Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/0c5be2da-ccb4-465a-b0a1-1151979c0998.roa
File:                     0c5be2da-ccb4-465a-b0a1-1151979c0998.roa (raw, json)
Hash identifier:          2uPeiZRbakKMEbtIvos5bIe3E73eaGMsLr+OdkYDgW4=
Subject key identifier:   34:76:A6:B9:9F:E5:F4:AC:EF:57:FE:2C:37:B1:8F:68:DF:68:8D:8C
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       3BFC53E815946A998A5D59A7EC4DBA34DE91E359
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/0c5be2da-ccb4-465a-b0a1-1151979c0998.roa
Signing time:             Fri 21 Jun 2024 00:00:00 +0000
ROA not before:           Fri 21 Jun 2024 00:00:00 +0000
ROA not after:            Fri 26 Jul 2024 23:59:59 +0000
asID:                     22394
IP address blocks:        155.146.96.0/20 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 24 Jun 2024 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3b:fc:53:e8:15:94:6a:99:8a:5d:59:a7:ec:4d:ba:34:de:91:e3:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jun 21 00:00:00 2024 GMT
            Not After : Jul 26 23:59:59 2024 GMT
        Subject: serialNumber=893e815311c51e26eb876c479dcbfdfa2d27e788327971a07faabd403df9b61c, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:f7:2f:ea:ea:55:c6:c6:4c:7c:f1:2f:96:ba:
                    0c:dc:53:0b:48:67:4d:f6:14:33:2e:8d:99:d6:22:
                    79:fd:31:24:17:bc:be:9c:68:c1:2f:4a:47:f3:0a:
                    6b:9c:d9:82:e2:e7:d0:8a:e6:74:f8:b6:c8:c1:fb:
                    fd:ab:61:99:72:84:3b:3c:31:3c:b9:cf:33:8c:e7:
                    7d:df:97:56:19:48:7b:6d:c3:6e:e7:a6:b9:df:ca:
                    8b:04:4e:cc:d1:5b:eb:99:3e:09:11:e9:37:20:ff:
                    c1:75:73:77:51:14:57:d4:b8:4b:58:b2:47:ed:f8:
                    e4:22:22:94:d4:c1:2b:e4:90:e4:02:74:a1:bb:d0:
                    0a:9d:b5:20:88:73:d9:05:07:87:f5:ba:a9:04:bc:
                    98:82:bf:a4:d8:31:6d:b1:a6:1d:c1:70:9f:3f:b4:
                    c2:be:cf:52:5d:7c:95:ba:08:01:7f:0c:36:b7:fe:
                    1d:3a:98:1f:a4:bb:a8:a0:3b:5c:e2:09:c3:8d:7d:
                    a6:cc:7d:cd:40:95:5a:64:30:2f:38:ff:f4:82:86:
                    83:7e:06:ad:31:3e:cd:f1:60:19:d7:9f:67:82:8e:
                    f8:da:09:05:56:72:ca:0f:c0:49:d0:31:08:bf:62:
                    72:ee:d6:4a:0a:c5:cd:bb:16:93:16:c4:95:b2:a7:
                    07:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:76:A6:B9:9F:E5:F4:AC:EF:57:FE:2C:37:B1:8F:68:DF:68:8D:8C
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/0c5be2da-ccb4-465a-b0a1-1151979c0998.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  155.146.96.0/20

    Signature Algorithm: sha256WithRSAEncryption
         39:a3:6c:ed:55:ac:18:0a:c2:8e:f8:97:de:48:5c:b1:29:24:
         21:8a:7c:72:90:00:80:f3:94:db:b6:e7:db:65:de:f1:b8:72:
         d3:f5:b1:1f:64:e1:84:fe:22:42:71:75:1a:0a:f8:6b:96:17:
         b4:8f:c8:17:fb:82:3c:1a:41:a0:ab:34:16:ad:bf:ec:6b:c9:
         66:9a:9b:80:e6:21:86:7a:60:1d:2d:8c:eb:84:5c:9c:90:d0:
         da:ae:5a:37:0a:83:55:65:b5:ee:a5:27:f1:1f:68:6e:0a:c8:
         66:eb:15:ea:12:a8:42:82:16:90:bf:7d:2d:40:b6:55:af:ff:
         70:4a:52:3c:52:be:ea:24:2f:52:c4:1d:cc:83:38:23:b9:27:
         c8:da:a7:08:90:b2:55:42:3e:08:96:5e:6c:54:42:20:c6:6f:
         c5:e0:ca:4b:2c:d7:d5:b6:84:c6:83:8b:49:8c:41:db:a1:ce:
         a4:30:88:dc:9b:70:1d:15:be:4e:36:e8:28:cd:0c:50:19:50:
         20:f8:60:19:3a:9f:da:20:77:5b:72:4e:61:51:d3:4b:a5:28:
         e2:ba:59:db:1d:9d:b9:bc:c8:aa:dd:93:6e:61:a6:a9:08:a4:
         12:76:4c:84:84:5b:c5:43:dc:72:4a:38:07:11:2f:01:f9:fa:
         19:42:80:1d
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUO/xT6BWUapmKXVmn7E26NN6R41kwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjQwNjIxMDAwMDAwWhcNMjQwNzI2MjM1OTU5
WjB6MUkwRwYDVQQFE0A4OTNlODE1MzExYzUxZTI2ZWI4NzZjNDc5ZGNiZmRmYTJk
MjdlNzg4MzI3OTcxYTA3ZmFhYmQ0MDNkZjliNjFjMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDl9y/q6lXGxkx88S+WugzcUwtIZ032FDMujZnWInn9MSQX
vL6caMEvSkfzCmuc2YLi59CK5nT4tsjB+/2rYZlyhDs8MTy5zzOM533fl1YZSHtt
w27nprnfyosETszRW+uZPgkR6Tcg/8F1c3dRFFfUuEtYskft+OQiIpTUwSvkkOQC
dKG70AqdtSCIc9kFB4f1uqkEvJiCv6TYMW2xph3BcJ8/tMK+z1JdfJW6CAF/DDa3
/h06mB+ku6igO1ziCcONfabMfc1AlVpkMC84//SChoN+Bq0xPs3xYBnXn2eCjvja
CQVWcsoPwEnQMQi/YnLu1koKxc27FpMWxJWypwfnAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUNHamuZ/l9KzvV/4sN7GPaN9ojYwwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzBjNWJlMmRhLWNjYjQtNDY1YS1iMGExLTExNTE5NzljMDk5OC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBASbkmAwDQYJKoZIhvcNAQELBQADggEBADmjbO1VrBgKwo74l95IXLEpJCGK
fHKQAIDzlNu259tl3vG4ctP1sR9k4YT+IkJxdRoK+GuWF7SPyBf7gjwaQaCrNBat
v+xryWaam4DmIYZ6YB0tjOuEXJyQ0NquWjcKg1Vlte6lJ/EfaG4KyGbrFeoSqEKC
FpC/fS1AtlWv/3BKUjxSvuokL1LEHcyDOCO5J8japwiQslVCPgiWXmxUQiDGb8Xg
ykss19W2hMaDi0mMQduhzqQwiNybcB0Vvk426CjNDFAZUCD4YBk6n9ogd1tyTmFR
00ulKOK6Wdsdnbm8yKrdk25hpqkIpBJ2TISEW8VD3HJKOAcRLwH5+hlCgB0=
-----END CERTIFICATE-----
Generated at Sat Jun 22 03:13:16 2024 by rpki-client on console-ams.rpki-client.org