Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/254b4192-a38e-41eb-a28b-d01a7ee37964.roa
File:                     254b4192-a38e-41eb-a28b-d01a7ee37964.roa (raw, json)
Hash identifier:          DuwJXgB5mnurdLA18muSgaJeyImPw5thRKbd+bgXuf0=
Subject key identifier:   46:41:0A:AF:1F:BD:B3:3C:FE:B3:3E:B6:36:98:72:35:DC:81:FA:8E
Certificate issuer:       /CN=c05676c733fd8ccae5be63b92bddc90b7a5b74e69449c1eb04
Certificate serial:       1922192284373BB174BE4FD55C0D9B0760F38BEE
Authority key identifier: 99:C3:54:4C:08:C9:94:54:B8:79:95:1E:FF:A4:7A:8F:63:C8:A7:77
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2/c05676c733fd8ccae5be63b92bddc90b7a5b74e69449c1eb04.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/254b4192-a38e-41eb-a28b-d01a7ee37964.roa
Signing time:             Mon 11 Sep 2023 00:00:00 +0000
ROA not before:           Mon 11 Sep 2023 00:00:00 +0000
ROA not after:            Mon 16 Oct 2023 23:59:59 +0000
asID:                     16509
IP address blocks:        2620:108:d000::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/_YzK5b5juSvdyQt6W3TmlEnB6wQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/_YzK5b5juSvdyQt6W3TmlEnB6wQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2/c05676c733fd8ccae5be63b92bddc90b7a5b74e69449c1eb04.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2/77b56428-9b52-416f-b279-bbae14422de2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2/77b56428-9b52-416f-b279-bbae14422de2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 13 Sep 2023 03:01:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            19:22:19:22:84:37:3b:b1:74:be:4f:d5:5c:0d:9b:07:60:f3:8b:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c05676c733fd8ccae5be63b92bddc90b7a5b74e69449c1eb04
        Validity
            Not Before: Sep 11 00:00:00 2023 GMT
            Not After : Oct 16 23:59:59 2023 GMT
        Subject: serialNumber=4c787f803ae79fecd22e9849daf8596b192b2f5893ac584a18b0c7cb7208b7dd, CN=0099a7ea-794a-4a28-b164-49547626eb11
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:c5:6d:e7:49:22:e8:98:17:99:5f:87:ef:a6:
                    0b:29:50:9a:29:f9:db:32:e3:96:f3:d3:d0:aa:df:
                    0b:17:e5:30:d9:78:dc:da:59:ab:d2:97:1e:9d:d9:
                    b2:50:8c:78:42:92:27:e5:4f:52:18:55:22:2e:6a:
                    bf:29:66:28:fc:36:24:1e:47:a7:d4:3a:e0:80:dc:
                    c6:c5:56:19:bb:f6:e3:49:1d:b1:50:55:51:af:34:
                    88:fa:76:50:93:61:65:90:de:5d:7c:54:78:93:83:
                    d4:ad:34:ee:6a:dc:20:53:50:6b:79:22:2f:1b:51:
                    e8:ee:1c:08:d9:49:bc:73:4e:99:31:13:bb:6e:4c:
                    66:57:9d:95:4b:9a:b9:c2:8a:56:c3:5c:bf:34:17:
                    9a:11:c1:53:f2:88:7c:88:25:0a:39:25:af:ec:43:
                    8f:7e:0e:b7:b3:b5:bf:3f:d5:38:6c:64:f7:16:09:
                    14:59:f4:9b:9a:a2:92:f9:4f:c4:e0:b2:95:1b:6a:
                    07:48:ae:61:55:b0:8f:6d:a0:68:49:79:bd:67:51:
                    3f:19:21:94:e1:31:fd:80:e1:4e:dc:18:3e:47:64:
                    d9:7e:8e:b4:6e:49:43:11:e2:19:be:11:97:61:42:
                    85:72:a1:cf:0b:9a:d2:0d:cc:bd:f1:d2:2c:41:b8:
                    3d:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:41:0A:AF:1F:BD:B3:3C:FE:B3:3E:B6:36:98:72:35:DC:81:FA:8E
            X509v3 Authority Key Identifier:
                keyid:99:C3:54:4C:08:C9:94:54:B8:79:95:1E:FF:A4:7A:8F:63:C8:A7:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2/c05676c733fd8ccae5be63b92bddc90b7a5b74e69449c1eb04.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/254b4192-a38e-41eb-a28b-d01a7ee37964.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/_YzK5b5juSvdyQt6W3TmlEnB6wQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2620:108:d000::/44

    Signature Algorithm: sha256WithRSAEncryption
         56:75:80:4c:2e:5f:06:38:33:03:62:ae:a8:70:8f:87:8a:bb:
         69:4e:cf:35:49:86:b7:e2:20:aa:8b:56:99:0a:b3:b4:5e:31:
         71:30:99:85:87:4c:a3:08:9b:85:51:b4:64:c2:8f:2b:3a:5a:
         6a:43:d0:ab:70:f7:42:b4:0a:4c:f4:c7:e4:30:2e:8f:ef:87:
         47:58:8b:2e:35:62:da:1d:ae:b3:0d:6d:49:04:20:9e:cb:fa:
         d1:3a:08:8e:71:79:b1:b1:7d:ee:c1:f2:1b:41:ef:50:34:ae:
         b3:f7:96:87:7b:8e:05:a4:5d:13:2d:01:6f:e5:00:00:b2:53:
         e8:0e:b8:25:e0:de:be:37:23:ab:2c:9c:f6:ed:83:30:ed:95:
         5d:b4:02:8e:ef:8a:37:45:c1:22:3e:e1:36:f6:cb:94:35:a0:
         df:66:24:ff:68:12:3e:3d:43:cc:72:27:3a:3c:92:ca:6b:ac:
         41:62:da:6f:ac:da:55:9a:6d:22:3d:b7:17:65:ba:c1:f6:18:
         07:71:fb:e9:78:4e:0f:4d:77:99:a9:fa:50:8d:36:f9:ad:c7:
         8b:21:d4:13:57:2a:a2:a6:47:da:30:14:6c:60:7e:6a:24:39:
         71:2a:5c:16:9e:e4:62:89:a7:3e:01:d2:b5:11:6d:82:0f:be:
         8f:9f:16:b1
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUGSIZIoQ3O7F0vk/VXA2bB2Dzi+4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYzA1Njc2YzczM2ZkOGNjYWU1YmU2M2I5MmJkZGM5MGI3
YTViNzRlNjk0NDljMWViMDQwHhcNMjMwOTExMDAwMDAwWhcNMjMxMDE2MjM1OTU5
WjB6MUkwRwYDVQQFE0A0Yzc4N2Y4MDNhZTc5ZmVjZDIyZTk4NDlkYWY4NTk2YjE5
MmIyZjU4OTNhYzU4NGExOGIwYzdjYjcyMDhiN2RkMS0wKwYDVQQDEyQwMDk5YTdl
YS03OTRhLTRhMjgtYjE2NC00OTU0NzYyNmViMTEwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDBxW3nSSLomBeZX4fvpgspUJop+dsy45bz09Cq3wsX5TDZ
eNzaWavSlx6d2bJQjHhCkiflT1IYVSIuar8pZij8NiQeR6fUOuCA3MbFVhm79uNJ
HbFQVVGvNIj6dlCTYWWQ3l18VHiTg9StNO5q3CBTUGt5Ii8bUejuHAjZSbxzTpkx
E7tuTGZXnZVLmrnCilbDXL80F5oRwVPyiHyIJQo5Ja/sQ49+Dreztb8/1ThsZPcW
CRRZ9JuaopL5T8TgspUbagdIrmFVsI9toGhJeb1nUT8ZIZThMf2A4U7cGD5HZNl+
jrRuSUMR4hm+EZdhQoVyoc8LmtINzL3x0ixBuD0pAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQURkEKrx+9szz+sz62NphyNdyB+o4wHwYDVR0jBBgwFoAUmcNUTAjJlFS4
eZUe/6R6j2PIp3cwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi83N2I1NjQyOC05
YjUyLTQxNmYtYjI3OS1iYmFlMTQ0MjJkZTIvYzA1Njc2YzczM2ZkOGNjYWU1YmU2
M2I5MmJkZGM5MGI3YTViNzRlNjk0NDljMWViMDQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNDI1ODJjNjctZGQzZi00YmM1LWJhNjAtZTk3
ZTU1MmM2ZTM1LzI1NGI0MTkyLWEzOGUtNDFlYi1hMjhiLWQwMWE3ZWUzNzk2NC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzQyNTgyYzY3LWRkM2YtNGJjNS1iYTYw
LWU5N2U1NTJjNmUzNS9fWXpLNWI1anVTdmR5UXQ2VzNUbWxFbkI2d1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwQmIAEI0AAwDQYJKoZIhvcNAQELBQADggEBAFZ1gEwuXwY4MwNirqhwj4eK
u2lOzzVJhrfiIKqLVpkKs7ReMXEwmYWHTKMIm4VRtGTCjys6WmpD0Ktw90K0Ckz0
x+QwLo/vh0dYiy41YtodrrMNbUkEIJ7L+tE6CI5xebGxfe7B8htB71A0rrP3lod7
jgWkXRMtAW/lAACyU+gOuCXg3r43I6ssnPbtgzDtlV20Ao7vijdFwSI+4Tb2y5Q1
oN9mJP9oEj49Q8xyJzo8ksprrEFi2m+s2lWabSI9txdlusH2GAdx++l4Tg9Nd5mp
+lCNNvmtx4sh1BNXKqKmR9owFGxgfmokOXEqXBae5GKJpz4B0rURbYIPvo+fFrE=
-----END CERTIFICATE-----
Generated at Mon Sep 11 15:39:32 2023 by rpki-client on console-ams.rpki-client.org