Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/c1e6b187-e80d-4951-88e5-ddde8fd78b9c.roa
File:                     c1e6b187-e80d-4951-88e5-ddde8fd78b9c.roa (raw, json)
Hash identifier:          y4JqNyTJe/aumVLOBVGXCbQVJk48HHoSADI6QqtGUYE=
Subject key identifier:   F5:3E:32:F9:36:36:34:C8:9C:3C:54:22:3D:CD:34:52:31:AC:2B:B6
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       41EE3E63C95A44D7278AA2D5AD431C7FD71EC7A1
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/c1e6b187-e80d-4951-88e5-ddde8fd78b9c.roa
Signing time:             Tue 20 May 2025 16:21:55 +0000
ROA not before:           Tue 20 May 2025 16:21:55 +0000
ROA not after:            Tue 24 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        15.177.74.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 15 Jun 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            41:ee:3e:63:c9:5a:44:d7:27:8a:a2:d5:ad:43:1c:7f:d7:1e:c7:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 20 16:21:55 2025 GMT
            Not After : Jun 24 23:59:59 2025 GMT
        Subject: serialNumber=7dfc599df7f45eb563305d5cfa73f462ef307b245bbf171a287b0cd7bcc8f031, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:8b:9e:fc:23:0b:d4:15:ff:91:dd:3a:5b:66:
                    35:fe:f7:23:48:a5:41:e2:a7:31:62:49:95:51:b3:
                    ee:75:23:eb:82:10:cb:03:f4:fe:49:29:95:4a:22:
                    42:1d:b7:7a:3c:d6:6b:90:1e:86:6f:96:8b:d1:d8:
                    b5:bd:a2:a4:a1:f0:e7:51:97:06:87:dc:a4:40:ee:
                    40:82:e9:d3:51:18:34:9d:b6:bc:c0:46:a9:2e:bf:
                    a4:86:9d:62:4b:49:c4:3f:bb:17:47:52:ca:f7:7f:
                    ca:ac:bc:bd:39:04:ff:86:5e:d4:99:51:45:6b:4b:
                    81:cc:8d:ed:6f:d5:6e:4f:8a:fe:ee:0d:48:53:84:
                    4c:02:77:3a:8f:4a:a1:0c:df:c0:37:19:33:c7:5e:
                    f0:68:74:ee:05:3c:3b:45:1b:84:01:02:30:b6:5b:
                    30:c5:f2:bd:f3:b2:c5:f5:5c:cc:d7:0f:c9:5f:99:
                    26:ae:48:03:0f:c5:fc:f5:e5:b4:b3:73:8a:49:86:
                    70:39:32:cb:95:65:df:3e:92:ab:25:7b:9d:13:c3:
                    65:0e:e8:77:87:52:bd:8e:bd:ee:3d:66:cc:f2:56:
                    73:73:b2:17:29:2f:36:53:84:2f:97:39:c8:cf:32:
                    a0:7c:d0:10:6f:70:81:fe:5a:c4:c0:a5:5c:a5:37:
                    8d:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:3E:32:F9:36:36:34:C8:9C:3C:54:22:3D:CD:34:52:31:AC:2B:B6
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/c1e6b187-e80d-4951-88e5-ddde8fd78b9c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  15.177.74.0/24

    Signature Algorithm: sha256WithRSAEncryption
         74:35:e8:c7:27:8c:3e:f9:06:27:b4:4f:95:d9:8f:aa:a4:46:
         d2:fb:51:71:b1:cd:30:75:3c:4d:52:a0:a0:ca:28:67:11:3e:
         d4:d9:c6:47:a3:a1:fc:cb:87:e4:33:52:a8:ff:72:41:6a:40:
         07:2f:d3:9c:a5:04:8f:3f:9a:7d:78:ed:04:ec:0f:7e:0b:88:
         0f:82:d3:2d:f4:0c:0f:95:ec:44:4d:cd:33:f4:03:65:29:3d:
         76:70:91:c5:d2:49:8f:1b:c8:f5:53:bc:1d:19:9f:3b:7b:3d:
         17:24:3b:9d:83:df:a8:dc:d1:11:42:20:bf:90:a2:f3:a0:5c:
         c4:6f:52:65:94:cd:5c:95:b5:a9:83:1c:89:0c:a0:2c:76:b8:
         80:43:c7:7b:63:1a:16:5f:b1:cc:a7:10:ce:76:d9:7e:44:3a:
         54:8b:06:da:58:90:77:37:85:55:b8:e9:69:2e:55:75:98:ac:
         b6:fe:27:7c:a1:d3:54:41:a0:47:e2:3e:c4:e0:5f:1e:3e:b0:
         a5:fe:56:13:57:06:40:c6:5e:26:ae:d6:89:b7:05:b6:65:2d:
         e3:dd:e3:03:02:51:8b:ff:e3:c0:9e:ec:a1:f6:1b:1b:71:d1:
         2a:02:f2:6f:b9:60:a6:75:82:ef:7d:29:f5:49:9b:2c:6b:5d:
         0c:13:95:76
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUQe4+Y8laRNcniqLVrUMcf9cex6EwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNTIwMTYyMTU1WhcNMjUwNjI0MjM1OTU5
WjB6MUkwRwYDVQQFE0A3ZGZjNTk5ZGY3ZjQ1ZWI1NjMzMDVkNWNmYTczZjQ2MmVm
MzA3YjI0NWJiZjE3MWEyODdiMGNkN2JjYzhmMDMxMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDOi578IwvUFf+R3TpbZjX+9yNIpUHipzFiSZVRs+51I+uC
EMsD9P5JKZVKIkIdt3o81muQHoZvlovR2LW9oqSh8OdRlwaH3KRA7kCC6dNRGDSd
trzARqkuv6SGnWJLScQ/uxdHUsr3f8qsvL05BP+GXtSZUUVrS4HMje1v1W5Piv7u
DUhThEwCdzqPSqEM38A3GTPHXvBodO4FPDtFG4QBAjC2WzDF8r3zssX1XMzXD8lf
mSauSAMPxfz15bSzc4pJhnA5MsuVZd8+kqsle50Tw2UO6HeHUr2Ove49ZszyVnNz
shcpLzZThC+XOcjPMqB80BBvcIH+WsTApVylN43XAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU9T4y+TY2NMicPFQiPc00UjGsK7YwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2MxZTZiMTg3LWU4MGQtNDk1MS04OGU1LWRkZGU4ZmQ3OGI5Yy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAPsUowDQYJKoZIhvcNAQELBQADggEBAHQ16McnjD75Bie0T5XZj6qkRtL7
UXGxzTB1PE1SoKDKKGcRPtTZxkejofzLh+QzUqj/ckFqQAcv05ylBI8/mn147QTs
D34LiA+C0y30DA+V7ERNzTP0A2UpPXZwkcXSSY8byPVTvB0Znzt7PRckO52D36jc
0RFCIL+QovOgXMRvUmWUzVyVtamDHIkMoCx2uIBDx3tjGhZfscynEM522X5EOlSL
BtpYkHc3hVW46WkuVXWYrLb+J3yh01RBoEfiPsTgXx4+sKX+VhNXBkDGXiau1om3
BbZlLePd4wMCUYv/48Ce7KH2Gxtx0SoC8m+5YKZ1gu99KfVJmyxrXQwTlXY=
-----END CERTIFICATE-----