Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/602a26e5-4a9e-4e5e-89f0-ef891490d9c9/c2d845ec-c39b-4b99-8358-e671c21de01d.roa
File:                     c2d845ec-c39b-4b99-8358-e671c21de01d.roa (raw, json)
Hash identifier:          X13XYPLNm8GYCpgzv87Ure39j7whjipxF6JjLi6n9JY=
Subject key identifier:   85:C4:76:97:70:6E:02:F3:F1:BA:E4:36:1C:17:5A:3F:87:81:E7:E9
Certificate issuer:       /CN=a15d8aa10d62dbdd348326876ba56753cb99b464cc455324b3
Certificate serial:       7F1DE8AE816383C2AA6B8EBDF3B7147A179DDE0D
Authority key identifier: 91:2D:C6:0D:D7:64:29:82:BC:AE:7F:81:FE:3C:4C:12:72:80:22:1F
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/7188ac24-09cc-4f20-9dbd-cd9005d2797e/a15d8aa10d62dbdd348326876ba56753cb99b464cc455324b3.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/602a26e5-4a9e-4e5e-89f0-ef891490d9c9/c2d845ec-c39b-4b99-8358-e671c21de01d.roa
Signing time:             Fri 25 Apr 2025 15:20:15 +0000
ROA not before:           Fri 25 Apr 2025 15:20:15 +0000
ROA not after:            Fri 30 May 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        50.112.240.0/20 maxlen: 20
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/602a26e5-4a9e-4e5e-89f0-ef891490d9c9/YtvdNIMmh2ulZ1PLmbRkzEVTJLM.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/602a26e5-4a9e-4e5e-89f0-ef891490d9c9/YtvdNIMmh2ulZ1PLmbRkzEVTJLM.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/7188ac24-09cc-4f20-9dbd-cd9005d2797e/a15d8aa10d62dbdd348326876ba56753cb99b464cc455324b3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/7188ac24-09cc-4f20-9dbd-cd9005d2797e/7188ac24-09cc-4f20-9dbd-cd9005d2797e.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/7188ac24-09cc-4f20-9dbd-cd9005d2797e/7188ac24-09cc-4f20-9dbd-cd9005d2797e.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/7188ac24-09cc-4f20-9dbd-cd9005d2797e.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 27 Apr 2025 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7f:1d:e8:ae:81:63:83:c2:aa:6b:8e:bd:f3:b7:14:7a:17:9d:de:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a15d8aa10d62dbdd348326876ba56753cb99b464cc455324b3
        Validity
            Not Before: Apr 25 15:20:15 2025 GMT
            Not After : May 30 23:59:59 2025 GMT
        Subject: serialNumber=bea848569e3e46d34e61051296dcbe27305f117f6e235b13971e660c29da259f, CN=ddfbc97c-7bed-40df-95ca-e664b29d7b27
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:d8:cf:4d:63:df:21:dc:3e:96:81:96:05:4a:
                    12:9b:1b:72:fd:3e:ac:04:1a:88:58:0b:c0:58:6e:
                    63:0c:60:cf:16:79:ea:fe:cf:77:40:04:59:40:11:
                    88:65:9a:2d:78:a5:25:70:bc:56:ca:9c:20:11:f3:
                    3a:5f:e4:a7:44:53:28:9d:de:98:ab:0d:d1:b7:71:
                    34:88:88:d6:c6:c8:b4:28:44:54:ec:1f:38:4b:0f:
                    a6:f2:fd:d3:43:9f:fa:49:2f:66:66:30:d2:d3:b7:
                    36:13:ef:94:3f:74:5b:84:b4:4e:b3:f0:30:e3:3f:
                    9c:79:ef:73:9e:72:5c:10:38:c2:f3:a1:5d:30:08:
                    53:ff:22:a7:fb:56:37:62:a5:66:30:e5:90:a4:ff:
                    cd:81:bd:e6:6a:85:5b:75:74:7b:b7:e6:e3:0c:52:
                    3a:6d:76:9d:c3:b8:da:20:a5:c9:eb:75:d6:db:5f:
                    40:ee:af:e8:a5:07:e8:fb:e0:6d:7c:39:a4:06:66:
                    4f:27:a5:9d:24:17:ef:04:0e:fd:5c:97:e6:67:e4:
                    2f:c4:73:46:74:10:74:13:f2:22:97:48:f4:61:78:
                    90:15:42:d7:7a:ee:cc:45:ef:24:19:c0:1a:a3:dc:
                    04:fe:61:e6:f4:3e:24:b2:8c:e8:ac:b1:1d:65:f4:
                    04:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:C4:76:97:70:6E:02:F3:F1:BA:E4:36:1C:17:5A:3F:87:81:E7:E9
            X509v3 Authority Key Identifier:
                keyid:91:2D:C6:0D:D7:64:29:82:BC:AE:7F:81:FE:3C:4C:12:72:80:22:1F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/7188ac24-09cc-4f20-9dbd-cd9005d2797e/a15d8aa10d62dbdd348326876ba56753cb99b464cc455324b3.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/602a26e5-4a9e-4e5e-89f0-ef891490d9c9/c2d845ec-c39b-4b99-8358-e671c21de01d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/602a26e5-4a9e-4e5e-89f0-ef891490d9c9/YtvdNIMmh2ulZ1PLmbRkzEVTJLM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  50.112.240.0/20

    Signature Algorithm: sha256WithRSAEncryption
         73:0f:59:e2:55:fe:c1:87:63:d5:5b:2a:e5:5c:9f:bd:44:da:
         4f:7e:99:82:45:6c:9c:35:c6:65:d3:1c:fd:4b:bd:13:e8:9b:
         38:aa:5d:c9:70:5d:4d:40:b3:e8:5c:66:b0:e2:13:19:41:20:
         6a:e7:fd:19:05:76:cf:64:00:8e:b2:6d:f4:ad:fc:42:d2:80:
         ad:a2:3c:fd:6b:9c:80:8e:bd:6e:5e:96:97:37:db:8b:f9:d9:
         64:b2:b0:b0:bd:83:0d:67:5a:15:fc:35:7e:ae:71:0d:ee:e9:
         10:c8:e8:29:b3:63:03:c7:07:8f:47:81:4d:65:7d:f4:1d:38:
         53:f9:80:a4:4d:c3:e7:9b:d1:0e:bc:7c:18:f1:29:c2:aa:62:
         47:53:e3:94:16:c5:fb:fc:99:fc:10:0d:19:bf:20:bb:d8:bc:
         34:c2:a2:f5:d3:25:e2:58:3c:57:1c:f0:44:7d:57:4e:4e:90:
         31:a5:79:f6:fd:f0:e8:18:1d:3d:36:be:d3:9b:4f:07:44:bc:
         a0:6c:8b:94:3a:eb:da:55:4f:a8:ef:51:c7:7b:3c:6e:14:ee:
         28:10:08:e7:86:60:f6:68:03:60:8c:ea:76:fc:5a:99:f6:ed:
         48:04:fe:6d:b5:a0:e6:02:ec:3c:93:77:a0:04:ef:61:5a:13:
         88:1e:a2:81
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUfx3oroFjg8Kqa46987cUehed3g0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYTE1ZDhhYTEwZDYyZGJkZDM0ODMyNjg3NmJhNTY3NTNj
Yjk5YjQ2NGNjNDU1MzI0YjMwHhcNMjUwNDI1MTUyMDE1WhcNMjUwNTMwMjM1OTU5
WjB6MUkwRwYDVQQFE0BiZWE4NDg1NjllM2U0NmQzNGU2MTA1MTI5NmRjYmUyNzMw
NWYxMTdmNmUyMzViMTM5NzFlNjYwYzI5ZGEyNTlmMS0wKwYDVQQDEyRkZGZiYzk3
Yy03YmVkLTQwZGYtOTVjYS1lNjY0YjI5ZDdiMjcwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC/2M9NY98h3D6WgZYFShKbG3L9PqwEGohYC8BYbmMMYM8W
eer+z3dABFlAEYhlmi14pSVwvFbKnCAR8zpf5KdEUyid3pirDdG3cTSIiNbGyLQo
RFTsHzhLD6by/dNDn/pJL2ZmMNLTtzYT75Q/dFuEtE6z8DDjP5x573OeclwQOMLz
oV0wCFP/Iqf7VjdipWYw5ZCk/82BveZqhVt1dHu35uMMUjptdp3DuNogpcnrddbb
X0Dur+ilB+j74G18OaQGZk8npZ0kF+8EDv1cl+Zn5C/Ec0Z0EHQT8iKXSPRheJAV
Qtd67sxF7yQZwBqj3AT+Yeb0PiSyjOissR1l9ATzAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUhcR2l3BuAvPxuuQ2HBdaP4eB5+kwHwYDVR0jBBgwFoAUkS3GDddkKYK8
rn+B/jxMEnKAIh8wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi83MTg4YWMyNC0w
OWNjLTRmMjAtOWRiZC1jZDkwMDVkMjc5N2UvYTE1ZDhhYTEwZDYyZGJkZDM0ODMy
Njg3NmJhNTY3NTNjYjk5YjQ2NGNjNDU1MzI0YjMuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNjAyYTI2ZTUtNGE5ZS00ZTVlLTg5ZjAtZWY4
OTE0OTBkOWM5L2MyZDg0NWVjLWMzOWItNGI5OS04MzU4LWU2NzFjMjFkZTAxZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzYwMmEyNmU1LTRhOWUtNGU1ZS04OWYw
LWVmODkxNDkwZDljOS9ZdHZkTklNbWgydWxaMVBMbWJSa3pFVlRKTE0uY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAQycPAwDQYJKoZIhvcNAQELBQADggEBAHMPWeJV/sGHY9VbKuVcn71E2k9+
mYJFbJw1xmXTHP1LvRPomziqXclwXU1As+hcZrDiExlBIGrn/RkFds9kAI6ybfSt
/ELSgK2iPP1rnICOvW5elpc324v52WSysLC9gw1nWhX8NX6ucQ3u6RDI6CmzYwPH
B49HgU1lffQdOFP5gKRNw+eb0Q68fBjxKcKqYkdT45QWxfv8mfwQDRm/ILvYvDTC
ovXTJeJYPFcc8ER9V05OkDGlefb98OgYHT02vtObTwdEvKBsi5Q669pVT6jvUcd7
PG4U7igQCOeGYPZoA2CM6nb8Wpn27UgE/m21oOYC7DyTd6AE72FaE4geooE=
-----END CERTIFICATE-----