Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/76eb2277-b182-4cd2-a4b2-ef65da2565a9.roa
File:                     76eb2277-b182-4cd2-a4b2-ef65da2565a9.roa (raw, json)
Hash identifier:          jHitqgqVN5xgFSkx2/Ommys1DKGVTJPIg0JyTydWwBY=
Subject key identifier:   A2:22:17:1E:BD:7C:C8:03:40:27:A9:85:E7:7C:92:03:3B:A0:C3:25
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       52A4228BAE08D5EC6DBC79CA78ADD1D559C03CC8
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/76eb2277-b182-4cd2-a4b2-ef65da2565a9.roa
Signing time:             Sat 26 Apr 2025 00:31:09 +0000
ROA not before:           Sat 26 Apr 2025 00:31:09 +0000
ROA not after:            Sat 31 May 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        47.10.0.0/16 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 28 Apr 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            52:a4:22:8b:ae:08:d5:ec:6d:bc:79:ca:78:ad:d1:d5:59:c0:3c:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Apr 26 00:31:09 2025 GMT
            Not After : May 31 23:59:59 2025 GMT
        Subject: serialNumber=139948bc4c13486e6e8bd8e4b61410eee5e5ab674ba06d856bc7893f5a8ffb8b, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:58:a4:be:66:ce:94:76:54:77:97:3a:35:c3:
                    d0:a2:22:1c:0e:ab:73:c1:26:63:d3:6b:d8:4d:17:
                    30:56:ad:8e:60:81:31:cc:6a:f8:c0:5a:79:5c:6d:
                    0a:9b:15:52:da:fa:5c:83:8f:25:41:d9:f0:41:03:
                    80:5a:6f:fd:5c:a3:6d:65:80:4c:10:f8:15:67:d9:
                    bc:b3:ca:31:f6:0d:49:0f:fb:f8:89:33:59:37:d7:
                    03:4c:68:f1:ea:69:eb:a1:e5:c6:36:d3:2d:c6:16:
                    e0:54:16:f4:d0:78:a6:92:7e:42:11:db:b6:23:e4:
                    d8:76:8f:44:a4:e0:42:2e:0b:5b:98:8a:66:e2:a4:
                    a4:ca:aa:3e:78:fc:93:66:58:4e:83:db:b4:64:54:
                    8f:87:e7:ad:9d:dd:62:ba:e2:5a:b7:00:af:50:c6:
                    e8:c4:e4:b2:03:72:b9:17:a4:2a:09:a6:79:a7:f8:
                    cd:c4:e4:c7:52:fa:5a:ce:f7:2a:25:b5:9f:4e:5a:
                    1e:79:ca:9d:ab:34:f9:11:f9:ee:8f:cb:32:ab:6a:
                    10:93:98:66:b8:8a:04:1c:c8:fd:88:0f:99:7a:55:
                    c7:47:6b:5b:d1:f2:23:4e:4b:93:b2:69:4a:47:43:
                    23:bd:c4:74:c6:03:be:ba:d1:c3:fd:05:94:1a:74:
                    d9:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:22:17:1E:BD:7C:C8:03:40:27:A9:85:E7:7C:92:03:3B:A0:C3:25
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/76eb2277-b182-4cd2-a4b2-ef65da2565a9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  47.10.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         4f:79:cb:cf:94:fc:86:3b:66:5e:93:73:bf:b8:a8:70:61:82:
         36:fa:25:3c:56:8a:34:55:1c:05:a1:25:ca:1c:df:e8:42:60:
         b4:05:9e:80:89:a0:be:58:05:53:69:e1:c0:5d:81:0b:3e:58:
         26:b5:f9:cf:4f:af:ec:5c:61:31:50:40:3d:83:ef:9f:32:ad:
         e3:09:7d:b9:ca:82:3b:39:94:76:f9:e7:52:2b:25:42:04:46:
         7a:ca:c9:12:26:c5:f4:de:64:0e:62:c9:94:26:c7:76:47:f2:
         6d:e2:4a:fc:e6:65:93:83:b2:4f:6e:fd:d3:84:2e:86:ec:c5:
         30:1a:65:ec:0e:de:41:e7:b5:d6:59:91:3f:e7:65:5e:ff:6d:
         bc:ea:72:66:da:ea:49:36:64:d3:2b:68:09:b3:81:39:58:f8:
         2e:1b:88:7a:54:ba:e1:24:0f:19:26:73:9e:1b:48:fe:ac:ea:
         c2:56:a1:28:9e:e4:3b:ef:6b:7a:f6:6f:ec:94:74:97:75:5f:
         c3:d8:6e:ea:61:83:a1:b0:c3:cd:fb:d6:84:f6:65:54:b9:91:
         7d:c1:b3:8b:25:3a:77:90:9d:e4:b8:2a:b5:63:01:8c:54:6f:
         94:69:7a:0a:00:3f:de:77:fc:39:0c:f5:f4:dc:b4:ac:56:c5:
         3d:19:9d:39
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUUqQii64I1extvHnKeK3R1VnAPMgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNDI2MDAzMTA5WhcNMjUwNTMxMjM1OTU5
WjB6MUkwRwYDVQQFE0AxMzk5NDhiYzRjMTM0ODZlNmU4YmQ4ZTRiNjE0MTBlZWU1
ZTVhYjY3NGJhMDZkODU2YmM3ODkzZjVhOGZmYjhiMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCkWKS+Zs6UdlR3lzo1w9CiIhwOq3PBJmPTa9hNFzBWrY5g
gTHMavjAWnlcbQqbFVLa+lyDjyVB2fBBA4Bab/1co21lgEwQ+BVn2byzyjH2DUkP
+/iJM1k31wNMaPHqaeuh5cY20y3GFuBUFvTQeKaSfkIR27Yj5Nh2j0Sk4EIuC1uY
imbipKTKqj54/JNmWE6D27RkVI+H562d3WK64lq3AK9QxujE5LIDcrkXpCoJpnmn
+M3E5MdS+lrO9yoltZ9OWh55yp2rNPkR+e6PyzKrahCTmGa4igQcyP2ID5l6VcdH
a1vR8iNOS5OyaUpHQyO9xHTGA7660cP9BZQadNm7AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUoiIXHr18yANAJ6mF53ySAzugwyUwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzc2ZWIyMjc3LWIxODItNGNkMi1hNGIyLWVmNjVkYTI1NjVhOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAvCjANBgkqhkiG9w0BAQsFAAOCAQEAT3nLz5T8hjtmXpNzv7iocGGCNvol
PFaKNFUcBaElyhzf6EJgtAWegImgvlgFU2nhwF2BCz5YJrX5z0+v7FxhMVBAPYPv
nzKt4wl9ucqCOzmUdvnnUislQgRGesrJEibF9N5kDmLJlCbHdkfybeJK/OZlk4Oy
T27904QuhuzFMBpl7A7eQee11lmRP+dlXv9tvOpyZtrqSTZk0ytoCbOBOVj4LhuI
elS64SQPGSZznhtI/qzqwlahKJ7kO+9revZv7JR0l3Vfw9hu6mGDobDDzfvWhPZl
VLmRfcGziyU6d5Cd5LgqtWMBjFRvlGl6CgA/3nf8OQz19Ny0rFbFPRmdOQ==
-----END CERTIFICATE-----