Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/5933b4db-ccbb-47a3-a37b-fa7ff2d0ad09.roa
File:                     5933b4db-ccbb-47a3-a37b-fa7ff2d0ad09.roa (raw, json)
Hash identifier:          utGjOOl0/fGk4nXhKEYnFQyJU6M15l2Ag1aggt53+o8=
Subject key identifier:   AF:FB:D8:03:4B:52:48:6F:C5:05:56:52:96:DD:04:6D:89:1F:78:94
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       27E5FA2C36DEA0F083624A7B047509FB552111D3
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/5933b4db-ccbb-47a3-a37b-fa7ff2d0ad09.roa
Signing time:             Tue 28 May 2024 00:00:00 +0000
ROA not before:           Tue 28 May 2024 00:00:00 +0000
ROA not after:            Tue 02 Jul 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        159.209.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 24 Jun 2024 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            27:e5:fa:2c:36:de:a0:f0:83:62:4a:7b:04:75:09:fb:55:21:11:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 28 00:00:00 2024 GMT
            Not After : Jul  2 23:59:59 2024 GMT
        Subject: serialNumber=730236ad3fb25fdcf35f59e543533f1112836a18810c620384d8c89790169f5a, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fa:18:fd:cc:70:bd:73:71:98:f9:27:74:15:4a:
                    13:68:37:c2:fd:96:f6:20:e1:51:07:ab:14:3b:13:
                    fc:8b:ec:1f:e0:68:ea:38:2e:91:e6:92:1e:db:9e:
                    3f:e2:b7:99:e5:98:a2:74:d7:d0:76:56:78:20:df:
                    aa:db:f8:ac:17:88:e7:4e:38:a1:55:b1:1b:48:71:
                    71:11:86:2d:8a:2c:87:ef:61:a2:b7:6e:7d:a8:38:
                    a3:0d:d3:2b:8c:8f:76:1f:35:57:2e:0c:7e:16:44:
                    d4:2f:96:16:03:c1:ed:57:34:72:aa:02:db:bd:4a:
                    68:a7:95:24:51:1d:37:62:0b:93:fd:d3:8c:9b:ae:
                    2a:7b:99:ca:2d:a5:e9:77:fb:4d:2e:56:12:3c:00:
                    28:8a:76:82:84:d0:73:c1:6d:a7:7f:05:74:ec:e1:
                    e9:f7:94:f5:dd:6e:74:4a:65:c2:bd:7e:5f:a4:1f:
                    9e:62:af:e9:67:1d:b6:f3:2e:ad:84:79:03:ac:a6:
                    8a:d0:a9:53:4e:e6:0c:52:f8:ae:8c:49:1d:bf:21:
                    e6:7d:7e:7b:10:ea:49:4b:46:a6:07:fa:56:48:bb:
                    67:1d:58:7d:80:f3:a2:7b:76:61:f2:1c:88:c9:6e:
                    92:cb:96:a2:2c:53:9c:da:e5:9a:0f:1f:87:30:28:
                    54:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:FB:D8:03:4B:52:48:6F:C5:05:56:52:96:DD:04:6D:89:1F:78:94
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/5933b4db-ccbb-47a3-a37b-fa7ff2d0ad09.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  159.209.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         1f:d7:4b:c2:0b:99:4d:23:d0:91:12:bf:e3:b1:81:01:ee:83:
         9c:86:ec:91:d9:82:80:72:9e:e8:b1:8b:e8:49:2d:cf:13:be:
         38:c9:09:b8:af:d8:c3:62:2b:86:ad:20:e0:4b:37:07:f5:1f:
         8b:c7:38:77:de:89:f4:f2:fe:cd:bf:14:3c:93:fe:ae:82:96:
         0a:41:77:d2:47:73:1b:bc:c0:4f:b2:84:0b:38:b8:31:d2:15:
         18:40:e3:12:f6:2a:ea:1d:f0:42:03:e7:21:8a:47:f6:cd:a0:
         41:bd:46:00:17:3c:ab:6c:e3:26:c9:99:4b:b7:20:db:44:fe:
         1c:ef:b9:49:93:a7:50:b6:e4:52:80:10:95:1e:dc:4e:9f:e5:
         d7:ed:eb:09:aa:19:c7:d8:94:06:54:82:e4:a9:17:ea:86:51:
         01:dd:f0:fa:a5:a1:27:9c:a9:69:f6:4d:7d:f6:fe:6f:f1:8b:
         5b:23:7c:93:a0:79:a6:4f:9d:7f:c8:4d:32:53:17:89:78:d9:
         6b:7c:93:b8:27:b3:73:92:f5:16:53:6b:7c:6c:96:3c:69:58:
         67:16:b1:85:e8:e4:13:58:5c:3c:69:51:a7:ae:8c:db:35:56:
         aa:29:c0:8e:4c:75:f7:22:0f:f8:23:18:81:42:14:c7:e8:a7:
         2f:6d:37:db
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUJ+X6LDbeoPCDYkp7BHUJ+1UhEdMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjQwNTI4MDAwMDAwWhcNMjQwNzAyMjM1OTU5
WjB6MUkwRwYDVQQFE0A3MzAyMzZhZDNmYjI1ZmRjZjM1ZjU5ZTU0MzUzM2YxMTEy
ODM2YTE4ODEwYzYyMDM4NGQ4Yzg5NzkwMTY5ZjVhMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQD6GP3McL1zcZj5J3QVShNoN8L9lvYg4VEHqxQ7E/yL7B/g
aOo4LpHmkh7bnj/it5nlmKJ019B2Vngg36rb+KwXiOdOOKFVsRtIcXERhi2KLIfv
YaK3bn2oOKMN0yuMj3YfNVcuDH4WRNQvlhYDwe1XNHKqAtu9SminlSRRHTdiC5P9
04ybrip7mcotpel3+00uVhI8ACiKdoKE0HPBbad/BXTs4en3lPXdbnRKZcK9fl+k
H55ir+lnHbbzLq2EeQOsporQqVNO5gxS+K6MSR2/IeZ9fnsQ6klLRqYH+lZIu2cd
WH2A86J7dmHyHIjJbpLLlqIsU5za5ZoPH4cwKFSHAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUr/vYA0tSSG/FBVZSlt0EbYkfeJQwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzU5MzNiNGRiLWNjYmItNDdhMy1hMzdiLWZhN2ZmMmQwYWQwOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCf0TANBgkqhkiG9w0BAQsFAAOCAQEAH9dLwguZTSPQkRK/47GBAe6DnIbs
kdmCgHKe6LGL6EktzxO+OMkJuK/Yw2Irhq0g4Es3B/Ufi8c4d96J9PL+zb8UPJP+
roKWCkF30kdzG7zAT7KECzi4MdIVGEDjEvYq6h3wQgPnIYpH9s2gQb1GABc8q2zj
JsmZS7cg20T+HO+5SZOnULbkUoAQlR7cTp/l1+3rCaoZx9iUBlSC5KkX6oZRAd3w
+qWhJ5ypafZNffb+b/GLWyN8k6B5pk+df8hNMlMXiXjZa3yTuCezc5L1FlNrfGyW
PGlYZxaxhejkE1hcPGlRp66M2zVWqinAjkx19yIP+CMYgUIUx+inL2032w==
-----END CERTIFICATE-----
Generated at Sat Jun 22 03:17:56 2024 by rpki-client on console-fra.rpki-client.org