Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/503e4ea6-1eb7-413e-af4f-6643fc009258.roa
File:                     503e4ea6-1eb7-413e-af4f-6643fc009258.roa (raw, json)
Hash identifier:          VmPogwLLmBAPXId4qe1STpH3yy9pdIlHCFwZ/AMXzV8=
Subject key identifier:   EC:A6:24:5F:1F:B0:4F:F8:FF:DB:B4:7C:B8:3A:A7:F7:21:DC:66:D3
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       5936F67A3E172E5131461DA716101F56391D8E2B
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/503e4ea6-1eb7-413e-af4f-6643fc009258.roa
Signing time:             Mon 27 May 2024 00:00:00 +0000
ROA not before:           Mon 27 May 2024 00:00:00 +0000
ROA not after:            Mon 01 Jul 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        18.46.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 14 Jun 2024 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            59:36:f6:7a:3e:17:2e:51:31:46:1d:a7:16:10:1f:56:39:1d:8e:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 27 00:00:00 2024 GMT
            Not After : Jul  1 23:59:59 2024 GMT
        Subject: serialNumber=9236314342f23daa393c45a5572fd8fb271d100f718ea7e34204d74128be0ee9, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:ec:1b:7f:42:d4:90:a2:da:f0:52:49:74:fa:
                    d8:e6:16:b3:66:60:c0:da:e4:b6:5c:b7:55:4a:0f:
                    95:a6:7c:dd:ca:0d:f2:26:c8:b5:5c:f9:05:f9:12:
                    b8:83:a3:f8:8b:63:75:cc:1c:15:c1:25:94:ec:6c:
                    cb:d4:45:33:17:6c:ac:6f:6c:88:4e:46:45:65:88:
                    8f:87:6a:59:e0:fa:79:72:51:88:60:17:d0:21:cd:
                    ba:1a:95:34:60:d9:4b:a7:87:81:ac:0c:fd:70:84:
                    64:6e:1e:f7:cc:be:6a:8c:fd:9a:15:9e:dd:26:96:
                    a8:ea:d3:17:81:a1:3c:83:7e:93:5f:8d:61:44:f2:
                    7f:92:f8:d9:b8:c3:82:22:b8:b1:a2:fe:ec:60:24:
                    da:84:9c:ac:2a:52:a6:2e:68:be:b4:d8:41:02:ff:
                    40:48:ca:20:62:48:0c:40:31:d3:e6:10:81:10:91:
                    88:51:da:2e:17:4c:40:25:29:ca:b3:e2:5e:91:81:
                    56:03:ef:19:61:63:f9:06:68:ec:97:6b:ed:8b:25:
                    f9:63:d3:f3:24:cb:f8:75:74:d8:34:9c:74:bb:74:
                    b0:d7:75:a7:83:3d:64:78:2a:d1:64:c0:46:27:bf:
                    bd:b9:4f:8d:13:05:8d:5d:a9:69:1f:b2:e5:54:d2:
                    24:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:A6:24:5F:1F:B0:4F:F8:FF:DB:B4:7C:B8:3A:A7:F7:21:DC:66:D3
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/503e4ea6-1eb7-413e-af4f-6643fc009258.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  18.46.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         61:bc:7f:5f:24:b6:14:71:56:1e:64:4b:dd:e8:64:b9:22:7b:
         b4:4e:ec:07:91:67:82:36:c7:76:3c:ad:ec:ba:b8:96:40:e5:
         2e:f7:0d:be:07:8c:24:bc:3e:b4:cb:65:96:33:73:91:a9:a0:
         70:11:c8:1d:61:b3:59:03:86:38:57:81:e3:7b:71:87:09:6a:
         a6:a8:3f:e8:db:41:e0:ab:4d:55:4b:1e:cf:9f:aa:b5:37:b5:
         c3:fc:85:57:fd:8a:ae:d6:bf:eb:c9:eb:af:83:d9:a4:37:29:
         5c:df:92:45:45:76:ea:94:ea:68:d4:d4:9e:1e:ce:e7:a7:96:
         b6:e4:f5:94:6e:3a:1b:b3:e8:81:97:43:61:64:1b:67:93:4d:
         f6:07:2d:fa:62:59:40:d7:8b:23:a6:38:70:f3:d3:09:9f:c4:
         ba:67:5e:35:e5:14:de:93:2c:c7:5b:34:fa:b5:74:14:f6:be:
         9d:e3:0f:bc:f5:12:e9:e3:03:e7:b8:f1:15:25:66:9e:65:0f:
         10:63:ef:7e:dc:8d:1f:d4:2e:e7:94:25:04:37:dd:86:16:32:
         6e:f8:2b:64:63:22:e9:5a:98:89:e5:d6:bb:47:22:ea:64:d5:
         67:55:d3:3b:dc:3a:a3:02:08:63:46:e5:46:2c:06:71:6b:31:
         41:a3:2a:38
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUWTb2ej4XLlExRh2nFhAfVjkdjiswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjQwNTI3MDAwMDAwWhcNMjQwNzAxMjM1OTU5
WjB6MUkwRwYDVQQFE0A5MjM2MzE0MzQyZjIzZGFhMzkzYzQ1YTU1NzJmZDhmYjI3
MWQxMDBmNzE4ZWE3ZTM0MjA0ZDc0MTI4YmUwZWU5MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDG7Bt/QtSQotrwUkl0+tjmFrNmYMDa5LZct1VKD5WmfN3K
DfImyLVc+QX5EriDo/iLY3XMHBXBJZTsbMvURTMXbKxvbIhORkVliI+Halng+nly
UYhgF9AhzboalTRg2Uunh4GsDP1whGRuHvfMvmqM/ZoVnt0mlqjq0xeBoTyDfpNf
jWFE8n+S+Nm4w4IiuLGi/uxgJNqEnKwqUqYuaL602EEC/0BIyiBiSAxAMdPmEIEQ
kYhR2i4XTEAlKcqz4l6RgVYD7xlhY/kGaOyXa+2LJflj0/Mky/h1dNg0nHS7dLDX
daeDPWR4KtFkwEYnv725T40TBY1dqWkfsuVU0iRfAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU7KYkXx+wT/j/27R8uDqn9yHcZtMwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzUwM2U0ZWE2LTFlYjctNDEzZS1hZjRmLTY2NDNmYzAwOTI1OC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwASLjANBgkqhkiG9w0BAQsFAAOCAQEAYbx/XyS2FHFWHmRL3ehkuSJ7tE7s
B5FngjbHdjyt7Lq4lkDlLvcNvgeMJLw+tMtlljNzkamgcBHIHWGzWQOGOFeB43tx
hwlqpqg/6NtB4KtNVUsez5+qtTe1w/yFV/2Krta/68nrr4PZpDcpXN+SRUV26pTq
aNTUnh7O56eWtuT1lG46G7PogZdDYWQbZ5NN9gct+mJZQNeLI6Y4cPPTCZ/Eumde
NeUU3pMsx1s0+rV0FPa+neMPvPUS6eMD57jxFSVmnmUPEGPvftyNH9Qu55QlBDfd
hhYybvgrZGMi6VqYieXWu0ci6mTVZ1XTO9w6owIIY0blRiwGcWsxQaMqOA==
-----END CERTIFICATE-----
Generated at Thu Jun 13 17:54:02 2024 by rpki-client on console-ams.rpki-client.org