Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/48a5c303-790e-4793-8605-635e3316bc86.roa
File:                     48a5c303-790e-4793-8605-635e3316bc86.roa (raw, json)
Hash identifier:          /0Y03ZLOIGAp43u/eqrgn3HfKKGtFWXa00KwsiQEzX8=
Subject key identifier:   51:2E:A1:64:B2:0B:3B:CB:52:F1:D7:C3:BE:C0:7F:95:50:1B:B2:40
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       4C355FF883D237EBDC0DFFD6C4125AD26B7F7B6B
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/48a5c303-790e-4793-8605-635e3316bc86.roa
Signing time:             Mon 14 Apr 2025 17:00:14 +0000
ROA not before:           Mon 14 Apr 2025 17:00:14 +0000
ROA not after:            Mon 19 May 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        54.160.0.0/13 maxlen: 13
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 28 Apr 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4c:35:5f:f8:83:d2:37:eb:dc:0d:ff:d6:c4:12:5a:d2:6b:7f:7b:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Apr 14 17:00:14 2025 GMT
            Not After : May 19 23:59:59 2025 GMT
        Subject: serialNumber=ff1a266b4a3aa3414a394488fe1b7fa3958a5fd25c3477b42d33e3bc5285e64d, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:da:54:7b:2e:3f:19:de:e4:98:a7:93:a5:9b:
                    50:36:9a:6f:54:f0:b6:57:42:cf:96:a9:a2:f3:93:
                    c8:ed:a6:2e:1a:d3:ab:31:e6:2a:d0:a3:0f:3d:75:
                    7e:33:3e:4a:b1:9f:7e:f8:30:64:d0:75:92:4b:8e:
                    32:d5:e0:a0:2e:5e:03:a6:33:1b:e9:7c:87:4b:32:
                    b1:86:da:5d:34:9d:bc:24:55:1f:06:72:de:b3:cc:
                    18:b8:ab:db:2c:61:4c:de:21:3b:69:a2:d5:e3:7e:
                    30:03:1b:31:ff:24:c3:61:f5:af:d5:df:ad:2f:7b:
                    b0:e4:05:bb:60:8b:05:29:a4:12:5b:18:9b:5c:5b:
                    a3:3f:c6:a1:05:73:9c:b5:af:12:5c:a5:7f:c2:d6:
                    3b:68:eb:5a:5a:21:1a:0a:de:c2:e2:38:ed:ac:5d:
                    98:ce:c7:0a:00:f0:41:05:07:39:27:e1:e2:41:0a:
                    b6:c6:4a:2a:bf:b5:31:13:a3:24:6f:92:13:fa:18:
                    ce:b3:03:a2:d3:9c:6b:11:9e:1b:77:22:5c:ef:c4:
                    48:df:73:33:54:9b:d0:f9:c1:6c:50:b8:29:f2:6c:
                    8a:5f:ac:43:05:de:09:85:21:69:24:6f:47:3b:25:
                    47:fd:29:8b:57:a5:7a:20:f5:18:78:51:ac:af:e4:
                    1b:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:2E:A1:64:B2:0B:3B:CB:52:F1:D7:C3:BE:C0:7F:95:50:1B:B2:40
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/48a5c303-790e-4793-8605-635e3316bc86.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.160.0.0/13

    Signature Algorithm: sha256WithRSAEncryption
         a4:72:b9:7b:8b:27:fd:32:cb:ff:0a:1e:4a:b0:30:9a:b9:91:
         44:6a:78:c4:ff:f9:ef:a8:60:59:6a:22:84:26:73:79:82:3e:
         fc:37:71:f4:af:8c:d3:f2:6a:92:24:31:d7:92:63:b6:0b:47:
         82:d6:73:3a:a3:52:1a:9f:9f:5e:ec:d0:85:4f:5b:f5:5d:f2:
         88:bd:73:2d:06:02:28:fe:53:33:35:7a:db:b8:e1:d2:d2:e6:
         21:f0:d7:6d:f8:87:df:97:fb:4b:c3:e9:23:3f:29:37:db:89:
         7a:7e:f7:23:2b:31:01:1c:10:25:7f:15:65:32:fe:7d:8d:18:
         35:9b:b9:9b:f7:2a:50:0e:20:61:d1:3e:02:cb:f8:df:46:7f:
         79:5f:90:a1:03:b6:6b:fd:63:b1:7b:0b:db:6b:50:d4:a7:71:
         76:0e:4a:0f:00:63:a9:ca:e5:09:cf:00:c5:2c:76:03:13:4f:
         36:57:47:fe:45:42:67:64:c1:e1:37:12:b0:fd:51:20:1d:04:
         96:bf:ca:01:ff:25:4f:b2:20:57:5b:47:a1:ab:a1:3c:be:5d:
         ba:89:79:fe:c1:2a:b6:26:b3:87:50:22:10:ec:85:cc:ec:ec:
         4a:a3:77:2f:3d:69:20:5a:7d:27:c3:85:ff:a4:67:95:af:d4:
         fe:de:63:8c
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUTDVf+IPSN+vcDf/WxBJa0mt/e2swDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNDE0MTcwMDE0WhcNMjUwNTE5MjM1OTU5
WjB6MUkwRwYDVQQFE0BmZjFhMjY2YjRhM2FhMzQxNGEzOTQ0ODhmZTFiN2ZhMzk1
OGE1ZmQyNWMzNDc3YjQyZDMzZTNiYzUyODVlNjRkMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDX2lR7Lj8Z3uSYp5Olm1A2mm9U8LZXQs+WqaLzk8jtpi4a
06sx5irQow89dX4zPkqxn374MGTQdZJLjjLV4KAuXgOmMxvpfIdLMrGG2l00nbwk
VR8Gct6zzBi4q9ssYUzeITtpotXjfjADGzH/JMNh9a/V360ve7DkBbtgiwUppBJb
GJtcW6M/xqEFc5y1rxJcpX/C1jto61paIRoK3sLiOO2sXZjOxwoA8EEFBzkn4eJB
CrbGSiq/tTEToyRvkhP6GM6zA6LTnGsRnht3IlzvxEjfczNUm9D5wWxQuCnybIpf
rEMF3gmFIWkkb0c7JUf9KYtXpXog9Rh4Uayv5BvLAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUUS6hZLILO8tS8dfDvsB/lVAbskAwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzQ4YTVjMzAzLTc5MGUtNDc5My04NjA1LTYzNWUzMzE2YmM4Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwM2oDANBgkqhkiG9w0BAQsFAAOCAQEApHK5e4sn/TLL/woeSrAwmrmRRGp4
xP/576hgWWoihCZzeYI+/Ddx9K+M0/JqkiQx15JjtgtHgtZzOqNSGp+fXuzQhU9b
9V3yiL1zLQYCKP5TMzV627jh0tLmIfDXbfiH35f7S8PpIz8pN9uJen73IysxARwQ
JX8VZTL+fY0YNZu5m/cqUA4gYdE+Asv430Z/eV+QoQO2a/1jsXsL22tQ1Kdxdg5K
DwBjqcrlCc8AxSx2AxNPNldH/kVCZ2TB4TcSsP1RIB0Elr/KAf8lT7IgV1tHoauh
PL5duol5/sEqtiazh1AiEOyFzOzsSqN3Lz1pIFp9J8OF/6Rnla/U/t5jjA==
-----END CERTIFICATE-----