Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/58c1be24-6dc5-429a-9dec-97ca8a39e33c.roa
File:                     58c1be24-6dc5-429a-9dec-97ca8a39e33c.roa (raw, json)
Hash identifier:          ZxenE4Md7hldArKrOzypSpYFvwIr1QkDfjqzJNJZxZc=
Subject key identifier:   6E:FD:2E:64:1D:25:17:11:9B:97:86:3E:3D:DB:1A:D2:22:E8:36:D4
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       3EE01C59687CC0916EBB1615E8CDE53C76435C65
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/58c1be24-6dc5-429a-9dec-97ca8a39e33c.roa
Signing time:             Tue 28 May 2024 00:00:00 +0000
ROA not before:           Tue 28 May 2024 00:00:00 +0000
ROA not after:            Tue 02 Jul 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        161.206.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 20 Jun 2024 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3e:e0:1c:59:68:7c:c0:91:6e:bb:16:15:e8:cd:e5:3c:76:43:5c:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 28 00:00:00 2024 GMT
            Not After : Jul  2 23:59:59 2024 GMT
        Subject: serialNumber=a3cd527a9768718d149e643b1baa2251faf495e66340ad8d7a731d8566e435a2, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:cb:70:d0:9f:4a:6f:e8:32:11:8a:ef:9a:f2:
                    23:a9:3d:70:ba:d1:a8:a7:fc:d8:d3:e6:7f:8f:b2:
                    c5:bc:d1:90:ba:8a:4e:2a:73:2f:d9:46:61:e6:65:
                    96:e4:26:fa:11:9b:2b:14:03:e3:44:ea:99:1d:2d:
                    41:44:45:57:4e:41:63:91:52:8c:ea:8f:08:a1:1e:
                    c7:69:87:bd:0a:cd:a4:7c:a2:8a:34:83:6b:80:25:
                    9c:55:88:06:60:6d:a0:44:37:de:69:4f:35:f1:eb:
                    97:db:d9:17:49:7b:0a:a6:1c:8c:01:48:fe:d6:c5:
                    10:9a:1c:f7:53:30:67:61:0b:a4:ed:53:98:a7:d1:
                    e0:09:a8:4c:02:f2:a6:9d:31:e0:be:87:07:fd:1f:
                    5d:c2:0b:3e:d6:00:09:09:48:24:e9:75:b9:b1:b6:
                    b9:40:35:aa:ad:70:29:d2:38:32:3a:c7:21:c2:7f:
                    c9:2a:b2:8c:e6:bc:6d:57:8d:76:67:49:3c:47:20:
                    c0:74:35:db:dc:e4:73:8d:30:80:0f:d8:07:af:bb:
                    f5:73:5d:42:59:c9:55:0e:7d:7d:7b:55:aa:2e:e6:
                    d5:8d:73:c1:85:27:c2:44:e8:b8:8f:57:fe:66:ae:
                    a1:3d:79:9c:98:73:26:47:b9:92:b2:ce:1e:a4:cb:
                    9f:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:FD:2E:64:1D:25:17:11:9B:97:86:3E:3D:DB:1A:D2:22:E8:36:D4
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/58c1be24-6dc5-429a-9dec-97ca8a39e33c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  161.206.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         a1:33:0f:c0:6b:c9:d3:33:e7:d9:f3:3a:7b:82:28:ec:ab:54:
         f0:aa:a0:c4:78:4c:4d:3e:36:61:d7:27:ac:d1:e6:4d:90:32:
         82:ae:8d:40:c2:56:6b:f1:0f:22:fd:31:0e:06:7d:7f:d5:ff:
         04:0a:32:47:e3:60:d2:d8:42:9b:29:b3:e1:1a:a9:47:7c:3c:
         0c:72:41:5c:0d:bb:79:ab:70:89:51:7c:24:15:0b:b4:28:cd:
         74:c9:65:c9:c3:6b:a6:40:c9:95:75:ae:4e:a4:85:5e:23:8f:
         a5:a5:2c:08:e8:98:ef:da:ca:0b:74:a7:bb:51:48:4b:d0:b8:
         5e:2e:cf:c8:17:21:45:fd:83:0f:62:b2:a4:19:4e:1b:37:d0:
         0b:c1:7a:92:b8:13:98:44:50:27:f8:95:d0:e3:99:2f:60:49:
         64:6c:56:a2:ea:60:b3:cc:1a:79:ca:4f:ed:18:bb:34:31:3a:
         b1:c5:75:10:fb:7a:e9:7e:29:ae:b0:82:ec:24:42:4e:6d:55:
         08:92:a4:d2:95:9b:25:3b:d6:d4:3f:fc:9b:51:cf:6d:8c:32:
         d6:38:15:0b:af:39:72:61:ea:c2:fc:0e:bc:4d:98:4a:7d:02:
         e0:0a:a5:7f:d0:09:42:56:d2:c7:db:eb:8a:bf:64:ac:08:70:
         f4:a0:07:eb
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUPuAcWWh8wJFuuxYV6M3lPHZDXGUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjQwNTI4MDAwMDAwWhcNMjQwNzAyMjM1OTU5
WjB6MUkwRwYDVQQFE0BhM2NkNTI3YTk3Njg3MThkMTQ5ZTY0M2IxYmFhMjI1MWZh
ZjQ5NWU2NjM0MGFkOGQ3YTczMWQ4NTY2ZTQzNWEyMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC3y3DQn0pv6DIRiu+a8iOpPXC60ain/NjT5n+PssW80ZC6
ik4qcy/ZRmHmZZbkJvoRmysUA+NE6pkdLUFERVdOQWORUozqjwihHsdph70KzaR8
ooo0g2uAJZxViAZgbaBEN95pTzXx65fb2RdJewqmHIwBSP7WxRCaHPdTMGdhC6Tt
U5in0eAJqEwC8qadMeC+hwf9H13CCz7WAAkJSCTpdbmxtrlANaqtcCnSODI6xyHC
f8kqsozmvG1XjXZnSTxHIMB0Ndvc5HONMIAP2Aevu/VzXUJZyVUOfX17Vaou5tWN
c8GFJ8JE6LiPV/5mrqE9eZyYcyZHuZKyzh6ky5+3AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUbv0uZB0lFxGbl4Y+Pdsa0iLoNtQwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzU4YzFiZTI0LTZkYzUtNDI5YS05ZGVjLTk3Y2E4YTM5ZTMzYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwChzjANBgkqhkiG9w0BAQsFAAOCAQEAoTMPwGvJ0zPn2fM6e4Io7KtU8Kqg
xHhMTT42YdcnrNHmTZAygq6NQMJWa/EPIv0xDgZ9f9X/BAoyR+Ng0thCmymz4Rqp
R3w8DHJBXA27eatwiVF8JBULtCjNdMllycNrpkDJlXWuTqSFXiOPpaUsCOiY79rK
C3Snu1FIS9C4Xi7PyBchRf2DD2KypBlOGzfQC8F6krgTmERQJ/iV0OOZL2BJZGxW
oupgs8waecpP7Ri7NDE6scV1EPt66X4prrCC7CRCTm1VCJKk0pWbJTvW1D/8m1HP
bYwy1jgVC685cmHqwvwOvE2YSn0C4Aqlf9AJQlbSx9vrir9krAhw9KAH6w==
-----END CERTIFICATE-----
Generated at Tue Jun 18 01:54:31 2024 by rpki-client on console-fra.rpki-client.org