Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/43c88db7-77d5-4925-b7f7-5eb88c4b8820.roa
File:                     43c88db7-77d5-4925-b7f7-5eb88c4b8820.roa (raw, json)
Hash identifier:          Co6kbOH4zVdneCjEDrUvkCGNp4zrcKzRBEIlYWR3Ql8=
Subject key identifier:   99:63:F6:FB:6B:E3:D6:0F:75:70:27:97:32:C6:3D:61:9B:62:C5:3F
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       2DBB235FEC44CE4F6DA8D3FC52AA407F79D20A72
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/43c88db7-77d5-4925-b7f7-5eb88c4b8820.roa
Signing time:             Mon 14 Apr 2025 16:30:52 +0000
ROA not before:           Mon 14 Apr 2025 16:30:52 +0000
ROA not after:            Mon 19 May 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        52.0.0.0/11 maxlen: 11
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 30 Apr 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2d:bb:23:5f:ec:44:ce:4f:6d:a8:d3:fc:52:aa:40:7f:79:d2:0a:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Apr 14 16:30:52 2025 GMT
            Not After : May 19 23:59:59 2025 GMT
        Subject: serialNumber=14efe3e0d787c82366ce7157aa13cdb0e4d11de8799cec6c31873fcac6e64a8d, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:8e:d7:35:14:4b:f6:95:1f:55:b4:3f:67:2e:
                    63:ae:eb:01:12:73:56:25:86:53:ca:f7:3c:a7:ff:
                    81:7e:b8:44:eb:6e:6b:d8:cb:32:a4:e6:16:c3:e0:
                    bb:14:b7:44:96:66:22:88:f6:d9:7a:4e:5a:0b:99:
                    6f:fc:96:a7:f7:16:35:23:83:ae:10:a1:75:12:79:
                    cd:b5:c9:f2:9a:8d:78:a5:b1:dd:fe:db:1f:2a:80:
                    64:ed:0b:1e:30:5f:35:ef:36:c4:42:ac:35:a0:17:
                    67:39:55:ef:49:6b:79:94:54:9c:9a:7b:21:cb:13:
                    5c:03:3a:d5:fc:ae:bb:5a:3f:e3:a7:d9:e8:05:b7:
                    99:a2:53:77:91:9b:47:b1:5a:6f:0d:05:5a:a4:cb:
                    45:28:f3:e6:b5:e7:51:52:98:6c:f0:44:49:22:bc:
                    83:13:1c:5f:06:c9:69:05:3c:47:f9:e7:cd:f0:a3:
                    1d:96:f7:b6:7f:ea:80:d2:9a:04:b9:8e:7c:9e:23:
                    10:f5:ae:c2:f0:aa:94:a5:30:2e:8f:0a:bb:0b:84:
                    93:8f:4c:91:63:7d:20:2f:45:c1:15:8b:65:2e:84:
                    6d:b5:1d:31:08:29:94:e2:b5:58:25:13:f9:8a:69:
                    67:51:bd:53:b7:ae:90:f1:5b:d5:e9:4c:4d:2e:84:
                    ad:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:63:F6:FB:6B:E3:D6:0F:75:70:27:97:32:C6:3D:61:9B:62:C5:3F
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/43c88db7-77d5-4925-b7f7-5eb88c4b8820.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.0.0.0/11

    Signature Algorithm: sha256WithRSAEncryption
         8c:0d:72:ed:fc:ba:25:3c:d2:9c:f7:4f:cd:d0:e9:f6:48:51:
         3e:59:c6:ac:37:fd:49:8c:31:bf:9a:1a:97:2c:dd:e3:9c:74:
         7e:f8:17:48:e1:5e:c0:3b:34:72:cc:81:f5:7f:25:b7:93:ce:
         4e:fb:fc:6a:6d:2a:22:64:f7:b4:0f:87:f9:ea:2f:80:7a:c0:
         71:81:50:06:6f:6e:8d:72:bf:07:20:cd:23:82:43:db:67:0d:
         16:b0:2c:45:21:bf:3f:08:64:05:0e:03:e1:03:74:20:94:4e:
         61:87:d1:8e:b8:93:65:59:07:3e:a6:bf:d3:b9:31:7c:59:61:
         79:5a:47:73:68:4e:b4:ba:e3:ef:e9:9c:a9:a7:12:8e:08:d2:
         a2:90:05:c9:fe:f3:30:fa:67:45:c8:f5:7b:37:3f:91:b0:c4:
         8d:b1:11:db:0d:59:a0:c5:e1:72:1d:8f:0f:3b:53:4e:15:48:
         bb:29:b2:44:ed:ff:5d:b2:26:69:77:26:a7:c6:3a:90:fe:74:
         1c:71:51:12:b1:2e:a5:ff:b8:98:d9:41:bc:e9:d8:b7:b6:0c:
         96:fb:86:0c:20:c7:76:48:75:23:8c:66:65:8f:23:96:f3:d3:
         92:51:af:cf:92:f4:a6:49:5f:4e:9a:c4:c3:b3:b4:ed:ce:11:
         0f:61:c8:20
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIULbsjX+xEzk9tqNP8UqpAf3nSCnIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNDE0MTYzMDUyWhcNMjUwNTE5MjM1OTU5
WjB6MUkwRwYDVQQFE0AxNGVmZTNlMGQ3ODdjODIzNjZjZTcxNTdhYTEzY2RiMGU0
ZDExZGU4Nzk5Y2VjNmMzMTg3M2ZjYWM2ZTY0YThkMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDfjtc1FEv2lR9VtD9nLmOu6wESc1YlhlPK9zyn/4F+uETr
bmvYyzKk5hbD4LsUt0SWZiKI9tl6TloLmW/8lqf3FjUjg64QoXUSec21yfKajXil
sd3+2x8qgGTtCx4wXzXvNsRCrDWgF2c5Ve9Ja3mUVJyaeyHLE1wDOtX8rrtaP+On
2egFt5miU3eRm0exWm8NBVqky0Uo8+a151FSmGzwREkivIMTHF8GyWkFPEf5583w
ox2W97Z/6oDSmgS5jnyeIxD1rsLwqpSlMC6PCrsLhJOPTJFjfSAvRcEVi2UuhG21
HTEIKZTitVglE/mKaWdRvVO3rpDxW9XpTE0uhK3HAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUmWP2+2vj1g91cCeXMsY9YZtixT8wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzQzYzg4ZGI3LTc3ZDUtNDkyNS1iN2Y3LTVlYjg4YzRiODgyMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwU0ADANBgkqhkiG9w0BAQsFAAOCAQEAjA1y7fy6JTzSnPdPzdDp9khRPlnG
rDf9SYwxv5oalyzd45x0fvgXSOFewDs0csyB9X8lt5POTvv8am0qImT3tA+H+eov
gHrAcYFQBm9ujXK/ByDNI4JD22cNFrAsRSG/PwhkBQ4D4QN0IJROYYfRjriTZVkH
Pqa/07kxfFlheVpHc2hOtLrj7+mcqacSjgjSopAFyf7zMPpnRcj1ezc/kbDEjbER
2w1ZoMXhch2PDztTThVIuymyRO3/XbImaXcmp8Y6kP50HHFRErEupf+4mNlBvOnY
t7YMlvuGDCDHdkh1I4xmZY8jlvPTklGvz5L0pklfTprEw7O07c4RD2HIIA==
-----END CERTIFICATE-----