Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/a34a1cd9-a6e1-4f90-a908-a66252462eae.roa
File:                     a34a1cd9-a6e1-4f90-a908-a66252462eae.roa (raw, json)
Hash identifier:          NdmFjl7P02RuVqnYj4Xs6QiJybr8MT2mPlGu2y3XGTs=
Subject key identifier:   C5:D4:6A:F0:0F:0D:2A:6A:4A:E8:17:1F:24:43:54:EB:41:1B:25:CF
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       4C02923DC071A12BB43B49AD64C0D2F754BDABC5
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/a34a1cd9-a6e1-4f90-a908-a66252462eae.roa
Signing time:             Fri 11 Apr 2025 00:40:05 +0000
ROA not before:           Fri 11 Apr 2025 00:40:05 +0000
ROA not after:            Fri 16 May 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2605:9cc0:c15::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 27 Apr 2025 18:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4c:02:92:3d:c0:71:a1:2b:b4:3b:49:ad:64:c0:d2:f7:54:bd:ab:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Apr 11 00:40:05 2025 GMT
            Not After : May 16 23:59:59 2025 GMT
        Subject: serialNumber=65ddc35ff61db94a5b28455e470e31a5345d262f48757a13a95d71f558445611, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:91:3b:e3:af:fa:8d:64:97:d9:22:de:2b:62:
                    a2:04:bf:7c:89:ad:16:78:d3:1d:ae:b6:9a:79:48:
                    c3:21:5c:99:24:41:32:1a:fe:59:ee:90:31:62:44:
                    af:75:95:ef:9b:05:a4:f6:55:82:ce:dc:d7:10:4c:
                    b4:7a:55:5d:55:65:39:6f:fd:c9:56:97:ff:2b:10:
                    58:3a:8c:f0:5d:36:e0:68:57:82:0a:d3:4c:0f:1e:
                    cd:72:8f:b1:ee:da:35:ed:3c:7f:0d:8e:96:61:6e:
                    21:19:03:1b:af:56:0c:86:99:2b:32:bf:22:1d:7b:
                    52:4e:c3:ce:04:d3:34:ec:93:1c:b2:0e:dd:e1:28:
                    45:52:6f:ad:5a:d1:9c:6d:48:c5:55:68:23:eb:59:
                    e7:ad:c8:ef:3d:a8:0d:7e:35:79:96:2e:da:d0:37:
                    a3:51:fb:11:08:e2:a9:a4:10:e5:57:38:07:a6:fc:
                    93:3b:95:72:36:1f:46:bd:df:97:45:35:5b:2e:a9:
                    5c:60:db:06:33:5d:81:91:ad:f7:a9:0a:db:37:d0:
                    fb:fa:fd:92:c0:1b:64:c9:d6:06:bb:15:8c:aa:8b:
                    5a:f6:10:4c:18:05:0a:4f:d6:e6:d2:6a:7c:56:09:
                    e6:1d:ea:57:ac:23:e8:cb:ed:3f:57:dd:e5:2d:1d:
                    46:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:D4:6A:F0:0F:0D:2A:6A:4A:E8:17:1F:24:43:54:EB:41:1B:25:CF
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/a34a1cd9-a6e1-4f90-a908-a66252462eae.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:c15::/48

    Signature Algorithm: sha256WithRSAEncryption
         77:43:75:aa:a3:82:a9:29:50:8d:b5:cd:77:74:54:7a:aa:b9:
         3e:86:91:78:8e:3a:b4:d5:16:1d:b3:b4:da:aa:8d:73:6b:dc:
         bb:75:4f:02:c6:60:01:6b:c1:df:e0:2a:aa:95:c7:1c:e3:b5:
         c2:b9:9e:9a:7e:62:6e:c8:23:0e:6e:f2:f8:f9:d4:15:b3:f6:
         46:a5:5f:42:13:f7:7f:6d:1f:e4:a5:6c:d2:85:eb:85:c6:62:
         3c:1c:ce:84:65:fa:91:25:42:b5:16:8f:cd:09:f9:ab:53:c4:
         59:fc:21:a6:6c:60:18:b9:62:09:ac:eb:d8:2f:a7:f5:42:7d:
         69:ec:00:4e:c2:36:95:ba:e2:2e:6c:d3:56:05:33:60:77:31:
         ee:08:9a:df:e2:cc:c3:0a:18:da:e6:65:d5:1c:e5:16:4b:c4:
         2d:a9:83:4d:35:be:dd:50:59:24:39:a3:8a:53:5d:fb:4e:0b:
         74:93:f0:7d:f1:2a:0e:4b:1e:22:ed:93:49:64:d5:ab:fe:dc:
         ad:ab:df:75:cf:fd:00:40:66:ae:89:e1:20:be:47:8f:9f:47:
         39:90:31:e9:27:f2:df:2d:a3:ba:3a:d7:74:af:83:51:ae:14:
         c2:af:46:f6:7c:39:dd:23:89:01:28:c4:18:49:a4:a8:8e:43:
         f8:0d:9b:d6
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUTAKSPcBxoSu0O0mtZMDS91S9q8UwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUwNDExMDA0MDA1WhcNMjUwNTE2MjM1OTU5
WjB6MUkwRwYDVQQFE0A2NWRkYzM1ZmY2MWRiOTRhNWIyODQ1NWU0NzBlMzFhNTM0
NWQyNjJmNDg3NTdhMTNhOTVkNzFmNTU4NDQ1NjExMS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCekTvjr/qNZJfZIt4rYqIEv3yJrRZ40x2utpp5SMMhXJkk
QTIa/lnukDFiRK91le+bBaT2VYLO3NcQTLR6VV1VZTlv/clWl/8rEFg6jPBdNuBo
V4IK00wPHs1yj7Hu2jXtPH8NjpZhbiEZAxuvVgyGmSsyvyIde1JOw84E0zTskxyy
Dt3hKEVSb61a0ZxtSMVVaCPrWeetyO89qA1+NXmWLtrQN6NR+xEI4qmkEOVXOAem
/JM7lXI2H0a935dFNVsuqVxg2wYzXYGRrfepCts30Pv6/ZLAG2TJ1ga7FYyqi1r2
EEwYBQpP1ubSanxWCeYd6lesI+jL7T9X3eUtHUbHAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUxdRq8A8NKmpK6BcfJENU60EbJc8wHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiL2EzNGExY2Q5LWE2ZTEtNGY5MC1hOTA4LWE2NjI1MjQ2MmVhZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzADBUwDQYJKoZIhvcNAQELBQADggEBAHdDdaqjgqkpUI21zXd0VHqq
uT6GkXiOOrTVFh2ztNqqjXNr3Lt1TwLGYAFrwd/gKqqVxxzjtcK5npp+Ym7IIw5u
8vj51BWz9kalX0IT939tH+SlbNKF64XGYjwczoRl+pElQrUWj80J+atTxFn8IaZs
YBi5Ygms69gvp/VCfWnsAE7CNpW64i5s01YFM2B3Me4Imt/izMMKGNrmZdUc5RZL
xC2pg001vt1QWSQ5o4pTXftOC3ST8H3xKg5LHiLtk0lk1av+3K2r33XP/QBAZq6J
4SC+R4+fRzmQMekn8t8to7o613Svg1GuFMKvRvZ8Od0jiQEoxBhJpKiOQ/gNm9Y=
-----END CERTIFICATE-----