Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/24c0fbb0-0e93-4198-b812-7bf705255f70.roa
File:                     24c0fbb0-0e93-4198-b812-7bf705255f70.roa (raw, json)
Hash identifier:          YxRoD9qkdeB2oPWg0kopCFP87xb5IPm5gGim7IWSAao=
Subject key identifier:   5F:BC:74:35:0F:F2:5F:03:87:35:68:E3:43:DF:D5:85:2D:80:44:AE
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       63632616D790C2C43E1CAF9D2BB89D7749D4C890
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/24c0fbb0-0e93-4198-b812-7bf705255f70.roa
Signing time:             Mon 25 Nov 2024 00:00:00 +0000
ROA not before:           Mon 25 Nov 2024 00:00:00 +0000
ROA not after:            Mon 30 Dec 2024 23:59:59 +0000
asID:                     14618
IP address blocks:        146.65.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 07 Dec 2024 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            63:63:26:16:d7:90:c2:c4:3e:1c:af:9d:2b:b8:9d:77:49:d4:c8:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Nov 25 00:00:00 2024 GMT
            Not After : Dec 30 23:59:59 2024 GMT
        Subject: serialNumber=503127ba7e3897820a8ae3cf2aa712b56a398e15f0dc30110d7e7633d08fbbdb, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:f4:bc:ef:24:7a:d0:93:27:76:4b:1e:5e:2c:
                    e6:04:c3:29:4c:cb:40:6b:16:e3:fc:7e:cf:de:3d:
                    17:79:48:60:aa:8b:ec:c5:6f:7f:61:1a:af:c2:06:
                    c7:23:23:87:04:03:3e:37:32:a1:81:cb:93:cb:4e:
                    d2:65:08:96:9a:a5:3f:42:aa:1e:e7:79:2a:bf:9a:
                    8e:f8:0d:b0:6f:2e:f1:33:d2:5c:41:36:1f:75:ac:
                    5e:69:da:59:71:5b:37:18:e1:24:e6:44:cd:d3:cf:
                    87:7f:9e:c7:4d:63:ae:fd:c1:30:14:a5:82:13:55:
                    70:fe:94:54:97:15:c0:4b:15:26:7a:44:58:bd:1e:
                    4b:8b:a5:78:93:27:1c:44:88:07:e0:d7:01:57:69:
                    e0:a5:69:a1:7a:cc:69:0f:b7:03:cd:29:12:4e:9c:
                    0a:2a:6f:70:5d:3a:78:a6:7f:7d:40:bb:bd:62:0d:
                    a1:01:52:11:a3:39:a4:a5:0d:cb:7f:b3:8c:63:bb:
                    7f:c9:c9:f6:53:21:51:79:43:17:6b:9a:79:58:05:
                    8d:0c:76:cf:a3:f1:24:ee:32:5c:b3:1d:0c:4a:cb:
                    fb:79:52:77:45:a1:5f:06:26:e1:28:78:85:cf:09:
                    19:2d:cd:1c:d2:f7:75:40:d1:40:34:22:ba:e3:15:
                    c2:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:BC:74:35:0F:F2:5F:03:87:35:68:E3:43:DF:D5:85:2D:80:44:AE
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/24c0fbb0-0e93-4198-b812-7bf705255f70.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  146.65.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         1e:ff:1c:f7:00:12:33:4d:2d:bb:56:60:02:06:04:f7:6e:09:
         fd:47:d9:a4:7a:e4:c1:a4:d3:86:e5:73:8d:39:3c:75:35:8f:
         7e:e3:47:15:06:90:07:51:6b:53:94:09:99:5e:9a:a0:02:ca:
         de:b0:96:f6:ec:11:6a:1b:82:bb:b8:25:17:27:e3:33:08:d6:
         33:e0:c0:f4:9e:f1:3b:a1:7f:18:bd:ff:f6:c7:d2:27:2b:9f:
         7f:46:6c:c5:7e:d4:37:df:6a:8e:6e:f5:a3:9b:52:08:86:38:
         4d:4e:e3:32:6e:a0:56:1f:b9:89:84:11:2f:fb:69:f2:22:c4:
         c0:13:da:88:52:c8:78:d3:9d:5e:3a:3e:a0:01:d5:9e:18:f5:
         0c:14:8b:ae:2f:6e:5b:6e:61:8f:ed:bf:f4:4d:65:d2:c2:18:
         c5:5a:01:5b:55:be:d7:3d:a5:6f:9a:f5:53:46:01:7b:15:f2:
         87:71:84:4b:d9:0c:f9:8b:4a:1d:46:c8:e8:c1:a4:b9:13:77:
         d7:27:a1:ae:d9:fe:b8:54:6b:7e:e8:62:62:79:55:1f:95:3d:
         1f:9c:d9:2e:3b:a5:e3:52:7c:16:e6:82:ed:83:01:53:72:a3:
         9b:81:bd:46:43:b5:4a:8d:7b:14:bd:02:54:5e:38:77:38:9c:
         a0:7e:f2:e7
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUY2MmFteQwsQ+HK+dK7idd0nUyJAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjQxMTI1MDAwMDAwWhcNMjQxMjMwMjM1OTU5
WjB6MUkwRwYDVQQFE0A1MDMxMjdiYTdlMzg5NzgyMGE4YWUzY2YyYWE3MTJiNTZh
Mzk4ZTE1ZjBkYzMwMTEwZDdlNzYzM2QwOGZiYmRiMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDt9LzvJHrQkyd2Sx5eLOYEwylMy0BrFuP8fs/ePRd5SGCq
i+zFb39hGq/CBscjI4cEAz43MqGBy5PLTtJlCJaapT9Cqh7neSq/mo74DbBvLvEz
0lxBNh91rF5p2llxWzcY4STmRM3Tz4d/nsdNY679wTAUpYITVXD+lFSXFcBLFSZ6
RFi9HkuLpXiTJxxEiAfg1wFXaeClaaF6zGkPtwPNKRJOnAoqb3BdOnimf31Au71i
DaEBUhGjOaSlDct/s4xju3/JyfZTIVF5QxdrmnlYBY0Mds+j8STuMlyzHQxKy/t5
UndFoV8GJuEoeIXPCRktzRzS93VA0UA0IrrjFcJzAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUX7x0NQ/yXwOHNWjjQ9/VhS2ARK4wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzI0YzBmYmIwLTBlOTMtNDE5OC1iODEyLTdiZjcwNTI1NWY3MC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCSQTANBgkqhkiG9w0BAQsFAAOCAQEAHv8c9wASM00tu1ZgAgYE924J/UfZ
pHrkwaTThuVzjTk8dTWPfuNHFQaQB1FrU5QJmV6aoALK3rCW9uwRahuCu7glFyfj
MwjWM+DA9J7xO6F/GL3/9sfSJyuff0ZsxX7UN99qjm71o5tSCIY4TU7jMm6gVh+5
iYQRL/tp8iLEwBPaiFLIeNOdXjo+oAHVnhj1DBSLri9uW25hj+2/9E1l0sIYxVoB
W1W+1z2lb5r1U0YBexXyh3GES9kM+YtKHUbI6MGkuRN31yehrtn+uFRrfuhiYnlV
H5U9H5zZLjul41J8FuaC7YMBU3Kjm4G9RkO1So17FL0CVF44dzicoH7y5w==
-----END CERTIFICATE-----
Generated at Fri Dec 6 19:28:11 2024 by rpki-client on console-ams.rpki-client.org