Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/ee2ebc63-9aa8-4435-8e64-d40af8bb4f69.roa
File:                     ee2ebc63-9aa8-4435-8e64-d40af8bb4f69.roa (raw, json)
Hash identifier:          hPFNBwInAk2CMU3u8htK+Pf1Kk/Akv2pc4xKt0qL/y4=
Subject key identifier:   B5:60:C9:8A:80:10:44:8C:64:EC:04:87:D4:60:05:F7:47:8C:34:94
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       7B8761B462989C69ADE06C59330147C505695927
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/ee2ebc63-9aa8-4435-8e64-d40af8bb4f69.roa
Signing time:             Thu 14 Nov 2024 00:00:00 +0000
ROA not before:           Thu 14 Nov 2024 00:00:00 +0000
ROA not after:            Thu 19 Dec 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f0fb:e900::/40 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 22 Nov 2024 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7b:87:61:b4:62:98:9c:69:ad:e0:6c:59:33:01:47:c5:05:69:59:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Nov 14 00:00:00 2024 GMT
            Not After : Dec 19 23:59:59 2024 GMT
        Subject: serialNumber=41d09d88652d0405170461a7271737cb8e3e750377e5007309e7f589bbaabcf8, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:24:8a:da:53:0b:35:18:28:05:d8:f2:ae:f9:
                    17:07:81:0f:d6:c6:be:3d:ae:8d:53:2e:af:ba:14:
                    68:ba:e0:d7:1f:20:c0:e1:61:9b:43:f5:3f:55:90:
                    22:4a:e1:2d:c9:ca:ce:0f:d6:bb:5c:2c:3b:76:62:
                    b9:a4:3b:94:8c:98:3c:06:88:a0:4b:bb:8f:80:ff:
                    06:c7:6d:21:42:b8:86:67:e6:fa:c7:b9:b6:4f:48:
                    14:22:ee:44:6b:b2:a0:55:9f:68:f4:b8:cf:fb:ac:
                    11:77:c0:7a:12:b3:6c:09:55:98:47:6a:ad:b1:2d:
                    d2:4d:94:1c:5c:b3:3b:ec:5f:d3:ed:4b:f4:97:9b:
                    09:6e:cb:60:04:cd:3f:30:a2:10:a4:ae:32:46:cc:
                    fa:b2:43:73:a3:79:72:4d:4a:2f:44:07:12:8f:0d:
                    55:5f:5d:ec:cb:92:71:09:95:9f:e7:ca:67:cb:01:
                    b6:15:04:49:24:80:6a:3e:d4:0a:12:da:c1:34:17:
                    9d:c4:d8:48:2d:97:b9:dd:b5:f0:aa:dd:14:63:e2:
                    ff:31:96:c6:59:05:56:bd:68:d3:a9:6f:b7:ca:85:
                    c7:a5:f9:2c:e2:fb:22:cc:6e:57:ca:54:bd:43:44:
                    7c:8e:df:3d:f4:fe:a4:05:2b:57:0a:25:d0:5f:f8:
                    8c:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:60:C9:8A:80:10:44:8C:64:EC:04:87:D4:60:05:F7:47:8C:34:94
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/ee2ebc63-9aa8-4435-8e64-d40af8bb4f69.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f0fb:e900::/40

    Signature Algorithm: sha256WithRSAEncryption
         7e:5e:2d:99:2f:84:b6:3e:7e:0a:e9:93:98:d0:fe:85:2f:c9:
         b1:7e:8a:b1:a1:98:a6:84:0f:22:9c:69:73:2c:4d:a4:a2:18:
         d2:bb:b7:a1:4d:51:dd:c9:a8:e9:29:9d:8f:ca:34:11:de:fe:
         d3:ff:47:7e:f2:e6:88:e9:b8:d9:fd:0b:49:09:88:c3:c3:f0:
         bf:ea:05:8f:64:23:d9:d9:92:87:e1:87:b4:e4:9e:c3:d5:9f:
         ec:34:cc:35:f9:ff:ba:4b:dc:57:23:52:0c:5d:54:a0:f7:a0:
         13:8e:bc:e6:75:25:7f:7b:88:5b:20:39:4b:3e:c3:7c:b8:69:
         e0:c3:c5:5d:bc:43:8e:dc:d0:7b:19:6c:c5:01:b7:f5:35:7c:
         ab:04:00:00:aa:c0:5c:1d:6a:cc:fd:72:ae:63:9a:91:56:f9:
         66:f4:4b:92:2d:92:84:4e:1f:09:12:28:ef:8d:7a:67:e8:32:
         e2:49:b9:4d:ff:83:32:2c:b9:2f:d4:94:9e:2c:41:f9:04:a1:
         1b:00:33:26:0c:bf:05:69:38:12:52:ac:d5:36:a2:a2:1e:bd:
         96:8d:50:b0:04:b1:cb:f7:03:51:49:8d:15:4d:00:cd:d3:e5:
         ad:3b:67:56:98:75:98:cb:bb:74:55:8a:4a:60:e9:dc:85:3b:
         67:8e:ca:8d
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUe4dhtGKYnGmt4GxZMwFHxQVpWScwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjQxMTE0MDAwMDAwWhcNMjQxMjE5MjM1OTU5
WjB6MUkwRwYDVQQFE0A0MWQwOWQ4ODY1MmQwNDA1MTcwNDYxYTcyNzE3MzdjYjhl
M2U3NTAzNzdlNTAwNzMwOWU3ZjU4OWJiYWFiY2Y4MS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDMJIraUws1GCgF2PKu+RcHgQ/Wxr49ro1TLq+6FGi64Ncf
IMDhYZtD9T9VkCJK4S3Jys4P1rtcLDt2YrmkO5SMmDwGiKBLu4+A/wbHbSFCuIZn
5vrHubZPSBQi7kRrsqBVn2j0uM/7rBF3wHoSs2wJVZhHaq2xLdJNlBxcszvsX9Pt
S/SXmwluy2AEzT8wohCkrjJGzPqyQ3OjeXJNSi9EBxKPDVVfXezLknEJlZ/nymfL
AbYVBEkkgGo+1AoS2sE0F53E2Egtl7ndtfCq3RRj4v8xlsZZBVa9aNOpb7fKhcel
+Szi+yLMblfKVL1DRHyO3z30/qQFK1cKJdBf+IyPAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUtWDJioAQRIxk7ASH1GAF90eMNJQwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2VlMmViYzYzLTlhYTgtNDQzNS04ZTY0LWQ0MGFmOGJiNGY2OS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAPD76TANBgkqhkiG9w0BAQsFAAOCAQEAfl4tmS+Etj5+CumTmND+hS/J
sX6KsaGYpoQPIpxpcyxNpKIY0ru3oU1R3cmo6Smdj8o0Ed7+0/9HfvLmiOm42f0L
SQmIw8Pwv+oFj2Qj2dmSh+GHtOSew9Wf7DTMNfn/ukvcVyNSDF1UoPegE4685nUl
f3uIWyA5Sz7DfLhp4MPFXbxDjtzQexlsxQG39TV8qwQAAKrAXB1qzP1yrmOakVb5
ZvRLki2ShE4fCRIo7416Z+gy4km5Tf+DMiy5L9SUnixB+QShGwAzJgy/BWk4ElKs
1Taioh69lo1QsASxy/cDUUmNFU0AzdPlrTtnVph1mMu7dFWKSmDp3IU7Z47KjQ==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:23 2024 by rpki-client on console-ams.rpki-client.org