Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/753bfb8d-19c1-468a-9fe9-da4787da9f96.roa
File:                     753bfb8d-19c1-468a-9fe9-da4787da9f96.roa (raw, json)
Hash identifier:          ocSw0EPOME9Vn6L/Dj2BI740sK5POaXRbh83IILhh9w=
Subject key identifier:   1B:69:55:E1:D8:C8:E6:C6:F4:27:9F:C9:72:7D:38:2F:02:9C:19:D6
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       301A0BA530313D9F4319B114942EDF71822EF4FA
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/753bfb8d-19c1-468a-9fe9-da4787da9f96.roa
Signing time:             Sat 26 Apr 2025 00:10:23 +0000
ROA not before:           Sat 26 Apr 2025 00:10:23 +0000
ROA not after:            Sat 31 May 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        150.222.224.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 28 Apr 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            30:1a:0b:a5:30:31:3d:9f:43:19:b1:14:94:2e:df:71:82:2e:f4:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Apr 26 00:10:23 2025 GMT
            Not After : May 31 23:59:59 2025 GMT
        Subject: serialNumber=1045a53323e951e843496bf089cda11cfd3d5a5cdddde5b1ee5d661af1aa273f, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:d7:7f:05:4d:7f:53:29:e9:45:9f:ad:c9:93:
                    5e:94:bf:46:59:87:bd:3c:75:b0:19:be:da:d2:f0:
                    3c:ac:1e:f2:98:09:c9:dc:2b:98:43:8c:c0:15:47:
                    ed:af:fe:6c:8b:81:58:ee:af:f1:95:92:3a:ae:c6:
                    b8:e2:69:df:76:67:46:1a:87:b5:28:1c:32:aa:ab:
                    33:36:44:4c:bb:b3:1a:c2:69:7d:b9:c4:bd:d4:f3:
                    35:7c:63:a0:1d:ad:d9:3f:46:1c:20:23:f0:0f:1a:
                    6a:3b:6f:90:ac:23:b1:79:e1:59:33:12:c9:6b:f8:
                    aa:e6:85:94:be:65:25:89:14:3e:53:a0:19:19:93:
                    d6:90:77:95:db:47:d9:4f:b7:c4:8d:1e:a0:15:bc:
                    8a:66:d3:87:e1:38:41:2e:de:98:75:99:ae:52:6e:
                    49:7b:b5:65:ce:1f:07:8d:48:1d:56:c4:dc:b5:d5:
                    49:40:a5:89:eb:5e:f6:d8:3d:69:17:d6:83:19:df:
                    fa:de:13:65:0b:5c:25:86:6c:a5:98:d7:b6:94:e4:
                    ba:78:19:5a:da:36:cb:71:e2:5b:8a:cd:02:0f:a8:
                    c2:21:9d:01:06:9d:8f:bb:85:3c:54:45:b2:38:83:
                    19:d2:97:71:72:ee:ac:81:8d:57:62:da:07:b2:32:
                    98:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:69:55:E1:D8:C8:E6:C6:F4:27:9F:C9:72:7D:38:2F:02:9C:19:D6
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/753bfb8d-19c1-468a-9fe9-da4787da9f96.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  150.222.224.0/24

    Signature Algorithm: sha256WithRSAEncryption
         37:c4:12:bd:f3:0e:c7:5d:23:9e:47:42:bb:6b:c7:54:1b:8c:
         37:75:6b:89:79:c0:f3:19:43:53:ae:3e:f9:9e:94:60:8d:0b:
         86:3f:87:04:df:da:2f:5f:10:d4:be:79:b3:04:e0:f6:d9:4e:
         26:11:d1:f8:85:03:6b:de:40:2b:f3:db:68:43:5b:72:9a:e4:
         99:bc:d7:a1:17:c0:d7:b7:71:3a:77:18:29:ab:0f:ca:17:40:
         8f:e3:db:8b:8b:0a:4f:e4:72:e5:9e:11:15:90:9d:2e:fa:3f:
         7f:36:25:c7:fd:34:50:33:6c:ce:b1:4d:fa:df:6e:5f:ea:b3:
         e6:a1:54:67:63:d3:1f:52:c8:50:4e:fd:43:1f:5e:25:21:df:
         09:56:98:8b:d2:06:50:2c:80:4d:b7:01:1b:06:5c:14:4a:53:
         35:e8:86:d3:50:b9:04:cf:b3:b9:fb:30:e6:d8:e3:fa:62:4f:
         9f:8f:9c:32:47:02:76:08:8a:ab:70:47:3b:e9:df:87:5e:d6:
         2b:55:ad:16:4f:44:32:c6:bc:43:ca:d3:48:ac:27:c3:d7:81:
         58:18:eb:74:2e:cb:71:e7:e1:9d:14:63:c2:93:ae:f4:e5:0e:
         8e:88:48:0b:e6:09:45:f6:17:c8:cc:42:37:88:33:f8:e0:ed:
         69:85:c9:05
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUMBoLpTAxPZ9DGbEUlC7fcYIu9PowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNDI2MDAxMDIzWhcNMjUwNTMxMjM1OTU5
WjB6MUkwRwYDVQQFE0AxMDQ1YTUzMzIzZTk1MWU4NDM0OTZiZjA4OWNkYTExY2Zk
M2Q1YTVjZGRkZGU1YjFlZTVkNjYxYWYxYWEyNzNmMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCz138FTX9TKelFn63Jk16Uv0ZZh708dbAZvtrS8DysHvKY
CcncK5hDjMAVR+2v/myLgVjur/GVkjquxrjiad92Z0Yah7UoHDKqqzM2REy7sxrC
aX25xL3U8zV8Y6Adrdk/RhwgI/APGmo7b5CsI7F54VkzEslr+KrmhZS+ZSWJFD5T
oBkZk9aQd5XbR9lPt8SNHqAVvIpm04fhOEEu3ph1ma5Sbkl7tWXOHweNSB1WxNy1
1UlApYnrXvbYPWkX1oMZ3/reE2ULXCWGbKWY17aU5Lp4GVraNstx4luKzQIPqMIh
nQEGnY+7hTxURbI4gxnSl3Fy7qyBjVdi2geyMphfAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUG2lV4djI5sb0J5/Jcn04LwKcGdYwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzc1M2JmYjhkLTE5YzEtNDY4YS05ZmU5LWRhNDc4N2RhOWY5Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBACW3uAwDQYJKoZIhvcNAQELBQADggEBADfEEr3zDsddI55HQrtrx1QbjDd1
a4l5wPMZQ1OuPvmelGCNC4Y/hwTf2i9fENS+ebME4PbZTiYR0fiFA2veQCvz22hD
W3Ka5Jm816EXwNe3cTp3GCmrD8oXQI/j24uLCk/kcuWeERWQnS76P382Jcf9NFAz
bM6xTfrfbl/qs+ahVGdj0x9SyFBO/UMfXiUh3wlWmIvSBlAsgE23ARsGXBRKUzXo
htNQuQTPs7n7MObY4/piT5+PnDJHAnYIiqtwRzvp34de1itVrRZPRDLGvEPK00is
J8PXgVgY63Quy3Hn4Z0UY8KTrvTlDo6ISAvmCUX2F8jMQjeIM/jg7WmFyQU=
-----END CERTIFICATE-----