Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/3ab011af-fada-4c8e-b056-1a9dfdb769da.roa
File:                     3ab011af-fada-4c8e-b056-1a9dfdb769da.roa (raw, json)
Hash identifier:          d/jTnaOMU/VlZepM6M6uqMAvk9j5ey05CmEYbIHrdM8=
Subject key identifier:   3C:9A:C6:D5:91:B6:24:8C:B9:32:42:99:F8:B4:29:A4:F4:F8:EF:17
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       76359CDD94BDB4F4514DC4EA9C778C34F1FA66A8
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/3ab011af-fada-4c8e-b056-1a9dfdb769da.roa
Signing time:             Tue 12 Mar 2024 00:00:00 +0000
ROA not before:           Tue 12 Mar 2024 00:00:00 +0000
ROA not after:            Tue 16 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        52.119.224.0/21 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 30 Mar 2024 12:04:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            76:35:9c:dd:94:bd:b4:f4:51:4d:c4:ea:9c:77:8c:34:f1:fa:66:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Mar 12 00:00:00 2024 GMT
            Not After : Apr 16 23:59:59 2024 GMT
        Subject: serialNumber=f34c257aee4e96a0210fe55ac87490fc282023c5cecda56d68b95f4d46044faf, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:0a:be:7e:1e:95:67:bf:ab:41:cb:78:fb:d1:
                    17:25:6a:0a:88:63:39:23:e0:4e:5f:51:9d:58:84:
                    2c:9f:f0:fd:f5:8a:14:ee:5f:e7:86:55:da:4d:dc:
                    17:36:f2:03:fb:78:09:70:59:2c:1c:92:2f:4f:f9:
                    62:32:ec:94:48:3f:d3:6c:cb:61:58:52:6d:09:97:
                    e2:c0:7f:88:cb:09:71:8d:33:ae:d6:8a:5d:3a:a0:
                    f5:cf:48:24:b6:d5:5c:80:11:0b:3f:4c:42:3d:36:
                    25:46:71:e4:56:f1:2b:2a:d0:80:59:51:8d:f0:a8:
                    ba:d9:d0:a2:43:c7:87:2d:33:28:55:ff:78:b8:a4:
                    b2:46:4b:89:a3:3f:e8:71:11:c5:b1:09:44:43:a5:
                    d7:53:9f:19:28:87:7b:54:ad:e1:5c:90:00:fb:14:
                    d7:75:01:06:87:64:8e:6d:61:00:63:cd:5d:bb:f1:
                    fa:3f:a8:8b:a3:78:ac:27:ae:5e:0f:50:a7:95:c1:
                    58:a4:40:07:4f:f0:c3:32:97:0d:36:b1:3f:d4:c0:
                    b3:f2:00:af:b6:00:07:1b:35:7e:9b:1a:c7:f3:54:
                    b7:94:dc:57:f7:00:2e:5f:2f:6a:9d:7f:c9:4f:fe:
                    d9:1d:e7:06:1e:00:8f:2a:a0:6b:70:3e:cd:47:13:
                    e4:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:9A:C6:D5:91:B6:24:8C:B9:32:42:99:F8:B4:29:A4:F4:F8:EF:17
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/3ab011af-fada-4c8e-b056-1a9dfdb769da.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.119.224.0/21

    Signature Algorithm: sha256WithRSAEncryption
         a9:28:76:81:d4:47:03:0b:17:2d:22:3e:e0:7f:af:cb:9c:a4:
         47:1a:87:43:3a:60:06:ed:16:89:9a:c4:48:39:db:dd:18:30:
         10:1f:e0:37:8f:e8:ce:0b:bc:ee:07:37:06:be:97:b7:63:31:
         2e:96:31:3c:f9:3c:06:ef:5c:75:1a:66:08:4d:f5:ac:f7:2e:
         1d:87:70:b2:1c:f3:4c:82:c4:78:8e:bd:2a:e6:a2:cd:24:df:
         b6:e0:32:7d:d1:9d:e6:e2:11:35:7a:73:1f:cf:67:97:52:72:
         f7:f6:0f:d1:69:22:81:b7:92:92:45:b4:90:7a:0a:77:00:21:
         4f:7a:11:0a:64:d1:1b:4a:2c:48:45:62:b9:74:a0:9e:ef:fe:
         a9:7a:58:58:d0:eb:a2:79:67:6b:06:89:0d:e8:a4:02:9b:b5:
         c9:5a:77:a1:39:ab:4a:8b:93:61:9a:48:9a:20:6b:f5:4d:11:
         e2:b9:d6:7d:cf:39:50:17:96:61:15:30:a1:00:94:64:6b:19:
         44:61:eb:83:0a:ee:5e:94:43:f5:47:4f:28:fd:e4:52:17:e0:
         af:da:fa:c4:bf:55:7b:bb:50:ab:a9:e3:e1:76:4f:d9:ac:43:
         74:2a:b8:06:7f:ac:9d:3a:25:98:9e:bd:ef:68:36:07:5c:91:
         15:73:3a:cf
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUdjWc3ZS9tPRRTcTqnHeMNPH6ZqgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjQwMzEyMDAwMDAwWhcNMjQwNDE2MjM1OTU5
WjB6MUkwRwYDVQQFE0BmMzRjMjU3YWVlNGU5NmEwMjEwZmU1NWFjODc0OTBmYzI4
MjAyM2M1Y2VjZGE1NmQ2OGI5NWY0ZDQ2MDQ0ZmFmMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCzCr5+HpVnv6tBy3j70RclagqIYzkj4E5fUZ1YhCyf8P31
ihTuX+eGVdpN3Bc28gP7eAlwWSwcki9P+WIy7JRIP9Nsy2FYUm0Jl+LAf4jLCXGN
M67Wil06oPXPSCS21VyAEQs/TEI9NiVGceRW8Ssq0IBZUY3wqLrZ0KJDx4ctMyhV
/3i4pLJGS4mjP+hxEcWxCURDpddTnxkoh3tUreFckAD7FNd1AQaHZI5tYQBjzV27
8fo/qIujeKwnrl4PUKeVwVikQAdP8MMylw02sT/UwLPyAK+2AAcbNX6bGsfzVLeU
3Ff3AC5fL2qdf8lP/tkd5wYeAI8qoGtwPs1HE+Q1AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUPJrG1ZG2JIy5MkKZ+LQppPT47xcwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzNhYjAxMWFmLWZhZGEtNGM4ZS1iMDU2LTFhOWRmZGI3NjlkYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAM0d+AwDQYJKoZIhvcNAQELBQADggEBAKkodoHURwMLFy0iPuB/r8ucpEca
h0M6YAbtFomaxEg5290YMBAf4DeP6M4LvO4HNwa+l7djMS6WMTz5PAbvXHUaZghN
9az3Lh2HcLIc80yCxHiOvSrmos0k37bgMn3RnebiETV6cx/PZ5dScvf2D9FpIoG3
kpJFtJB6CncAIU96EQpk0RtKLEhFYrl0oJ7v/ql6WFjQ66J5Z2sGiQ3opAKbtcla
d6E5q0qLk2GaSJoga/VNEeK51n3POVAXlmEVMKEAlGRrGURh64MK7l6UQ/VHTyj9
5FIX4K/a+sS/VXu7UKup4+F2T9msQ3QquAZ/rJ06JZieve9oNgdckRVzOs8=
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:38:27 2024 by rpki-client on console-fra.rpki-client.org