Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/73712e14-51d5-41db-bcf2-73aa504e6eab.roa
File:                     73712e14-51d5-41db-bcf2-73aa504e6eab.roa (raw, json)
Hash identifier:          Q/xB4jq4FsqFKahGsYgcXNfYxfoE4dwgP5VGirkQaSM=
Subject key identifier:   FF:E8:11:FF:E4:28:9C:50:E3:A1:02:2E:E1:E1:76:BF:91:39:52:81
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       01C4A62AAB5FDDE4C047CB9117F37E35F77BA05E
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/73712e14-51d5-41db-bcf2-73aa504e6eab.roa
Signing time:             Wed 05 Feb 2025 00:00:00 +0000
ROA not before:           Wed 05 Feb 2025 00:00:00 +0000
ROA not after:            Wed 12 Mar 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:f0f0:80::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 17 Feb 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:c4:a6:2a:ab:5f:dd:e4:c0:47:cb:91:17:f3:7e:35:f7:7b:a0:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Feb  5 00:00:00 2025 GMT
            Not After : Mar 12 23:59:59 2025 GMT
        Subject: CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:f2:3b:59:9d:2b:89:38:08:cb:8d:41:67:15:
                    4a:cd:b0:fe:b2:a1:8f:d5:82:95:ad:ca:4d:17:ed:
                    36:c9:e5:d2:d4:af:b7:2e:6b:f3:c1:9a:d0:e2:5f:
                    d9:39:5a:37:5a:e5:33:dd:33:86:a0:64:7e:27:cc:
                    72:78:7d:8f:89:fc:50:1b:81:e6:b5:b3:86:69:89:
                    81:3b:d8:68:dc:57:56:d5:d9:e8:2c:5d:13:8e:62:
                    e2:65:dc:47:cd:f7:e0:c5:7e:84:5f:7b:b4:b6:28:
                    83:36:27:95:e8:a3:86:2c:42:26:bb:9c:4f:43:f3:
                    d1:95:92:98:a4:7d:fd:4f:f9:7a:29:2b:3c:dc:0b:
                    33:1f:2b:4b:e1:32:d1:93:73:b4:b1:8c:63:09:05:
                    57:83:e6:d1:e2:28:cf:39:84:94:b6:8f:ba:c9:6e:
                    e0:2d:b3:49:f3:fa:c1:4e:5e:c3:12:f7:6f:97:01:
                    0d:ec:d3:2f:ca:ea:cf:51:21:36:cb:fd:17:58:58:
                    43:dd:1a:8f:33:0b:ff:4e:7c:2e:b2:3b:90:a6:94:
                    de:12:50:cc:4d:fb:0c:d3:43:ee:a3:de:ea:02:58:
                    00:b5:be:81:cf:a1:4f:00:8c:24:2f:f7:97:17:c9:
                    b3:1c:a0:a7:b6:66:37:a3:6c:47:3c:76:bd:31:05:
                    18:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:E8:11:FF:E4:28:9C:50:E3:A1:02:2E:E1:E1:76:BF:91:39:52:81
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/73712e14-51d5-41db-bcf2-73aa504e6eab.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f0:80::/48

    Signature Algorithm: sha256WithRSAEncryption
         7c:e9:6e:e4:8e:79:5b:67:fb:5a:9c:ca:58:c1:c9:6c:b7:f6:
         74:7f:7e:0a:c0:96:0b:57:2f:18:f6:c7:94:ab:e3:47:e3:4c:
         79:98:e0:33:6d:9b:1c:b9:fa:fb:a8:21:61:82:44:6d:6a:2b:
         1c:9a:f5:58:e1:bb:88:ef:ec:f1:48:d4:1b:d2:c3:b8:fd:f6:
         16:fa:e3:d4:f6:7c:ad:56:7d:d2:91:4a:6c:35:ff:9c:3f:f4:
         b2:a3:c5:4b:2c:94:d6:21:23:75:35:b4:12:df:b9:31:6a:03:
         da:bb:da:1d:74:b9:2b:cf:f4:84:51:5c:36:48:4a:63:44:86:
         bd:a6:5f:99:2a:8a:71:28:fb:a9:1d:3f:b7:52:4a:ef:c9:7a:
         06:9c:d2:15:1f:e0:cb:ba:5e:04:2c:6f:42:2b:15:53:af:7f:
         fe:67:9e:b9:01:27:90:83:c0:9f:5a:d1:2b:3c:20:fe:b9:ea:
         2b:fc:fb:fa:93:a0:4a:c6:c4:8a:b8:e2:c3:67:48:ed:da:82:
         93:84:a1:22:99:7b:2b:f1:60:cf:49:53:3f:24:d2:5b:10:fe:
         02:a5:f2:0b:48:2f:b2:99:d9:19:e0:b0:89:c6:6c:3c:c9:0a:
         94:39:a2:50:5b:4b:78:5d:23:58:c8:74:ec:85:e0:99:f8:82:
         a3:d2:e1:eb
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUAcSmKqtf3eTAR8uRF/N+Nfd7oF4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwMjA1MDAwMDAwWhcNMjUwMzEyMjM1OTU5
WjB6MUkwRwYDVQQFE0BmNzIwMWJkNTA1NWMzMDcxYTgxNDM4NzI2NDhkOTUzMTll
MjJjMGUzYjU4YmEyOTQzY2JmYWI0MTAwYTYyZGJjMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDj8jtZnSuJOAjLjUFnFUrNsP6yoY/VgpWtyk0X7TbJ5dLU
r7cua/PBmtDiX9k5Wjda5TPdM4agZH4nzHJ4fY+J/FAbgea1s4ZpiYE72GjcV1bV
2egsXROOYuJl3EfN9+DFfoRfe7S2KIM2J5Xoo4YsQia7nE9D89GVkpikff1P+Xop
KzzcCzMfK0vhMtGTc7SxjGMJBVeD5tHiKM85hJS2j7rJbuAts0nz+sFOXsMS92+X
AQ3s0y/K6s9RITbL/RdYWEPdGo8zC/9OfC6yO5CmlN4SUMxN+wzTQ+6j3uoCWAC1
voHPoU8AjCQv95cXybMcoKe2ZjejbEc8dr0xBRhTAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQU/+gR/+QonFDjoQIu4eF2v5E5UoEwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2LzczNzEyZTE0LTUxZDUtNDFkYi1iY2YyLTczYWE1MDRlNmVhYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDwAIAwDQYJKoZIhvcNAQELBQADggEBAHzpbuSOeVtn+1qcyljByWy3
9nR/fgrAlgtXLxj2x5Sr40fjTHmY4DNtmxy5+vuoIWGCRG1qKxya9Vjhu4jv7PFI
1BvSw7j99hb649T2fK1WfdKRSmw1/5w/9LKjxUsslNYhI3U1tBLfuTFqA9q72h10
uSvP9IRRXDZISmNEhr2mX5kqinEo+6kdP7dSSu/Jegac0hUf4Mu6XgQsb0IrFVOv
f/5nnrkBJ5CDwJ9a0Ss8IP656iv8+/qToErGxIq44sNnSO3agpOEoSKZeyvxYM9J
Uz8k0lsQ/gKl8gtIL7KZ2RngsInGbDzJCpQ5olBbS3hdI1jIdOyF4Jn4gqPS4es=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:23:40 2025 by rpki-client