Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/acb2d1d9-8eb0-4cde-9774-7fc9a5495886.roa
File:                     acb2d1d9-8eb0-4cde-9774-7fc9a5495886.roa (raw, json)
Hash identifier:          jInYcHME4FCokuPD0fT2h3Pq7BA7kEwYSNitl8vxoxw=
Subject key identifier:   ED:42:B4:6E:13:F2:69:DC:C4:25:2F:E0:31:49:FA:17:EE:14:24:6C
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       55C1B86D5426AE1D31F0068F1FB6509E94CC0062
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/acb2d1d9-8eb0-4cde-9774-7fc9a5495886.roa
Signing time:             Tue 03 Jun 2025 15:52:08 +0000
ROA not before:           Tue 03 Jun 2025 15:52:08 +0000
ROA not after:            Tue 08 Jul 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        54.166.0.0/15 maxlen: 15
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 17 Jun 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            55:c1:b8:6d:54:26:ae:1d:31:f0:06:8f:1f:b6:50:9e:94:cc:00:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jun  3 15:52:08 2025 GMT
            Not After : Jul  8 23:59:59 2025 GMT
        Subject: serialNumber=82efe797de2f459eed141cac68408ff46b14e63a0b6018d743fa298b74482165, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:ec:aa:b8:69:8d:7a:39:8f:96:8e:39:3d:50:
                    95:a1:9e:9d:12:b2:d0:48:72:53:29:d9:64:b1:29:
                    fb:79:23:94:ad:11:a3:01:ee:fe:fd:35:5d:53:1c:
                    5d:aa:c3:37:a1:40:43:08:be:25:46:8b:d0:26:f6:
                    c8:f5:f0:0d:10:57:54:c4:15:36:fe:9d:a0:14:7c:
                    d0:5c:29:cc:e2:6a:d6:50:1f:03:28:86:cb:05:49:
                    17:42:b7:04:c7:b0:a5:6e:64:a7:42:60:7f:cc:3e:
                    98:24:5f:e1:4e:2c:5a:2c:81:f6:b7:3e:4c:4c:56:
                    6d:22:69:9b:d0:09:0d:93:49:0b:13:ab:45:8b:a8:
                    3a:a3:c3:fd:0c:7c:58:36:f5:c8:f7:bf:05:09:f4:
                    ba:a7:b7:fd:f0:da:4b:ef:f5:f7:ce:0b:25:11:97:
                    40:fc:4f:4c:bd:a8:a0:00:4f:39:2b:73:f5:e0:0b:
                    27:76:fa:6d:17:b7:2b:58:2f:77:f5:79:8e:49:4d:
                    7b:5e:28:92:f3:c0:65:5c:fb:d9:9d:5b:c3:c3:5b:
                    cf:4f:b1:45:a6:3c:89:51:ba:8a:94:ef:32:c3:67:
                    3f:0e:72:96:9c:85:b5:4a:df:6f:59:76:b3:a2:ff:
                    47:99:50:c6:56:21:93:e1:00:73:02:59:93:72:14:
                    6d:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:42:B4:6E:13:F2:69:DC:C4:25:2F:E0:31:49:FA:17:EE:14:24:6C
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/acb2d1d9-8eb0-4cde-9774-7fc9a5495886.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.166.0.0/15

    Signature Algorithm: sha256WithRSAEncryption
         1d:0a:04:89:70:8e:4d:4d:11:57:5a:46:7d:a7:6b:74:cd:6f:
         e1:c5:69:b5:56:df:57:d1:d6:16:56:4a:36:0f:b7:7f:be:49:
         cb:8f:74:ce:c7:b5:cc:cb:ec:ee:49:bf:ac:8e:ea:9e:ba:6b:
         f0:b6:3a:61:4e:4d:1e:d0:b8:e5:0b:90:9e:37:0b:83:4e:e5:
         b4:7a:ac:94:63:ed:ed:53:6c:2a:12:72:99:99:72:17:6b:4e:
         1f:ed:4c:26:81:06:df:82:86:63:b2:ea:3e:74:47:40:d0:6b:
         6e:38:af:e4:28:4f:86:08:63:05:90:50:85:2f:88:35:55:77:
         10:7d:ca:0f:ba:a5:49:3b:c7:0b:a4:a4:2b:fb:3d:06:f4:91:
         58:54:aa:ab:e0:68:2e:d2:4f:60:0f:68:ae:f8:52:07:72:94:
         8b:19:be:b2:8b:23:21:98:2b:36:5a:3f:1b:f6:89:8f:05:8e:
         90:97:f9:bc:21:d8:78:b6:50:84:a9:8d:94:97:07:6a:0b:bc:
         fe:28:f1:8e:3c:eb:9f:f4:de:8d:ce:62:d4:4b:0c:8d:1a:5c:
         fc:b2:b0:3b:dd:da:dc:80:10:8c:57:a5:99:7c:ec:ec:63:58:
         0b:8e:2d:27:19:ca:30:99:cd:23:95:03:1c:c5:4f:a3:84:ab:
         69:66:af:f8
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUVcG4bVQmrh0x8AaPH7ZQnpTMAGIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNjAzMTU1MjA4WhcNMjUwNzA4MjM1OTU5
WjB6MUkwRwYDVQQFE0A4MmVmZTc5N2RlMmY0NTllZWQxNDFjYWM2ODQwOGZmNDZi
MTRlNjNhMGI2MDE4ZDc0M2ZhMjk4Yjc0NDgyMTY1MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCX7Kq4aY16OY+Wjjk9UJWhnp0SstBIclMp2WSxKft5I5St
EaMB7v79NV1THF2qwzehQEMIviVGi9Am9sj18A0QV1TEFTb+naAUfNBcKcziatZQ
HwMohssFSRdCtwTHsKVuZKdCYH/MPpgkX+FOLFosgfa3PkxMVm0iaZvQCQ2TSQsT
q0WLqDqjw/0MfFg29cj3vwUJ9Lqnt/3w2kvv9ffOCyURl0D8T0y9qKAATzkrc/Xg
Cyd2+m0XtytYL3f1eY5JTXteKJLzwGVc+9mdW8PDW89PsUWmPIlRuoqU7zLDZz8O
cpachbVK329ZdrOi/0eZUMZWIZPhAHMCWZNyFG2DAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU7UK0bhPyadzEJS/gMUn6F+4UJGwwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2FjYjJkMWQ5LThlYjAtNGNkZS05Nzc0LTdmYzlhNTQ5NTg4Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwE2pjANBgkqhkiG9w0BAQsFAAOCAQEAHQoEiXCOTU0RV1pGfadrdM1v4cVp
tVbfV9HWFlZKNg+3f75Jy490zse1zMvs7km/rI7qnrpr8LY6YU5NHtC45QuQnjcL
g07ltHqslGPt7VNsKhJymZlyF2tOH+1MJoEG34KGY7LqPnRHQNBrbjiv5ChPhghj
BZBQhS+INVV3EH3KD7qlSTvHC6SkK/s9BvSRWFSqq+BoLtJPYA9orvhSB3KUixm+
sosjIZgrNlo/G/aJjwWOkJf5vCHYeLZQhKmNlJcHagu8/ijxjjzrn/Tejc5i1EsM
jRpc/LKwO93a3IAQjFelmXzs7GNYC44tJxnKMJnNI5UDHMVPo4SraWav+A==
-----END CERTIFICATE-----