Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/492df3c4-e0a9-4ee6-9ef4-ca6f96cceba1.roa
File:                     492df3c4-e0a9-4ee6-9ef4-ca6f96cceba1.roa (raw, json)
Hash identifier:          hIIoT/q5d9VfbezXFvyzg0e1k/t6r8xWdlWxCQ368+A=
Subject key identifier:   E8:CE:92:A5:E7:92:8F:E3:14:8C:CE:8F:52:EE:EC:2A:45:2D:1A:59
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       1CA17DF57174EF14ACFF3A1D1D2B78E062BFD12A
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/492df3c4-e0a9-4ee6-9ef4-ca6f96cceba1.roa
Signing time:             Tue 28 May 2024 00:00:00 +0000
ROA not before:           Tue 28 May 2024 00:00:00 +0000
ROA not after:            Tue 02 Jul 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f000::/24 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 17 Jun 2024 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1c:a1:7d:f5:71:74:ef:14:ac:ff:3a:1d:1d:2b:78:e0:62:bf:d1:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: May 28 00:00:00 2024 GMT
            Not After : Jul  2 23:59:59 2024 GMT
        Subject: serialNumber=5c88eb57efe9d7df571c8c8913669134e39566d60e7b6fb84caaef537af0f809, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:72:33:7b:44:c5:46:a5:8a:da:bf:5a:a3:f0:
                    b1:6a:24:dc:6a:36:56:a4:9e:f5:ea:f2:e8:49:7f:
                    e6:2a:73:24:af:7e:03:b8:09:72:96:f0:ab:d7:6b:
                    af:ed:2d:c1:3e:51:93:b4:ba:4f:0d:48:11:1d:c7:
                    97:64:a7:f3:c8:79:84:00:2e:a2:6b:7e:3c:c2:9b:
                    c3:d1:6d:09:d6:c7:01:f3:8c:45:c4:50:ff:77:0d:
                    9f:da:42:bf:86:e8:d5:01:ab:5c:de:8a:d8:16:2f:
                    58:c4:87:6e:2c:b4:e9:4d:31:f6:a3:f1:6c:78:20:
                    45:8b:f6:ec:f4:74:68:71:81:96:74:36:c8:bd:d9:
                    12:87:df:51:ea:59:d9:69:17:04:c4:4c:4b:ce:89:
                    27:05:bd:21:77:f7:12:48:a9:31:e8:03:32:49:d5:
                    7e:0b:4a:16:a2:f4:43:09:ce:73:8e:2d:ed:96:a1:
                    83:d6:b1:97:30:e9:c2:e2:fe:59:9c:61:c5:79:9e:
                    29:03:2e:77:c8:9b:f5:5e:58:b8:79:8c:80:da:30:
                    74:02:58:ae:34:06:a1:f2:19:f2:12:3d:a1:49:db:
                    79:6a:60:94:cd:72:e8:af:46:cb:4a:74:e7:e7:47:
                    10:60:cb:a3:34:a7:94:9c:a3:62:cd:9f:94:2a:f3:
                    b8:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:CE:92:A5:E7:92:8F:E3:14:8C:CE:8F:52:EE:EC:2A:45:2D:1A:59
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/492df3c4-e0a9-4ee6-9ef4-ca6f96cceba1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f000::/24

    Signature Algorithm: sha256WithRSAEncryption
         99:92:cd:21:62:47:6b:cc:44:f4:39:fb:0a:16:46:b8:c0:e4:
         4d:3d:43:8b:b6:33:2f:da:88:cc:2e:45:33:8c:55:03:fd:9e:
         02:23:f0:33:a8:0a:4f:3a:b1:73:6f:b3:35:82:04:9e:5c:9b:
         6a:6c:22:cb:23:9d:07:a3:d7:ff:ae:7a:fe:e7:d7:0e:f2:00:
         8c:a6:81:5f:5f:04:c8:a4:52:5b:a5:7c:e7:7d:ca:f8:5e:1b:
         7c:30:55:ef:c4:a6:d3:78:8a:7d:74:82:bc:53:f1:c3:d6:0d:
         95:6b:df:53:c5:ba:b3:c0:be:53:3c:bf:c7:11:3a:02:98:e1:
         6a:bc:0d:3c:45:07:98:bd:36:51:b8:c8:a2:b1:cf:8e:dd:95:
         fb:34:b8:b1:f3:e2:1e:91:62:fa:61:41:e8:60:8c:78:34:9f:
         e5:3f:8d:17:11:ba:e2:9f:bc:76:5f:1f:c6:39:7a:c7:ee:0d:
         91:ed:f4:80:c5:76:ff:05:e1:b6:83:a3:13:d3:13:59:d6:6f:
         07:40:09:fb:b3:44:6a:c8:9c:4a:21:6a:c9:8c:50:fb:73:f9:
         7a:fb:74:27:03:a2:d6:4a:da:ef:ed:23:95:5d:ce:b0:97:0c:
         46:ae:8b:89:3f:c0:2d:ca:2a:6c:6f:5e:d7:4e:d7:6b:07:30:
         cd:41:70:52
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUHKF99XF07xSs/zodHSt44GK/0SowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjQwNTI4MDAwMDAwWhcNMjQwNzAyMjM1OTU5
WjB6MUkwRwYDVQQFE0A1Yzg4ZWI1N2VmZTlkN2RmNTcxYzhjODkxMzY2OTEzNGUz
OTU2NmQ2MGU3YjZmYjg0Y2FhZWY1MzdhZjBmODA5MS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCjcjN7RMVGpYrav1qj8LFqJNxqNlaknvXq8uhJf+YqcySv
fgO4CXKW8KvXa6/tLcE+UZO0uk8NSBEdx5dkp/PIeYQALqJrfjzCm8PRbQnWxwHz
jEXEUP93DZ/aQr+G6NUBq1zeitgWL1jEh24stOlNMfaj8Wx4IEWL9uz0dGhxgZZ0
Nsi92RKH31HqWdlpFwTETEvOiScFvSF39xJIqTHoAzJJ1X4LShai9EMJznOOLe2W
oYPWsZcw6cLi/lmcYcV5nikDLnfIm/VeWLh5jIDaMHQCWK40BqHyGfISPaFJ23lq
YJTNcuivRstKdOfnRxBgy6M0p5Sco2LNn5Qq87jJAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU6M6SpeeSj+MUjM6PUu7sKkUtGlkwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2LzQ5MmRmM2M0LWUwYTktNGVlNi05ZWY0LWNhNmY5NmNjZWJhMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAC
MAYDBAAmAPAwDQYJKoZIhvcNAQELBQADggEBAJmSzSFiR2vMRPQ5+woWRrjA5E09
Q4u2My/aiMwuRTOMVQP9ngIj8DOoCk86sXNvszWCBJ5cm2psIssjnQej1/+uev7n
1w7yAIymgV9fBMikUlulfOd9yvheG3wwVe/EptN4in10grxT8cPWDZVr31PFurPA
vlM8v8cROgKY4Wq8DTxFB5i9NlG4yKKxz47dlfs0uLHz4h6RYvphQehgjHg0n+U/
jRcRuuKfvHZfH8Y5esfuDZHt9IDFdv8F4baDoxPTE1nWbwdACfuzRGrInEohasmM
UPtz+Xr7dCcDotZK2u/tI5VdzrCXDEaui4k/wC3KKmxvXtdO12sHMM1BcFI=
-----END CERTIFICATE-----
Generated at Sun Jun 16 16:37:51 2024 by rpki-client on console-fra.rpki-client.org