Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/b4163a38-a8e2-48d9-855f-dd53ae7f6dcf.roa
File:                     b4163a38-a8e2-48d9-855f-dd53ae7f6dcf.roa (raw, json)
Hash identifier:          kge24Bpe8rva3YBJn3RuiJY9hsqN6Md2+paMJ2hAwkg=
Subject key identifier:   47:D4:40:5B:0E:06:D4:E6:8A:4E:FB:21:71:90:AB:3F:8F:A8:DF:5D
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       4FE11DE9AD3A702934BB438B1F6377E1CFB9800B
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/b4163a38-a8e2-48d9-855f-dd53ae7f6dcf.roa
Signing time:             Sat 13 Apr 2024 00:00:00 +0000
ROA not before:           Sat 13 Apr 2024 00:00:00 +0000
ROA not after:            Sat 18 May 2024 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:f0f1:8801::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 03 May 2024 13:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4f:e1:1d:e9:ad:3a:70:29:34:bb:43:8b:1f:63:77:e1:cf:b9:80:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Apr 13 00:00:00 2024 GMT
            Not After : May 18 23:59:59 2024 GMT
        Subject: serialNumber=706a3f4769d22b863dc102f25a6e337a2dbdfe00a12cc64c2799741f07487332, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:7e:84:00:08:9f:73:7a:ad:ef:b6:88:8b:d3:
                    10:0b:3d:a8:f3:53:65:dc:d2:79:c0:8a:3b:5c:bc:
                    90:48:ba:68:90:36:a6:f5:63:20:86:81:dd:49:d7:
                    00:79:79:96:8b:95:47:56:7a:d7:28:46:67:4f:e4:
                    59:c9:14:9b:43:36:49:c8:de:54:99:fb:a4:b2:97:
                    9c:40:f4:a0:68:6c:d4:32:51:24:e8:45:e9:d0:ec:
                    7d:6c:f7:fc:e2:92:b8:ee:7a:d6:4f:a6:95:63:80:
                    48:6a:68:5c:85:f3:d0:0d:14:9e:de:0b:03:71:ab:
                    ab:bb:75:b5:ce:b6:4b:28:13:01:b9:d7:be:74:a2:
                    9e:95:4a:84:8f:60:eb:a8:4e:5e:65:98:76:46:8d:
                    6d:be:26:fe:94:80:1d:87:a8:55:d9:41:d8:79:72:
                    ef:1a:d4:14:2a:3b:5b:2e:bb:e0:41:8e:dd:98:8e:
                    3f:d5:2b:8c:98:78:7f:17:48:a4:e3:46:ad:89:99:
                    37:9e:1b:de:63:01:62:e4:13:9f:f3:fc:fd:63:81:
                    4e:bc:52:e7:77:01:70:44:8e:bb:e2:2d:c0:be:48:
                    bf:4c:3a:40:39:96:8b:da:21:23:00:77:91:07:bc:
                    12:6c:1e:78:8c:6b:77:6f:2f:d7:78:f7:84:f4:e3:
                    2d:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:D4:40:5B:0E:06:D4:E6:8A:4E:FB:21:71:90:AB:3F:8F:A8:DF:5D
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/b4163a38-a8e2-48d9-855f-dd53ae7f6dcf.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0f1:8801::/48

    Signature Algorithm: sha256WithRSAEncryption
         72:b8:dc:68:81:a4:5d:d1:e3:22:28:af:c0:1c:36:f0:19:45:
         89:e1:f4:01:68:c6:09:76:5e:01:db:08:85:83:a1:80:37:bb:
         26:4f:9b:0b:0d:e8:37:87:78:07:5a:ba:08:6b:66:7b:57:66:
         a2:10:35:44:d2:97:5d:bc:22:ff:36:15:6e:bf:7c:2b:e1:0b:
         ce:44:fe:e5:2b:e8:06:2d:a6:3e:3b:3e:45:e0:54:6c:25:ad:
         ba:3a:33:6a:a1:d5:0a:f1:dd:83:b8:ed:de:cb:5d:cf:01:ce:
         2e:2a:da:52:ab:af:bd:57:8e:0f:5b:e4:47:7c:13:59:ac:95:
         c5:77:09:fc:39:f9:f3:66:ae:f9:9e:80:e8:ae:93:8b:fc:b3:
         2f:0e:50:42:89:67:9f:ac:b6:04:99:a3:76:8e:9a:3b:32:f0:
         5f:9b:bd:00:2f:d0:49:d6:ec:74:e6:a6:62:d1:84:42:30:6e:
         92:13:1c:89:5b:20:f7:da:df:c2:bb:88:88:ae:b2:cf:34:bc:
         2a:bd:0a:5f:81:f0:65:84:ef:5d:a8:8f:c5:10:76:0b:bd:2a:
         33:c4:1f:53:1e:7b:17:31:fe:6d:96:b1:90:94:6a:ec:ce:05:
         07:18:e9:18:45:02:de:18:37:87:6c:00:5a:78:e2:c4:b1:ec:
         01:51:27:e4
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUT+Ed6a06cCk0u0OLH2N34c+5gAswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjQwNDEzMDAwMDAwWhcNMjQwNTE4MjM1OTU5
WjB6MUkwRwYDVQQFE0A3MDZhM2Y0NzY5ZDIyYjg2M2RjMTAyZjI1YTZlMzM3YTJk
YmRmZTAwYTEyY2M2NGMyNzk5NzQxZjA3NDg3MzMyMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDlfoQACJ9zeq3vtoiL0xALPajzU2Xc0nnAijtcvJBIumiQ
Nqb1YyCGgd1J1wB5eZaLlUdWetcoRmdP5FnJFJtDNknI3lSZ+6Syl5xA9KBobNQy
USToRenQ7H1s9/zikrjuetZPppVjgEhqaFyF89ANFJ7eCwNxq6u7dbXOtksoEwG5
1750op6VSoSPYOuoTl5lmHZGjW2+Jv6UgB2HqFXZQdh5cu8a1BQqO1suu+BBjt2Y
jj/VK4yYeH8XSKTjRq2JmTeeG95jAWLkE5/z/P1jgU68Uud3AXBEjrviLcC+SL9M
OkA5lovaISMAd5EHvBJsHniMa3dvL9d494T04y05AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUR9RAWw4G1OaKTvshcZCrP4+o310wHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2I0MTYzYTM4LWE4ZTItNDhkOS04NTVmLWRkNTNhZTdmNmRjZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDxiAEwDQYJKoZIhvcNAQELBQADggEBAHK43GiBpF3R4yIor8AcNvAZ
RYnh9AFoxgl2XgHbCIWDoYA3uyZPmwsN6DeHeAdaughrZntXZqIQNUTSl128Iv82
FW6/fCvhC85E/uUr6AYtpj47PkXgVGwlrbo6M2qh1Qrx3YO47d7LXc8Bzi4q2lKr
r71Xjg9b5Ed8E1mslcV3Cfw5+fNmrvmegOiuk4v8sy8OUEKJZ5+stgSZo3aOmjsy
8F+bvQAv0EnW7HTmpmLRhEIwbpITHIlbIPfa38K7iIiuss80vCq9Cl+B8GWE712o
j8UQdgu9KjPEH1Meexcx/m2WsZCUauzOBQcY6RhFAt4YN4dsAFp44sSx7AFRJ+Q=
-----END CERTIFICATE-----