Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/094d8343-6f84-4689-8078-17afcd623f2b.roa
File:                     094d8343-6f84-4689-8078-17afcd623f2b.roa (raw, json)
Hash identifier:          YZAzjcREYMVIvK982v+HX7ER0QTiZuSVyLzruRITpDM=
Subject key identifier:   7A:82:81:66:EB:85:FF:CC:0F:98:62:F8:23:AE:28:59:4F:41:B0:28
Certificate issuer:       /CN=c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2
Certificate serial:       29883D212B36460BA32DC7A2730BDCC6120B7369
Authority key identifier: 1E:5F:2D:62:F8:5A:D2:84:D4:D1:89:25:6B:88:69:E8:E9:11:28:38
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/094d8343-6f84-4689-8078-17afcd623f2b.roa
Signing time:             Wed 06 Mar 2024 00:00:00 +0000
ROA not before:           Wed 06 Mar 2024 00:00:00 +0000
ROA not after:            Wed 10 Apr 2024 23:59:59 +0000
asID:                     14618
IP address blocks:        2606:f40::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/HwZxfSr2LjgJByCEw6-PSJSOQOI.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/HwZxfSr2LjgJByCEw6-PSJSOQOI.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/76fe11d4-d352-4994-8f6c-d6c91b0b8415.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/76fe11d4-d352-4994-8f6c-d6c91b0b8415.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 30 Mar 2024 07:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            29:88:3d:21:2b:36:46:0b:a3:2d:c7:a2:73:0b:dc:c6:12:0b:73:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2
        Validity
            Not Before: Mar  6 00:00:00 2024 GMT
            Not After : Apr 10 23:59:59 2024 GMT
        Subject: serialNumber=e7c7fef4c44e189d78ea53d9f0ace3290fb9e345b0f426ed0be7b369453aaa2c, CN=8f95e4d1-f14f-4d61-ae00-67e047d2f102
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:99:2f:f9:61:1b:25:3e:70:f1:04:37:f0:ec:
                    2a:7b:7d:58:c4:94:2f:7b:f2:75:41:4b:60:0e:d2:
                    b0:92:a0:4a:9d:ce:ca:ff:d1:c6:07:32:8a:8c:6d:
                    ca:22:b9:ce:a6:2c:23:dc:2f:9d:e4:90:f4:ad:41:
                    65:80:29:9a:23:73:24:7f:f4:fa:ac:a9:fc:78:49:
                    26:b0:39:e8:0b:e5:91:5c:f2:7b:50:31:27:c2:aa:
                    cb:e5:a6:5b:b3:4f:60:69:e5:43:04:e8:ac:fe:af:
                    0a:f6:b5:eb:f5:f7:5e:20:cc:b8:3a:03:b0:54:da:
                    68:cb:57:4d:a2:70:6f:95:44:df:c7:b9:c9:db:70:
                    90:bf:c1:94:7c:6c:b8:07:ab:d9:a9:62:a9:60:1a:
                    df:0f:82:70:f8:82:d9:ca:97:fb:02:0d:39:d1:d5:
                    74:f0:7e:51:f6:d1:df:e7:5d:6d:d2:ad:aa:82:47:
                    68:aa:2c:d8:59:f4:65:df:a4:ee:8f:84:14:dc:0f:
                    74:dc:b0:8a:60:58:2f:dd:13:ec:9f:40:ed:ca:c1:
                    8c:7b:84:50:38:8f:5e:f6:44:6b:a6:90:8d:2a:3a:
                    d3:db:6e:93:e0:76:53:d1:a1:a3:1f:a4:bc:f4:c5:
                    b5:6f:8b:de:c5:39:f5:35:5c:a5:a8:ce:84:f0:b2:
                    cd:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:82:81:66:EB:85:FF:CC:0F:98:62:F8:23:AE:28:59:4F:41:B0:28
            X509v3 Authority Key Identifier:
                keyid:1E:5F:2D:62:F8:5A:D2:84:D4:D1:89:25:6B:88:69:E8:E9:11:28:38

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/0a3db4ff-9cd8-4d02-a027-6fa90494a3a1/c167a8b3a01f06717d2af62e3809072084c3af8f48948e40e2.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/094d8343-6f84-4689-8078-17afcd623f2b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2f059a21-d41b-4846-b7ae-7ea38c32fd4c/HwZxfSr2LjgJByCEw6-PSJSOQOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2606:f40::/32

    Signature Algorithm: sha256WithRSAEncryption
         c9:84:57:e7:fa:65:fb:e3:60:c6:f2:01:8e:9f:ba:80:8c:cc:
         26:c6:75:b1:9c:c3:3e:40:31:28:c8:65:92:62:4d:fe:54:95:
         51:80:a0:4e:e3:bb:46:23:1e:6e:f0:c4:56:5f:5a:7c:1f:db:
         4b:55:21:18:fa:f9:94:6b:11:b6:72:41:a3:0c:a6:19:82:94:
         da:bc:2e:35:9b:5e:9d:60:47:a8:8e:a4:ae:33:40:15:b7:58:
         a1:18:f1:f1:55:a1:1c:9c:15:79:bb:1e:2d:fb:c7:af:96:ac:
         4a:7f:07:f7:66:9d:70:be:57:74:ff:8e:58:b9:71:29:67:09:
         5f:eb:61:0e:60:ba:20:6e:76:27:25:fb:b9:46:f1:be:e7:d6:
         c6:a3:89:bd:4a:48:91:2e:9a:c4:16:ec:d7:17:82:77:3a:20:
         26:b8:37:b0:b0:54:22:79:a8:dd:82:c0:ca:7a:1b:ca:76:8f:
         95:8d:05:b1:df:fc:fc:b2:79:52:6f:73:3a:b1:eb:a0:a8:8b:
         7b:f1:e4:e8:c8:22:10:c6:7b:c3:d3:e0:ac:af:62:24:7d:4c:
         0b:8b:16:fc:e3:14:0f:d2:e8:77:68:a4:2c:38:0c:e4:b3:c2:
         5e:68:80:15:33:df:35:4f:75:00:21:0a:91:45:7c:b8:3e:b6:
         4d:20:45:e5
-----BEGIN CERTIFICATE-----
MIIF+TCCBOGgAwIBAgIUKYg9ISs2RgujLceicwvcxhILc2kwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYzE2N2E4YjNhMDFmMDY3MTdkMmFmNjJlMzgwOTA3MjA4
NGMzYWY4ZjQ4OTQ4ZTQwZTIwHhcNMjQwMzA2MDAwMDAwWhcNMjQwNDEwMjM1OTU5
WjB6MUkwRwYDVQQFE0BlN2M3ZmVmNGM0NGUxODlkNzhlYTUzZDlmMGFjZTMyOTBm
YjllMzQ1YjBmNDI2ZWQwYmU3YjM2OTQ1M2FhYTJjMS0wKwYDVQQDEyQ4Zjk1ZTRk
MS1mMTRmLTRkNjEtYWUwMC02N2UwNDdkMmYxMDIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDKmS/5YRslPnDxBDfw7Cp7fVjElC978nVBS2AO0rCSoEqd
zsr/0cYHMoqMbcoiuc6mLCPcL53kkPStQWWAKZojcyR/9Pqsqfx4SSawOegL5ZFc
8ntQMSfCqsvlpluzT2Bp5UME6Kz+rwr2tev1914gzLg6A7BU2mjLV02icG+VRN/H
ucnbcJC/wZR8bLgHq9mpYqlgGt8PgnD4gtnKl/sCDTnR1XTwflH20d/nXW3SraqC
R2iqLNhZ9GXfpO6PhBTcD3TcsIpgWC/dE+yfQO3KwYx7hFA4j172RGumkI0qOtPb
bpPgdlPRoaMfpLz0xbVvi97FOfU1XKWozoTwss2dAgMBAAGjggKyMIICrjAdBgNV
HQ4EFgQUeoKBZuuF/8wPmGL4I64oWU9BsCgwHwYDVR0jBBgwFoAUHl8tYvha0oTU
0Ykla4hp6OkRKDgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
Lzc2ZmUxMWQ0LWQzNTItNDk5NC04ZjZjLWQ2YzkxYjBiODQxNS8wYTNkYjRmZi05
Y2Q4LTRkMDItYTAyNy02ZmE5MDQ5NGEzYTEvYzE2N2E4YjNhMDFmMDY3MTdkMmFm
NjJlMzgwOTA3MjA4NGMzYWY4ZjQ4OTQ4ZTQwZTIuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMmYwNTlhMjEtZDQxYi00ODQ2LWI3YWUtN2Vh
MzhjMzJmZDRjLzA5NGQ4MzQzLTZmODQtNDY4OS04MDc4LTE3YWZjZDYyM2YyYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzJmMDU5YTIxLWQ0MWItNDg0Ni1iN2Fl
LTdlYTM4YzMyZmQ0Yy9Id1p4ZlNyMkxqZ0pCeUNFdzYtUFNKU09RT0kuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgAC
MAcDBQAmBg9AMA0GCSqGSIb3DQEBCwUAA4IBAQDJhFfn+mX742DG8gGOn7qAjMwm
xnWxnMM+QDEoyGWSYk3+VJVRgKBO47tGIx5u8MRWX1p8H9tLVSEY+vmUaxG2ckGj
DKYZgpTavC41m16dYEeojqSuM0AVt1ihGPHxVaEcnBV5ux4t+8evlqxKfwf3Zp1w
vld0/45YuXEpZwlf62EOYLogbnYnJfu5RvG+59bGo4m9SkiRLprEFuzXF4J3OiAm
uDewsFQieajdgsDKehvKdo+VjQWx3/z8snlSb3M6seugqIt78eToyCIQxnvD0+Cs
r2IkfUwLixb84xQP0uh3aKQsOAzks8JeaIAVM981T3UAIQqRRXy4PrZNIEXl
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:37:35 2024 by rpki-client on console-fra.rpki-client.org