Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/da0d0f1f-f82d-47bb-9ac7-ee09a51b3f2c.roa
File:                     da0d0f1f-f82d-47bb-9ac7-ee09a51b3f2c.roa (raw, json)
Hash identifier:          q4Ns19a3Iigdq0m3YOoodc91D2BfShHyOksNJv5OPHQ=
Subject key identifier:   33:73:F2:FE:06:C9:A4:21:6B:F6:AF:BC:C2:B9:D7:E4:B9:1E:14:6E
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       0331061F0CF29F7325D829A94BA82224CAC982FA
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/da0d0f1f-f82d-47bb-9ac7-ee09a51b3f2c.roa
Signing time:             Fri 14 Jun 2024 00:00:00 +0000
ROA not before:           Fri 14 Jun 2024 00:00:00 +0000
ROA not after:            Fri 19 Jul 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0f0:500::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 17 Jun 2024 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:31:06:1f:0c:f2:9f:73:25:d8:29:a9:4b:a8:22:24:ca:c9:82:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Jun 14 00:00:00 2024 GMT
            Not After : Jul 19 23:59:59 2024 GMT
        Subject: serialNumber=c08613bd2f30e9ebdb9eb37c7586b723b42fd8a6180ce711e99bed14461d94e2, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:3c:bc:0c:12:bb:07:f0:fc:54:05:2a:a2:f4:
                    47:ea:63:32:59:0d:42:45:fe:91:7d:12:f0:46:b6:
                    3e:e2:c7:85:66:e4:17:93:4d:46:f0:e5:02:9c:51:
                    84:08:ce:88:63:a5:72:bb:6e:19:1f:17:f1:35:ae:
                    07:a9:b5:e9:9a:7f:5f:95:3f:85:6a:3a:c5:8a:e2:
                    34:cf:14:d8:82:17:ff:2e:7f:9c:ab:37:6c:4b:58:
                    6c:39:c0:38:85:6b:19:51:07:c2:95:37:96:b0:3e:
                    5f:51:9d:f3:6d:7f:4a:7a:51:fd:f5:34:0c:87:3c:
                    ef:c4:fb:ce:eb:1c:4d:5f:b9:33:2d:01:32:1f:e6:
                    77:03:d5:5c:ed:e7:37:02:8b:9a:be:82:a8:f8:e7:
                    11:dc:be:28:7d:80:3c:8a:fe:12:dd:1c:f6:c2:93:
                    47:73:43:36:4f:7c:20:42:bf:88:3e:db:4f:d1:f5:
                    01:b0:49:9e:0c:6b:28:05:7a:47:87:66:7a:d0:24:
                    69:cd:8c:1a:11:14:f6:6a:ea:b2:9e:0f:4c:fc:21:
                    ef:96:9b:32:a2:f0:0a:c3:9f:d6:b1:ed:cf:ea:0b:
                    88:76:90:00:a1:46:dd:8c:9f:75:6e:92:55:1c:b8:
                    65:1a:cf:b1:e3:65:fb:c2:96:99:05:b5:5b:48:9d:
                    c3:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:73:F2:FE:06:C9:A4:21:6B:F6:AF:BC:C2:B9:D7:E4:B9:1E:14:6E
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/da0d0f1f-f82d-47bb-9ac7-ee09a51b3f2c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:500::/48

    Signature Algorithm: sha256WithRSAEncryption
         33:37:e2:01:2b:57:27:24:2e:39:11:49:8c:fd:a9:58:59:32:
         a7:0f:72:56:e5:57:30:3b:c1:ed:28:e4:e7:86:fd:3c:dc:21:
         f1:67:50:cf:f9:37:58:83:4e:c1:2c:98:24:24:6f:81:42:6b:
         3b:72:bd:06:22:c9:b4:4a:8f:74:4f:03:0a:de:e3:55:33:22:
         b7:c2:a0:e2:6a:26:8d:ec:95:7d:78:b0:d6:0b:9a:32:20:55:
         b6:50:c0:13:66:9f:1a:36:6a:68:c6:05:94:7c:32:ab:73:78:
         cc:b1:2e:e2:a3:ab:30:f5:29:3f:85:da:c2:6e:51:0b:8c:2b:
         37:9e:98:2d:c4:90:d6:cd:bf:ba:00:17:3b:da:68:bf:dd:8a:
         a6:5d:26:f0:83:0b:b0:ae:08:a8:8d:63:0a:53:52:5b:0a:8d:
         f1:19:f9:a3:d1:fd:0c:af:d2:37:27:99:b8:08:f8:68:bc:75:
         65:39:f0:c2:da:fb:54:dd:71:dc:f4:ef:8b:44:fe:e4:6e:b5:
         f5:66:a4:53:02:c5:46:f2:d8:f1:d0:4d:ef:7f:40:e3:3f:cc:
         3a:dd:39:8a:bf:5b:de:e9:9d:f1:96:6f:7a:4c:82:be:53:6c:
         b5:9a:2b:0d:b0:f3:f7:04:82:9f:fb:87:2f:cd:74:a9:be:ce:
         1e:b1:f0:70
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUAzEGHwzyn3Ml2CmpS6giJMrJgvowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjQwNjE0MDAwMDAwWhcNMjQwNzE5MjM1OTU5
WjB6MUkwRwYDVQQFE0BjMDg2MTNiZDJmMzBlOWViZGI5ZWIzN2M3NTg2YjcyM2I0
MmZkOGE2MTgwY2U3MTFlOTliZWQxNDQ2MWQ5NGUyMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC1PLwMErsH8PxUBSqi9EfqYzJZDUJF/pF9EvBGtj7ix4Vm
5BeTTUbw5QKcUYQIzohjpXK7bhkfF/E1rgeptemaf1+VP4VqOsWK4jTPFNiCF/8u
f5yrN2xLWGw5wDiFaxlRB8KVN5awPl9RnfNtf0p6Uf31NAyHPO/E+87rHE1fuTMt
ATIf5ncD1Vzt5zcCi5q+gqj45xHcvih9gDyK/hLdHPbCk0dzQzZPfCBCv4g+20/R
9QGwSZ4MaygFekeHZnrQJGnNjBoRFPZq6rKeD0z8Ie+WmzKi8ArDn9ax7c/qC4h2
kAChRt2Mn3VuklUcuGUaz7HjZfvClpkFtVtIncN1AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUM3Py/gbJpCFr9q+8wrnX5LkeFG4wHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2RhMGQwZjFmLWY4MmQtNDdiYi05YWM3LWVlMDlhNTFiM2YyYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDwBQAwDQYJKoZIhvcNAQELBQADggEBADM34gErVyckLjkRSYz9qVhZ
MqcPclblVzA7we0o5OeG/TzcIfFnUM/5N1iDTsEsmCQkb4FCaztyvQYiybRKj3RP
Awre41UzIrfCoOJqJo3slX14sNYLmjIgVbZQwBNmnxo2amjGBZR8MqtzeMyxLuKj
qzD1KT+F2sJuUQuMKzeemC3EkNbNv7oAFzvaaL/diqZdJvCDC7CuCKiNYwpTUlsK
jfEZ+aPR/Qyv0jcnmbgI+Gi8dWU58MLa+1Tdcdz074tE/uRutfVmpFMCxUby2PHQ
Te9/QOM/zDrdOYq/W97pnfGWb3pMgr5TbLWaKw2w8/cEgp/7hy/NdKm+zh6x8HA=
-----END CERTIFICATE-----
Generated at Sun Jun 16 16:37:51 2024 by rpki-client on console-fra.rpki-client.org