Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/b97fe0cb-4337-4657-a74b-fdfda6db45b2.roa
File:                     b97fe0cb-4337-4657-a74b-fdfda6db45b2.roa (raw, json)
Hash identifier:          nuHog5GjofpeYe7+2qKe4k2U1a8FycJjv7AqHNQSP4I=
Subject key identifier:   93:DE:0A:C6:57:67:A8:DA:5E:00:CF:27:7F:F1:02:AA:6C:83:92:79
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       215869E1CB1905BB3F83CD3C7BF2B266C068949D
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/b97fe0cb-4337-4657-a74b-fdfda6db45b2.roa
Signing time:             Fri 18 Apr 2025 17:31:14 +0000
ROA not before:           Fri 18 Apr 2025 17:31:14 +0000
ROA not after:            Fri 23 May 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        54.240.58.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 28 Apr 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            21:58:69:e1:cb:19:05:bb:3f:83:cd:3c:7b:f2:b2:66:c0:68:94:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Apr 18 17:31:14 2025 GMT
            Not After : May 23 23:59:59 2025 GMT
        Subject: serialNumber=51b3a50e859192e75cfeb564d2c858f4fe070814a332b97866a29c1175c4ffaa, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:f4:be:cf:41:ce:f9:33:59:72:2c:59:96:d6:
                    48:ed:35:6a:83:23:2d:65:88:5f:e6:d2:d9:58:8a:
                    c5:07:4d:4e:7c:06:70:9e:ad:ce:70:62:8e:7e:0b:
                    34:ab:f4:b7:ea:05:9e:8c:49:08:70:4c:16:38:1d:
                    1a:a5:29:67:1d:39:29:3e:02:33:84:37:1f:06:65:
                    43:22:e4:d3:38:fe:b3:4d:b2:8c:dd:7d:7d:9e:8e:
                    9a:5e:1f:73:7d:f5:9e:bf:d4:b8:ca:66:c3:b8:0a:
                    f7:5b:d8:de:38:1a:19:ec:40:13:ff:25:15:30:0c:
                    73:06:e9:b3:09:fb:32:78:8c:c7:8d:37:ba:5d:9f:
                    58:70:0e:6b:ba:0e:ce:e0:0c:ec:37:b3:cb:e3:21:
                    f3:af:93:56:b8:b8:ec:88:6a:17:86:6b:c8:ba:f6:
                    8b:28:84:12:1d:36:18:3d:e6:f6:77:78:f0:90:d9:
                    e1:7a:37:49:2a:1a:e4:46:54:19:1b:90:05:fc:89:
                    18:23:c4:47:d7:0b:1e:9c:67:95:be:4f:b2:46:29:
                    92:d2:d3:09:b3:21:87:15:b1:7f:d9:c2:0d:ff:93:
                    b3:06:19:3a:86:98:85:c3:dd:5c:6b:f2:60:5d:37:
                    40:22:6f:1c:c9:c2:1d:12:f2:1b:56:12:9c:ed:4b:
                    dc:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:DE:0A:C6:57:67:A8:DA:5E:00:CF:27:7F:F1:02:AA:6C:83:92:79
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/b97fe0cb-4337-4657-a74b-fdfda6db45b2.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.240.58.0/23

    Signature Algorithm: sha256WithRSAEncryption
         77:fc:26:3f:ab:b7:7c:26:2a:56:04:3b:4c:e5:ba:a1:c6:2a:
         23:8f:89:f0:b5:a8:f5:2a:71:73:f9:c2:79:3d:58:67:c4:7b:
         c9:9a:88:02:91:63:93:3f:70:79:b4:72:83:92:e1:48:74:74:
         9c:05:cc:91:31:6b:da:2f:17:7c:83:0f:47:57:c1:4c:01:50:
         d2:6f:58:7a:91:5d:f3:6b:25:e8:8e:1d:91:3b:85:7e:6f:be:
         67:1c:86:35:a9:68:5d:51:d7:0e:cb:90:29:89:be:e4:dc:62:
         40:0b:15:1d:6c:fb:8d:d3:80:9b:2c:d9:f8:1a:ea:16:02:87:
         70:d8:6a:0f:7c:40:31:46:05:b9:b4:14:5f:e7:c1:b9:e4:08:
         fa:a3:eb:1b:01:24:da:33:ee:e8:bc:ff:b8:ea:70:54:3c:27:
         e2:48:8f:ff:36:fa:4e:63:80:b7:1c:03:9c:67:24:8c:e7:c6:
         a9:f5:b8:3f:aa:3c:8d:2a:70:36:df:17:f1:8e:98:b4:10:05:
         cc:da:cf:7c:2d:79:da:65:f3:9d:d8:b0:80:72:13:a8:f4:cc:
         74:0f:7a:b7:fc:0c:92:85:88:b4:37:17:15:5d:98:3b:4c:20:
         67:e0:3c:25:54:e6:cb:08:07:f1:f7:a6:a6:4e:d2:b7:3f:e0:
         48:28:24:a2
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUIVhp4csZBbs/g808e/KyZsBolJ0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNDE4MTczMTE0WhcNMjUwNTIzMjM1OTU5
WjB6MUkwRwYDVQQFE0A1MWIzYTUwZTg1OTE5MmU3NWNmZWI1NjRkMmM4NThmNGZl
MDcwODE0YTMzMmI5Nzg2NmEyOWMxMTc1YzRmZmFhMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCg9L7PQc75M1lyLFmW1kjtNWqDIy1liF/m0tlYisUHTU58
BnCerc5wYo5+CzSr9LfqBZ6MSQhwTBY4HRqlKWcdOSk+AjOENx8GZUMi5NM4/rNN
sozdfX2ejppeH3N99Z6/1LjKZsO4Cvdb2N44GhnsQBP/JRUwDHMG6bMJ+zJ4jMeN
N7pdn1hwDmu6Ds7gDOw3s8vjIfOvk1a4uOyIaheGa8i69osohBIdNhg95vZ3ePCQ
2eF6N0kqGuRGVBkbkAX8iRgjxEfXCx6cZ5W+T7JGKZLS0wmzIYcVsX/Zwg3/k7MG
GTqGmIXD3Vxr8mBdN0AibxzJwh0S8htWEpztS9ypAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUk94KxldnqNpeAM8nf/ECqmyDknkwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2I5N2ZlMGNiLTQzMzctNDY1Ny1hNzRiLWZkZmRhNmRiNDViMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAE28DowDQYJKoZIhvcNAQELBQADggEBAHf8Jj+rt3wmKlYEO0zluqHGKiOP
ifC1qPUqcXP5wnk9WGfEe8maiAKRY5M/cHm0coOS4Uh0dJwFzJExa9ovF3yDD0dX
wUwBUNJvWHqRXfNrJeiOHZE7hX5vvmcchjWpaF1R1w7LkCmJvuTcYkALFR1s+43T
gJss2fga6hYCh3DYag98QDFGBbm0FF/nwbnkCPqj6xsBJNoz7ui8/7jqcFQ8J+JI
j/82+k5jgLccA5xnJIznxqn1uD+qPI0qcDbfF/GOmLQQBczaz3wtedpl853YsIBy
E6j0zHQPerf8DJKFiLQ3FxVdmDtMIGfgPCVU5ssIB/H3pqZO0rc/4EgoJKI=
-----END CERTIFICATE-----