Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/20dfdb8e-82f9-432c-9d09-08b35b26e968.roa
File:                     20dfdb8e-82f9-432c-9d09-08b35b26e968.roa (raw, json)
Hash identifier:          +OJabTKla2IZio2hhCamnkki7OOve9P3ifHaTiWqTVI=
Subject key identifier:   B3:A1:EA:97:54:5D:81:56:7F:33:4B:CE:8B:00:8F:86:EE:06:B3:D4
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       4F51D6FF3A57BD0DF75E11CF7C319182337B6105
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/20dfdb8e-82f9-432c-9d09-08b35b26e968.roa
Signing time:             Mon 27 May 2024 00:00:00 +0000
ROA not before:           Mon 27 May 2024 00:00:00 +0000
ROA not after:            Mon 01 Jul 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        52.95.46.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 20 Jun 2024 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4f:51:d6:ff:3a:57:bd:0d:f7:5e:11:cf:7c:31:91:82:33:7b:61:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 27 00:00:00 2024 GMT
            Not After : Jul  1 23:59:59 2024 GMT
        Subject: serialNumber=c77fff717c64f1f6557048475ea9d458d7cc8f9fb4ca1214decfa3da113347fd, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:7e:b0:8f:13:15:28:cb:05:9d:f7:b6:d3:bd:
                    90:9b:0b:7c:4f:31:7b:77:63:ab:22:eb:e4:80:2d:
                    0d:35:7d:23:78:a5:49:8a:67:42:f9:2c:3a:1a:c6:
                    67:02:7f:3c:2b:1f:f6:d8:2e:27:2b:8b:ce:98:be:
                    38:24:7b:59:3a:06:40:6c:7e:7c:9c:37:3b:e3:57:
                    31:f0:22:58:2b:c5:1c:82:76:fb:11:b7:37:13:0b:
                    37:96:68:e1:b2:50:9d:c9:4a:2b:7f:9e:02:c8:02:
                    09:a0:78:e4:a9:7d:43:2b:c6:e2:de:ee:3d:1f:7b:
                    23:9d:f1:12:d1:a5:23:6b:32:ad:6e:8e:17:b6:82:
                    2c:6c:da:e6:8a:f2:34:b5:f6:5c:30:21:20:27:97:
                    51:e8:d5:09:7e:1b:a7:6e:54:6b:4a:01:3d:6d:33:
                    c1:c6:bd:bc:e7:d7:9b:bf:83:68:d8:31:a6:35:10:
                    23:16:0f:c8:cb:2c:a9:82:b6:9a:12:ab:48:48:0d:
                    63:fb:4c:6c:8a:a5:a9:7c:23:87:fc:93:d9:af:69:
                    6b:67:cd:31:fa:44:f0:7f:21:d7:8a:86:ed:0e:a2:
                    ea:d4:ab:2a:ee:da:89:e9:ef:aa:fb:30:be:ee:cf:
                    8f:af:37:ba:a8:37:a7:65:db:01:75:b6:9b:63:17:
                    ec:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:A1:EA:97:54:5D:81:56:7F:33:4B:CE:8B:00:8F:86:EE:06:B3:D4
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/20dfdb8e-82f9-432c-9d09-08b35b26e968.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.95.46.0/24

    Signature Algorithm: sha256WithRSAEncryption
         03:94:6a:f7:18:89:42:d7:2a:60:ec:ed:c5:a5:9b:49:12:c8:
         bb:e0:17:fe:e5:23:7b:b6:5e:13:55:0f:e8:db:82:da:09:32:
         47:72:b7:e2:59:79:17:64:7f:1e:15:f8:b5:c8:55:8e:0f:12:
         e3:1c:18:f4:f5:e2:d3:66:7f:72:e2:a4:75:56:d3:47:a3:70:
         27:eb:bc:c2:31:cd:c5:77:99:7e:cb:b2:25:d0:c4:89:91:e8:
         6b:f1:d7:0f:ea:be:a4:bf:a5:2f:73:ec:9b:59:6d:f9:15:83:
         ff:83:a2:fd:a0:3b:1a:94:46:20:5d:04:41:e5:b5:da:da:d6:
         4f:19:dc:eb:d9:fd:59:e7:9a:d2:bc:01:86:9a:b2:81:b5:2d:
         a2:85:78:71:ab:df:f0:52:51:51:33:1b:70:55:04:91:ae:e5:
         94:f8:60:75:3e:15:e2:69:72:de:b5:1c:74:31:19:30:10:de:
         a4:3c:31:cc:03:86:af:6d:d4:3a:0b:4b:97:9b:f5:08:2a:c9:
         4b:15:2c:b1:ca:f3:48:b5:74:96:0b:4d:44:ee:55:90:fd:96:
         f3:9e:ac:bf:7a:71:f9:49:4e:75:25:10:2d:4f:3b:e3:e8:dd:
         44:cf:bb:63:22:4c:a9:cc:4e:69:ae:2f:23:c3:19:82:63:48:
         21:3d:4c:cf
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUT1HW/zpXvQ33XhHPfDGRgjN7YQUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjQwNTI3MDAwMDAwWhcNMjQwNzAxMjM1OTU5
WjB6MUkwRwYDVQQFE0BjNzdmZmY3MTdjNjRmMWY2NTU3MDQ4NDc1ZWE5ZDQ1OGQ3
Y2M4ZjlmYjRjYTEyMTRkZWNmYTNkYTExMzM0N2ZkMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC7frCPExUoywWd97bTvZCbC3xPMXt3Y6si6+SALQ01fSN4
pUmKZ0L5LDoaxmcCfzwrH/bYLicri86Yvjgke1k6BkBsfnycNzvjVzHwIlgrxRyC
dvsRtzcTCzeWaOGyUJ3JSit/ngLIAgmgeOSpfUMrxuLe7j0feyOd8RLRpSNrMq1u
jhe2gixs2uaK8jS19lwwISAnl1Ho1Ql+G6duVGtKAT1tM8HGvbzn15u/g2jYMaY1
ECMWD8jLLKmCtpoSq0hIDWP7TGyKpal8I4f8k9mvaWtnzTH6RPB/IdeKhu0OourU
qyru2onp76r7ML7uz4+vN7qoN6dl2wF1tptjF+y3AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUs6Hql1RdgVZ/M0vOiwCPhu4Gs9QwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzIwZGZkYjhlLTgyZjktNDMyYy05ZDA5LTA4YjM1YjI2ZTk2OC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAA0Xy4wDQYJKoZIhvcNAQELBQADggEBAAOUavcYiULXKmDs7cWlm0kSyLvg
F/7lI3u2XhNVD+jbgtoJMkdyt+JZeRdkfx4V+LXIVY4PEuMcGPT14tNmf3LipHVW
00ejcCfrvMIxzcV3mX7LsiXQxImR6Gvx1w/qvqS/pS9z7JtZbfkVg/+Dov2gOxqU
RiBdBEHltdra1k8Z3OvZ/VnnmtK8AYaasoG1LaKFeHGr3/BSUVEzG3BVBJGu5ZT4
YHU+FeJpct61HHQxGTAQ3qQ8McwDhq9t1DoLS5eb9QgqyUsVLLHK80i1dJYLTUTu
VZD9lvOerL96cflJTnUlEC1PO+Po3UTPu2MiTKnMTmmuLyPDGYJjSCE9TM8=
-----END CERTIFICATE-----
Generated at Tue Jun 18 03:15:24 2024 by rpki-client on console-ams.rpki-client.org