Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/5f0772d8-f455-463e-9417-4ddc13856c48.roa
File:                     5f0772d8-f455-463e-9417-4ddc13856c48.roa (raw, json)
Hash identifier:          0n0iNjFmSxNzFMJ0uf8SKB8Y2CFSOgZ90UwzKCasbNw=
Subject key identifier:   6D:0A:DC:E0:CB:50:C8:A4:46:3F:39:8B:CB:62:4F:01:DC:B5:FC:D1
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       764C64CD6F6CB6FAC17F6C9928F758EF30066F9B
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/5f0772d8-f455-463e-9417-4ddc13856c48.roa
Signing time:             Sat 26 Apr 2025 00:20:57 +0000
ROA not before:           Sat 26 Apr 2025 00:20:57 +0000
ROA not after:            Sat 31 May 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        18.148.0.0/14 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 28 Apr 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            76:4c:64:cd:6f:6c:b6:fa:c1:7f:6c:99:28:f7:58:ef:30:06:6f:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Apr 26 00:20:57 2025 GMT
            Not After : May 31 23:59:59 2025 GMT
        Subject: serialNumber=4411e55a9080703dc1586cef9c6ed54d9607a9cdf0feed93f691e8259937e257, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:db:99:14:c5:60:14:e5:fe:50:dc:14:25:f8:
                    39:dd:07:5f:2c:67:6e:e7:e3:1c:57:76:74:12:00:
                    48:c5:dc:29:28:6a:d2:c2:ff:8f:02:8d:7f:1a:be:
                    6b:1c:c1:e3:da:aa:4e:d1:82:a7:82:5b:2b:82:6d:
                    dd:23:ae:66:1d:30:d7:cd:fe:21:b4:4a:44:41:49:
                    0a:90:95:14:f8:27:99:3c:4a:26:6f:f1:ea:ab:6c:
                    86:88:46:75:20:8c:3a:fa:1e:3a:d4:31:bb:de:fd:
                    08:2f:f4:1b:2c:1d:c7:bd:89:66:48:af:2a:1c:ed:
                    98:9d:52:bf:18:1f:82:27:0f:1a:63:21:9d:ba:1c:
                    14:e4:36:a1:59:c2:00:af:ba:d7:c5:53:d3:28:ad:
                    4b:84:b0:e5:67:d9:a3:1c:1a:fd:86:17:c5:34:5b:
                    ba:65:87:69:41:9d:6b:c5:40:ba:23:fd:2a:00:e8:
                    a7:b7:99:f4:5f:d9:2f:22:f3:5d:43:d4:a6:26:3a:
                    b4:d9:73:d0:58:6a:5e:fb:1f:9d:89:6b:bb:ba:70:
                    47:16:e6:4e:76:02:fe:d3:2d:7f:22:9a:91:ad:0f:
                    24:fa:96:f6:8a:3e:ba:10:77:c2:e0:7c:d5:27:b6:
                    fe:ae:a1:d1:3b:a9:78:3f:5d:53:90:a2:ae:98:83:
                    4d:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:0A:DC:E0:CB:50:C8:A4:46:3F:39:8B:CB:62:4F:01:DC:B5:FC:D1
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/5f0772d8-f455-463e-9417-4ddc13856c48.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  18.148.0.0/14

    Signature Algorithm: sha256WithRSAEncryption
         5c:85:fc:e8:d5:ad:04:97:35:78:0b:26:7c:5d:cf:86:d0:78:
         6d:f8:8b:b8:45:2e:91:86:1e:3b:17:da:e5:82:5f:ae:2d:2c:
         35:e2:a6:d6:31:5f:9d:93:a5:6a:d6:a7:d3:19:73:ab:d1:19:
         1d:80:8d:3d:03:7d:a3:ff:b6:6c:b2:ac:f7:37:87:a0:84:4d:
         a7:1b:a0:bd:ee:5c:5a:97:d6:4c:78:8b:9a:9e:47:55:0c:74:
         82:ce:45:19:a8:5c:39:ce:3c:38:80:3b:97:d2:b5:9e:00:88:
         b0:db:3f:c5:c9:c9:31:e5:c5:ec:14:f7:1d:b6:ce:c5:9a:08:
         7e:63:2e:5d:36:37:0d:f1:c1:9a:e3:0a:55:53:61:6e:76:62:
         5d:4b:44:7b:23:51:56:b2:27:0b:66:68:08:2a:cd:15:05:12:
         df:dc:48:14:18:d3:af:ea:42:d4:60:37:56:13:40:a3:b8:bd:
         92:7b:f5:b0:08:cd:51:d6:56:a6:dc:bb:84:5b:28:f9:59:c2:
         59:a3:aa:dc:1f:5d:22:df:5c:4f:fe:cc:d6:de:ca:b9:55:71:
         4a:d4:83:74:bc:55:a3:27:3e:f2:3a:87:36:ca:00:f3:ec:77:
         1b:9a:c2:54:d5:a4:de:8e:c1:c6:6d:3a:ab:80:9c:fd:a0:b9:
         96:5e:b7:8a
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUdkxkzW9stvrBf2yZKPdY7zAGb5swDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNDI2MDAyMDU3WhcNMjUwNTMxMjM1OTU5
WjB6MUkwRwYDVQQFE0A0NDExZTU1YTkwODA3MDNkYzE1ODZjZWY5YzZlZDU0ZDk2
MDdhOWNkZjBmZWVkOTNmNjkxZTgyNTk5MzdlMjU3MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDV25kUxWAU5f5Q3BQl+DndB18sZ27n4xxXdnQSAEjF3Cko
atLC/48CjX8avmscwePaqk7RgqeCWyuCbd0jrmYdMNfN/iG0SkRBSQqQlRT4J5k8
SiZv8eqrbIaIRnUgjDr6HjrUMbve/Qgv9BssHce9iWZIryoc7ZidUr8YH4InDxpj
IZ26HBTkNqFZwgCvutfFU9MorUuEsOVn2aMcGv2GF8U0W7plh2lBnWvFQLoj/SoA
6Ke3mfRf2S8i811D1KYmOrTZc9BYal77H52Ja7u6cEcW5k52Av7TLX8impGtDyT6
lvaKProQd8LgfNUntv6uodE7qXg/XVOQoq6Yg035AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUbQrc4MtQyKRGPzmLy2JPAdy1/NEwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzVmMDc3MmQ4LWY0NTUtNDYzZS05NDE3LTRkZGMxMzg1NmM0OC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwISlDANBgkqhkiG9w0BAQsFAAOCAQEAXIX86NWtBJc1eAsmfF3PhtB4bfiL
uEUukYYeOxfa5YJfri0sNeKm1jFfnZOlatan0xlzq9EZHYCNPQN9o/+2bLKs9zeH
oIRNpxugve5cWpfWTHiLmp5HVQx0gs5FGahcOc48OIA7l9K1ngCIsNs/xcnJMeXF
7BT3HbbOxZoIfmMuXTY3DfHBmuMKVVNhbnZiXUtEeyNRVrInC2ZoCCrNFQUS39xI
FBjTr+pC1GA3VhNAo7i9knv1sAjNUdZWpty7hFso+VnCWaOq3B9dIt9cT/7M1t7K
uVVxStSDdLxVoyc+8jqHNsoA8+x3G5rCVNWk3o7Bxm06q4Cc/aC5ll63ig==
-----END CERTIFICATE-----