Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/254b4192-a38e-41eb-a28b-d01a7ee37964.roa
File:                     254b4192-a38e-41eb-a28b-d01a7ee37964.roa (raw, json)
Hash identifier:          7jG+HdoGj54gG6tXe3DAXfNWkSrTxjHmABIh3MPMHYc=
Subject key identifier:   4E:AB:16:52:28:E5:D0:8D:41:AB:47:86:73:6B:F5:EE:06:77:56:C7
Certificate issuer:       /CN=c05676c733fd8ccae5be63b92bddc90b7a5b74e69449c1eb04
Certificate serial:       1900EBCCDA3CA8B122A1E164C49C7F7A2398C186
Authority key identifier: 99:C3:54:4C:08:C9:94:54:B8:79:95:1E:FF:A4:7A:8F:63:C8:A7:77
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2/c05676c733fd8ccae5be63b92bddc90b7a5b74e69449c1eb04.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/254b4192-a38e-41eb-a28b-d01a7ee37964.roa
Signing time:             Tue 05 Mar 2024 00:00:00 +0000
ROA not before:           Tue 05 Mar 2024 00:00:00 +0000
ROA not after:            Tue 09 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        2620:108:d000::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/_YzK5b5juSvdyQt6W3TmlEnB6wQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/_YzK5b5juSvdyQt6W3TmlEnB6wQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2/c05676c733fd8ccae5be63b92bddc90b7a5b74e69449c1eb04.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2/77b56428-9b52-416f-b279-bbae14422de2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2/77b56428-9b52-416f-b279-bbae14422de2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 30 Mar 2024 12:05:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            19:00:eb:cc:da:3c:a8:b1:22:a1:e1:64:c4:9c:7f:7a:23:98:c1:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c05676c733fd8ccae5be63b92bddc90b7a5b74e69449c1eb04
        Validity
            Not Before: Mar  5 00:00:00 2024 GMT
            Not After : Apr  9 23:59:59 2024 GMT
        Subject: serialNumber=c0b3bb3df7e1ee2655c0d7d67fe879b1a12ced26fc2f3ddab4b428e1569539fe, CN=0099a7ea-794a-4a28-b164-49547626eb11
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:04:c6:ef:90:2f:9f:b7:04:b7:aa:ce:54:a3:
                    bb:d2:55:84:c8:3d:4a:90:4d:30:b8:7d:e7:26:97:
                    80:e8:6a:f3:68:a4:d3:45:3b:8c:84:a8:e6:cb:40:
                    bb:75:bf:54:e8:24:a5:9c:65:9c:94:64:23:48:ec:
                    9e:4c:5c:ed:1f:1b:64:c6:38:97:b1:ea:82:2e:3f:
                    be:e0:d3:7a:8a:53:fb:f8:fb:cf:76:78:81:d1:b4:
                    6e:22:10:2c:40:9c:7c:d6:d6:69:fd:63:17:0e:ea:
                    67:bf:70:36:b3:12:f4:63:ea:0d:6c:b5:73:ba:ae:
                    15:0c:da:40:eb:92:3e:9d:69:75:2b:41:0c:ce:89:
                    c1:db:90:f8:49:bb:47:2c:53:b6:c2:89:ba:02:3a:
                    92:98:cb:c1:ec:f4:59:d3:77:db:60:21:96:e9:3d:
                    fe:6b:bb:be:e9:ce:ff:a2:95:3f:10:3b:63:f2:02:
                    b1:4e:64:41:a4:4e:af:78:ff:e3:49:9e:53:85:be:
                    3d:5a:47:90:d6:d6:ae:47:dc:d6:dd:0f:e9:a4:fd:
                    30:9a:0b:c0:28:27:71:ab:5d:2c:1e:a4:65:6d:ad:
                    17:0c:e0:fa:9b:37:90:2d:ae:d5:9e:f0:38:68:1c:
                    65:1c:fe:8a:9a:c1:71:cf:7a:5e:69:75:35:39:69:
                    94:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:AB:16:52:28:E5:D0:8D:41:AB:47:86:73:6B:F5:EE:06:77:56:C7
            X509v3 Authority Key Identifier:
                keyid:99:C3:54:4C:08:C9:94:54:B8:79:95:1E:FF:A4:7A:8F:63:C8:A7:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2/c05676c733fd8ccae5be63b92bddc90b7a5b74e69449c1eb04.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/254b4192-a38e-41eb-a28b-d01a7ee37964.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/_YzK5b5juSvdyQt6W3TmlEnB6wQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2620:108:d000::/44

    Signature Algorithm: sha256WithRSAEncryption
         7f:e5:c5:be:e3:d2:09:56:da:eb:63:2b:2f:90:67:b1:9b:5d:
         53:ed:14:a0:6b:77:e9:49:60:93:e6:03:32:a1:de:8f:d0:ee:
         d2:d8:d3:43:71:15:c0:63:ed:e9:2f:bb:22:81:04:9e:c2:31:
         0c:2d:10:1e:27:af:39:cc:0e:36:9d:c5:cf:a6:de:83:64:ec:
         1b:ca:b4:6f:60:09:10:63:83:da:28:10:a7:dd:00:2e:5d:c7:
         37:bf:2a:7a:ab:d3:b9:06:a5:d3:c3:6c:2d:78:d1:a6:cb:2f:
         02:92:1b:80:35:d2:e9:53:c4:25:59:42:1b:a3:9e:15:13:bf:
         eb:6c:bd:af:39:52:74:a9:64:e3:ab:b7:b9:b2:fa:6d:31:4d:
         10:2e:35:ed:69:9d:6c:54:d7:b6:b5:83:3f:fe:b9:94:c4:5a:
         22:ad:c6:ee:39:c8:8d:71:df:3c:b3:6b:96:a2:cd:4e:2e:d2:
         ae:e1:5b:6e:eb:b7:ae:cc:9e:99:0d:57:bc:dd:66:b8:35:e6:
         7a:70:5a:f6:60:3f:f6:32:c9:e0:29:5e:d3:d7:50:e7:2e:a7:
         4f:d1:e7:5e:54:b1:f7:18:ad:53:f5:88:42:bc:ae:d5:3b:bd:
         7c:43:79:f8:57:7a:7d:b0:37:7b:8d:31:a0:d8:b2:59:d3:37:
         84:f1:cd:b4
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUGQDrzNo8qLEioeFkxJx/eiOYwYYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYzA1Njc2YzczM2ZkOGNjYWU1YmU2M2I5MmJkZGM5MGI3
YTViNzRlNjk0NDljMWViMDQwHhcNMjQwMzA1MDAwMDAwWhcNMjQwNDA5MjM1OTU5
WjB6MUkwRwYDVQQFE0BjMGIzYmIzZGY3ZTFlZTI2NTVjMGQ3ZDY3ZmU4NzliMWEx
MmNlZDI2ZmMyZjNkZGFiNGI0MjhlMTU2OTUzOWZlMS0wKwYDVQQDEyQwMDk5YTdl
YS03OTRhLTRhMjgtYjE2NC00OTU0NzYyNmViMTEwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCyBMbvkC+ftwS3qs5Uo7vSVYTIPUqQTTC4fecml4DoavNo
pNNFO4yEqObLQLt1v1ToJKWcZZyUZCNI7J5MXO0fG2TGOJex6oIuP77g03qKU/v4
+892eIHRtG4iECxAnHzW1mn9YxcO6me/cDazEvRj6g1stXO6rhUM2kDrkj6daXUr
QQzOicHbkPhJu0csU7bCiboCOpKYy8Hs9FnTd9tgIZbpPf5ru77pzv+ilT8QO2Py
ArFOZEGkTq94/+NJnlOFvj1aR5DW1q5H3NbdD+mk/TCaC8AoJ3GrXSwepGVtrRcM
4PqbN5AtrtWe8DhoHGUc/oqawXHPel5pdTU5aZSlAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUTqsWUijl0I1Bq0eGc2v17gZ3VscwHwYDVR0jBBgwFoAUmcNUTAjJlFS4
eZUe/6R6j2PIp3cwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi83N2I1NjQyOC05
YjUyLTQxNmYtYjI3OS1iYmFlMTQ0MjJkZTIvYzA1Njc2YzczM2ZkOGNjYWU1YmU2
M2I5MmJkZGM5MGI3YTViNzRlNjk0NDljMWViMDQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNDI1ODJjNjctZGQzZi00YmM1LWJhNjAtZTk3
ZTU1MmM2ZTM1LzI1NGI0MTkyLWEzOGUtNDFlYi1hMjhiLWQwMWE3ZWUzNzk2NC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzQyNTgyYzY3LWRkM2YtNGJjNS1iYTYw
LWU5N2U1NTJjNmUzNS9fWXpLNWI1anVTdmR5UXQ2VzNUbWxFbkI2d1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwQmIAEI0AAwDQYJKoZIhvcNAQELBQADggEBAH/lxb7j0glW2utjKy+QZ7Gb
XVPtFKBrd+lJYJPmAzKh3o/Q7tLY00NxFcBj7ekvuyKBBJ7CMQwtEB4nrznMDjad
xc+m3oNk7BvKtG9gCRBjg9ooEKfdAC5dxze/Knqr07kGpdPDbC140abLLwKSG4A1
0ulTxCVZQhujnhUTv+tsva85UnSpZOOrt7my+m0xTRAuNe1pnWxU17a1gz/+uZTE
WiKtxu45yI1x3zyza5aizU4u0q7hW27rt67MnpkNV7zdZrg15npwWvZgP/YyyeAp
XtPXUOcup0/R515UsfcYrVP1iEK8rtU7vXxDefhXen2wN3uNMaDYslnTN4TxzbQ=
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:17:47 2024 by rpki-client on console-ams.rpki-client.org