Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/0b89c4fe-6730-4f60-bc4c-ea16b19c2c3c.roa
File:                     0b89c4fe-6730-4f60-bc4c-ea16b19c2c3c.roa (raw, json)
Hash identifier:          vXyjuL+ACm3/cQKE++IXjr4uohKLBWnQxgpVtC4ue3w=
Subject key identifier:   E8:52:49:AD:E1:2B:B4:AA:48:83:1D:9B:2A:A4:DC:0D:E8:7C:3C:AA
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       32527B80289508688BB6007BE2827E82A16F5084
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/0b89c4fe-6730-4f60-bc4c-ea16b19c2c3c.roa
Signing time:             Mon 13 Jan 2025 00:00:00 +0000
ROA not before:           Mon 13 Jan 2025 00:00:00 +0000
ROA not after:            Mon 17 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0f0:20::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Jan 2025 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            32:52:7b:80:28:95:08:68:8b:b6:00:7b:e2:82:7e:82:a1:6f:50:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Jan 13 00:00:00 2025 GMT
            Not After : Feb 17 23:59:59 2025 GMT
        Subject: serialNumber=b74a3be94d4d01d662182e327b3f96d83cd732004863a752733abdbffd0289c9, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:d9:77:2b:9f:2c:35:a0:fb:b6:1c:f3:0c:04:
                    c4:b5:13:b0:d6:13:dc:d9:69:ec:3a:48:be:a3:0a:
                    28:08:35:90:4a:13:8a:be:26:70:00:bf:a8:47:3b:
                    71:a1:53:1f:17:8d:59:88:91:58:96:d3:f3:2c:f3:
                    03:5d:89:72:21:d5:85:e5:7c:4b:91:d6:ac:ea:3d:
                    2c:15:79:01:9c:5f:a6:45:0e:bc:ff:17:22:87:80:
                    ff:4f:05:af:76:67:41:f4:e8:54:de:7a:8f:fd:7a:
                    62:ca:01:6a:ed:5e:54:64:9c:97:c0:9c:8d:70:4f:
                    62:1c:fd:09:d2:80:e1:6f:6d:18:15:9e:1d:eb:c0:
                    6f:36:61:74:82:ee:86:2b:d0:ee:d9:ab:48:6a:54:
                    f1:b7:d9:f7:62:dd:2e:78:3f:d2:58:48:f8:9e:66:
                    d2:30:cb:a3:57:d1:2e:79:3b:12:cc:64:c2:37:7d:
                    cd:ce:6c:ac:29:91:15:84:5c:05:69:c9:f4:f5:26:
                    1c:53:94:b9:58:4d:d4:31:85:53:21:d1:51:ba:46:
                    8a:ab:e3:d9:93:3d:b7:7f:2b:8c:12:51:b0:04:3d:
                    fc:b2:47:c0:50:cc:7a:c8:0e:21:31:29:a6:dc:46:
                    10:a4:c9:52:d3:45:55:f2:84:2e:03:6b:f9:95:91:
                    a8:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:52:49:AD:E1:2B:B4:AA:48:83:1D:9B:2A:A4:DC:0D:E8:7C:3C:AA
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/0b89c4fe-6730-4f60-bc4c-ea16b19c2c3c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:20::/48

    Signature Algorithm: sha256WithRSAEncryption
         30:43:a4:fb:a7:5a:9a:5c:d1:b9:79:e5:49:fd:bc:3d:20:53:
         2c:d0:98:75:e1:92:5a:f2:43:53:cb:cf:5c:5b:80:2b:00:b5:
         86:e2:9f:9d:48:cd:03:38:24:66:86:f4:47:52:63:c4:c5:fd:
         7b:31:ce:bb:bc:6f:83:18:2d:d3:fd:fb:4b:18:8c:6f:be:4f:
         f7:fe:53:4b:d4:bc:fd:83:4d:5b:2f:94:ef:4c:d2:60:82:bb:
         c7:d9:32:c3:13:61:c0:16:9c:f7:5c:20:d0:12:fb:d3:af:b1:
         c3:0a:de:46:37:85:36:b7:1c:db:53:9a:f8:45:14:67:fe:87:
         c4:d8:32:4f:f7:e3:e5:e0:bd:ce:af:5f:1c:65:60:42:48:9f:
         ca:77:b2:55:60:64:8b:72:5b:f6:e1:9c:d3:60:d9:3f:d0:31:
         38:9c:6b:d1:c3:41:6b:c2:4a:4a:fc:65:d2:3c:90:da:ea:46:
         96:e3:ad:8e:79:ac:65:a5:72:ce:92:a5:9f:ad:3f:2b:7d:eb:
         05:9c:70:cc:fb:e6:f5:10:bf:8f:4b:f8:22:3e:46:ef:a1:7f:
         69:c7:e6:de:ad:03:c0:f7:6a:1c:cf:ff:ac:af:93:3e:88:fc:
         c0:42:d6:6c:df:37:e6:e0:9d:91:e1:5d:19:34:55:ce:19:a0:
         58:4b:77:e0
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUMlJ7gCiVCGiLtgB74oJ+gqFvUIQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwMTEzMDAwMDAwWhcNMjUwMjE3MjM1OTU5
WjB6MUkwRwYDVQQFE0BiNzRhM2JlOTRkNGQwMWQ2NjIxODJlMzI3YjNmOTZkODNj
ZDczMjAwNDg2M2E3NTI3MzNhYmRiZmZkMDI4OWM5MS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDG2Xcrnyw1oPu2HPMMBMS1E7DWE9zZaew6SL6jCigINZBK
E4q+JnAAv6hHO3GhUx8XjVmIkViW0/Ms8wNdiXIh1YXlfEuR1qzqPSwVeQGcX6ZF
Drz/FyKHgP9PBa92Z0H06FTeeo/9emLKAWrtXlRknJfAnI1wT2Ic/QnSgOFvbRgV
nh3rwG82YXSC7oYr0O7Zq0hqVPG32fdi3S54P9JYSPieZtIwy6NX0S55OxLMZMI3
fc3ObKwpkRWEXAVpyfT1JhxTlLlYTdQxhVMh0VG6Roqr49mTPbd/K4wSUbAEPfyy
R8BQzHrIDiExKabcRhCkyVLTRVXyhC4Da/mVkahxAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQU6FJJreErtKpIgx2bKqTcDeh8PKowHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2LzBiODljNGZlLTY3MzAtNGY2MC1iYzRjLWVhMTZiMTljMmMzYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDwACAwDQYJKoZIhvcNAQELBQADggEBADBDpPunWppc0bl55Un9vD0g
UyzQmHXhklryQ1PLz1xbgCsAtYbin51IzQM4JGaG9EdSY8TF/Xsxzru8b4MYLdP9
+0sYjG++T/f+U0vUvP2DTVsvlO9M0mCCu8fZMsMTYcAWnPdcINAS+9OvscMK3kY3
hTa3HNtTmvhFFGf+h8TYMk/34+Xgvc6vXxxlYEJIn8p3slVgZItyW/bhnNNg2T/Q
MTica9HDQWvCSkr8ZdI8kNrqRpbjrY55rGWlcs6SpZ+tPyt96wWccMz75vUQv49L
+CI+Ru+hf2nH5t6tA8D3ahzP/6yvkz6I/MBC1mzfN+bgnZHhXRk0Vc4ZoFhLd+A=
-----END CERTIFICATE-----
Generated at Sat Jan 18 02:06:47 2025 by rpki-client on console-fra.rpki-client.org