Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/07f3f9f9-6ab0-46bd-bc5f-9dfb2f8b8bd0.roa
File:                     07f3f9f9-6ab0-46bd-bc5f-9dfb2f8b8bd0.roa (raw, json)
Hash identifier:          mAC99cUaIJFOZbUYrV/62J8rQHxBT8FssP6j7E5C85w=
Subject key identifier:   B9:DA:44:C5:EA:82:4B:5F:27:4E:DD:52:63:75:EB:1B:3D:EE:5A:49
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       5018B0E7DC588932C9D204EA1ECC1BA003235F17
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/07f3f9f9-6ab0-46bd-bc5f-9dfb2f8b8bd0.roa
Signing time:             Tue 12 Mar 2024 00:00:00 +0000
ROA not before:           Tue 12 Mar 2024 00:00:00 +0000
ROA not after:            Tue 16 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        52.94.0.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 29 Mar 2024 12:02:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            50:18:b0:e7:dc:58:89:32:c9:d2:04:ea:1e:cc:1b:a0:03:23:5f:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Mar 12 00:00:00 2024 GMT
            Not After : Apr 16 23:59:59 2024 GMT
        Subject: serialNumber=253f77991589eb7cfb50fdd4b1c2e28f6dab795d1bf93327d0d63bc3d851de3f, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:9b:e0:c3:dc:df:90:a7:8a:68:a6:12:c8:ec:
                    e4:bb:84:79:6b:a1:5a:bb:09:ac:4e:d2:9b:64:61:
                    6e:d6:17:2b:88:32:11:e6:eb:f9:cb:e2:fd:fd:fe:
                    12:1c:1d:3d:12:fd:73:3f:f0:87:33:86:95:6c:9d:
                    b3:54:70:09:42:6d:2e:a3:05:ed:68:29:ba:56:7a:
                    5a:c7:d0:d9:4b:7a:bf:fb:3b:8c:51:be:0c:72:21:
                    6e:84:74:97:db:c8:38:3e:13:bb:63:f0:5a:b8:0f:
                    03:1b:7c:dd:f0:83:85:16:b6:93:b0:33:48:09:64:
                    66:5c:e2:5e:f1:1e:26:be:c8:13:03:b4:cd:5b:3e:
                    3c:3f:1f:e2:fa:02:f7:87:f9:36:55:d1:b7:83:7e:
                    4a:9a:78:29:a1:1b:8f:43:be:7d:51:e9:20:ca:b7:
                    2a:87:22:19:79:19:b2:8e:7b:01:39:f3:3c:1e:04:
                    d6:c7:60:00:38:eb:e6:36:3d:cb:06:50:d5:86:00:
                    1a:93:23:50:44:4b:7b:71:f0:39:a1:b6:55:af:63:
                    a7:bc:1c:c0:38:13:b0:0d:cc:ef:23:42:29:de:ac:
                    de:0a:1a:47:2d:d4:bb:4d:c8:21:c2:fd:f6:0b:06:
                    18:23:b5:4e:67:e9:f1:75:29:f7:2b:7b:13:60:1d:
                    cc:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:DA:44:C5:EA:82:4B:5F:27:4E:DD:52:63:75:EB:1B:3D:EE:5A:49
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/07f3f9f9-6ab0-46bd-bc5f-9dfb2f8b8bd0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.94.0.0/22

    Signature Algorithm: sha256WithRSAEncryption
         a5:9f:e7:fe:fd:f2:81:18:0c:7b:83:04:b1:34:7c:c6:4f:1d:
         0a:c9:e8:e8:0e:c9:70:04:64:20:5e:e7:04:bc:be:58:db:59:
         fe:c0:61:e6:7d:8a:7f:09:79:f0:a9:4a:e4:9e:3a:91:63:50:
         88:40:db:6f:b5:d4:9a:30:6d:78:a0:c8:a5:85:ab:cf:9b:03:
         86:bc:bd:27:53:0e:fd:a6:3e:c5:99:98:93:a1:69:c9:81:c6:
         8c:ff:61:b5:00:9f:70:20:13:eb:d9:69:6c:bb:4f:25:59:08:
         ca:b1:61:9f:a3:19:5c:dc:d9:40:13:5c:c6:b2:1d:c1:5d:7c:
         bc:49:54:cb:f9:5e:83:2f:55:b2:7e:a1:67:a7:72:59:e3:09:
         42:cf:cc:ac:18:ff:58:ca:92:c5:96:14:45:be:7c:6a:da:29:
         21:69:b2:dd:00:31:24:5c:3d:14:c3:d3:2a:10:60:c5:02:d5:
         d8:8b:a1:cb:c2:ca:4a:be:c9:da:7b:bd:42:15:e9:6b:7b:bd:
         57:2c:1e:12:f6:47:d6:7a:5b:39:4e:84:27:01:8e:18:86:6e:
         eb:e3:0c:b1:62:7e:a4:a9:e1:c0:88:f4:6d:bd:09:91:b8:db:
         85:a8:59:37:ec:c3:c6:0e:c3:8c:53:3f:cc:a1:84:48:a6:0e:
         29:19:15:af
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUUBiw59xYiTLJ0gTqHswboAMjXxcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjQwMzEyMDAwMDAwWhcNMjQwNDE2MjM1OTU5
WjB6MUkwRwYDVQQFE0AyNTNmNzc5OTE1ODllYjdjZmI1MGZkZDRiMWMyZTI4ZjZk
YWI3OTVkMWJmOTMzMjdkMGQ2M2JjM2Q4NTFkZTNmMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC9m+DD3N+Qp4pophLI7OS7hHlroVq7CaxO0ptkYW7WFyuI
MhHm6/nL4v39/hIcHT0S/XM/8IczhpVsnbNUcAlCbS6jBe1oKbpWelrH0NlLer/7
O4xRvgxyIW6EdJfbyDg+E7tj8Fq4DwMbfN3wg4UWtpOwM0gJZGZc4l7xHia+yBMD
tM1bPjw/H+L6AveH+TZV0beDfkqaeCmhG49Dvn1R6SDKtyqHIhl5GbKOewE58zwe
BNbHYAA46+Y2PcsGUNWGABqTI1BES3tx8DmhtlWvY6e8HMA4E7ANzO8jQinerN4K
Gkct1LtNyCHC/fYLBhgjtU5n6fF1KfcrexNgHcwNAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUudpExeqCS18nTt1SY3XrGz3uWkkwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzA3ZjNmOWY5LTZhYjAtNDZiZC1iYzVmLTlkZmIyZjhiOGJkMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAI0XgAwDQYJKoZIhvcNAQELBQADggEBAKWf5/798oEYDHuDBLE0fMZPHQrJ
6OgOyXAEZCBe5wS8vljbWf7AYeZ9in8JefCpSuSeOpFjUIhA22+11JowbXigyKWF
q8+bA4a8vSdTDv2mPsWZmJOhacmBxoz/YbUAn3AgE+vZaWy7TyVZCMqxYZ+jGVzc
2UATXMayHcFdfLxJVMv5XoMvVbJ+oWenclnjCULPzKwY/1jKksWWFEW+fGraKSFp
st0AMSRcPRTD0yoQYMUC1diLocvCykq+ydp7vUIV6Wt7vVcsHhL2R9Z6WzlOhCcB
jhiGbuvjDLFifqSp4cCI9G29CZG424WoWTfsw8YOw4xTP8yhhEimDikZFa8=
-----END CERTIFICATE-----
Generated at Thu Mar 28 01:01:28 2024 by rpki-client on console-fra.rpki-client.org