Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/0f6b659b-9df4-477a-a87b-b8bcd08d670e.roa
File:                     0f6b659b-9df4-477a-a87b-b8bcd08d670e.roa (raw, json)
Hash identifier:          iOg8GKrnDxOdpv2ke7xupOP1sNjFz68lJhVyk5pPaV0=
Subject key identifier:   54:77:6D:18:37:17:54:54:AA:1B:EE:9C:CB:0A:EF:3E:96:61:E0:DC
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       248BA51CF00011ECE2108A882033C69481AEE187
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/0f6b659b-9df4-477a-a87b-b8bcd08d670e.roa
Signing time:             Wed 27 Mar 2024 00:00:00 +0000
ROA not before:           Wed 27 Mar 2024 00:00:00 +0000
ROA not after:            Wed 01 May 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        2605:9cc0:402::/47 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 29 Mar 2024 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            24:8b:a5:1c:f0:00:11:ec:e2:10:8a:88:20:33:c6:94:81:ae:e1:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Mar 27 00:00:00 2024 GMT
            Not After : May  1 23:59:59 2024 GMT
        Subject: serialNumber=396a3d34bb30b4a993fdbebaef5ba5d3387343c28242a324bda04e38880dd833, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:f3:79:d8:b8:75:4b:f1:4f:44:14:c0:56:2f:
                    49:65:0d:c7:96:7b:df:9d:de:7e:9b:82:30:0d:a6:
                    65:a0:ed:e5:5b:48:ac:d3:26:92:a9:77:08:df:6e:
                    2b:b8:7e:d2:73:20:fa:5c:cc:06:09:c5:e7:0d:c0:
                    0c:dd:df:cf:0f:03:e4:c9:03:eb:4a:6d:27:b9:88:
                    75:97:7b:95:b0:82:38:0b:7d:a5:ba:76:1d:02:66:
                    e9:af:4c:f4:59:bf:3f:6c:fa:32:aa:59:0c:a1:01:
                    46:ac:c2:e6:b1:4a:9f:77:2c:45:0c:5d:79:a6:47:
                    c5:5e:e6:cd:72:ea:8f:0a:1b:de:ad:cc:c5:3b:56:
                    1e:c1:95:e7:9c:5d:e4:88:7d:5f:2d:90:7a:52:db:
                    74:94:22:d2:22:0c:f0:9a:d6:6c:c6:91:df:61:a7:
                    14:f8:22:50:80:96:0c:a7:c5:24:20:cc:d3:b2:9b:
                    c8:0e:f8:d9:78:bc:95:a7:50:23:f2:da:2b:2a:65:
                    78:86:31:9d:2c:50:cb:66:ce:ad:d9:62:b1:30:c6:
                    ab:3c:88:66:1c:3e:bb:2b:81:fa:0e:8d:d5:ff:15:
                    b0:fd:6a:a4:98:ae:fe:de:d6:13:51:62:26:f3:85:
                    4a:ba:0c:9c:d7:d1:b6:4f:83:50:a9:ca:50:a2:cb:
                    8f:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:77:6D:18:37:17:54:54:AA:1B:EE:9C:CB:0A:EF:3E:96:61:E0:DC
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/0f6b659b-9df4-477a-a87b-b8bcd08d670e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:402::/47

    Signature Algorithm: sha256WithRSAEncryption
         20:ba:f9:32:fc:f0:71:76:88:0e:d5:d6:dc:7b:50:f6:13:95:
         40:72:e6:33:7a:30:bb:03:f3:a9:7c:b5:bb:46:a5:2c:d9:d5:
         76:98:1c:56:cd:bd:fb:3a:d2:80:18:e2:24:0a:45:b8:b4:89:
         49:d4:84:90:a1:08:94:42:f7:2a:fd:13:94:52:8c:74:bd:ca:
         14:27:1a:3c:57:7a:e5:32:96:c4:3a:39:86:f7:5b:4b:3d:5d:
         59:3a:8f:78:42:de:ac:af:c4:39:06:a8:27:40:5f:f2:e7:da:
         b8:c7:14:32:0e:48:e5:ed:d9:1e:d2:2d:df:6b:42:5a:fb:f6:
         02:c3:12:98:1e:e3:61:05:d6:96:09:bc:94:04:73:fd:ee:84:
         6a:57:90:14:9a:3e:cb:2c:da:dd:26:aa:6a:c2:bd:f6:04:48:
         87:72:81:60:90:fd:ad:ac:1f:f3:84:e5:d1:5d:e9:8f:ee:f3:
         d1:b6:16:39:7a:47:0d:9f:6f:e5:c7:59:49:ab:c7:df:3b:af:
         aa:ee:c8:32:0f:06:a5:b1:2e:9f:d6:ab:38:20:f4:e1:13:87:
         c1:53:92:3e:07:fc:25:4a:95:f1:45:97:c2:af:c3:c0:68:92:
         41:85:b0:7c:88:ad:9b:d2:70:f8:cd:67:81:73:a5:41:e3:c8:
         31:81:27:f0
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUJIulHPAAEeziEIqIIDPGlIGu4YcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjQwMzI3MDAwMDAwWhcNMjQwNTAxMjM1OTU5
WjB6MUkwRwYDVQQFE0AzOTZhM2QzNGJiMzBiNGE5OTNmZGJlYmFlZjViYTVkMzM4
NzM0M2MyODI0MmEzMjRiZGEwNGUzODg4MGRkODMzMS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDE83nYuHVL8U9EFMBWL0llDceWe9+d3n6bgjANpmWg7eVb
SKzTJpKpdwjfbiu4ftJzIPpczAYJxecNwAzd388PA+TJA+tKbSe5iHWXe5WwgjgL
faW6dh0CZumvTPRZvz9s+jKqWQyhAUaswuaxSp93LEUMXXmmR8Ve5s1y6o8KG96t
zMU7Vh7BleecXeSIfV8tkHpS23SUItIiDPCa1mzGkd9hpxT4IlCAlgynxSQgzNOy
m8gO+Nl4vJWnUCPy2isqZXiGMZ0sUMtmzq3ZYrEwxqs8iGYcPrsrgfoOjdX/FbD9
aqSYrv7e1hNRYibzhUq6DJzX0bZPg1CpylCiy4+PAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUVHdtGDcXVFSqG+6cywrvPpZh4NwwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiLzBmNmI2NTliLTlkZjQtNDc3YS1hODdiLWI4YmNkMDhkNjcwZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwEmBZzABAIwDQYJKoZIhvcNAQELBQADggEBACC6+TL88HF2iA7V1tx7UPYT
lUBy5jN6MLsD86l8tbtGpSzZ1XaYHFbNvfs60oAY4iQKRbi0iUnUhJChCJRC9yr9
E5RSjHS9yhQnGjxXeuUylsQ6OYb3W0s9XVk6j3hC3qyvxDkGqCdAX/Ln2rjHFDIO
SOXt2R7SLd9rQlr79gLDEpge42EF1pYJvJQEc/3uhGpXkBSaPsss2t0mqmrCvfYE
SIdygWCQ/a2sH/OE5dFd6Y/u89G2Fjl6Rw2fb+XHWUmrx987r6ruyDIPBqWxLp/W
qzgg9OETh8FTkj4H/CVKlfFFl8Kvw8BokkGFsHyIrZvScPjNZ4FzpUHjyDGBJ/A=
-----END CERTIFICATE-----
Generated at Thu Mar 28 13:31:59 2024 by rpki-client on console-ams.rpki-client.org