Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/07f3f9f9-6ab0-46bd-bc5f-9dfb2f8b8bd0.roa
File:                     07f3f9f9-6ab0-46bd-bc5f-9dfb2f8b8bd0.roa (raw, json)
Hash identifier:          k3Wi0tOcZYo6ht0zg6wxg7oWMQFBWvTUSmRUWsNQgug=
Subject key identifier:   94:4B:F2:F7:01:69:02:0A:A1:F9:6B:DA:E6:61:1E:9D:A8:25:99:1D
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       035CB28815BB7B30D6497B0C02E7C7413044EF15
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/07f3f9f9-6ab0-46bd-bc5f-9dfb2f8b8bd0.roa
Signing time:             Tue 28 May 2024 00:00:00 +0000
ROA not before:           Tue 28 May 2024 00:00:00 +0000
ROA not after:            Tue 02 Jul 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        52.94.0.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 14 Jun 2024 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:5c:b2:88:15:bb:7b:30:d6:49:7b:0c:02:e7:c7:41:30:44:ef:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 28 00:00:00 2024 GMT
            Not After : Jul  2 23:59:59 2024 GMT
        Subject: serialNumber=cd23c6a4d66ad9a1c6e3004d30f876f508287fd7a0ca9e535c1b2ef1249f22c0, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:42:e2:e5:45:8b:b4:ab:f0:82:01:ab:3c:6d:
                    0b:4f:1c:cd:3d:3c:86:09:87:fb:b0:4a:98:04:34:
                    de:a7:dd:47:29:89:97:6f:a3:54:01:e7:38:2f:b5:
                    9c:34:7a:ad:43:67:1e:af:81:c3:9d:b6:f6:75:8d:
                    31:a9:76:bf:2b:b3:d5:99:34:db:19:49:11:22:35:
                    18:d0:71:ce:c1:b7:54:34:94:4c:7c:84:f7:15:18:
                    07:56:e0:7d:b2:fb:f6:65:be:ee:14:c1:83:3d:31:
                    07:a5:10:54:d2:8c:07:bb:3a:bc:10:fe:99:cd:1b:
                    53:ae:f7:a8:07:70:24:fb:04:54:4d:67:1b:d7:c9:
                    74:a9:32:2b:0a:63:54:cb:e1:a5:4d:1e:aa:8f:25:
                    c4:97:7b:6d:ae:7c:b7:9f:51:52:26:4a:eb:d9:c2:
                    3a:60:75:4e:b9:b3:b2:41:18:7c:f5:62:f3:81:0b:
                    f9:f1:32:51:5b:d0:c0:fb:83:41:92:d5:7b:0c:e0:
                    af:a7:f0:36:a9:cd:67:e1:06:de:72:ac:54:99:5d:
                    7f:76:b2:b9:b8:76:ba:3a:2a:cc:98:ed:b6:95:77:
                    42:4c:6d:e1:4a:b7:1a:f8:0d:8b:e9:3d:90:f8:ab:
                    92:e6:06:8c:16:fd:1b:86:4d:b8:60:c9:51:40:73:
                    f3:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:4B:F2:F7:01:69:02:0A:A1:F9:6B:DA:E6:61:1E:9D:A8:25:99:1D
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/07f3f9f9-6ab0-46bd-bc5f-9dfb2f8b8bd0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.94.0.0/22

    Signature Algorithm: sha256WithRSAEncryption
         65:1a:2b:44:a0:7b:65:92:ba:14:74:fa:ab:7a:40:4e:90:35:
         16:f5:28:f0:b2:97:0d:0b:f8:7a:5f:ea:cc:c5:ce:64:d6:21:
         33:7b:1e:99:9f:56:c1:fb:34:12:a3:79:54:22:27:ee:d3:9f:
         96:b7:79:f1:ad:d4:7c:5e:1e:9c:86:8e:5f:b5:f5:52:62:e7:
         ca:0c:ab:e0:ad:e3:3a:ea:b4:a9:b6:45:3f:72:41:75:77:38:
         c5:f5:ad:da:1e:88:cf:af:c1:dd:05:f1:9a:0c:41:db:3c:f0:
         44:f8:74:ea:5f:1f:37:a0:4f:93:e7:c8:ed:a2:c7:2a:5f:96:
         0e:32:2b:ef:78:22:4f:40:08:6d:34:10:e2:80:e7:67:21:61:
         5b:14:c4:52:32:16:07:25:41:52:7a:7d:86:f9:94:4e:94:27:
         15:53:81:2c:a0:70:39:95:05:85:66:ee:3f:72:7d:3f:e4:68:
         3f:fc:78:66:ae:82:f2:da:ea:b5:2b:82:e6:0b:5c:6b:49:4b:
         47:87:e3:85:92:f1:1e:a6:ff:1c:20:6b:1a:cf:48:ae:5f:d3:
         a7:38:3f:98:db:2a:ad:a3:a9:fa:8a:f5:5a:df:bf:29:77:da:
         23:32:c8:aa:94:b0:14:e9:35:66:13:52:3e:a8:b2:af:71:6d:
         a3:3c:a6:72
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUA1yyiBW7ezDWSXsMAufHQTBE7xUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjQwNTI4MDAwMDAwWhcNMjQwNzAyMjM1OTU5
WjB6MUkwRwYDVQQFE0BjZDIzYzZhNGQ2NmFkOWExYzZlMzAwNGQzMGY4NzZmNTA4
Mjg3ZmQ3YTBjYTllNTM1YzFiMmVmMTI0OWYyMmMwMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDuQuLlRYu0q/CCAas8bQtPHM09PIYJh/uwSpgENN6n3Ucp
iZdvo1QB5zgvtZw0eq1DZx6vgcOdtvZ1jTGpdr8rs9WZNNsZSREiNRjQcc7Bt1Q0
lEx8hPcVGAdW4H2y+/Zlvu4UwYM9MQelEFTSjAe7OrwQ/pnNG1Ou96gHcCT7BFRN
ZxvXyXSpMisKY1TL4aVNHqqPJcSXe22ufLefUVImSuvZwjpgdU65s7JBGHz1YvOB
C/nxMlFb0MD7g0GS1XsM4K+n8DapzWfhBt5yrFSZXX92srm4dro6KsyY7baVd0JM
beFKtxr4DYvpPZD4q5LmBowW/RuGTbhgyVFAc/M7AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUlEvy9wFpAgqh+Wva5mEenaglmR0wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzA3ZjNmOWY5LTZhYjAtNDZiZC1iYzVmLTlkZmIyZjhiOGJkMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAI0XgAwDQYJKoZIhvcNAQELBQADggEBAGUaK0Sge2WSuhR0+qt6QE6QNRb1
KPCylw0L+Hpf6szFzmTWITN7HpmfVsH7NBKjeVQiJ+7Tn5a3efGt1HxeHpyGjl+1
9VJi58oMq+Ct4zrqtKm2RT9yQXV3OMX1rdoeiM+vwd0F8ZoMQds88ET4dOpfHzeg
T5PnyO2ixypflg4yK+94Ik9ACG00EOKA52chYVsUxFIyFgclQVJ6fYb5lE6UJxVT
gSygcDmVBYVm7j9yfT/kaD/8eGaugvLa6rUrguYLXGtJS0eH44WS8R6m/xwgaxrP
SK5f06c4P5jbKq2jqfqK9Vrfvyl32iMyyKqUsBTpNWYTUj6osq9xbaM8pnI=
-----END CERTIFICATE-----
Generated at Thu Jun 13 17:21:08 2024 by rpki-client on console-fra.rpki-client.org