Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/2eededf7-f3f8-4d80-8d73-d02124acd34f.roa
File:                     2eededf7-f3f8-4d80-8d73-d02124acd34f.roa (raw, json)
Hash identifier:          NQhN90vuECbCIig+AYkWsi7uCuDEP/f8Vg9ZpYuSiOA=
Subject key identifier:   33:8C:76:FF:78:BB:F3:0D:30:B1:93:A5:E8:DC:40:D7:98:CF:7D:0C
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       49D7999C06EEEA50A66C3ED39A4781C74BA70BD4
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/2eededf7-f3f8-4d80-8d73-d02124acd34f.roa
Signing time:             Fri 25 Apr 2025 17:10:09 +0000
ROA not before:           Fri 25 Apr 2025 17:10:09 +0000
ROA not after:            Fri 30 May 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        54.79.0.0/17 maxlen: 17
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 28 Apr 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            49:d7:99:9c:06:ee:ea:50:a6:6c:3e:d3:9a:47:81:c7:4b:a7:0b:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Apr 25 17:10:09 2025 GMT
            Not After : May 30 23:59:59 2025 GMT
        Subject: serialNumber=164a2561613da84f97d1e647b8a903d19dfab88e82bf047a4133af5cb81f849b, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:bc:59:90:e1:fc:7f:4c:ba:f2:3b:eb:b1:e8:
                    b4:3a:3e:3e:20:db:35:00:34:d1:91:73:2e:92:aa:
                    c2:9c:a4:80:91:61:c1:bb:5d:01:09:eb:cb:b6:24:
                    9e:2e:e9:7d:cc:a3:c5:6d:99:7f:54:6b:03:81:83:
                    4f:e4:56:54:bc:71:0a:65:75:4e:85:d4:6b:3f:6e:
                    df:73:ec:84:bf:3f:47:3d:02:87:4d:40:48:82:8d:
                    e1:2f:ac:e6:00:74:b0:98:92:ed:53:42:05:d6:9c:
                    a6:da:3e:64:1c:30:a4:c6:fc:1a:ac:c0:4f:82:7b:
                    76:fb:2f:bd:80:63:78:d5:40:a8:5d:5f:37:ab:10:
                    dd:0d:b2:1e:5e:cb:02:9c:4a:98:c4:45:cb:f6:d5:
                    b8:7c:5d:52:05:b7:23:0b:43:84:a9:40:fd:ec:3e:
                    06:68:02:6c:2f:bf:36:15:d3:6f:b0:b3:c7:b0:d6:
                    3d:65:cc:8d:11:87:2f:62:41:11:26:f7:65:44:24:
                    14:42:dc:31:7c:16:bd:e2:9d:bb:88:35:fd:62:69:
                    5c:5b:8e:fd:92:72:12:52:80:63:38:f2:24:db:b5:
                    69:d0:79:23:95:dc:3d:9f:ac:fe:53:65:f7:5e:1b:
                    d4:43:80:41:39:1e:30:38:fa:0b:e7:a2:4a:f5:fe:
                    c0:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:8C:76:FF:78:BB:F3:0D:30:B1:93:A5:E8:DC:40:D7:98:CF:7D:0C
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/2eededf7-f3f8-4d80-8d73-d02124acd34f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.79.0.0/17

    Signature Algorithm: sha256WithRSAEncryption
         71:55:e6:7b:c0:0d:e9:d4:56:a0:7c:9e:91:a4:fd:7c:01:9b:
         6f:2e:2b:22:7e:54:bd:50:b4:56:18:74:44:d6:dc:a6:7b:42:
         79:34:36:8f:8e:cb:92:9c:0d:29:39:87:fc:fb:d1:ce:8f:17:
         88:a3:ff:bf:5a:2d:63:26:d3:7b:af:c7:56:6a:4f:4f:71:f1:
         e8:0b:82:77:12:14:96:57:3f:44:de:89:e1:f8:da:c8:9f:39:
         a5:9a:33:b1:0b:9e:fc:f9:0b:e3:c4:a1:b6:58:22:d2:72:68:
         11:92:09:d1:01:7e:20:75:5f:68:15:52:8c:55:b2:f2:25:bf:
         f5:e4:63:5c:22:5d:93:c3:99:5e:a3:f7:98:85:29:5e:d9:08:
         bc:ba:03:15:d2:8e:92:bd:d3:1c:af:28:be:fd:70:da:00:68:
         a0:5c:35:a9:22:65:b3:c9:a0:ca:4a:80:27:77:b8:c8:e7:83:
         3f:bf:84:c4:d9:9d:65:a9:d2:b0:bc:2c:aa:03:1b:7c:21:77:
         0b:5c:1e:84:7d:48:01:33:f7:92:7c:e7:db:51:b8:1f:63:f7:
         89:e7:9a:f5:36:5d:c1:17:c9:13:18:3c:73:e3:53:e6:6b:c6:
         50:a1:b0:5e:ca:22:38:e6:29:18:02:c3:fa:bc:81:ac:6e:c5:
         c6:50:67:13
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUSdeZnAbu6lCmbD7TmkeBx0unC9QwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNDI1MTcxMDA5WhcNMjUwNTMwMjM1OTU5
WjB6MUkwRwYDVQQFE0AxNjRhMjU2MTYxM2RhODRmOTdkMWU2NDdiOGE5MDNkMTlk
ZmFiODhlODJiZjA0N2E0MTMzYWY1Y2I4MWY4NDliMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDLvFmQ4fx/TLryO+ux6LQ6Pj4g2zUANNGRcy6SqsKcpICR
YcG7XQEJ68u2JJ4u6X3Mo8VtmX9UawOBg0/kVlS8cQpldU6F1Gs/bt9z7IS/P0c9
AodNQEiCjeEvrOYAdLCYku1TQgXWnKbaPmQcMKTG/BqswE+Ce3b7L72AY3jVQKhd
XzerEN0Nsh5eywKcSpjERcv21bh8XVIFtyMLQ4SpQP3sPgZoAmwvvzYV02+ws8ew
1j1lzI0Rhy9iQREm92VEJBRC3DF8Fr3inbuINf1iaVxbjv2SchJSgGM48iTbtWnQ
eSOV3D2frP5TZfdeG9RDgEE5HjA4+gvnokr1/sC/AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUM4x2/3i78w0wsZOl6NxA15jPfQwwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzJlZWRlZGY3LWYzZjgtNGQ4MC04ZDczLWQwMjEyNGFjZDM0Zi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAc2TwAwDQYJKoZIhvcNAQELBQADggEBAHFV5nvADenUVqB8npGk/XwBm28u
KyJ+VL1QtFYYdETW3KZ7Qnk0No+Oy5KcDSk5h/z70c6PF4ij/79aLWMm03uvx1Zq
T09x8egLgncSFJZXP0TeieH42sifOaWaM7ELnvz5C+PEobZYItJyaBGSCdEBfiB1
X2gVUoxVsvIlv/XkY1wiXZPDmV6j95iFKV7ZCLy6AxXSjpK90xyvKL79cNoAaKBc
NakiZbPJoMpKgCd3uMjngz+/hMTZnWWp0rC8LKoDG3whdwtcHoR9SAEz95J859tR
uB9j94nnmvU2XcEXyRMYPHPjU+ZrxlChsF7KIjjmKRgCw/q8gaxuxcZQZxM=
-----END CERTIFICATE-----