Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/4e33ffa2-c29a-4fcd-bbd0-bceffa2c1860.roa
File:                     4e33ffa2-c29a-4fcd-bbd0-bceffa2c1860.roa (raw, json)
Hash identifier:          sCL/qDWA5PMjsfe4dy2G+enuJMqCsjB/7gwGak4np2o=
Subject key identifier:   ED:79:14:96:70:85:B3:84:FB:BA:60:4C:15:E5:F6:E9:8A:AA:6A:63
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       7C3AD959F9E6A038DB1F8DC0F619AF8E42DD5C
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/4e33ffa2-c29a-4fcd-bbd0-bceffa2c1860.roa
Signing time:             Mon 27 May 2024 00:00:00 +0000
ROA not before:           Mon 27 May 2024 00:00:00 +0000
ROA not after:            Mon 01 Jul 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        52.94.208.0/21 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 14 Jun 2024 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7c:3a:d9:59:f9:e6:a0:38:db:1f:8d:c0:f6:19:af:8e:42:dd:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 27 00:00:00 2024 GMT
            Not After : Jul  1 23:59:59 2024 GMT
        Subject: serialNumber=b1115198579abad3c29ce74f840313bbf1cf08b1f37b1be5de031e57f8d1f649, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:3f:30:35:62:03:d9:05:dc:e2:bf:78:0d:40:
                    ef:d9:29:f2:f0:ed:e8:e7:33:57:e7:9e:31:4e:2b:
                    89:ef:5a:be:a1:f8:51:bb:9d:e0:23:f2:29:92:8d:
                    42:5c:ec:29:be:f7:93:6f:a4:8b:88:af:b5:ee:3a:
                    79:36:78:fa:22:c8:49:48:a9:4b:ac:c8:a5:e9:fc:
                    78:31:d9:18:0e:57:65:f5:ed:2e:65:ac:f4:fc:cd:
                    b8:51:a8:bb:13:9d:be:1b:8f:7c:bf:bb:78:e5:e3:
                    9a:18:6a:88:3f:a0:6d:f4:98:98:b2:eb:e6:7e:e7:
                    d5:18:a8:c9:e0:e1:e1:6a:5b:53:1f:80:95:b5:d0:
                    38:6e:f3:44:be:58:63:1b:fd:72:c0:9d:1b:03:9f:
                    3a:81:ea:58:91:37:8d:54:e6:0b:8f:fa:dd:b9:48:
                    8e:1c:0e:5a:a3:6a:fc:9d:7d:2b:43:ea:e4:f0:a3:
                    b7:a2:b9:df:1e:b5:19:d5:20:fd:c7:be:a4:b6:9f:
                    03:bc:22:17:dd:58:fa:d3:7a:f2:37:ce:51:61:a5:
                    29:be:ca:b3:a3:39:d9:c4:c9:d1:42:b0:47:93:81:
                    aa:3d:40:83:52:96:3f:e9:51:b8:c6:78:60:57:d8:
                    03:4a:49:f4:32:2e:68:37:93:b7:67:41:62:26:21:
                    68:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:79:14:96:70:85:B3:84:FB:BA:60:4C:15:E5:F6:E9:8A:AA:6A:63
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/4e33ffa2-c29a-4fcd-bbd0-bceffa2c1860.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.94.208.0/21

    Signature Algorithm: sha256WithRSAEncryption
         b4:d7:af:92:21:e9:0c:51:1b:47:41:f9:7a:40:da:93:83:52:
         eb:58:e6:a6:d8:68:02:58:22:bd:8b:09:59:a1:b6:d9:d6:f2:
         66:db:3f:24:d7:20:3a:36:d0:20:cc:2a:5a:07:77:1a:0d:75:
         7a:b5:50:a9:34:69:0a:e8:29:fd:b7:3d:df:ec:71:fd:b9:b5:
         aa:85:9a:b0:9e:c6:d3:3e:6b:8f:8c:a2:ed:ed:2b:0f:5b:75:
         f2:b7:89:55:29:85:3f:21:6f:d5:17:2a:79:1e:57:a1:8f:74:
         9a:74:dd:5c:d8:83:fd:77:21:ae:5d:55:11:dd:09:46:f2:e2:
         77:47:55:9e:25:c5:b8:0d:1f:e9:43:63:fe:cc:17:4c:19:64:
         c7:87:be:a2:a5:87:65:d5:b5:a4:58:2f:ab:59:7c:f9:97:31:
         d8:47:48:17:29:0c:29:ad:93:a2:3f:31:da:89:f6:f1:fe:f6:
         63:a6:48:b2:15:c5:4f:c7:e6:35:6e:94:bc:a1:4a:8d:69:78:
         98:f5:a3:2e:65:a1:16:06:18:a4:aa:31:e6:7e:95:8c:78:6f:
         19:e7:af:f1:88:ec:28:23:5a:4f:60:58:dc:d1:c1:bc:ca:4f:
         a8:53:b3:75:a3:a6:7e:83:89:51:cd:97:9d:c4:49:1c:c1:fa:
         4d:19:eb:ed
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgITfDrZWfnmoDjbH43A9hmvjkLdXDANBgkqhkiG9w0BAQsF
ADA9MTswOQYDVQQDEzJkZjZmM2IzYTM0YjYzODZkMWEzMmQ4ZjRmYTMxNzhlZjMx
ODg3ZDhiNDI4ZGZhYTQ3NjAeFw0yNDA1MjcwMDAwMDBaFw0yNDA3MDEyMzU5NTla
MHoxSTBHBgNVBAUTQGIxMTE1MTk4NTc5YWJhZDNjMjljZTc0Zjg0MDMxM2JiZjFj
ZjA4YjFmMzdiMWJlNWRlMDMxZTU3ZjhkMWY2NDkxLTArBgNVBAMTJDVmMjc2MDQ1
LTViOWYtNDVlZi05MjNkLWYzZmNlMjRhNjIyNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMQ/MDViA9kF3OK/eA1A79kp8vDt6OczV+eeMU4rie9avqH4
Ubud4CPyKZKNQlzsKb73k2+ki4ivte46eTZ4+iLISUipS6zIpen8eDHZGA5XZfXt
LmWs9PzNuFGouxOdvhuPfL+7eOXjmhhqiD+gbfSYmLLr5n7n1RioyeDh4WpbUx+A
lbXQOG7zRL5YYxv9csCdGwOfOoHqWJE3jVTmC4/63blIjhwOWqNq/J19K0Pq5PCj
t6K53x61GdUg/ce+pLafA7wiF91Y+tN68jfOUWGlKb7Ks6M52cTJ0UKwR5OBqj1A
g1KWP+lRuMZ4YFfYA0pJ9DIuaDeTt2dBYiYhaF8CAwEAAaOCArEwggKtMB0GA1Ud
DgQWBBTteRSWcIWzhPu6YEwV5fbpiqpqYzAfBgNVHSMEGDAWgBQlrdNCsB63pY6t
GZAmiLVLP4H0uDAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHg
BggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2Fy
aW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMv
MmEyNDY5NDctMmQ2Mi00YTZjLWJhMDUtODcxODdmMDA5OWIyLzg1MWNlZjE3LTEz
MmEtNDMzNy1iN2QxLWJmMTZhNTJmZmQwMy9kZjZmM2IzYTM0YjYzODZkMWEzMmQ4
ZjRmYTMxNzhlZjMxODg3ZDhiNDI4ZGZhYTQ3Ni5jZXIwgZ4GCCsGAQUFBwELBIGR
MIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9mNzAzNjk2ZS1lNDdiLTRjMjAtYmQ5My02Zjgw
OTA0ZTQyZDIvNGUzM2ZmYTItYzI5YS00ZmNkLWJiZDAtYmNlZmZhMmMxODYwLnJv
YTCBiAYDVR0fBIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0
LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMt
NmY4MDkwNGU0MmQyL3RqaHRHakxZOVBveGVPOHhpSDJMUW8zNnBIWS5jcmwwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAzRe0DANBgkqhkiG9w0BAQsFAAOCAQEAtNevkiHpDFEbR0H5ekDak4NS61jm
pthoAlgivYsJWaG22dbyZts/JNcgOjbQIMwqWgd3Gg11erVQqTRpCugp/bc93+xx
/bm1qoWasJ7G0z5rj4yi7e0rD1t18reJVSmFPyFv1RcqeR5XoY90mnTdXNiD/Xch
rl1VEd0JRvLid0dVniXFuA0f6UNj/swXTBlkx4e+oqWHZdW1pFgvq1l8+Zcx2EdI
FykMKa2Toj8x2on28f72Y6ZIshXFT8fmNW6UvKFKjWl4mPWjLmWhFgYYpKox5n6V
jHhvGeev8YjsKCNaT2BY3NHBvMpPqFOzdaOmfoOJUc2XncRJHMH6TRnr7Q==
-----END CERTIFICATE-----
Generated at Wed Jun 12 16:27:28 2024 by rpki-client on console-fra.rpki-client.org