Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/49079781-174c-4a16-b302-dc7e5a9fa71f.roa
File:                     49079781-174c-4a16-b302-dc7e5a9fa71f.roa (raw, json)
Hash identifier:          g/zSB0avKQ8X8FhZZ6rZiE0ldpQELOXodYyh1Xu1d3Q=
Subject key identifier:   79:5C:27:54:C1:CA:7B:87:6D:BB:A9:BB:C3:8D:FE:A2:85:1E:DE:BF
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       014552B21693BF52389B03A368D009F4ADA4E437
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/49079781-174c-4a16-b302-dc7e5a9fa71f.roa
Signing time:             Fri 24 May 2024 00:00:00 +0000
ROA not before:           Fri 24 May 2024 00:00:00 +0000
ROA not after:            Fri 28 Jun 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        3.2.49.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 14 Jun 2024 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:45:52:b2:16:93:bf:52:38:9b:03:a3:68:d0:09:f4:ad:a4:e4:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 24 00:00:00 2024 GMT
            Not After : Jun 28 23:59:59 2024 GMT
        Subject: serialNumber=627b2645e3a45dd4c10e7c8f2fe21ff7bf64bd0d2f1f97b38a7f1542545afee2, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:9e:56:2c:6f:08:26:2a:5a:66:2c:e3:36:99:
                    61:95:37:d4:69:82:e8:a7:1e:f3:02:e1:cf:3a:5a:
                    77:fd:7a:dc:01:bf:3e:8d:87:83:8c:e6:d5:6f:1c:
                    65:e4:5e:71:03:b2:15:30:99:e3:fe:40:00:f7:57:
                    ef:86:33:1b:68:fc:ce:12:1b:d1:80:cd:24:32:7b:
                    cb:51:30:f5:c5:4a:7a:ed:36:a1:f0:3a:53:1a:f6:
                    61:81:1e:ba:9f:94:0d:52:00:2a:b1:3d:ae:fa:f3:
                    47:27:e2:f0:cb:6c:fd:16:02:37:fa:2e:4e:fb:07:
                    1f:21:30:ee:98:b6:dc:da:b1:8c:73:08:4e:27:e2:
                    e1:7d:19:be:42:59:4a:78:6d:64:ba:5c:80:a5:36:
                    89:d3:86:ef:03:90:74:9d:37:eb:3b:a5:35:9a:d5:
                    1b:df:28:14:e1:af:ec:81:8a:a9:60:de:fc:03:e7:
                    62:05:ac:37:34:71:d1:60:bc:08:f2:74:dc:dd:f5:
                    20:c8:f0:e4:d7:77:8b:09:37:b0:78:4d:e9:cb:c1:
                    75:9f:17:1c:06:ac:4f:e6:ee:d2:9a:00:ff:08:6a:
                    64:1f:60:df:8c:d1:63:cf:73:23:41:49:01:7e:f6:
                    1c:1e:f0:0b:73:0c:fc:7a:89:c9:0b:b9:b4:06:24:
                    38:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:5C:27:54:C1:CA:7B:87:6D:BB:A9:BB:C3:8D:FE:A2:85:1E:DE:BF
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/49079781-174c-4a16-b302-dc7e5a9fa71f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  3.2.49.0/24

    Signature Algorithm: sha256WithRSAEncryption
         67:78:8d:79:45:29:ba:27:81:25:a5:33:d9:6f:d1:0b:30:8d:
         d0:8e:39:ea:a2:b9:56:00:7c:61:67:86:62:9a:2d:ed:fb:27:
         18:d9:0f:87:88:06:3a:82:7b:7a:f7:2d:c7:f4:cd:2f:97:16:
         6e:9c:31:32:cd:ee:9a:69:46:56:d1:97:43:1f:70:a5:50:26:
         e9:c9:54:96:c7:ec:66:52:9e:4b:e4:19:19:cb:1e:60:b4:99:
         b5:4d:69:f6:36:4d:db:31:42:e2:e7:2f:1a:13:6f:20:70:e1:
         4d:db:2c:64:f6:3b:4f:ac:72:6b:1d:66:72:e4:dc:ca:99:cd:
         1e:e5:d5:b8:20:ad:09:7d:97:a6:b4:32:37:45:5c:f3:21:ba:
         9f:45:64:09:01:44:68:1d:b6:e1:51:bc:cc:80:f5:27:0a:07:
         90:df:0d:60:34:c9:96:e2:23:ce:a4:c5:06:66:d4:78:f1:3f:
         aa:3f:4c:24:b9:1c:c2:7f:cf:68:f1:b0:d2:da:c6:37:b6:a3:
         52:30:1b:6d:25:d4:6f:54:bf:89:ee:5e:a9:0d:27:56:5d:a6:
         5d:fb:20:47:5e:58:c8:5c:32:f1:66:52:6c:2d:3b:e4:27:7b:
         18:a3:97:d1:64:b7:20:a9:aa:18:45:37:ae:62:bd:56:76:db:
         28:1c:20:7b
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUAUVSshaTv1I4mwOjaNAJ9K2k5DcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjQwNTI0MDAwMDAwWhcNMjQwNjI4MjM1OTU5
WjB6MUkwRwYDVQQFE0A2MjdiMjY0NWUzYTQ1ZGQ0YzEwZTdjOGYyZmUyMWZmN2Jm
NjRiZDBkMmYxZjk3YjM4YTdmMTU0MjU0NWFmZWUyMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCqnlYsbwgmKlpmLOM2mWGVN9RpguinHvMC4c86Wnf9etwB
vz6Nh4OM5tVvHGXkXnEDshUwmeP+QAD3V++GMxto/M4SG9GAzSQye8tRMPXFSnrt
NqHwOlMa9mGBHrqflA1SACqxPa7680cn4vDLbP0WAjf6Lk77Bx8hMO6YttzasYxz
CE4n4uF9Gb5CWUp4bWS6XIClNonThu8DkHSdN+s7pTWa1RvfKBThr+yBiqlg3vwD
52IFrDc0cdFgvAjydNzd9SDI8OTXd4sJN7B4TenLwXWfFxwGrE/m7tKaAP8IamQf
YN+M0WPPcyNBSQF+9hwe8AtzDPx6ickLubQGJDhrAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUeVwnVMHKe4dtu6m7w43+ooUe3r8wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzQ5MDc5NzgxLTE3NGMtNGExNi1iMzAyLWRjN2U1YTlmYTcxZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAADAjEwDQYJKoZIhvcNAQELBQADggEBAGd4jXlFKbongSWlM9lv0QswjdCO
OeqiuVYAfGFnhmKaLe37JxjZD4eIBjqCe3r3Lcf0zS+XFm6cMTLN7pppRlbRl0Mf
cKVQJunJVJbH7GZSnkvkGRnLHmC0mbVNafY2TdsxQuLnLxoTbyBw4U3bLGT2O0+s
cmsdZnLk3MqZzR7l1bggrQl9l6a0MjdFXPMhup9FZAkBRGgdtuFRvMyA9ScKB5Df
DWA0yZbiI86kxQZm1HjxP6o/TCS5HMJ/z2jxsNLaxje2o1IwG20l1G9Uv4nuXqkN
J1Zdpl37IEdeWMhcMvFmUmwtO+Qnexijl9FktyCpqhhFN65ivVZ22ygcIHs=
-----END CERTIFICATE-----
Generated at Thu Jun 13 17:21:10 2024 by rpki-client on console-fra.rpki-client.org