Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/8e5cac31-33d2-454d-a2b7-6ef85a8d494d.roa
File:                     8e5cac31-33d2-454d-a2b7-6ef85a8d494d.roa (raw, json)
Hash identifier:          y3YYb/5cOP/CItKD4yEWUrhJQh1dWiFbiT/MUfMIPe0=
Subject key identifier:   03:59:FE:5A:BB:13:AF:E5:45:5B:BB:69:D1:2A:21:A6:BE:98:62:B3
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       6848841DC84DACAFFFF782C935A9D75FD0BEB514
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/8e5cac31-33d2-454d-a2b7-6ef85a8d494d.roa
Signing time:             Mon 24 Jun 2024 00:00:00 +0000
ROA not before:           Mon 24 Jun 2024 00:00:00 +0000
ROA not after:            Mon 29 Jul 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        2605:9cc0:396::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 27 Jun 2024 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            68:48:84:1d:c8:4d:ac:af:ff:f7:82:c9:35:a9:d7:5f:d0:be:b5:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Jun 24 00:00:00 2024 GMT
            Not After : Jul 29 23:59:59 2024 GMT
        Subject: serialNumber=12dc3cad3c720604780db220c220949fb9196716d3c6c18f3bca5cbfae6bdfc0, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:d7:63:bb:de:95:87:dd:68:c7:88:3f:51:45:
                    07:07:62:e5:db:3d:cb:5c:63:f0:5f:89:7f:a3:9d:
                    c6:10:64:b6:97:c3:cb:83:4d:d7:ea:69:48:a0:c5:
                    f1:14:46:83:f4:02:98:23:0c:d0:ea:55:8e:70:99:
                    e0:7b:da:68:f8:ce:ec:02:aa:48:ac:e0:5f:dc:ce:
                    da:38:37:02:67:47:86:9f:7f:68:c8:aa:f3:20:5b:
                    dd:85:20:fa:b6:d9:d1:7a:0e:65:d5:59:d8:45:68:
                    6c:11:b3:e0:d2:5e:52:36:65:ef:9a:94:f9:fb:11:
                    da:a9:64:e0:6d:5d:8b:b5:9f:8a:22:d4:bb:0b:4f:
                    4b:c7:4b:e2:70:10:b7:ed:2f:d4:70:45:b8:a0:1c:
                    8e:07:a5:36:d4:cd:5c:d6:78:3e:cd:72:90:46:c2:
                    f8:a4:e3:56:38:15:07:25:43:29:7f:a0:50:24:b3:
                    4b:df:50:6b:19:47:e3:30:a9:df:0e:03:59:49:a4:
                    4a:4a:e7:b2:92:80:c3:bf:96:f1:34:69:4f:3b:85:
                    25:4c:aa:08:85:a6:a5:21:0e:a8:79:b1:15:ef:2a:
                    a6:66:a6:6d:03:d4:58:45:b1:88:97:ce:f0:d0:52:
                    e3:ad:30:f7:6c:64:70:8a:7d:91:4c:96:03:4d:f8:
                    ce:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:59:FE:5A:BB:13:AF:E5:45:5B:BB:69:D1:2A:21:A6:BE:98:62:B3
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/8e5cac31-33d2-454d-a2b7-6ef85a8d494d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:396::/48

    Signature Algorithm: sha256WithRSAEncryption
         71:c9:bb:4d:65:9c:9f:8b:c0:14:d7:56:99:f0:4e:39:b6:1d:
         2f:f6:13:0f:b1:52:dd:32:0c:b6:0a:8e:2d:5c:da:2d:4d:60:
         12:1b:ed:9a:97:eb:b2:32:f1:05:65:62:b1:68:b9:bf:0f:8b:
         8f:35:a6:1d:f7:01:2f:b0:b5:e8:18:98:a3:a9:7f:f6:65:39:
         5d:d1:c0:49:70:91:1c:2a:a5:2f:99:6c:79:72:c7:24:af:4c:
         41:9e:94:2f:af:a4:50:4c:f0:3a:a2:f4:3a:ab:89:30:62:5e:
         86:55:ac:01:c9:1b:00:1f:8c:0a:85:67:94:e1:a7:dd:9a:e5:
         a9:08:90:fc:b7:e1:a9:ef:1f:a9:4e:38:10:6f:15:f8:4f:16:
         27:42:11:2c:44:48:76:35:4d:22:7a:ac:5b:bc:8b:0d:e2:0d:
         f3:6f:fb:1d:f3:68:17:7a:ef:25:39:28:17:b1:36:06:12:33:
         18:c6:e2:34:aa:d5:17:08:50:b0:0f:5e:1b:6d:4b:74:b7:e3:
         19:1a:2e:27:87:bf:8f:48:10:dc:10:00:f3:8e:c4:68:25:cd:
         47:e7:6b:1d:b8:85:ba:e6:92:a5:b2:dd:a9:69:1b:ed:35:5b:
         60:aa:5f:c2:37:ce:5d:5c:1c:8c:98:95:70:fb:41:13:39:df:
         e6:8f:e3:3a
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUaEiEHchNrK//94LJNanXX9C+tRQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjQwNjI0MDAwMDAwWhcNMjQwNzI5MjM1OTU5
WjB6MUkwRwYDVQQFE0AxMmRjM2NhZDNjNzIwNjA0NzgwZGIyMjBjMjIwOTQ5ZmI5
MTk2NzE2ZDNjNmMxOGYzYmNhNWNiZmFlNmJkZmMwMS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDA12O73pWH3WjHiD9RRQcHYuXbPctcY/BfiX+jncYQZLaX
w8uDTdfqaUigxfEURoP0ApgjDNDqVY5wmeB72mj4zuwCqkis4F/czto4NwJnR4af
f2jIqvMgW92FIPq22dF6DmXVWdhFaGwRs+DSXlI2Ze+alPn7EdqpZOBtXYu1n4oi
1LsLT0vHS+JwELftL9RwRbigHI4HpTbUzVzWeD7NcpBGwvik41Y4FQclQyl/oFAk
s0vfUGsZR+Mwqd8OA1lJpEpK57KSgMO/lvE0aU87hSVMqgiFpqUhDqh5sRXvKqZm
pm0D1FhFsYiXzvDQUuOtMPdsZHCKfZFMlgNN+M7jAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUA1n+WrsTr+VFW7tp0Sohpr6YYrMwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiLzhlNWNhYzMxLTMzZDItNDU0ZC1hMmI3LTZlZjg1YThkNDk0ZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzAA5YwDQYJKoZIhvcNAQELBQADggEBAHHJu01lnJ+LwBTXVpnwTjm2
HS/2Ew+xUt0yDLYKji1c2i1NYBIb7ZqX67Iy8QVlYrFoub8Pi481ph33AS+wtegY
mKOpf/ZlOV3RwElwkRwqpS+ZbHlyxySvTEGelC+vpFBM8Dqi9DqriTBiXoZVrAHJ
GwAfjAqFZ5Thp92a5akIkPy34anvH6lOOBBvFfhPFidCESxESHY1TSJ6rFu8iw3i
DfNv+x3zaBd67yU5KBexNgYSMxjG4jSq1RcIULAPXhttS3S34xkaLieHv49IENwQ
APOOxGglzUfnax24hbrmkqWy3alpG+01W2CqX8I3zl1cHIyYlXD7QRM53+aP4zo=
-----END CERTIFICATE-----
Generated at Wed Jun 26 06:21:07 2024 by rpki-client on console-fra.rpki-client.org