Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/0758e6e7-91cd-444b-b616-9a6bb5d010f6.roa
File:                     0758e6e7-91cd-444b-b616-9a6bb5d010f6.roa (raw, json)
Hash identifier:          2mXfXiM/zH9hXuRzrmf7ky5aehCvHh4HnPT2ma5xONw=
Subject key identifier:   25:76:26:68:6D:A1:CF:D8:8F:9E:4C:46:D3:7F:D3:4A:29:DA:D4:26
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       22B23F4CC4475A864150394AE99ABA40768FD3A5
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/0758e6e7-91cd-444b-b616-9a6bb5d010f6.roa
Signing time:             Tue 12 Mar 2024 00:00:00 +0000
ROA not before:           Tue 12 Mar 2024 00:00:00 +0000
ROA not after:            Tue 16 Apr 2024 23:59:59 +0000
asID:                     14618
IP address blocks:        162.137.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 29 Mar 2024 12:02:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            22:b2:3f:4c:c4:47:5a:86:41:50:39:4a:e9:9a:ba:40:76:8f:d3:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Mar 12 00:00:00 2024 GMT
            Not After : Apr 16 23:59:59 2024 GMT
        Subject: serialNumber=5f3bd6852d202627751b9a9f540a182a7db731333ed45d9f4fc9cfde8243a984, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:56:c0:3d:af:61:cb:27:1e:de:9f:a1:1c:90:
                    32:2a:7d:f9:7e:f6:47:74:60:77:fa:ff:ea:f9:f1:
                    4e:0b:55:04:8c:c2:8c:6e:f8:6a:7c:4b:8e:86:6a:
                    d8:a5:a6:41:bb:cc:28:b7:5f:43:9b:8a:f3:55:3f:
                    c1:23:df:aa:db:87:e3:eb:64:fe:be:4b:7b:d8:ce:
                    82:cb:da:73:35:36:59:f3:cd:27:2b:e7:3a:d7:f2:
                    90:0a:93:1a:07:92:2b:4e:bc:24:39:3f:59:f5:0c:
                    ee:63:67:66:51:f5:b2:90:5d:79:20:b8:ff:83:e0:
                    d0:d6:f1:e0:a6:d3:0c:40:cd:9f:fc:30:55:74:33:
                    70:e8:44:60:03:db:20:19:c7:f6:42:71:6e:50:3c:
                    86:46:63:eb:01:08:28:b3:b4:6d:cb:37:f0:a3:6f:
                    57:45:3f:96:e2:ea:d6:d1:1a:06:a0:3d:b9:d5:b6:
                    8b:ec:76:ff:7d:3e:a2:eb:6d:30:08:dd:c8:97:07:
                    f5:de:3d:35:e6:46:cc:04:a6:e6:bc:53:b5:4b:da:
                    c3:61:41:88:af:e8:06:90:ff:cf:88:6d:00:8b:0a:
                    b8:b2:bc:1c:47:35:69:4d:02:ba:96:c8:25:56:aa:
                    9d:9f:e2:b9:2a:4e:a5:a9:81:dc:2f:fa:cb:37:2e:
                    78:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:76:26:68:6D:A1:CF:D8:8F:9E:4C:46:D3:7F:D3:4A:29:DA:D4:26
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/0758e6e7-91cd-444b-b616-9a6bb5d010f6.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  162.137.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         25:b0:b3:63:a9:8a:6c:a8:03:56:a2:fe:aa:57:81:81:aa:b6:
         64:4b:c9:f7:61:a9:0f:d6:dc:60:c8:43:37:11:6c:ba:8c:8d:
         0e:ca:55:bb:de:31:65:71:98:cf:1d:82:5a:dc:0a:2f:db:12:
         f7:50:4e:7d:0b:bc:b2:cc:a7:68:20:b7:30:9a:0c:6a:07:96:
         b5:17:60:51:69:86:a7:69:bf:2f:0a:0c:c6:9c:b8:c3:e9:dc:
         c5:ab:39:c8:f3:f9:ce:f2:34:5a:ae:f8:76:60:8a:0c:6d:2a:
         2f:ff:fe:5e:f3:d8:b7:85:11:de:37:f0:4d:7c:65:dc:41:6e:
         98:1b:05:5b:06:6e:11:57:e7:e7:ae:7c:da:f2:a9:bc:e8:a0:
         12:44:3e:37:07:b1:6e:62:94:24:50:92:33:c3:d3:2e:2f:0b:
         f7:68:d1:66:57:ed:0e:dc:11:8f:59:6a:25:05:c6:8f:e4:b9:
         ac:0e:fc:d0:52:43:36:4b:08:01:2f:ad:90:4d:c1:84:64:55:
         9d:53:38:ff:32:5b:71:ee:84:aa:f3:79:39:83:2e:a2:ee:34:
         e3:32:85:89:37:39:8d:eb:83:62:21:a8:00:87:e4:35:ba:f3:
         65:44:dd:95:0d:63:75:32:c2:c0:3c:cb:08:85:47:24:70:50:
         08:4f:98:f1
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUIrI/TMRHWoZBUDlK6Zq6QHaP06UwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjQwMzEyMDAwMDAwWhcNMjQwNDE2MjM1OTU5
WjB6MUkwRwYDVQQFE0A1ZjNiZDY4NTJkMjAyNjI3NzUxYjlhOWY1NDBhMTgyYTdk
YjczMTMzM2VkNDVkOWY0ZmM5Y2ZkZTgyNDNhOTg0MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC+VsA9r2HLJx7en6EckDIqffl+9kd0YHf6/+r58U4LVQSM
woxu+Gp8S46GatilpkG7zCi3X0ObivNVP8Ej36rbh+PrZP6+S3vYzoLL2nM1Nlnz
zScr5zrX8pAKkxoHkitOvCQ5P1n1DO5jZ2ZR9bKQXXkguP+D4NDW8eCm0wxAzZ/8
MFV0M3DoRGAD2yAZx/ZCcW5QPIZGY+sBCCiztG3LN/Cjb1dFP5bi6tbRGgagPbnV
tovsdv99PqLrbTAI3ciXB/XePTXmRswEpua8U7VL2sNhQYiv6AaQ/8+IbQCLCriy
vBxHNWlNArqWyCVWqp2f4rkqTqWpgdwv+ss3LnhZAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUJXYmaG2hz9iPnkxG03/TSina1CYwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzA3NThlNmU3LTkxY2QtNDQ0Yi1iNjE2LTlhNmJiNWQwMTBmNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCiiTANBgkqhkiG9w0BAQsFAAOCAQEAJbCzY6mKbKgDVqL+qleBgaq2ZEvJ
92GpD9bcYMhDNxFsuoyNDspVu94xZXGYzx2CWtwKL9sS91BOfQu8ssynaCC3MJoM
ageWtRdgUWmGp2m/LwoMxpy4w+ncxas5yPP5zvI0Wq74dmCKDG0qL//+XvPYt4UR
3jfwTXxl3EFumBsFWwZuEVfn56582vKpvOigEkQ+NwexbmKUJFCSM8PTLi8L92jR
ZlftDtwRj1lqJQXGj+S5rA780FJDNksIAS+tkE3BhGRVnVM4/zJbce6EqvN5OYMu
ou404zKFiTc5jeuDYiGoAIfkNbrzZUTdlQ1jdTLCwDzLCIVHJHBQCE+Y8Q==
-----END CERTIFICATE-----
Generated at Thu Mar 28 01:01:28 2024 by rpki-client on console-fra.rpki-client.org