Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/f3f1b6a3-5a54-4834-be55-4536f3908ca9.roa
File:                     f3f1b6a3-5a54-4834-be55-4536f3908ca9.roa (raw, json)
Hash identifier:          KqpBKs4ns1EHIawOxFiCgT2vzKzkgaOEm0YsIN9ziz4=
Subject key identifier:   4B:71:80:55:3F:59:A3:84:BA:9B:E9:58:E6:0D:69:F8:8F:06:14:C9
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       4378224E062472028DD2F398B2B405AA309499DD
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/f3f1b6a3-5a54-4834-be55-4536f3908ca9.roa
Signing time:             Fri 07 Jun 2024 00:00:00 +0000
ROA not before:           Fri 07 Jun 2024 00:00:00 +0000
ROA not after:            Fri 12 Jul 2024 23:59:59 +0000
asID:                     21664
IP address blocks:        2605:9cc0:648::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 18 Jun 2024 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            43:78:22:4e:06:24:72:02:8d:d2:f3:98:b2:b4:05:aa:30:94:99:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Jun  7 00:00:00 2024 GMT
            Not After : Jul 12 23:59:59 2024 GMT
        Subject: serialNumber=9c1c916df48efbef14dfba2f94147c188617d609a53968a053b96075bce5297a, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:2b:dd:a9:7a:a5:50:fe:df:e2:59:05:b5:e0:
                    9a:f0:45:3f:84:ea:5e:3c:e6:4e:d6:5d:1e:fc:d5:
                    c9:b2:c5:f7:e3:a7:72:5b:62:64:4d:c0:aa:8f:ea:
                    47:d4:d8:2f:0d:87:3d:81:7d:d3:12:80:66:ec:8b:
                    44:19:cb:02:f4:cb:20:6d:2f:c0:5e:01:7b:ab:71:
                    8e:f9:6a:9e:9e:74:74:4d:a7:4b:fe:f8:87:da:5e:
                    2f:97:56:45:5c:72:15:81:3e:76:4d:64:a3:c7:a2:
                    f0:73:eb:16:f8:12:98:c2:20:2a:4b:bf:6a:5b:d6:
                    e7:8d:9a:78:17:ee:32:7a:45:b8:92:59:30:c6:ae:
                    9b:89:4d:ea:a6:d1:0f:e5:e8:fb:85:45:ae:08:ae:
                    a2:2b:6e:c3:ba:cf:c1:6f:9e:9a:53:57:07:f3:92:
                    8d:93:91:12:ef:29:b9:7c:b4:e6:80:1f:fe:a9:71:
                    17:a9:74:9e:6e:35:1d:c3:72:3d:5b:24:26:97:f4:
                    f9:83:d9:9b:3e:28:cb:41:7a:9f:11:b2:54:12:f6:
                    dd:81:78:c8:b7:ad:70:4c:ce:26:2e:96:64:14:d2:
                    1f:2a:a4:f5:1c:d1:4e:0a:eb:05:03:67:a5:87:a5:
                    44:c5:aa:e0:ac:6d:eb:26:c3:01:92:ee:7d:26:fc:
                    96:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:71:80:55:3F:59:A3:84:BA:9B:E9:58:E6:0D:69:F8:8F:06:14:C9
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/f3f1b6a3-5a54-4834-be55-4536f3908ca9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:648::/48

    Signature Algorithm: sha256WithRSAEncryption
         0e:b7:4a:3a:b7:b9:e7:5b:14:9a:b4:eb:cf:28:d8:a6:78:3b:
         fe:47:73:3b:02:29:b0:73:de:e9:e3:8c:2d:2b:22:2f:9b:a8:
         d9:63:e2:f4:a4:9b:00:4e:c5:55:11:dc:57:c6:94:17:8c:d0:
         2e:30:bb:c7:1d:45:6c:f5:b8:8c:d0:0f:46:14:57:7d:05:ea:
         75:7b:50:3b:d8:cd:da:54:91:f7:25:3f:26:46:f6:72:5a:26:
         cd:33:54:00:d3:3e:ee:cc:07:af:69:9c:27:d7:0c:1a:0f:ca:
         ea:57:70:f5:50:ea:d5:3c:93:ec:5f:53:1e:10:f8:69:c6:12:
         fd:ea:27:f2:4f:8a:eb:34:2d:02:41:ec:a9:67:ba:ab:3c:0c:
         1f:db:57:a7:1b:f0:df:c1:e9:7a:6d:20:c0:38:15:a5:83:14:
         63:63:18:b7:8c:9a:9d:c9:83:83:4d:07:03:07:96:63:26:98:
         d9:11:8b:72:c6:a9:d2:37:50:73:f5:f7:4e:87:8d:93:a9:32:
         c2:c3:5d:e3:2f:fc:a2:a1:2f:01:74:88:df:ea:ad:fc:00:7f:
         60:42:f8:98:02:96:76:41:81:ef:64:66:37:c8:78:a4:02:56:
         dc:e9:b7:e5:ad:92:b8:b7:56:6a:7b:b7:ec:cc:6f:69:8d:df:
         01:e5:ef:19
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUQ3giTgYkcgKN0vOYsrQFqjCUmd0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjQwNjA3MDAwMDAwWhcNMjQwNzEyMjM1OTU5
WjB6MUkwRwYDVQQFE0A5YzFjOTE2ZGY0OGVmYmVmMTRkZmJhMmY5NDE0N2MxODg2
MTdkNjA5YTUzOTY4YTA1M2I5NjA3NWJjZTUyOTdhMS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDBK92peqVQ/t/iWQW14JrwRT+E6l485k7WXR781cmyxffj
p3JbYmRNwKqP6kfU2C8Nhz2BfdMSgGbsi0QZywL0yyBtL8BeAXurcY75ap6edHRN
p0v++IfaXi+XVkVcchWBPnZNZKPHovBz6xb4EpjCICpLv2pb1ueNmngX7jJ6RbiS
WTDGrpuJTeqm0Q/l6PuFRa4IrqIrbsO6z8FvnppTVwfzko2TkRLvKbl8tOaAH/6p
cRepdJ5uNR3Dcj1bJCaX9PmD2Zs+KMtBep8RslQS9t2BeMi3rXBMziYulmQU0h8q
pPUc0U4K6wUDZ6WHpUTFquCsbesmwwGS7n0m/JYvAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUS3GAVT9Zo4S6m+lY5g1p+I8GFMkwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiL2YzZjFiNmEzLTVhNTQtNDgzNC1iZTU1LTQ1MzZmMzkwOGNhOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzABkgwDQYJKoZIhvcNAQELBQADggEBAA63Sjq3uedbFJq0688o2KZ4
O/5HczsCKbBz3unjjC0rIi+bqNlj4vSkmwBOxVUR3FfGlBeM0C4wu8cdRWz1uIzQ
D0YUV30F6nV7UDvYzdpUkfclPyZG9nJaJs0zVADTPu7MB69pnCfXDBoPyupXcPVQ
6tU8k+xfUx4Q+GnGEv3qJ/JPius0LQJB7Klnuqs8DB/bV6cb8N/B6XptIMA4FaWD
FGNjGLeMmp3Jg4NNBwMHlmMmmNkRi3LGqdI3UHP1906HjZOpMsLDXeMv/KKhLwF0
iN/qrfwAf2BC+JgClnZBge9kZjfIeKQCVtzpt+Wtkri3Vmp7t+zMb2mN3wHl7xk=
-----END CERTIFICATE-----
Generated at Mon Jun 17 01:44:26 2024 by rpki-client on console-fra.rpki-client.org