Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b3f6b688-cff4-402f-97d5-02f6f1886b7e/a8ff9337-21d8-4d5e-b988-d1a983d73aea.roa
File:                     a8ff9337-21d8-4d5e-b988-d1a983d73aea.roa (raw, json)
Hash identifier:          V0umSzMx5PJ9XlHpZs9958KAqkNnioYK3R4xwwiX4B0=
Subject key identifier:   23:59:64:F8:7C:EE:7D:61:9A:07:DF:77:5B:4C:DB:08:BE:D1:EF:76
Certificate issuer:       /CN=6f9b985b0fe5def09b994f8cf60bad8c9029c00657750b2267
Certificate serial:       685F2DC6DDE5B68E039A3D867B2028C98D3256E9
Authority key identifier: 6D:CA:65:D0:71:4D:7E:F2:56:90:BC:09:13:D3:54:DB:AC:89:2A:5E
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/7276b2fa-548d-4970-8314-8d73945c34d8/6f9b985b0fe5def09b994f8cf60bad8c9029c00657750b2267.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b3f6b688-cff4-402f-97d5-02f6f1886b7e/a8ff9337-21d8-4d5e-b988-d1a983d73aea.roa
Signing time:             Tue 12 Mar 2024 00:00:00 +0000
ROA not before:           Tue 12 Mar 2024 00:00:00 +0000
ROA not after:            Tue 16 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        2605:c940::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b3f6b688-cff4-402f-97d5-02f6f1886b7e/5d7wm5lPjPYLrYyQKcAGV3ULImc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b3f6b688-cff4-402f-97d5-02f6f1886b7e/5d7wm5lPjPYLrYyQKcAGV3ULImc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/7276b2fa-548d-4970-8314-8d73945c34d8/6f9b985b0fe5def09b994f8cf60bad8c9029c00657750b2267.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/7276b2fa-548d-4970-8314-8d73945c34d8/7276b2fa-548d-4970-8314-8d73945c34d8.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/7276b2fa-548d-4970-8314-8d73945c34d8/7276b2fa-548d-4970-8314-8d73945c34d8.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/7276b2fa-548d-4970-8314-8d73945c34d8.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/746e0111-fafb-430f-b778-d204cfcd99a8.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/746e0111-fafb-430f-b778-d204cfcd99a8.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 30 Mar 2024 03:03:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            68:5f:2d:c6:dd:e5:b6:8e:03:9a:3d:86:7b:20:28:c9:8d:32:56:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f9b985b0fe5def09b994f8cf60bad8c9029c00657750b2267
        Validity
            Not Before: Mar 12 00:00:00 2024 GMT
            Not After : Apr 16 23:59:59 2024 GMT
        Subject: serialNumber=e947896772f1df4c94f9da1a13c00f2706a30369c9b2dd59a79672365656e433, CN=15f1683a-c0c2-4266-9a96-ecf9eba3239c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:29:83:9b:bf:b2:7f:f2:e0:6c:54:a5:cb:18:
                    75:8e:fd:e3:22:d0:2f:95:2f:f6:36:a2:01:60:07:
                    d0:b7:59:8c:b8:2f:07:ca:85:20:8b:d8:d9:3a:02:
                    f9:7a:8a:3d:5d:dd:4b:8b:eb:b7:1f:67:b8:35:6d:
                    06:dc:81:c0:00:f8:57:f1:32:bc:8c:c7:0b:5a:69:
                    4c:87:f3:4b:a2:aa:fc:ab:2a:b9:71:97:34:6b:5b:
                    eb:62:9b:55:07:bd:06:82:f4:d5:a8:19:5c:7f:66:
                    af:cc:a3:87:6d:44:a9:87:5d:f8:b1:de:52:7e:70:
                    5a:7f:ea:dc:45:f2:ba:15:46:8b:8d:29:08:f6:43:
                    9b:c4:30:a5:8c:db:4a:d8:ed:c3:0b:ca:b2:62:bd:
                    7f:87:02:1c:d7:65:58:ff:f6:32:35:aa:ff:fc:3a:
                    4e:35:4e:2c:81:64:85:76:ec:78:e1:28:7a:ea:0a:
                    33:76:76:cc:8d:d5:86:dd:e8:6f:e7:d9:b2:7b:db:
                    d6:9e:c8:75:da:3a:37:ce:b0:1d:58:61:9e:ad:21:
                    a4:26:48:f6:77:50:49:4a:3d:3a:92:28:45:b7:56:
                    47:88:22:57:12:65:84:9a:3d:8e:38:27:d2:70:1c:
                    e9:f9:1d:7f:ee:f5:55:f5:20:4b:9c:e3:f2:1a:1c:
                    22:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:59:64:F8:7C:EE:7D:61:9A:07:DF:77:5B:4C:DB:08:BE:D1:EF:76
            X509v3 Authority Key Identifier:
                keyid:6D:CA:65:D0:71:4D:7E:F2:56:90:BC:09:13:D3:54:DB:AC:89:2A:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/7276b2fa-548d-4970-8314-8d73945c34d8/6f9b985b0fe5def09b994f8cf60bad8c9029c00657750b2267.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b3f6b688-cff4-402f-97d5-02f6f1886b7e/a8ff9337-21d8-4d5e-b988-d1a983d73aea.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b3f6b688-cff4-402f-97d5-02f6f1886b7e/5d7wm5lPjPYLrYyQKcAGV3ULImc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:c940::/32

    Signature Algorithm: sha256WithRSAEncryption
         45:ba:3e:b7:a1:a3:03:8e:66:2a:2c:af:92:b4:f0:61:7c:97:
         ca:81:c3:63:a1:5d:bc:15:9e:9f:02:a4:18:da:73:5a:51:fb:
         59:20:83:35:fc:29:eb:c3:0e:3e:01:60:62:6d:be:ad:73:3a:
         33:40:81:b5:a6:8a:07:5c:1f:c0:88:56:88:0e:b6:d5:37:8d:
         72:ce:69:a2:74:21:af:ae:d0:e4:8c:b4:44:6e:eb:e6:d7:77:
         ea:7d:28:36:d7:92:e8:89:fd:00:02:cb:7a:2c:58:0f:af:41:
         70:93:e4:14:47:77:92:b3:bb:6e:bc:b4:a7:6c:6e:08:8d:af:
         50:26:0a:bd:94:46:51:18:7b:bb:dd:90:20:ba:33:35:98:de:
         46:83:15:9b:2b:5e:ca:72:c6:71:b9:58:7b:26:eb:9a:c0:c1:
         08:44:20:35:46:d2:09:e8:15:1a:7a:78:a7:e4:ae:35:e5:0f:
         b1:38:07:30:8f:c6:10:db:e8:64:97:40:a1:43:a4:17:5c:ef:
         8b:44:a9:98:eb:bd:5d:5a:74:11:87:8e:9b:b9:7e:09:0e:5f:
         19:ec:ea:5b:86:d9:24:07:02:5e:c5:06:a2:ee:62:a4:9d:7a:
         51:e4:5e:a4:c3:b3:a0:82:2f:f2:2d:94:23:6d:12:df:e1:8b:
         9f:b2:fe:dd
-----BEGIN CERTIFICATE-----
MIIF+TCCBOGgAwIBAgIUaF8txt3lto4Dmj2GeyAoyY0yVukwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmY5Yjk4NWIwZmU1ZGVmMDliOTk0ZjhjZjYwYmFkOGM5
MDI5YzAwNjU3NzUwYjIyNjcwHhcNMjQwMzEyMDAwMDAwWhcNMjQwNDE2MjM1OTU5
WjB6MUkwRwYDVQQFE0BlOTQ3ODk2NzcyZjFkZjRjOTRmOWRhMWExM2MwMGYyNzA2
YTMwMzY5YzliMmRkNTlhNzk2NzIzNjU2NTZlNDMzMS0wKwYDVQQDEyQxNWYxNjgz
YS1jMGMyLTQyNjYtOWE5Ni1lY2Y5ZWJhMzIzOWMwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDdKYObv7J/8uBsVKXLGHWO/eMi0C+VL/Y2ogFgB9C3WYy4
LwfKhSCL2Nk6Avl6ij1d3UuL67cfZ7g1bQbcgcAA+FfxMryMxwtaaUyH80uiqvyr
KrlxlzRrW+tim1UHvQaC9NWoGVx/Zq/Mo4dtRKmHXfix3lJ+cFp/6txF8roVRouN
KQj2Q5vEMKWM20rY7cMLyrJivX+HAhzXZVj/9jI1qv/8Ok41TiyBZIV27HjhKHrq
CjN2dsyN1Ybd6G/n2bJ729aeyHXaOjfOsB1YYZ6tIaQmSPZ3UElKPTqSKEW3VkeI
IlcSZYSaPY44J9JwHOn5HX/u9VX1IEuc4/IaHCKhAgMBAAGjggKyMIICrjAdBgNV
HQ4EFgQUI1lk+HzufWGaB993W0zbCL7R73YwHwYDVR0jBBgwFoAUbcpl0HFNfvJW
kLwJE9NU26yJKl4wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
Lzc0NmUwMTExLWZhZmItNDMwZi1iNzc4LWQyMDRjZmNkOTlhOC83Mjc2YjJmYS01
NDhkLTQ5NzAtODMxNC04ZDczOTQ1YzM0ZDgvNmY5Yjk4NWIwZmU1ZGVmMDliOTk0
ZjhjZjYwYmFkOGM5MDI5YzAwNjU3NzUwYjIyNjcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvYjNmNmI2ODgtY2ZmNC00MDJmLTk3ZDUtMDJm
NmYxODg2YjdlL2E4ZmY5MzM3LTIxZDgtNGQ1ZS1iOTg4LWQxYTk4M2Q3M2FlYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2IzZjZiNjg4LWNmZjQtNDAyZi05N2Q1
LTAyZjZmMTg4NmI3ZS81ZDd3bTVsUGpQWUxyWXlRS2NBR1YzVUxJbWMuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgAC
MAcDBQAmBclAMA0GCSqGSIb3DQEBCwUAA4IBAQBFuj63oaMDjmYqLK+StPBhfJfK
gcNjoV28FZ6fAqQY2nNaUftZIIM1/Cnrww4+AWBibb6tczozQIG1pooHXB/AiFaI
DrbVN41yzmmidCGvrtDkjLREbuvm13fqfSg215Loif0AAst6LFgPr0Fwk+QUR3eS
s7tuvLSnbG4Ija9QJgq9lEZRGHu73ZAgujM1mN5GgxWbK17KcsZxuVh7JuuawMEI
RCA1RtIJ6BUaenin5K415Q+xOAcwj8YQ2+hkl0ChQ6QXXO+LRKmY671dWnQRh46b
uX4JDl8Z7OpbhtkkBwJexQai7mKknXpR5F6kw7Oggi/yLZQjbRLf4Yufsv7d
-----END CERTIFICATE-----
Generated at Thu Mar 28 16:47:17 2024 by rpki-client on console-fra.rpki-client.org