Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/dd6f8923-ba0b-407d-a9e8-8c832583a0dd.roa
File:                     dd6f8923-ba0b-407d-a9e8-8c832583a0dd.roa (raw, json)
Hash identifier:          W/wbzjRF6yR8senuZPkHfTKDHnNZsZDo94P7un/uRj8=
Subject key identifier:   98:37:26:C3:9D:15:99:18:78:FC:43:8F:EE:C8:AC:10:72:F3:93:D6
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       2BD2A4150835FA1FD70F59B1D626E399E0A7D4D4
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/dd6f8923-ba0b-407d-a9e8-8c832583a0dd.roa
Signing time:             Fri 15 Mar 2024 00:00:00 +0000
ROA not before:           Fri 15 Mar 2024 00:00:00 +0000
ROA not after:            Fri 19 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        2605:9cc0:544::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 30 Mar 2024 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2b:d2:a4:15:08:35:fa:1f:d7:0f:59:b1:d6:26:e3:99:e0:a7:d4:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Mar 15 00:00:00 2024 GMT
            Not After : Apr 19 23:59:59 2024 GMT
        Subject: serialNumber=1003536dd109adac9d452fcb3699500d3ae7b29be4c1725b3a951bbdbb5e99fe, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:ec:dc:a4:be:cf:48:68:83:ac:06:6a:d8:ce:
                    e8:82:25:aa:8f:87:45:8c:b5:50:a1:4c:ea:6a:79:
                    1e:59:6a:9d:ef:f0:de:4b:2e:9c:4c:b8:22:3d:01:
                    cb:0b:48:55:14:0d:6a:18:8c:94:23:c5:0a:04:e0:
                    a2:82:2d:b0:a2:59:09:f5:09:af:75:18:b1:4e:82:
                    8f:b2:f3:9f:86:e1:dd:fc:54:79:2f:40:c1:52:32:
                    c6:89:64:83:6c:f4:e7:12:72:9a:bd:a5:c4:4f:d2:
                    e4:00:b4:9d:77:9a:0b:e3:40:f1:91:00:b2:1a:93:
                    ac:b5:64:fe:72:d4:50:d3:34:a9:dc:17:81:8c:e6:
                    bd:db:29:98:fe:4e:a2:b4:7a:32:d1:28:94:cb:58:
                    a3:74:ad:47:2e:3a:9e:63:0b:2f:3b:c1:ba:09:ca:
                    e2:da:17:ca:be:cc:a7:ba:ad:7f:29:81:99:41:5b:
                    fe:e6:3f:c1:14:9f:84:3b:2d:bb:c6:a8:64:c6:69:
                    fa:e6:39:10:4e:d8:e9:c0:c7:ed:72:7f:06:a4:0a:
                    9e:7c:21:3a:d3:2b:8e:ac:b2:34:aa:f6:de:01:eb:
                    59:12:a1:22:26:27:d7:ad:6a:01:3a:4a:ab:12:7f:
                    e4:03:17:40:67:5b:22:fa:80:62:0a:68:57:5e:96:
                    82:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:37:26:C3:9D:15:99:18:78:FC:43:8F:EE:C8:AC:10:72:F3:93:D6
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/dd6f8923-ba0b-407d-a9e8-8c832583a0dd.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:544::/48

    Signature Algorithm: sha256WithRSAEncryption
         51:ae:b7:9e:a8:c1:60:a0:26:fe:15:f0:08:b5:0f:47:7b:3a:
         89:c1:01:df:f5:09:e1:20:a5:ad:00:76:8c:0c:d7:e4:19:ff:
         22:71:af:ec:32:e1:6d:b3:ff:f2:38:96:4f:23:a8:2a:84:47:
         d0:6c:e0:94:33:d0:03:8b:42:ce:98:e2:a3:45:27:27:67:0d:
         fe:d5:bb:34:eb:5b:4d:bc:06:ae:a9:bf:92:bb:51:9d:d0:09:
         50:20:86:0b:ef:e0:26:3d:69:0e:89:55:e0:8a:08:b8:fa:16:
         01:72:dd:26:cd:12:f8:da:e8:89:44:7b:88:43:45:db:81:71:
         f0:da:c6:c6:6d:7c:68:60:12:92:5b:de:08:0f:c6:9d:1a:bb:
         e8:b6:20:86:20:bf:c6:ab:91:b6:00:10:09:91:28:fc:c8:28:
         76:44:8e:c0:3a:0b:e8:2e:5a:ef:d5:90:56:2a:20:ff:3f:bb:
         99:09:ea:a6:db:f4:04:ec:16:0d:85:5b:62:6d:f8:a7:04:d2:
         17:36:af:a3:32:9f:72:25:43:3f:97:95:1f:07:03:27:16:6a:
         72:52:b4:73:69:79:e4:5d:ad:36:40:20:a8:6b:11:e0:2e:36:
         ae:a7:55:4a:a3:40:0a:0e:ca:91:af:72:17:0b:7a:0b:6e:69:
         da:83:11:ff
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUK9KkFQg1+h/XD1mx1ibjmeCn1NQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjQwMzE1MDAwMDAwWhcNMjQwNDE5MjM1OTU5
WjB6MUkwRwYDVQQFE0AxMDAzNTM2ZGQxMDlhZGFjOWQ0NTJmY2IzNjk5NTAwZDNh
ZTdiMjliZTRjMTcyNWIzYTk1MWJiZGJiNWU5OWZlMS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCg7Nykvs9IaIOsBmrYzuiCJaqPh0WMtVChTOpqeR5Zap3v
8N5LLpxMuCI9AcsLSFUUDWoYjJQjxQoE4KKCLbCiWQn1Ca91GLFOgo+y85+G4d38
VHkvQMFSMsaJZINs9OcScpq9pcRP0uQAtJ13mgvjQPGRALIak6y1ZP5y1FDTNKnc
F4GM5r3bKZj+TqK0ejLRKJTLWKN0rUcuOp5jCy87wboJyuLaF8q+zKe6rX8pgZlB
W/7mP8EUn4Q7LbvGqGTGafrmORBO2OnAx+1yfwakCp58ITrTK46ssjSq9t4B61kS
oSImJ9etagE6SqsSf+QDF0BnWyL6gGIKaFdeloIvAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUmDcmw50VmRh4/EOP7sisEHLzk9YwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiL2RkNmY4OTIzLWJhMGItNDA3ZC1hOWU4LThjODMyNTgzYTBkZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzABUQwDQYJKoZIhvcNAQELBQADggEBAFGut56owWCgJv4V8Ai1D0d7
OonBAd/1CeEgpa0AdowM1+QZ/yJxr+wy4W2z//I4lk8jqCqER9Bs4JQz0AOLQs6Y
4qNFJydnDf7VuzTrW028Bq6pv5K7UZ3QCVAghgvv4CY9aQ6JVeCKCLj6FgFy3SbN
Evja6IlEe4hDRduBcfDaxsZtfGhgEpJb3ggPxp0au+i2IIYgv8arkbYAEAmRKPzI
KHZEjsA6C+guWu/VkFYqIP8/u5kJ6qbb9ATsFg2FW2Jt+KcE0hc2r6Myn3IlQz+X
lR8HAycWanJStHNpeeRdrTZAIKhrEeAuNq6nVUqjQAoOypGvchcLegtuadqDEf8=
-----END CERTIFICATE-----
Generated at Fri Mar 29 11:06:26 2024 by rpki-client on console-ams.rpki-client.org