2:bb:63:17:17:00:bd:34:3d:96:0d:e8:
         45:20:fb:a1:21:d9:81:a5:5c:33:0d:36:92:c4:63:91:b9:4b:
         db:e9:45:58:68:c2:62:86:a9:12:1e:49:bc:05:c0:82:ae:8e:
         9d:15:c8:08:07:4e:a5:19:8e:0e:11:1d:02:ee:8e:66:da:51:
         cb:09:51:88:7d:c5:64:5e:4b:7c:e0:78:fc:af:15:3a:b4:6d:
         cd:6e:a4:4f:5e:14:45:55:0e:f9:a8:66:0f:15:b4:99:a8:34:
         60:91:62:9e:02:c2:ed:f1:de:20:d9:94:3a:8d:de:e5:c1:b2:
         29:62:19:5c:d3:19:d2:7f:63:64:9a:67:d9:b7:41:86:a5:7b:
         66:bc:f2:89:aa:95:40:42:a9:ea:4b:ee:6f:c5:dc:de:4a:82:
         06:a4:55:66:6b:41:ab:dc:ad:d8:fc:07:4f:98:42:f5:fb:90:
         d6:07:d8:4e:8a:89:ac:92:67:ec:70:76:cb:03:3b:bb:81:3e:
         37:41:aa:6f:5f:c7:b5:50:04:be:2c:d1:ef:e5:86:79:9c:d2:
         b9:c8:cf:9c:0a:30:45:d4:fd:c7:84:12:35:ec:df:b7:f2:85:
         2e:14:0f:34:f9:c9:c0:fc:3c:6d:d1:5a:79:e5:8e:d4:f2:f9:
         79:22:03:c7
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUS91We0NgaWHefAk/U79r0gBMelcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUwNTIzMDAzMDI3WhcNMjUwNjI3MjM1OTU5
WjB6MUkwRwYDVQQFE0A2OGFhMTNjMDkzYTZjOWY1MjY1ZjZhNjkyZjNkZDVmOWI5
ZGVjMjY1Y2U5YTJjNDM4NWQ4YmQ2MmQ3OGVlNWVjMS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDE1PtbauSLTSeWTEaPBpdpRskWgZzM6RDFzIicvkLzcOtS
Maxb0AvodqG83lDPxZtODJ4r5aMORgR0RgDUezpGlkkELtyLgNtUtI8js1CKMiRv
W0x+2ux0Di5uypxszAO7ig+H8UA7B76L9MOWxjFnYGZHwZgVxlIY0YmB4BDGWX3m
lOVwKpmcH2bNH9YgKmbkBFwM2wfXjUpHh+MJEYuYUgfvmUraTC8wi9dzEIXm8fek
LyG/IevNeHXWr7Pc9FHd+kHEBHDlA7lmzSC2KoR5gGZkOFYnYOXsZPyRyWS5t7YD
xQSHTKGOvLb+KQNSdfYeNqnh+EIspRXz7E+gUNhXAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQU6GIRk25TwIjG40euXUshByckOCAwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiLzliOTNlYWU0LWQwMGMtNDdhZS04ZmRiLWJjMWYxY2QxZDBjNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzABjkwDQYJKoZIhvcNAQELBQADggEBAHqnSumfXuK7YxcXAL00PZYN
6EUg+6Eh2YGlXDMNNpLEY5G5S9vpRVhowmKGqRIeSbwFwIKujp0VyAgHTqUZjg4R
HQLujmbaUcsJUYh9xWReS3zgePyvFTq0bc1upE9eFEVVDvmoZg8VtJmoNGCRYp4C
wu3x3iDZlDqN3uXBsiliGVzTGdJ/Y2SaZ9m3QYale2a88omqlUBCqepL7m/F3N5K
ggakVWZrQavcrdj8B0+YQvX7kNYH2E6KiaySZ+xwdssDO7uBPjdBqm9fx7VQBL4s
0e/lhnmc0rnIz5wKMEXU/ceEEjXs37fyhS4UDzT5ycD8PG3RWnnljtTy+XkiA8c=
-----END CERTIFICATE-----