Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/456215c2-dc17-4a5e-ad64-3686e912d503.roa
File:                     456215c2-dc17-4a5e-ad64-3686e912d503.roa (raw, json)
Hash identifier:          J5pe2V7X3ys8MrKcUhQc9XjV8ol/Fs0Y0BXMxX8+LtE=
Subject key identifier:   14:A0:A8:28:C1:F3:51:76:4E:93:4C:61:92:3C:50:9C:51:E6:D1:47
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       5D0C2C8CE77A08A73DDF1B9A3BBF3C8B94880EAE
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/456215c2-dc17-4a5e-ad64-3686e912d503.roa
Signing time:             Tue 12 Mar 2024 00:00:00 +0000
ROA not before:           Tue 12 Mar 2024 00:00:00 +0000
ROA not after:            Tue 16 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        52.93.149.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 29 Mar 2024 12:02:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5d:0c:2c:8c:e7:7a:08:a7:3d:df:1b:9a:3b:bf:3c:8b:94:88:0e:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Mar 12 00:00:00 2024 GMT
            Not After : Apr 16 23:59:59 2024 GMT
        Subject: serialNumber=321de2e7513bb4d2390a0ee22dacb116a67fe9c2398c57204010aec368ec703c, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:ea:e2:0b:9f:ac:0f:6b:2c:17:84:bc:16:6d:
                    d8:fb:71:18:cc:98:3d:da:9f:ee:c3:48:c4:2a:ac:
                    95:df:4f:29:d6:04:4f:21:15:95:d4:9a:c3:25:a1:
                    6a:71:0d:42:e4:1e:34:b7:f7:c6:51:32:a3:b8:34:
                    1e:82:5a:6d:55:12:56:43:dc:2c:19:71:7b:ef:05:
                    b3:0f:ed:45:2f:98:80:73:bf:a1:cb:a5:83:f1:a6:
                    8d:2c:f2:eb:c5:85:4d:88:18:c7:a5:d9:fc:1a:a8:
                    2d:d7:94:9b:28:05:c3:fb:ce:9d:7d:77:e7:72:4a:
                    eb:92:bb:c5:a5:8b:c0:13:95:7b:89:68:1a:c6:46:
                    c8:06:87:d9:3c:58:5d:f1:d0:6e:08:6b:7b:05:16:
                    b6:5c:7f:f4:fb:50:12:d9:95:86:36:8a:b4:78:c7:
                    23:6b:4a:d2:a0:4d:7a:b1:12:46:64:95:15:87:a7:
                    ef:c8:01:3f:e9:f7:54:80:34:93:b5:67:c2:ac:81:
                    20:a6:63:24:1d:eb:71:22:0f:98:0b:fb:29:30:18:
                    8d:a9:f7:87:17:53:db:d7:4e:38:da:74:22:a6:03:
                    d7:58:e2:0e:ba:5e:df:a5:75:a6:4e:b0:b5:a0:e0:
                    7b:4b:99:aa:55:62:01:08:90:8c:df:33:13:e7:cb:
                    48:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:A0:A8:28:C1:F3:51:76:4E:93:4C:61:92:3C:50:9C:51:E6:D1:47
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/456215c2-dc17-4a5e-ad64-3686e912d503.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.93.149.0/24

    Signature Algorithm: sha256WithRSAEncryption
         06:28:cc:e2:cd:6f:ee:ef:8f:af:18:15:04:88:98:99:90:65:
         22:28:0b:14:79:ed:4b:1b:6b:14:6b:18:d3:ff:16:0b:da:94:
         74:64:1f:6c:3e:52:ec:6a:96:f7:86:45:55:86:e7:ee:61:47:
         d3:0d:56:28:c8:01:0e:a8:34:f9:5a:7b:74:07:6a:1d:b1:08:
         45:c8:6e:34:df:87:c2:92:58:71:de:65:e0:98:25:18:91:9b:
         0e:eb:1d:e9:65:79:52:0b:33:36:03:59:0f:d9:99:b3:50:51:
         1a:ad:47:3b:b2:ab:5f:55:65:11:b9:4e:cd:59:5e:33:19:cc:
         d6:41:6d:60:4c:5e:a3:7a:ee:cd:16:a9:fe:92:3b:0c:ed:3f:
         c2:f8:69:b0:0a:a0:47:d2:3d:35:98:99:35:e4:ce:93:cf:06:
         71:29:37:dd:35:82:c3:00:47:73:a9:79:0b:da:a9:2b:b5:58:
         f1:cd:2f:0e:b9:00:18:a6:cd:41:51:13:1f:f4:a4:4e:eb:df:
         cd:51:65:e5:ac:e2:2a:46:e5:4c:bd:1d:94:89:ed:96:50:5b:
         e8:fc:32:e9:98:41:81:5b:62:5c:ee:3e:28:c5:e6:40:55:c2:
         dd:87:51:82:f0:15:c6:c4:a0:07:4e:90:2b:2f:82:2b:c5:3d:
         f5:cd:b3:b3
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUXQwsjOd6CKc93xuaO788i5SIDq4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjQwMzEyMDAwMDAwWhcNMjQwNDE2MjM1OTU5
WjB6MUkwRwYDVQQFE0AzMjFkZTJlNzUxM2JiNGQyMzkwYTBlZTIyZGFjYjExNmE2
N2ZlOWMyMzk4YzU3MjA0MDEwYWVjMzY4ZWM3MDNjMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDg6uILn6wPaywXhLwWbdj7cRjMmD3an+7DSMQqrJXfTynW
BE8hFZXUmsMloWpxDULkHjS398ZRMqO4NB6CWm1VElZD3CwZcXvvBbMP7UUvmIBz
v6HLpYPxpo0s8uvFhU2IGMel2fwaqC3XlJsoBcP7zp19d+dySuuSu8Wli8ATlXuJ
aBrGRsgGh9k8WF3x0G4Ia3sFFrZcf/T7UBLZlYY2irR4xyNrStKgTXqxEkZklRWH
p+/IAT/p91SANJO1Z8KsgSCmYyQd63EiD5gL+ykwGI2p94cXU9vXTjjadCKmA9dY
4g66Xt+ldaZOsLWg4HtLmapVYgEIkIzfMxPny0hzAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUFKCoKMHzUXZOk0xhkjxQnFHm0UcwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzQ1NjIxNWMyLWRjMTctNGE1ZS1hZDY0LTM2ODZlOTEyZDUwMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAA0XZUwDQYJKoZIhvcNAQELBQADggEBAAYozOLNb+7vj68YFQSImJmQZSIo
CxR57UsbaxRrGNP/FgvalHRkH2w+UuxqlveGRVWG5+5hR9MNVijIAQ6oNPlae3QH
ah2xCEXIbjTfh8KSWHHeZeCYJRiRmw7rHelleVILMzYDWQ/ZmbNQURqtRzuyq19V
ZRG5Ts1ZXjMZzNZBbWBMXqN67s0Wqf6SOwztP8L4abAKoEfSPTWYmTXkzpPPBnEp
N901gsMAR3OpeQvaqSu1WPHNLw65ABimzUFREx/0pE7r381RZeWs4ipG5Uy9HZSJ
7ZZQW+j8MumYQYFbYlzuPijF5kBVwt2HUYLwFcbEoAdOkCsvgivFPfXNs7M=
-----END CERTIFICATE-----
Generated at Thu Mar 28 22:23:49 2024 by rpki-client on console-fra.rpki-client.org