Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/4c8e1a8b-ac2f-4ef3-bb84-e54f47be56a7.roa
File:                     4c8e1a8b-ac2f-4ef3-bb84-e54f47be56a7.roa (raw, json)
Hash identifier:          N8P1RmlSAj87aKn5ziQmCBQY3XvXVlsKCyvRotCujvI=
Subject key identifier:   26:F1:EE:F0:E3:2A:CA:66:54:FA:F2:27:A4:C6:16:7D:EE:B9:F0:85
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       1F16F397B72BE71EAD9F02A5190B81D8AB8F9625
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/4c8e1a8b-ac2f-4ef3-bb84-e54f47be56a7.roa
Signing time:             Sat 08 Jun 2024 00:00:00 +0000
ROA not before:           Sat 08 Jun 2024 00:00:00 +0000
ROA not after:            Sat 13 Jul 2024 23:59:59 +0000
asID:                     21664
IP address blocks:        2605:9cc0:c09::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 18 Jun 2024 01:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1f:16:f3:97:b7:2b:e7:1e:ad:9f:02:a5:19:0b:81:d8:ab:8f:96:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Jun  8 00:00:00 2024 GMT
            Not After : Jul 13 23:59:59 2024 GMT
        Subject: serialNumber=cb14114f2dd9524ce51ffe0a15c5b5765e02649a8c2ce9fe70ca3e50bb9e584f, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:e7:df:36:32:c0:38:d4:6c:5f:c6:b8:f5:18:
                    6c:dd:ac:40:4c:b4:19:a2:2d:6b:5a:19:c0:39:34:
                    b7:db:37:c9:5d:20:f2:33:02:3e:86:01:10:f8:c2:
                    5f:ca:43:7e:e2:af:23:f5:9d:9f:9a:63:51:6b:93:
                    4c:82:42:c0:b9:8f:27:09:ca:26:2e:bf:19:43:1f:
                    13:06:4d:0d:1c:5f:21:8f:0c:88:12:4a:bc:3b:9c:
                    53:a3:9f:1f:df:45:e1:af:ee:7e:fb:a2:e8:ac:91:
                    0e:ad:b1:93:7b:b1:af:2e:e3:bf:b0:7d:9e:4e:a2:
                    b8:ba:09:4a:d8:69:8a:54:6e:82:ff:c0:96:03:97:
                    c8:fe:32:31:22:09:4f:62:09:9c:ae:4f:62:8c:62:
                    3b:a7:05:90:6a:35:44:95:54:05:9e:2e:60:0b:79:
                    a3:b4:30:a4:8f:e7:14:7f:ba:0f:ca:4e:c2:bf:89:
                    b4:cc:66:f0:1f:e8:08:b9:6a:a1:91:a8:82:98:bc:
                    c3:10:dd:52:32:23:df:84:86:75:14:dd:a6:e5:ed:
                    f7:d4:34:57:fa:60:40:69:94:34:a4:a4:6f:3e:70:
                    0d:2a:fc:4b:09:f5:fd:f5:01:6c:26:a5:25:be:18:
                    a7:34:01:dd:3f:e1:82:14:71:2b:c5:82:05:dd:53:
                    17:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:F1:EE:F0:E3:2A:CA:66:54:FA:F2:27:A4:C6:16:7D:EE:B9:F0:85
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/4c8e1a8b-ac2f-4ef3-bb84-e54f47be56a7.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:c09::/48

    Signature Algorithm: sha256WithRSAEncryption
         a5:2c:3c:6b:12:b0:8c:7d:60:e7:2c:48:b7:9b:0b:97:73:74:
         a1:57:f8:58:6d:d0:a4:b1:ee:e6:4d:68:a0:47:17:a0:24:7d:
         af:7b:4d:41:20:8c:20:c2:b5:33:8b:a1:e1:98:b6:c1:1f:30:
         9a:f7:e9:bf:fe:26:55:18:86:08:7f:8a:40:ae:43:d3:52:87:
         e7:0c:4c:b9:4f:a9:b4:7d:ec:71:6d:c4:08:af:bf:8a:fb:58:
         1f:2f:08:10:e5:b8:6a:7a:72:bd:30:31:dd:05:af:ea:d8:cc:
         52:7e:22:77:33:3f:61:1e:51:a8:ff:ae:99:fc:47:23:2a:62:
         2b:73:73:4a:50:f6:32:2f:12:4c:cd:51:e5:21:f2:10:25:e0:
         3e:ca:a7:28:71:47:80:29:4f:88:a4:39:89:38:05:55:a1:ac:
         cc:67:d5:87:6a:e5:72:18:dd:b2:6f:a9:32:26:fa:e7:b3:a9:
         96:22:81:eb:38:8e:20:c0:60:fe:99:9c:5b:ad:67:df:a1:bb:
         32:bd:1e:66:58:b6:f3:f7:d9:0c:aa:db:7a:07:93:9f:17:9f:
         a6:f2:14:bc:4c:89:18:8a:74:ef:4f:ac:0f:e7:25:a5:76:e3:
         06:8f:ef:df:aa:06:7b:dc:dc:c7:98:3f:ae:b8:5d:ac:9b:9f:
         1f:bb:3b:93
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUHxbzl7cr5x6tnwKlGQuB2KuPliUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjQwNjA4MDAwMDAwWhcNMjQwNzEzMjM1OTU5
WjB6MUkwRwYDVQQFE0BjYjE0MTE0ZjJkZDk1MjRjZTUxZmZlMGExNWM1YjU3NjVl
MDI2NDlhOGMyY2U5ZmU3MGNhM2U1MGJiOWU1ODRmMS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCy5982MsA41Gxfxrj1GGzdrEBMtBmiLWtaGcA5NLfbN8ld
IPIzAj6GARD4wl/KQ37iryP1nZ+aY1Frk0yCQsC5jycJyiYuvxlDHxMGTQ0cXyGP
DIgSSrw7nFOjnx/fReGv7n77ouiskQ6tsZN7sa8u47+wfZ5Oori6CUrYaYpUboL/
wJYDl8j+MjEiCU9iCZyuT2KMYjunBZBqNUSVVAWeLmALeaO0MKSP5xR/ug/KTsK/
ibTMZvAf6Ai5aqGRqIKYvMMQ3VIyI9+EhnUU3abl7ffUNFf6YEBplDSkpG8+cA0q
/EsJ9f31AWwmpSW+GKc0Ad0/4YIUcSvFggXdUxejAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUJvHu8OMqymZU+vInpMYWfe658IUwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiLzRjOGUxYThiLWFjMmYtNGVmMy1iYjg0LWU1NGY0N2JlNTZhNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzADAkwDQYJKoZIhvcNAQELBQADggEBAKUsPGsSsIx9YOcsSLebC5dz
dKFX+Fht0KSx7uZNaKBHF6Akfa97TUEgjCDCtTOLoeGYtsEfMJr36b/+JlUYhgh/
ikCuQ9NSh+cMTLlPqbR97HFtxAivv4r7WB8vCBDluGp6cr0wMd0Fr+rYzFJ+Incz
P2EeUaj/rpn8RyMqYitzc0pQ9jIvEkzNUeUh8hAl4D7KpyhxR4ApT4ikOYk4BVWh
rMxn1Ydq5XIY3bJvqTIm+uezqZYiges4jiDAYP6ZnFutZ9+huzK9HmZYtvP32Qyq
23oHk58Xn6byFLxMiRiKdO9PrA/nJaV24waP79+qBnvc3MeYP664Xaybnx+7O5M=
-----END CERTIFICATE-----
Generated at Sun Jun 16 23:33:49 2024 by rpki-client on console-fra.rpki-client.org