Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/492df3c4-e0a9-4ee6-9ef4-ca6f96cceba1.roa
File:                     492df3c4-e0a9-4ee6-9ef4-ca6f96cceba1.roa (raw, json)
Hash identifier:          kI3YXJ6FWipQ+DjJ58xxWt4HAyrE0gOZo2rK31XeAvo=
Subject key identifier:   69:50:AB:5C:CA:6C:EB:2C:E5:93:FB:D1:6F:A9:59:78:46:AD:94:E3
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       1A82C1FB55512B7390278B18D5EDF22960F87443
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/492df3c4-e0a9-4ee6-9ef4-ca6f96cceba1.roa
Signing time:             Sat 22 Jun 2024 00:00:00 +0000
ROA not before:           Sat 22 Jun 2024 00:00:00 +0000
ROA not after:            Sat 27 Jul 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f000::/24 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 27 Jun 2024 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1a:82:c1:fb:55:51:2b:73:90:27:8b:18:d5:ed:f2:29:60:f8:74:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Jun 22 00:00:00 2024 GMT
            Not After : Jul 27 23:59:59 2024 GMT
        Subject: serialNumber=d845d0265c55a3c40e89c2f82fae26553c2c2ebc52b9f983a2a9a432e6490046, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:0b:af:63:6e:9d:eb:c0:bf:f8:86:80:e8:91:
                    16:7a:9b:69:40:dc:60:7f:61:03:d0:ef:6a:6f:5c:
                    cf:27:72:55:a4:48:a5:44:a7:14:a9:38:cb:95:ac:
                    33:e2:88:63:fe:7f:ea:fb:76:8d:d4:05:ac:34:cb:
                    00:a7:8b:93:60:d8:b3:29:22:c9:13:d7:6b:de:b0:
                    ee:bf:f9:ca:ad:fb:89:54:1a:e6:9e:10:a3:07:c1:
                    39:9a:9f:7c:ce:2b:57:1f:56:6e:07:6d:19:9e:25:
                    61:8f:db:b6:72:0a:5f:5e:ed:f9:f6:08:97:f5:be:
                    3e:48:8f:78:76:b7:fd:df:e0:58:65:09:ce:c4:7a:
                    45:99:9a:45:de:5c:90:e0:a1:40:08:87:c9:af:0b:
                    74:7c:a7:77:bc:27:06:1a:78:06:0d:a0:c5:96:64:
                    43:c1:af:ed:3b:96:2c:63:7f:8e:6a:9d:3f:1b:55:
                    18:32:ab:3e:d9:de:3c:93:97:91:12:dc:65:7c:38:
                    99:ae:31:4b:5e:de:a9:11:50:d8:ed:fb:67:ac:c8:
                    75:81:2c:cb:bc:44:c5:0d:4f:75:7e:5e:ac:91:72:
                    a6:1a:2c:24:b3:05:00:94:72:b8:08:ae:39:89:02:
                    67:d3:48:10:de:35:f9:a3:2b:c2:fb:61:33:9f:ad:
                    4f:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:50:AB:5C:CA:6C:EB:2C:E5:93:FB:D1:6F:A9:59:78:46:AD:94:E3
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/492df3c4-e0a9-4ee6-9ef4-ca6f96cceba1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f000::/24

    Signature Algorithm: sha256WithRSAEncryption
         82:ad:1a:a4:b1:fd:b0:0d:ad:73:6f:44:7f:d7:5a:73:37:c1:
         7d:c7:98:3f:d0:a3:a6:ae:38:48:e2:e1:c4:ae:6e:27:56:3c:
         a7:25:bb:48:f5:5a:08:bb:96:52:14:7e:a0:41:91:bd:a0:20:
         28:31:31:36:12:93:92:14:e7:a2:88:80:7b:6f:8a:64:66:fc:
         b3:33:55:c7:2d:1e:ba:91:5b:a4:22:b5:e1:ce:1d:13:c3:1f:
         5a:55:41:b9:5f:90:1f:e0:9d:2d:86:2d:4e:39:b8:61:b2:b8:
         df:5e:78:78:cc:27:de:ec:2c:0f:f2:7b:01:c2:c8:62:12:ff:
         eb:43:c7:48:b7:f7:05:81:80:4c:7f:6f:66:9a:11:d7:61:6d:
         de:41:a3:cb:92:98:dc:b6:50:d8:3c:24:f9:3e:39:48:d3:6b:
         4f:aa:69:d8:31:7b:7d:7f:d1:fd:33:82:df:d2:63:af:0b:08:
         54:99:1f:0b:d4:f4:82:10:d5:39:08:ed:12:5f:5f:ec:79:1f:
         86:6f:be:11:90:5b:45:58:e3:3b:2b:cb:dc:c1:1e:12:60:5e:
         af:55:98:68:66:cf:9b:fd:6e:d4:90:4a:93:37:aa:be:a6:9d:
         65:35:5d:7f:06:79:90:18:4f:9b:56:e0:bd:f3:b3:a3:9c:fd:
         53:89:87:f7
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUGoLB+1VRK3OQJ4sY1e3yKWD4dEMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjQwNjIyMDAwMDAwWhcNMjQwNzI3MjM1OTU5
WjB6MUkwRwYDVQQFE0BkODQ1ZDAyNjVjNTVhM2M0MGU4OWMyZjgyZmFlMjY1NTNj
MmMyZWJjNTJiOWY5ODNhMmE5YTQzMmU2NDkwMDQ2MS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDRC69jbp3rwL/4hoDokRZ6m2lA3GB/YQPQ72pvXM8nclWk
SKVEpxSpOMuVrDPiiGP+f+r7do3UBaw0ywCni5Ng2LMpIskT12vesO6/+cqt+4lU
GuaeEKMHwTman3zOK1cfVm4HbRmeJWGP27ZyCl9e7fn2CJf1vj5Ij3h2t/3f4Fhl
Cc7EekWZmkXeXJDgoUAIh8mvC3R8p3e8JwYaeAYNoMWWZEPBr+07lixjf45qnT8b
VRgyqz7Z3jyTl5ES3GV8OJmuMUte3qkRUNjt+2esyHWBLMu8RMUNT3V+XqyRcqYa
LCSzBQCUcrgIrjmJAmfTSBDeNfmjK8L7YTOfrU9/AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUaVCrXMps6yzlk/vRb6lZeEatlOMwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2LzQ5MmRmM2M0LWUwYTktNGVlNi05ZWY0LWNhNmY5NmNjZWJhMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAC
MAYDBAAmAPAwDQYJKoZIhvcNAQELBQADggEBAIKtGqSx/bANrXNvRH/XWnM3wX3H
mD/Qo6auOEji4cSubidWPKclu0j1Wgi7llIUfqBBkb2gICgxMTYSk5IU56KIgHtv
imRm/LMzVcctHrqRW6QiteHOHRPDH1pVQblfkB/gnS2GLU45uGGyuN9eeHjMJ97s
LA/yewHCyGIS/+tDx0i39wWBgEx/b2aaEddhbd5Bo8uSmNy2UNg8JPk+OUjTa0+q
adgxe31/0f0zgt/SY68LCFSZHwvU9IIQ1TkI7RJfX+x5H4ZvvhGQW0VY4zsry9zB
HhJgXq9VmGhmz5v9btSQSpM3qr6mnWU1XX8GeZAYT5tW4L3zs6Oc/VOJh/c=
-----END CERTIFICATE-----
Generated at Tue Jun 25 19:36:53 2024 by rpki-client on console-fra.rpki-client.org