Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/277fb1fb-3655-4c68-80f2-1f4160a003be.roa
File:                     277fb1fb-3655-4c68-80f2-1f4160a003be.roa (raw, json)
Hash identifier:          WBg+cjp2YJau2HTOcItKJp0Si0Q1NyMAb0t5r/SOroI=
Subject key identifier:   48:D8:84:63:11:4D:99:5B:A8:C1:F7:5F:55:96:1F:D5:3C:CD:05:AF
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       306B0FE1E935CFEFCFE86CCBAD8C48290326BA46
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/277fb1fb-3655-4c68-80f2-1f4160a003be.roa
Signing time:             Tue 29 Oct 2024 00:00:00 +0000
ROA not before:           Tue 29 Oct 2024 00:00:00 +0000
ROA not after:            Tue 03 Dec 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        2605:9cc0:398::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 23 Nov 2024 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            30:6b:0f:e1:e9:35:cf:ef:cf:e8:6c:cb:ad:8c:48:29:03:26:ba:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Oct 29 00:00:00 2024 GMT
            Not After : Dec  3 23:59:59 2024 GMT
        Subject: serialNumber=e00fda257431687471b2203a86d9eb6e8077fd3f3da17506002c4bbaa31d4ac0, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:4a:22:a3:e6:f0:f8:b4:78:ec:0c:5d:84:ec:
                    34:f6:bd:fc:22:45:10:ac:82:1e:bf:16:19:ea:b4:
                    e8:28:a9:3e:6e:7f:c3:61:43:f0:a2:30:84:a2:fc:
                    24:fe:66:f6:7b:97:9b:f0:5e:d1:ee:81:1a:e3:e5:
                    77:10:93:31:da:96:dd:08:98:b0:bd:ef:a3:ce:44:
                    30:e8:fd:f9:67:4c:55:49:84:f6:52:47:41:8f:f6:
                    79:68:8b:43:73:39:9c:78:b0:2b:58:bc:02:98:a1:
                    de:87:d8:55:12:5d:99:cd:3d:d6:2e:d6:24:c1:67:
                    70:6e:60:96:a5:f9:12:2f:78:95:ff:65:50:93:69:
                    34:5f:68:03:de:ae:fc:7c:9f:e6:10:81:1b:65:19:
                    5b:a6:b8:44:da:53:80:fb:0a:4e:0e:b8:9b:ff:a9:
                    f0:7f:49:26:ea:f8:66:4e:bc:06:ce:04:8e:fe:ae:
                    ff:3f:22:e1:ad:de:ff:71:af:02:97:ce:ff:bd:63:
                    cc:80:a0:60:63:1a:a3:8d:b3:aa:66:4b:28:07:ad:
                    cc:56:b9:57:f2:03:f3:64:40:36:a6:d3:2f:db:3c:
                    bd:a9:ee:49:70:7e:0a:0c:ce:5f:2b:04:0d:b0:f1:
                    01:da:02:2d:c6:2c:a0:2e:29:b0:a8:c3:be:b2:c3:
                    5d:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:D8:84:63:11:4D:99:5B:A8:C1:F7:5F:55:96:1F:D5:3C:CD:05:AF
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/277fb1fb-3655-4c68-80f2-1f4160a003be.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:398::/48

    Signature Algorithm: sha256WithRSAEncryption
         40:0b:b9:7c:76:88:22:53:ad:5b:1c:7f:df:d2:02:73:83:4b:
         71:84:96:62:d7:4e:54:c8:ee:56:ca:5b:35:92:5d:f3:d1:30:
         79:44:b6:62:d1:17:5b:7c:02:a8:8b:66:55:22:a1:9a:99:16:
         62:29:ce:66:68:5a:4d:dd:8f:fa:45:05:a0:8a:59:c8:67:7f:
         78:8c:4b:94:da:69:c7:5b:80:10:f2:67:4f:7c:8c:53:51:95:
         66:91:53:81:9e:ae:a8:98:40:3d:88:37:cd:eb:db:a5:8e:df:
         f8:13:89:81:3a:7f:da:b3:8c:af:13:8a:a2:84:5a:d9:ab:a4:
         19:02:4e:82:d1:50:22:56:19:1c:8a:65:23:0f:ab:ba:59:21:
         dc:f5:64:d3:12:f4:7b:c8:81:99:df:0e:4e:aa:08:0e:3a:62:
         bc:37:6f:63:e0:2f:a5:35:5c:75:5c:c8:4f:0d:86:31:8a:4c:
         0d:e1:0f:22:db:a6:a3:21:cf:82:d9:d6:38:5b:59:c9:90:ec:
         23:30:c2:91:7f:c3:84:0a:cd:9a:9c:d2:8a:fb:17:b9:27:87:
         cf:01:1b:7c:a5:39:50:8c:79:96:0f:62:f0:73:1f:e1:46:75:
         3f:36:7d:3a:af:c1:dd:2b:b7:7b:2f:ca:31:90:e3:0f:dd:8c:
         fe:ba:40:13
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUMGsP4ek1z+/P6GzLrYxIKQMmukYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjQxMDI5MDAwMDAwWhcNMjQxMjAzMjM1OTU5
WjB6MUkwRwYDVQQFE0BlMDBmZGEyNTc0MzE2ODc0NzFiMjIwM2E4NmQ5ZWI2ZTgw
NzdmZDNmM2RhMTc1MDYwMDJjNGJiYWEzMWQ0YWMwMS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCxSiKj5vD4tHjsDF2E7DT2vfwiRRCsgh6/FhnqtOgoqT5u
f8NhQ/CiMISi/CT+ZvZ7l5vwXtHugRrj5XcQkzHalt0ImLC976PORDDo/flnTFVJ
hPZSR0GP9nloi0NzOZx4sCtYvAKYod6H2FUSXZnNPdYu1iTBZ3BuYJal+RIveJX/
ZVCTaTRfaAPervx8n+YQgRtlGVumuETaU4D7Ck4OuJv/qfB/SSbq+GZOvAbOBI7+
rv8/IuGt3v9xrwKXzv+9Y8yAoGBjGqONs6pmSygHrcxWuVfyA/NkQDam0y/bPL2p
7klwfgoMzl8rBA2w8QHaAi3GLKAuKbCow76yw10zAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUSNiEYxFNmVuowfdfVZYf1TzNBa8wHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiLzI3N2ZiMWZiLTM2NTUtNGM2OC04MGYyLTFmNDE2MGEwMDNiZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzAA5gwDQYJKoZIhvcNAQELBQADggEBAEALuXx2iCJTrVscf9/SAnOD
S3GElmLXTlTI7lbKWzWSXfPRMHlEtmLRF1t8AqiLZlUioZqZFmIpzmZoWk3dj/pF
BaCKWchnf3iMS5TaacdbgBDyZ098jFNRlWaRU4GerqiYQD2IN83r26WO3/gTiYE6
f9qzjK8TiqKEWtmrpBkCToLRUCJWGRyKZSMPq7pZIdz1ZNMS9HvIgZnfDk6qCA46
Yrw3b2PgL6U1XHVcyE8NhjGKTA3hDyLbpqMhz4LZ1jhbWcmQ7CMwwpF/w4QKzZqc
0or7F7knh88BG3ylOVCMeZYPYvBzH+FGdT82fTqvwd0rt3svyjGQ4w/djP66QBM=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:45 2024 by rpki-client on console-fra.rpki-client.org