Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/380eee99-99c9-4ca5-95e3-d588e1af6898.roa
File:                     380eee99-99c9-4ca5-95e3-d588e1af6898.roa (raw, json)
Hash identifier:          dmN3Lk8pAoXON48FvxwaoireXqQOQHJYebuOeTL3ifY=
Subject key identifier:   DE:EC:E2:A5:0E:E6:54:E3:FA:FE:03:C9:2C:3A:A7:A2:05:43:F8:39
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       1E0CB773717B6368E8A2B521570B3A7662BE89B4
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/380eee99-99c9-4ca5-95e3-d588e1af6898.roa
Signing time:             Tue 20 May 2025 16:00:05 +0000
ROA not before:           Tue 20 May 2025 16:00:05 +0000
ROA not after:            Tue 24 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        13.114.192.0/18 maxlen: 18
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 15 Jun 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1e:0c:b7:73:71:7b:63:68:e8:a2:b5:21:57:0b:3a:76:62:be:89:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 20 16:00:05 2025 GMT
            Not After : Jun 24 23:59:59 2025 GMT
        Subject: serialNumber=5d2393eccf5f916136f60b72ffa17fb8c012e63bc1450738a2d5ad5c785b0fd4, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:ec:36:71:c1:a4:1f:e7:0a:67:9d:3e:84:45:
                    62:de:69:62:63:e4:3d:d5:47:24:b4:ce:61:a6:28:
                    50:d2:08:3c:4b:f3:c9:3b:b3:65:2b:c3:ac:c3:5a:
                    4e:6c:a8:12:de:41:c4:fc:63:85:db:f9:fa:af:ab:
                    0d:ea:f2:e8:dd:dc:1f:12:a6:ce:4c:9e:af:d9:43:
                    35:25:91:36:08:44:49:38:3b:8e:b8:d5:f3:c1:9b:
                    53:18:18:a4:bc:d0:ec:19:7a:08:af:d3:34:3f:e8:
                    7c:fc:39:3c:18:18:80:f5:82:0c:43:e5:d3:53:54:
                    18:36:5b:d8:db:82:f5:06:5c:25:ad:dc:78:09:2d:
                    93:cf:a9:c9:11:6f:1d:b4:60:52:61:45:b5:25:a4:
                    80:da:c2:9d:6a:52:f3:0e:c0:43:e2:73:8f:76:fa:
                    e5:0e:1e:24:a6:3b:46:4d:9b:a2:53:25:e0:e5:85:
                    d3:d9:b2:10:f1:02:a8:b6:4e:d1:fd:e4:63:47:7e:
                    8e:74:dc:50:2d:53:0c:6f:db:f5:15:50:1f:52:a3:
                    14:a6:93:30:91:1a:8c:a8:fe:47:b1:b4:ca:00:69:
                    06:70:16:60:9d:ca:b4:c5:8a:b5:66:31:9c:b2:fb:
                    55:38:72:f5:aa:d8:15:da:47:1e:99:fe:f9:b8:2b:
                    8f:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:EC:E2:A5:0E:E6:54:E3:FA:FE:03:C9:2C:3A:A7:A2:05:43:F8:39
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/380eee99-99c9-4ca5-95e3-d588e1af6898.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  13.114.192.0/18

    Signature Algorithm: sha256WithRSAEncryption
         72:35:db:56:47:82:1b:94:f2:72:34:80:a6:89:38:a3:bc:7e:
         17:78:ea:e1:e3:5d:07:04:4b:11:ee:cc:08:17:e9:a7:b2:cb:
         b2:18:5f:a0:76:e5:ed:14:90:f5:43:93:4e:c1:85:bc:42:2a:
         ba:0f:44:b6:a3:50:db:60:a7:d1:e5:2b:e0:4b:ce:f6:77:a8:
         c6:8a:e1:ff:84:3a:2e:9e:9f:28:7c:2f:44:97:55:4d:37:9c:
         1c:b7:b2:df:0f:c0:51:5b:73:cc:ed:b6:04:aa:3d:1a:e8:d3:
         68:31:80:2e:44:0e:43:2f:8c:31:f4:b4:75:5c:b9:44:cc:07:
         50:e0:3f:91:e7:85:31:2d:dc:2a:95:3b:d0:21:c6:d3:7a:d1:
         92:de:93:8b:d0:4a:bb:04:2d:5a:0a:a0:25:df:70:04:4a:da:
         18:59:c5:fd:93:d0:b0:c3:e0:ca:62:06:cb:7d:0a:23:6c:76:
         30:37:71:64:89:21:da:ba:21:88:81:37:21:c9:b7:6c:d5:eb:
         04:c5:c9:ec:70:c2:e8:74:c3:3b:09:b0:b9:be:75:4a:a4:8b:
         fe:34:cb:37:eb:8a:07:a0:9b:7a:91:1e:8c:ef:dd:7f:f5:38:
         a2:b8:ce:37:46:6f:62:e4:75:98:92:b0:1f:38:ce:8c:08:62:
         fb:0e:49:b8
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUHgy3c3F7Y2joorUhVws6dmK+ibQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNTIwMTYwMDA1WhcNMjUwNjI0MjM1OTU5
WjB6MUkwRwYDVQQFE0A1ZDIzOTNlY2NmNWY5MTYxMzZmNjBiNzJmZmExN2ZiOGMw
MTJlNjNiYzE0NTA3MzhhMmQ1YWQ1Yzc4NWIwZmQ0MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDD7DZxwaQf5wpnnT6ERWLeaWJj5D3VRyS0zmGmKFDSCDxL
88k7s2Urw6zDWk5sqBLeQcT8Y4Xb+fqvqw3q8ujd3B8Sps5Mnq/ZQzUlkTYIREk4
O4641fPBm1MYGKS80OwZegiv0zQ/6Hz8OTwYGID1ggxD5dNTVBg2W9jbgvUGXCWt
3HgJLZPPqckRbx20YFJhRbUlpIDawp1qUvMOwEPic492+uUOHiSmO0ZNm6JTJeDl
hdPZshDxAqi2TtH95GNHfo503FAtUwxv2/UVUB9SoxSmkzCRGoyo/kextMoAaQZw
FmCdyrTFirVmMZyy+1U4cvWq2BXaRx6Z/vm4K4/7AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU3uzipQ7mVOP6/gPJLDqnogVD+DkwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzM4MGVlZTk5LTk5YzktNGNhNS05NWUzLWQ1ODhlMWFmNjg5OC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAYNcsAwDQYJKoZIhvcNAQELBQADggEBAHI121ZHghuU8nI0gKaJOKO8fhd4
6uHjXQcESxHuzAgX6aeyy7IYX6B25e0UkPVDk07BhbxCKroPRLajUNtgp9HlK+BL
zvZ3qMaK4f+EOi6enyh8L0SXVU03nBy3st8PwFFbc8zttgSqPRro02gxgC5EDkMv
jDH0tHVcuUTMB1DgP5HnhTEt3CqVO9AhxtN60ZLek4vQSrsELVoKoCXfcARK2hhZ
xf2T0LDD4MpiBst9CiNsdjA3cWSJIdq6IYiBNyHJt2zV6wTFyexwwuh0wzsJsLm+
dUqki/40yzfrigegm3qRHozv3X/1OKK4zjdGb2LkdZiSsB84zowIYvsOSbg=
-----END CERTIFICATE-----