Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/5092db22-16ba-4869-b345-e9a2358b398a.roa
File:                     5092db22-16ba-4869-b345-e9a2358b398a.roa (raw, json)
Hash identifier:          qzHmZwqv+eFj4kUffSHaOE1QF7TxP5vWcXIQiiptDLg=
Subject key identifier:   7B:16:AF:1C:54:25:F7:AB:D2:08:8C:3C:83:FD:A8:9D:09:1D:B3:46
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       76DFB3C3A1F76E58971F2F199D05F657CA97C6DE
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/5092db22-16ba-4869-b345-e9a2358b398a.roa
Signing time:             Wed 13 Mar 2024 00:00:00 +0000
ROA not before:           Wed 13 Mar 2024 00:00:00 +0000
ROA not after:            Wed 17 Apr 2024 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:f000::/24 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 30 Mar 2024 12:02:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            76:df:b3:c3:a1:f7:6e:58:97:1f:2f:19:9d:05:f6:57:ca:97:c6:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Mar 13 00:00:00 2024 GMT
            Not After : Apr 17 23:59:59 2024 GMT
        Subject: serialNumber=383e177740b289c6d364ef2aa1426369e0369960cd28fc79c23a0e6366885ab0, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:27:ab:ad:c5:fe:7f:83:d9:7a:26:9b:54:12:
                    90:23:02:9e:75:d3:11:ca:1f:e8:c1:b4:54:70:70:
                    4e:17:37:64:4d:03:d9:96:82:b0:57:2a:5a:22:5b:
                    a9:29:c1:2f:05:3d:ae:43:11:ae:9a:40:1c:46:e4:
                    05:c8:5d:05:83:19:9e:f9:64:47:b1:d9:2c:0e:0f:
                    bb:ec:4e:13:77:83:2e:78:12:59:ea:2d:36:41:4c:
                    b0:e0:a0:92:71:8c:b0:00:10:0b:9f:19:b1:60:4a:
                    2d:1c:00:0a:60:14:e5:e8:e7:8f:a2:3f:86:38:32:
                    11:48:38:78:c3:be:c8:88:d4:64:ca:4c:12:06:90:
                    ea:73:b2:a4:03:d4:57:a1:3d:f4:25:60:7a:be:fd:
                    fb:b2:c8:4c:72:d2:4b:aa:e8:42:91:e2:36:4e:4d:
                    42:8d:0b:46:6e:e3:22:18:ef:ef:b9:ad:07:bb:89:
                    4c:48:f1:87:ee:22:5e:da:b7:01:11:93:fd:1c:2b:
                    d4:27:1b:bd:54:75:74:d3:4b:a5:75:2f:87:39:e6:
                    0d:c0:a6:0c:c3:0d:28:3a:69:08:04:2e:5e:39:ed:
                    c8:12:fd:4e:0c:0a:78:06:92:3c:28:f7:e2:87:30:
                    8e:3e:50:36:bd:d6:dd:d6:ab:5f:ad:d4:0e:73:ba:
                    49:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:16:AF:1C:54:25:F7:AB:D2:08:8C:3C:83:FD:A8:9D:09:1D:B3:46
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/5092db22-16ba-4869-b345-e9a2358b398a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f000::/24

    Signature Algorithm: sha256WithRSAEncryption
         42:4b:28:a3:2b:24:86:4e:2e:2b:39:7d:de:c2:d0:92:77:b8:
         6a:ee:6b:a1:79:86:8c:2a:89:1c:04:53:b8:ca:d2:70:d2:b0:
         4f:65:e5:fb:83:0f:a8:72:88:9b:6f:4e:bc:af:34:32:46:0a:
         bb:6c:21:3c:5d:b0:32:35:9d:c0:fc:36:74:5b:72:ea:c5:85:
         6b:f8:7b:2a:38:cb:11:a9:fb:ed:1d:71:7e:20:7d:65:5e:ea:
         8c:a3:d6:a3:cb:dd:b9:df:d6:ac:51:bb:c9:6c:ad:eb:ad:b8:
         cd:95:cd:8c:12:9a:d4:54:f0:dd:20:59:ef:45:bb:7a:4a:a0:
         58:5f:18:00:86:09:d5:c6:67:b4:49:74:bf:d8:8c:74:39:09:
         a1:17:cb:42:03:f9:68:66:78:87:83:df:71:28:59:85:83:d5:
         4f:26:f9:78:76:84:35:2b:f4:b7:cd:3d:fa:ba:39:71:84:70:
         26:6a:0a:35:44:27:06:da:2f:89:8b:80:6c:31:0c:79:a2:8c:
         20:5f:26:6d:8b:b9:d6:1c:b7:cd:a1:84:37:f1:ce:62:50:83:
         84:df:5c:d7:2c:02:55:c4:f5:95:ce:f6:ac:f9:83:ff:3f:79:
         90:16:2a:e0:f7:64:99:86:0e:ca:91:bd:ec:4f:3d:2a:b4:9b:
         38:40:e3:8f
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUdt+zw6H3bliXHy8ZnQX2V8qXxt4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjQwMzEzMDAwMDAwWhcNMjQwNDE3MjM1OTU5
WjB6MUkwRwYDVQQFE0AzODNlMTc3NzQwYjI4OWM2ZDM2NGVmMmFhMTQyNjM2OWUw
MzY5OTYwY2QyOGZjNzljMjNhMGU2MzY2ODg1YWIwMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDBJ6utxf5/g9l6JptUEpAjAp510xHKH+jBtFRwcE4XN2RN
A9mWgrBXKloiW6kpwS8FPa5DEa6aQBxG5AXIXQWDGZ75ZEex2SwOD7vsThN3gy54
ElnqLTZBTLDgoJJxjLAAEAufGbFgSi0cAApgFOXo54+iP4Y4MhFIOHjDvsiI1GTK
TBIGkOpzsqQD1FehPfQlYHq+/fuyyExy0kuq6EKR4jZOTUKNC0Zu4yIY7++5rQe7
iUxI8YfuIl7atwERk/0cK9QnG71UdXTTS6V1L4c55g3ApgzDDSg6aQgELl457cgS
/U4MCngGkjwo9+KHMI4+UDa91t3Wq1+t1A5zukmrAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUexavHFQl96vSCIw8g/2onQkds0YwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2LzUwOTJkYjIyLTE2YmEtNDg2OS1iMzQ1LWU5YTIzNThiMzk4YS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAC
MAYDBAAmAPAwDQYJKoZIhvcNAQELBQADggEBAEJLKKMrJIZOLis5fd7C0JJ3uGru
a6F5howqiRwEU7jK0nDSsE9l5fuDD6hyiJtvTryvNDJGCrtsITxdsDI1ncD8NnRb
curFhWv4eyo4yxGp++0dcX4gfWVe6oyj1qPL3bnf1qxRu8lsreutuM2VzYwSmtRU
8N0gWe9Fu3pKoFhfGACGCdXGZ7RJdL/YjHQ5CaEXy0ID+WhmeIeD33EoWYWD1U8m
+Xh2hDUr9LfNPfq6OXGEcCZqCjVEJwbaL4mLgGwxDHmijCBfJm2LudYct82hhDfx
zmJQg4TfXNcsAlXE9ZXO9qz5g/8/eZAWKuD3ZJmGDsqRvexPPSq0mzhA448=
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:37:35 2024 by rpki-client on console-fra.rpki-client.org