Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/4e5c4526-620b-4572-a2b1-7b2759cb8e7c.roa
File:                     4e5c4526-620b-4572-a2b1-7b2759cb8e7c.roa (raw, json)
Hash identifier:          LI9oYl5pWyllHSRQ36nkOFSq0Xf2EZju6zgMXsIJYAc=
Subject key identifier:   DF:84:14:20:CD:73:2C:44:72:B2:E5:53:B7:C5:F6:E5:D0:62:C6:C0
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       791CC82307C3A0DD08FC2D1F446B330E5C5D9E2B
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/4e5c4526-620b-4572-a2b1-7b2759cb8e7c.roa
Signing time:             Tue 20 May 2025 16:30:25 +0000
ROA not before:           Tue 20 May 2025 16:30:25 +0000
ROA not after:            Tue 24 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        15.156.0.0/15 maxlen: 15
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 15 Jun 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            79:1c:c8:23:07:c3:a0:dd:08:fc:2d:1f:44:6b:33:0e:5c:5d:9e:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 20 16:30:25 2025 GMT
            Not After : Jun 24 23:59:59 2025 GMT
        Subject: serialNumber=32181659e1d6a87bfc53387df433b8741482f4910ad115a15bc748a74d172db6, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:2e:c8:20:76:ea:a7:a7:5c:8a:eb:2d:f6:f8:
                    0f:43:20:d3:32:c1:0c:79:81:9a:26:62:03:9d:3b:
                    ba:f2:39:9f:c1:54:1b:5c:85:40:45:0e:76:49:7b:
                    cf:db:1b:c0:78:c5:c4:84:e3:ea:24:bf:a6:71:50:
                    44:39:e0:f3:c4:37:8e:50:42:c9:18:58:f1:e8:f5:
                    bd:66:37:93:9f:8b:73:dd:0e:8a:a9:55:e9:81:86:
                    23:d0:e0:f7:df:7c:55:11:e0:a8:9c:51:8b:7e:37:
                    e8:71:02:65:1c:a7:fb:26:40:2a:3e:01:81:19:21:
                    c1:9d:ce:49:7e:ff:19:de:9d:3b:f4:8a:e4:12:57:
                    c4:d1:02:57:22:3c:48:85:4b:4d:42:2a:26:bc:02:
                    11:d7:01:af:5f:df:0b:f7:fa:bf:38:38:d4:bb:a6:
                    6c:c3:07:a8:34:19:01:98:0a:70:2e:d7:9e:23:5f:
                    e5:d5:62:dd:a4:93:c8:38:10:0f:5e:78:73:d2:2e:
                    ea:79:04:40:cc:5a:40:1d:dc:24:77:e6:c0:1d:e0:
                    69:7f:de:ec:11:c9:94:aa:42:57:f6:c4:32:0a:03:
                    c4:fb:45:c0:7d:05:27:ae:2b:62:ec:11:cc:50:c4:
                    ec:d7:0f:cf:76:b5:2e:94:9a:35:e8:66:31:01:3c:
                    d6:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:84:14:20:CD:73:2C:44:72:B2:E5:53:B7:C5:F6:E5:D0:62:C6:C0
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/4e5c4526-620b-4572-a2b1-7b2759cb8e7c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  15.156.0.0/15

    Signature Algorithm: sha256WithRSAEncryption
         2d:cc:fb:f5:3a:0b:c4:c9:f8:ae:6e:49:13:8e:86:10:08:74:
         57:5b:4d:0c:b3:94:d3:95:00:11:47:6e:d3:31:b8:7a:f4:72:
         22:fc:92:12:1e:9b:76:8d:2b:fc:21:ca:ed:b7:a2:06:5f:bb:
         24:5f:a0:d4:bf:31:20:53:99:63:c1:3a:06:5e:cd:a8:2a:8d:
         5c:41:6a:60:a5:f6:5a:06:da:10:88:1c:f6:a7:8a:e2:a9:89:
         56:7c:73:07:57:fd:c7:ac:6c:b8:ac:30:05:3f:8a:ea:3d:fb:
         6b:98:7a:c1:7c:77:18:63:71:67:1c:06:78:8c:7e:ad:9d:22:
         90:9a:1f:a5:86:45:f2:e8:f7:84:87:89:fe:a2:09:da:2c:95:
         c5:c1:3d:b1:cd:c8:6a:2d:61:1c:7b:5b:57:9c:bc:96:c1:f9:
         b1:af:7a:e1:e4:e5:e5:0e:5f:b9:5f:d9:9e:45:41:78:44:5e:
         83:5f:15:54:84:f2:c8:5b:77:74:19:f3:84:72:d4:db:da:9c:
         19:cc:31:2c:ee:29:54:f1:6d:2f:b7:27:20:a9:8a:0c:a5:56:
         7b:af:2e:41:6a:54:2b:08:62:64:f0:fc:06:3b:98:2b:f9:6c:
         49:af:8d:9c:ed:28:99:4e:19:df:00:ee:fb:eb:e9:0e:e1:08:
         05:04:66:d9
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUeRzIIwfDoN0I/C0fRGszDlxdniswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNTIwMTYzMDI1WhcNMjUwNjI0MjM1OTU5
WjB6MUkwRwYDVQQFE0AzMjE4MTY1OWUxZDZhODdiZmM1MzM4N2RmNDMzYjg3NDE0
ODJmNDkxMGFkMTE1YTE1YmM3NDhhNzRkMTcyZGI2MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDGLsggduqnp1yK6y32+A9DINMywQx5gZomYgOdO7ryOZ/B
VBtchUBFDnZJe8/bG8B4xcSE4+okv6ZxUEQ54PPEN45QQskYWPHo9b1mN5Ofi3Pd
DoqpVemBhiPQ4PfffFUR4KicUYt+N+hxAmUcp/smQCo+AYEZIcGdzkl+/xnenTv0
iuQSV8TRAlciPEiFS01CKia8AhHXAa9f3wv3+r84ONS7pmzDB6g0GQGYCnAu154j
X+XVYt2kk8g4EA9eeHPSLup5BEDMWkAd3CR35sAd4Gl/3uwRyZSqQlf2xDIKA8T7
RcB9BSeuK2LsEcxQxOzXD892tS6UmjXoZjEBPNbzAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU34QUIM1zLERysuVTt8X25dBixsAwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzRlNWM0NTI2LTYyMGItNDU3Mi1hMmIxLTdiMjc1OWNiOGU3Yy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwEPnDANBgkqhkiG9w0BAQsFAAOCAQEALcz79ToLxMn4rm5JE46GEAh0V1tN
DLOU05UAEUdu0zG4evRyIvySEh6bdo0r/CHK7beiBl+7JF+g1L8xIFOZY8E6Bl7N
qCqNXEFqYKX2WgbaEIgc9qeK4qmJVnxzB1f9x6xsuKwwBT+K6j37a5h6wXx3GGNx
ZxwGeIx+rZ0ikJofpYZF8uj3hIeJ/qIJ2iyVxcE9sc3Iai1hHHtbV5y8lsH5sa96
4eTl5Q5fuV/ZnkVBeEReg18VVITyyFt3dBnzhHLU29qcGcwxLO4pVPFtL7cnIKmK
DKVWe68uQWpUKwhiZPD8BjuYK/lsSa+NnO0omU4Z3wDu++vpDuEIBQRm2Q==
-----END CERTIFICATE-----