Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/e36dbc25-7f30-42c9-9655-13a4a2cc581c.roa
File:                     e36dbc25-7f30-42c9-9655-13a4a2cc581c.roa (raw, json)
Hash identifier:          sy23L11y3t+oHLPA+e4ylQGqSoy8JhMbV9+QlLTvbyI=
Subject key identifier:   3C:09:C5:EF:12:4C:0D:AE:06:41:3E:66:3C:7D:14:3A:40:16:7D:5E
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       715698B6AF74055BD52B38A9C09FEB55F458B75D
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/e36dbc25-7f30-42c9-9655-13a4a2cc581c.roa
Signing time:             Fri 25 Apr 2025 16:10:48 +0000
ROA not before:           Fri 25 Apr 2025 16:10:48 +0000
ROA not after:            Fri 30 May 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        15.193.1.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 28 Apr 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            71:56:98:b6:af:74:05:5b:d5:2b:38:a9:c0:9f:eb:55:f4:58:b7:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Apr 25 16:10:48 2025 GMT
            Not After : May 30 23:59:59 2025 GMT
        Subject: serialNumber=b66120dd6bf61c95e15fdafe7a7bffd593341340f276fcec77c5b0107b31524e, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:84:72:9f:4d:1d:85:01:22:a2:29:00:0d:42:
                    3f:a1:34:b3:f9:bf:30:9c:9e:2b:0f:4a:a8:2a:47:
                    af:9d:af:c7:41:46:8f:33:aa:af:2b:de:68:bc:26:
                    75:0d:02:df:c4:fb:5a:b1:89:95:02:d2:67:7d:a2:
                    8d:29:1c:92:e8:4b:1d:d2:dc:cf:3e:c2:16:e1:52:
                    9c:a1:84:f8:bc:be:81:da:76:4b:e8:99:2c:67:d5:
                    0e:71:f2:84:3a:bf:90:d8:21:73:f9:b2:d4:1f:c7:
                    b5:de:41:2a:d5:e0:28:50:53:05:7b:bd:1f:cb:ae:
                    ee:00:86:76:7a:10:89:c4:77:ff:23:95:05:59:cd:
                    6d:3b:e5:90:6b:8d:a3:36:2b:4f:db:50:b7:25:07:
                    1b:de:35:30:87:d2:56:ed:1d:3f:36:6e:66:32:75:
                    35:8a:83:95:9a:94:bc:3f:5b:87:5f:be:0c:23:11:
                    e6:b9:a5:e4:b6:b1:0d:18:5e:11:cd:8c:66:10:f8:
                    0f:2a:53:b7:8f:2b:c4:88:4b:a7:7c:f0:e0:e0:56:
                    7d:c3:de:ab:69:b9:16:06:58:f4:ef:50:c3:3e:37:
                    70:c3:da:a7:13:97:b8:b2:9b:6b:61:2e:82:86:ae:
                    cf:c4:fb:7c:f3:64:19:76:b0:08:46:49:58:69:de:
                    f7:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:09:C5:EF:12:4C:0D:AE:06:41:3E:66:3C:7D:14:3A:40:16:7D:5E
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/e36dbc25-7f30-42c9-9655-13a4a2cc581c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  15.193.1.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a6:8e:59:3d:23:8f:2f:db:33:84:3e:bb:4c:c7:09:90:8d:e0:
         16:76:94:88:dd:01:cb:a0:64:74:3a:9a:26:8f:52:fc:9f:d9:
         cf:76:05:96:ce:b9:50:b3:73:c1:20:bb:5e:91:f8:63:ca:8c:
         50:17:45:ca:36:68:1e:5e:e1:ad:cb:7c:88:9b:cb:40:de:df:
         8e:fc:62:d7:ac:4e:be:61:6a:3d:4e:e7:64:a4:c8:b4:aa:f7:
         ca:9e:04:bb:a1:da:99:30:2d:79:10:d9:cf:93:a1:aa:87:02:
         0d:ef:89:20:64:53:a2:c6:62:fa:f7:2e:94:bc:53:68:6c:2a:
         d2:da:a4:32:8a:f5:3b:92:56:69:0e:26:fe:14:36:d6:10:51:
         14:1c:b4:c9:a8:02:a0:a4:ff:64:ad:9f:26:6d:49:26:1f:39:
         b2:e3:8c:7f:57:28:f4:24:46:c8:13:c4:12:3d:43:0c:03:8e:
         3b:76:ca:a3:a2:40:a3:41:de:1e:ec:f6:74:7e:54:f0:67:c9:
         db:1d:35:a8:60:84:48:5e:9e:8e:2b:5c:8f:bd:36:dc:40:f0:
         12:42:df:87:18:d1:be:43:31:24:d2:a7:19:26:ea:f9:56:7e:
         88:bc:f4:bd:fb:f6:ce:80:a3:30:92:ca:d7:08:75:e7:5b:41:
         12:2a:d0:5d
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUcVaYtq90BVvVKzipwJ/rVfRYt10wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNDI1MTYxMDQ4WhcNMjUwNTMwMjM1OTU5
WjB6MUkwRwYDVQQFE0BiNjYxMjBkZDZiZjYxYzk1ZTE1ZmRhZmU3YTdiZmZkNTkz
MzQxMzQwZjI3NmZjZWM3N2M1YjAxMDdiMzE1MjRlMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDOhHKfTR2FASKiKQANQj+hNLP5vzCcnisPSqgqR6+dr8dB
Ro8zqq8r3mi8JnUNAt/E+1qxiZUC0md9oo0pHJLoSx3S3M8+whbhUpyhhPi8voHa
dkvomSxn1Q5x8oQ6v5DYIXP5stQfx7XeQSrV4ChQUwV7vR/Lru4AhnZ6EInEd/8j
lQVZzW075ZBrjaM2K0/bULclBxveNTCH0lbtHT82bmYydTWKg5WalLw/W4dfvgwj
Eea5peS2sQ0YXhHNjGYQ+A8qU7ePK8SIS6d88ODgVn3D3qtpuRYGWPTvUMM+N3DD
2qcTl7iym2thLoKGrs/E+3zzZBl2sAhGSVhp3vf3AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUPAnF7xJMDa4GQT5mPH0UOkAWfV4wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2UzNmRiYzI1LTdmMzAtNDJjOS05NjU1LTEzYTRhMmNjNTgxYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAPwQEwDQYJKoZIhvcNAQELBQADggEBAKaOWT0jjy/bM4Q+u0zHCZCN4BZ2
lIjdAcugZHQ6miaPUvyf2c92BZbOuVCzc8Egu16R+GPKjFAXRco2aB5e4a3LfIib
y0De3478YtesTr5haj1O52SkyLSq98qeBLuh2pkwLXkQ2c+ToaqHAg3viSBkU6LG
Yvr3LpS8U2hsKtLapDKK9TuSVmkOJv4UNtYQURQctMmoAqCk/2StnyZtSSYfObLj
jH9XKPQkRsgTxBI9QwwDjjt2yqOiQKNB3h7s9nR+VPBnydsdNahghEheno4rXI+9
NtxA8BJC34cY0b5DMSTSpxkm6vlWfoi89L379s6AozCSytcIdedbQRIq0F0=
-----END CERTIFICATE-----