Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/24c0fbb0-0e93-4198-b812-7bf705255f70.roa
File:                     24c0fbb0-0e93-4198-b812-7bf705255f70.roa (raw, json)
Hash identifier:          KGR13KFVH3kSNUUl1LxrHub5zaKicnTw8Q0kpfTfs+o=
Subject key identifier:   23:B8:A5:7C:6D:CB:92:63:F1:E0:31:02:D3:9A:62:C7:15:8D:C9:3C
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       39FBC1F1B2D90B15A4183A99933C1FE2602BBFF1
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/24c0fbb0-0e93-4198-b812-7bf705255f70.roa
Signing time:             Tue 28 May 2024 00:00:00 +0000
ROA not before:           Tue 28 May 2024 00:00:00 +0000
ROA not after:            Tue 02 Jul 2024 23:59:59 +0000
asID:                     14618
IP address blocks:        146.65.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 24 Jun 2024 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            39:fb:c1:f1:b2:d9:0b:15:a4:18:3a:99:93:3c:1f:e2:60:2b:bf:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 28 00:00:00 2024 GMT
            Not After : Jul  2 23:59:59 2024 GMT
        Subject: serialNumber=ad198e410f88a6c17175ad7969dd65061117d8a6f37e1bd37b52f757f84d73a5, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:d2:f0:f1:a5:e7:0b:58:73:4c:fa:3b:a4:dd:
                    03:52:8e:a2:f4:b7:9e:2e:43:18:9d:30:0f:ea:d3:
                    90:23:79:92:31:b5:a4:9c:f9:bf:c2:5d:24:55:20:
                    eb:89:0b:9d:c0:cc:2f:ac:08:a2:d6:4c:7c:d0:d8:
                    91:b1:cd:a5:33:a9:18:8f:f0:5f:80:e7:8d:32:a8:
                    66:6b:03:2e:e5:54:15:4b:cd:0e:fb:96:cc:a4:06:
                    e4:32:f5:01:ea:11:6f:09:21:bd:0d:36:40:4f:37:
                    90:a5:45:e1:15:b5:31:cf:2a:48:27:ff:3c:0d:7c:
                    b5:59:38:76:fa:29:f2:78:dc:a9:4b:80:67:11:5f:
                    5b:ff:a1:75:51:d3:53:47:59:2f:a7:cf:b6:90:20:
                    66:2f:ea:22:4a:34:66:7f:c9:11:31:a2:ad:4e:44:
                    cd:c0:b2:af:0b:d2:c5:d2:81:19:af:50:6b:1a:4c:
                    d1:71:80:05:a2:ed:c7:17:ba:43:e9:c9:05:c7:9a:
                    9b:0c:d7:10:da:8d:f8:c0:4a:17:20:68:31:d2:da:
                    21:51:65:57:a0:23:6d:75:30:5c:94:08:e3:9b:20:
                    12:59:af:90:d6:64:e7:f6:77:c1:21:28:de:b5:62:
                    7c:c0:1e:5a:87:72:dc:3b:a5:90:72:ab:a7:78:52:
                    7b:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:B8:A5:7C:6D:CB:92:63:F1:E0:31:02:D3:9A:62:C7:15:8D:C9:3C
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/24c0fbb0-0e93-4198-b812-7bf705255f70.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  146.65.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         57:40:23:b5:0e:5e:e7:96:78:06:da:0a:ee:6e:24:87:09:a3:
         c9:db:ba:0b:35:49:44:03:fc:cf:19:e2:3c:d7:ca:84:be:38:
         94:62:82:fe:87:44:75:53:8f:03:2a:7a:95:4e:54:34:41:38:
         15:ea:e6:88:f1:19:78:9e:8c:29:9f:fd:29:64:9e:70:7a:0f:
         4a:79:43:92:61:fc:0e:0d:cd:29:fd:c2:ec:b2:9b:f2:6c:df:
         17:d0:e2:bf:c9:ed:80:d8:19:92:33:fa:e2:a6:a6:83:bf:79:
         21:0d:40:90:4c:b9:08:83:cc:61:1f:20:3c:50:fc:83:28:89:
         3d:b7:fa:29:a9:7b:19:25:2a:e6:3c:db:b4:aa:30:1b:52:3b:
         d9:31:76:34:d7:3b:c0:4e:98:ba:ab:c8:a0:07:df:8d:dc:c3:
         dc:f1:31:b5:08:8f:bd:70:22:6a:f6:75:ab:bd:9a:42:f1:6c:
         25:84:44:37:22:7f:f4:7a:2f:93:8e:8a:69:40:5a:27:fe:51:
         15:5b:55:5b:3f:dd:13:bc:4c:30:e2:58:c6:44:68:6f:dc:8c:
         52:e8:44:5f:66:16:58:b6:c3:2f:d5:44:d9:46:b9:60:b1:88:
         d6:45:eb:f4:46:20:1c:82:10:90:4f:82:bb:a6:ee:76:d9:2b:
         d7:98:ed:a6
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUOfvB8bLZCxWkGDqZkzwf4mArv/EwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjQwNTI4MDAwMDAwWhcNMjQwNzAyMjM1OTU5
WjB6MUkwRwYDVQQFE0BhZDE5OGU0MTBmODhhNmMxNzE3NWFkNzk2OWRkNjUwNjEx
MTdkOGE2ZjM3ZTFiZDM3YjUyZjc1N2Y4NGQ3M2E1MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC30vDxpecLWHNM+juk3QNSjqL0t54uQxidMA/q05AjeZIx
taSc+b/CXSRVIOuJC53AzC+sCKLWTHzQ2JGxzaUzqRiP8F+A540yqGZrAy7lVBVL
zQ77lsykBuQy9QHqEW8JIb0NNkBPN5ClReEVtTHPKkgn/zwNfLVZOHb6KfJ43KlL
gGcRX1v/oXVR01NHWS+nz7aQIGYv6iJKNGZ/yRExoq1ORM3Asq8L0sXSgRmvUGsa
TNFxgAWi7ccXukPpyQXHmpsM1xDajfjAShcgaDHS2iFRZVegI211MFyUCOObIBJZ
r5DWZOf2d8EhKN61YnzAHlqHctw7pZByq6d4UntpAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUI7ilfG3LkmPx4DEC05pixxWNyTwwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzI0YzBmYmIwLTBlOTMtNDE5OC1iODEyLTdiZjcwNTI1NWY3MC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCSQTANBgkqhkiG9w0BAQsFAAOCAQEAV0AjtQ5e55Z4BtoK7m4khwmjydu6
CzVJRAP8zxniPNfKhL44lGKC/odEdVOPAyp6lU5UNEE4FermiPEZeJ6MKZ/9KWSe
cHoPSnlDkmH8Dg3NKf3C7LKb8mzfF9Div8ntgNgZkjP64qamg795IQ1AkEy5CIPM
YR8gPFD8gyiJPbf6Kal7GSUq5jzbtKowG1I72TF2NNc7wE6YuqvIoAffjdzD3PEx
tQiPvXAiavZ1q72aQvFsJYRENyJ/9Hovk46KaUBaJ/5RFVtVWz/dE7xMMOJYxkRo
b9yMUuhEX2YWWLbDL9VE2Ua5YLGI1kXr9EYgHIIQkE+Cu6budtkr15jtpg==
-----END CERTIFICATE-----
Generated at Sat Jun 22 03:17:52 2024 by rpki-client on console-fra.rpki-client.org