Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/5006d97b-6589-4a82-a7ff-99deb6b88472.roa
File:                     5006d97b-6589-4a82-a7ff-99deb6b88472.roa (raw, json)
Hash identifier:          LhppNKsVlNpVN5EXg1zSVr/uQ9WbUkWuHjKx3nlkyJU=
Subject key identifier:   93:5E:EA:F1:72:6A:13:C4:A3:AB:FA:6C:E6:BB:6E:1D:32:3B:62:AA
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       5EF0526745A28867F4ECE5541537F695D7FF274C
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/5006d97b-6589-4a82-a7ff-99deb6b88472.roa
Signing time:             Wed 05 Jun 2024 00:00:00 +0000
ROA not before:           Wed 05 Jun 2024 00:00:00 +0000
ROA not after:            Wed 10 Jul 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        3.5.176.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 14 Jun 2024 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5e:f0:52:67:45:a2:88:67:f4:ec:e5:54:15:37:f6:95:d7:ff:27:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jun  5 00:00:00 2024 GMT
            Not After : Jul 10 23:59:59 2024 GMT
        Subject: serialNumber=dad9e718a20822189e359dcde2037093b5f5ca3936052a9ceac98023dc63bd29, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:be:6b:cd:e1:b7:0f:56:b2:9b:ab:99:dc:91:
                    d0:11:b6:e4:d7:2c:b1:40:dd:d6:ff:1f:1e:2b:53:
                    77:b8:a9:45:e1:5b:13:cf:f8:13:5c:bb:37:de:26:
                    7b:19:aa:fb:da:e3:c7:31:6c:69:b9:bd:7d:1e:5c:
                    06:03:b2:21:7d:32:a3:d4:fe:7f:aa:cc:bd:56:75:
                    da:04:a0:96:53:cc:a0:90:89:0e:1f:0d:c0:42:10:
                    95:2d:b3:19:01:e9:7c:a3:59:ec:2e:3b:2e:d7:f3:
                    d7:a6:39:79:ed:0e:cc:a2:25:42:d0:83:1a:0f:4a:
                    5d:6e:20:f5:a0:57:5a:1d:25:dd:68:b8:35:e8:1e:
                    72:b3:97:e9:35:ea:89:e5:85:31:67:31:a2:13:af:
                    9b:83:b8:8a:a9:c1:3e:7a:39:af:63:be:b8:b6:2b:
                    85:07:bc:de:5a:20:6e:df:f1:33:0f:49:f3:70:35:
                    75:a8:17:10:87:55:bf:af:1a:ec:8b:99:cf:4a:7c:
                    94:a6:39:30:ce:a4:fb:f3:7b:7c:69:2a:45:76:a0:
                    b7:1c:6b:d5:6e:81:7a:de:24:75:0f:e6:e5:eb:ea:
                    42:cd:db:99:0e:f7:e3:4f:2d:12:ff:83:d5:55:b3:
                    8f:d6:2c:b2:9f:b7:fc:dc:ec:58:34:7e:04:d1:0a:
                    60:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:5E:EA:F1:72:6A:13:C4:A3:AB:FA:6C:E6:BB:6E:1D:32:3B:62:AA
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/5006d97b-6589-4a82-a7ff-99deb6b88472.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  3.5.176.0/22

    Signature Algorithm: sha256WithRSAEncryption
         27:5d:22:82:70:20:0b:96:a8:3d:94:02:07:db:da:db:6d:b1:
         19:60:43:42:09:4b:09:ed:3d:5f:60:41:60:ac:9d:09:4d:8a:
         15:dd:ad:4f:ff:b8:81:84:f8:06:a9:e7:5d:56:bf:18:2b:b9:
         00:a2:2d:41:bb:2f:4d:ec:db:10:e1:5f:96:d6:ce:e5:15:f5:
         23:bd:bd:fd:3f:d5:2c:a1:fd:22:09:c6:28:3b:b2:77:bf:9d:
         f5:b0:9c:70:f7:19:d2:ee:d8:0e:e1:97:f9:ba:b8:25:48:8b:
         10:bc:48:37:ec:21:15:a3:4f:2f:e1:f0:5c:aa:66:ff:ce:72:
         63:03:e6:6c:af:13:ce:d9:7e:7a:71:76:be:a4:88:db:87:cf:
         83:59:99:dd:89:80:0f:42:28:9a:b4:1c:6d:81:23:7c:54:32:
         2a:8d:cf:3f:e5:33:71:c8:9d:5a:52:d3:43:f9:bd:7e:29:18:
         51:51:7c:c2:b2:38:5f:7f:b4:73:6d:cf:df:90:1b:1b:52:8e:
         f0:d2:a4:37:48:15:c5:49:48:7d:1c:79:f2:cf:9e:d7:53:fa:
         82:01:0c:f9:07:cc:ce:2e:ad:5a:b6:13:f0:09:0c:6a:26:a8:
         b2:9f:a8:04:07:f1:b4:87:95:16:ea:d6:c6:3c:30:b7:84:cc:
         80:39:17:bb
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUXvBSZ0WiiGf07OVUFTf2ldf/J0wwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjQwNjA1MDAwMDAwWhcNMjQwNzEwMjM1OTU5
WjB6MUkwRwYDVQQFE0BkYWQ5ZTcxOGEyMDgyMjE4OWUzNTlkY2RlMjAzNzA5M2I1
ZjVjYTM5MzYwNTJhOWNlYWM5ODAyM2RjNjNiZDI5MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDBvmvN4bcPVrKbq5nckdARtuTXLLFA3db/Hx4rU3e4qUXh
WxPP+BNcuzfeJnsZqvva48cxbGm5vX0eXAYDsiF9MqPU/n+qzL1WddoEoJZTzKCQ
iQ4fDcBCEJUtsxkB6XyjWewuOy7X89emOXntDsyiJULQgxoPSl1uIPWgV1odJd1o
uDXoHnKzl+k16onlhTFnMaITr5uDuIqpwT56Oa9jvri2K4UHvN5aIG7f8TMPSfNw
NXWoFxCHVb+vGuyLmc9KfJSmOTDOpPvze3xpKkV2oLcca9VugXreJHUP5uXr6kLN
25kO9+NPLRL/g9VVs4/WLLKft/zc7Fg0fgTRCmAxAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUk17q8XJqE8Sjq/ps5rtuHTI7YqowHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzUwMDZkOTdiLTY1ODktNGE4Mi1hN2ZmLTk5ZGViNmI4ODQ3Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAIDBbAwDQYJKoZIhvcNAQELBQADggEBACddIoJwIAuWqD2UAgfb2tttsRlg
Q0IJSwntPV9gQWCsnQlNihXdrU//uIGE+Aap511WvxgruQCiLUG7L03s2xDhX5bW
zuUV9SO9vf0/1Syh/SIJxig7sne/nfWwnHD3GdLu2A7hl/m6uCVIixC8SDfsIRWj
Ty/h8FyqZv/OcmMD5myvE87Zfnpxdr6kiNuHz4NZmd2JgA9CKJq0HG2BI3xUMiqN
zz/lM3HInVpS00P5vX4pGFFRfMKyOF9/tHNtz9+QGxtSjvDSpDdIFcVJSH0cefLP
ntdT+oIBDPkHzM4urVq2E/AJDGomqLKfqAQH8bSHlRbq1sY8MLeEzIA5F7s=
-----END CERTIFICATE-----
Generated at Thu Jun 13 17:21:10 2024 by rpki-client on console-fra.rpki-client.org