Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/3b1d79f6-944a-4da0-acd2-15477b975226.roa
File:                     3b1d79f6-944a-4da0-acd2-15477b975226.roa (raw, json)
Hash identifier:          s6FKOFPOb3pH19HLYdtYxQvHNMJy12/AZeLY4tE46JI=
Subject key identifier:   3F:31:F5:54:DE:C4:EE:86:7E:DC:D7:AE:67:AF:0A:C2:77:08:1A:DE
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       68409D46BB54F1C490487A219E124AF366E9248B
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/3b1d79f6-944a-4da0-acd2-15477b975226.roa
Signing time:             Mon 06 Jan 2025 00:00:00 +0000
ROA not before:           Mon 06 Jan 2025 00:00:00 +0000
ROA not after:            Mon 10 Feb 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:f0f0:551b::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Jan 2025 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            68:40:9d:46:bb:54:f1:c4:90:48:7a:21:9e:12:4a:f3:66:e9:24:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Jan  6 00:00:00 2025 GMT
            Not After : Feb 10 23:59:59 2025 GMT
        Subject: serialNumber=474b241b1eca18cf7664045d571e4c3f42d7e7ff46ea00d959567c5382cf93f4, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:54:4e:6f:f4:08:b8:db:eb:50:b2:a2:7e:e3:
                    de:c0:19:55:20:39:83:bb:2c:6a:da:0d:06:96:82:
                    74:3f:47:0c:ee:12:e5:13:6b:80:c7:ac:43:b3:5e:
                    40:1d:17:f8:81:23:9c:61:48:48:29:f7:8e:f3:30:
                    38:95:16:70:10:c0:13:db:81:cc:c7:b0:39:45:95:
                    81:7c:f3:81:46:95:40:4c:4e:e6:5d:0e:86:fe:4a:
                    f5:d6:c4:f9:a8:04:8f:36:86:40:c4:3f:f5:88:ab:
                    42:13:d1:8f:05:5d:8e:e1:45:44:18:0b:fc:37:09:
                    d6:9e:e8:f8:2c:ea:8d:00:d1:71:9b:7a:c0:94:7b:
                    a5:16:82:13:54:33:f2:2d:b3:df:15:29:e6:3c:ed:
                    8f:98:2c:8b:1e:b0:06:eb:83:3d:5c:35:03:0d:3a:
                    b2:d4:c5:66:1b:0f:4a:2d:41:18:34:b6:e9:d5:da:
                    aa:90:d6:b8:31:74:c7:67:b9:b0:1a:5f:18:34:cd:
                    7d:2b:eb:f7:c2:92:45:a4:c2:7b:08:0b:da:8a:08:
                    c9:58:0b:3f:8c:e2:3b:3d:b4:68:0b:4c:f4:40:2c:
                    5a:18:f5:86:15:5c:79:ef:1c:91:0f:2f:e7:90:ab:
                    0e:1e:f8:96:0c:e0:34:d1:8a:be:e6:bf:1e:37:11:
                    17:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:31:F5:54:DE:C4:EE:86:7E:DC:D7:AE:67:AF:0A:C2:77:08:1A:DE
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/3b1d79f6-944a-4da0-acd2-15477b975226.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:551b::/48

    Signature Algorithm: sha256WithRSAEncryption
         37:6a:ba:86:11:47:d2:02:6d:6a:b5:62:4c:ec:3a:f1:3f:4c:
         25:67:e9:89:2f:07:68:1b:d0:cb:41:89:79:23:cd:ef:ae:e1:
         31:0f:1a:cc:47:b8:28:38:bc:3d:a1:65:af:cd:ea:17:c1:bb:
         d4:62:73:54:9a:33:26:22:56:1b:e8:80:b2:83:f9:91:59:67:
         3c:75:1b:20:36:c0:19:5d:c0:7d:55:e3:ca:6e:a0:3a:19:d2:
         4a:bf:2a:a4:fb:37:61:b7:0c:8f:8c:ae:00:50:50:35:07:00:
         dc:45:53:b8:d8:d8:2f:52:bc:02:34:e4:4c:6a:0b:25:8b:00:
         00:a5:40:c9:02:8d:2d:5e:70:01:7d:55:b8:64:60:c8:6e:7a:
         f7:c9:c8:cd:8b:0e:14:fe:57:f6:4a:f4:d0:3b:60:df:00:88:
         f2:78:e4:aa:2e:1c:8a:0f:54:77:0b:0f:8c:f3:ca:0d:f2:0e:
         08:bb:81:65:b3:4d:33:71:b5:fe:bf:f9:70:e7:95:cf:6c:b7:
         cf:52:15:26:03:4e:13:34:1e:5a:d0:fb:96:c6:9d:b4:e4:d4:
         cd:d8:ad:8c:a9:59:f8:e7:d4:50:06:2a:de:0e:bd:83:f7:ec:
         0e:01:3e:91:46:6d:c7:a9:97:f2:b5:37:e4:8e:4c:12:5d:7e:
         db:9c:35:0f
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUaECdRrtU8cSQSHohnhJK82bpJIswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwMTA2MDAwMDAwWhcNMjUwMjEwMjM1OTU5
WjB6MUkwRwYDVQQFE0A0NzRiMjQxYjFlY2ExOGNmNzY2NDA0NWQ1NzFlNGMzZjQy
ZDdlN2ZmNDZlYTAwZDk1OTU2N2M1MzgyY2Y5M2Y0MS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC/VE5v9Ai42+tQsqJ+497AGVUgOYO7LGraDQaWgnQ/Rwzu
EuUTa4DHrEOzXkAdF/iBI5xhSEgp947zMDiVFnAQwBPbgczHsDlFlYF884FGlUBM
TuZdDob+SvXWxPmoBI82hkDEP/WIq0IT0Y8FXY7hRUQYC/w3Cdae6Pgs6o0A0XGb
esCUe6UWghNUM/Its98VKeY87Y+YLIsesAbrgz1cNQMNOrLUxWYbD0otQRg0tunV
2qqQ1rgxdMdnubAaXxg0zX0r6/fCkkWkwnsIC9qKCMlYCz+M4js9tGgLTPRALFoY
9YYVXHnvHJEPL+eQqw4e+JYM4DTRir7mvx43ERdHAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUPzH1VN7E7oZ+3NeuZ68KwncIGt4wHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2LzNiMWQ3OWY2LTk0NGEtNGRhMC1hY2QyLTE1NDc3Yjk3NTIyNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDwVRswDQYJKoZIhvcNAQELBQADggEBADdquoYRR9ICbWq1YkzsOvE/
TCVn6YkvB2gb0MtBiXkjze+u4TEPGsxHuCg4vD2hZa/N6hfBu9Ric1SaMyYiVhvo
gLKD+ZFZZzx1GyA2wBldwH1V48puoDoZ0kq/KqT7N2G3DI+MrgBQUDUHANxFU7jY
2C9SvAI05ExqCyWLAAClQMkCjS1ecAF9VbhkYMhuevfJyM2LDhT+V/ZK9NA7YN8A
iPJ45KouHIoPVHcLD4zzyg3yDgi7gWWzTTNxtf6/+XDnlc9st89SFSYDThM0HlrQ
+5bGnbTk1M3YrYypWfjn1FAGKt4OvYP37A4BPpFGbcepl/K1N+SOTBJdftucNQ8=
-----END CERTIFICATE-----
Generated at Sat Jan 18 02:06:47 2025 by rpki-client on console-fra.rpki-client.org