Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/74eb9ece-ea26-4086-88dd-0d2d4183881c.roa
File:                     74eb9ece-ea26-4086-88dd-0d2d4183881c.roa (raw, json)
Hash identifier:          TWxNdWIj9KJ9AlMtKQHkVgnWvTQhsAiyrK0WVzuc+Fs=
Subject key identifier:   33:35:0A:EA:73:59:2E:E7:74:3F:9A:63:2E:DE:D7:79:DA:42:2F:E7
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       37744B625A877FCB062202AC517B2FCD79D66C3E
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/74eb9ece-ea26-4086-88dd-0d2d4183881c.roa
Signing time:             Mon 11 Mar 2024 00:00:00 +0000
ROA not before:           Mon 11 Mar 2024 00:00:00 +0000
ROA not after:            Mon 15 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        52.94.204.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 29 Mar 2024 12:02:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            37:74:4b:62:5a:87:7f:cb:06:22:02:ac:51:7b:2f:cd:79:d6:6c:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Mar 11 00:00:00 2024 GMT
            Not After : Apr 15 23:59:59 2024 GMT
        Subject: serialNumber=36332f1303c87e9f9ff04c960afd1ddfabd2bec3ae6520e5cea00ba3d069f54a, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:64:94:f8:0f:98:48:ec:30:6d:7d:e0:09:12:
                    7a:04:27:e7:78:ea:25:30:8d:29:60:34:b0:67:a4:
                    2c:e7:a3:71:f2:2d:c0:22:be:48:c5:53:56:8d:ee:
                    7c:25:42:ef:c4:75:00:ea:a4:4c:1d:36:77:75:87:
                    30:ef:69:7e:d2:94:19:ba:ef:91:76:12:7d:f2:e7:
                    b2:80:10:b7:8f:42:eb:87:af:fe:bb:4a:77:6f:40:
                    ef:1a:8d:6b:6a:67:90:bd:c2:8b:58:a7:cf:51:77:
                    41:39:18:67:20:f9:88:bf:87:64:95:78:ef:7b:80:
                    12:bf:b2:de:42:99:84:73:42:b9:bb:98:25:4f:e4:
                    2a:b5:9e:45:d6:e1:58:3b:42:29:e5:6a:dd:5f:6f:
                    11:a7:6a:04:76:24:89:0e:60:29:bc:bf:16:7f:63:
                    66:08:ac:2b:c5:42:d8:f3:07:49:b2:01:26:69:b9:
                    ed:50:0f:34:10:67:95:28:43:ac:e9:eb:be:4f:c8:
                    8c:2b:96:bd:3c:20:94:6e:d8:fb:f3:7d:82:97:4b:
                    19:bd:6e:fc:6f:81:b5:12:9b:c6:7c:42:dd:e2:65:
                    92:4c:8c:60:e6:24:12:24:00:b6:45:0b:8c:d3:6c:
                    97:6a:44:f8:8a:8b:b3:81:fc:2c:4f:3f:92:2c:45:
                    e5:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:35:0A:EA:73:59:2E:E7:74:3F:9A:63:2E:DE:D7:79:DA:42:2F:E7
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/74eb9ece-ea26-4086-88dd-0d2d4183881c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.94.204.0/23

    Signature Algorithm: sha256WithRSAEncryption
         50:86:77:e0:e2:8b:f3:5d:bb:d7:71:bc:01:41:9d:07:d1:fe:
         fa:02:e9:75:42:18:02:b3:68:4c:ba:52:d3:9c:61:de:35:d3:
         01:4b:9d:7f:0a:61:ec:f4:44:11:2a:db:e8:ab:18:a8:6b:fe:
         1b:02:e8:7f:f4:dc:10:54:1c:59:43:5b:5f:91:9d:bb:c3:2c:
         0b:e5:ab:a8:b9:a6:6c:99:b7:3b:14:4d:d8:61:97:ee:45:c2:
         ae:ab:bd:86:76:b5:c2:ad:9d:32:3b:ae:b8:e8:d6:50:10:83:
         22:ce:9d:63:80:ae:39:66:89:e5:b4:80:f6:19:a2:25:f5:a7:
         cc:55:e6:96:d0:76:ab:54:2f:a3:d3:59:52:64:40:9f:b3:62:
         85:55:4a:c1:9d:4d:d9:09:c8:92:6e:b1:36:da:cb:b3:23:bd:
         0e:cc:e1:d9:34:97:8e:41:4d:07:52:6e:b2:67:c7:86:c8:3b:
         3c:1a:de:0b:f4:cc:22:37:e3:6b:ea:16:7b:53:f1:a9:50:3e:
         57:42:0c:9e:96:29:48:53:c5:c8:24:ab:df:c4:78:cd:10:bf:
         9a:e7:fc:7e:cf:01:d8:f8:3c:f6:22:f3:26:e8:28:58:e0:89:
         cb:6a:24:a6:dc:d7:34:7c:40:9d:66:a1:99:c6:13:d9:52:ef:
         13:0d:7e:27
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUN3RLYlqHf8sGIgKsUXsvzXnWbD4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjQwMzExMDAwMDAwWhcNMjQwNDE1MjM1OTU5
WjB6MUkwRwYDVQQFE0AzNjMzMmYxMzAzYzg3ZTlmOWZmMDRjOTYwYWZkMWRkZmFi
ZDJiZWMzYWU2NTIwZTVjZWEwMGJhM2QwNjlmNTRhMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC1ZJT4D5hI7DBtfeAJEnoEJ+d46iUwjSlgNLBnpCzno3Hy
LcAivkjFU1aN7nwlQu/EdQDqpEwdNnd1hzDvaX7SlBm675F2En3y57KAELePQuuH
r/67SndvQO8ajWtqZ5C9wotYp89Rd0E5GGcg+Yi/h2SVeO97gBK/st5CmYRzQrm7
mCVP5Cq1nkXW4Vg7Qinlat1fbxGnagR2JIkOYCm8vxZ/Y2YIrCvFQtjzB0myASZp
ue1QDzQQZ5UoQ6zp675PyIwrlr08IJRu2PvzfYKXSxm9bvxvgbUSm8Z8Qt3iZZJM
jGDmJBIkALZFC4zTbJdqRPiKi7OB/CxPP5IsReVzAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUMzUK6nNZLud0P5pjLt7XedpCL+cwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzc0ZWI5ZWNlLWVhMjYtNDA4Ni04OGRkLTBkMmQ0MTgzODgxYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAE0XswwDQYJKoZIhvcNAQELBQADggEBAFCGd+Dii/Ndu9dxvAFBnQfR/voC
6XVCGAKzaEy6UtOcYd410wFLnX8KYez0RBEq2+irGKhr/hsC6H/03BBUHFlDW1+R
nbvDLAvlq6i5pmyZtzsUTdhhl+5Fwq6rvYZ2tcKtnTI7rrjo1lAQgyLOnWOArjlm
ieW0gPYZoiX1p8xV5pbQdqtUL6PTWVJkQJ+zYoVVSsGdTdkJyJJusTbay7MjvQ7M
4dk0l45BTQdSbrJnx4bIOzwa3gv0zCI342vqFntT8alQPldCDJ6WKUhTxcgkq9/E
eM0Qv5rn/H7PAdj4PPYi8yboKFjgictqJKbc1zR8QJ1moZnGE9lS7xMNfic=
-----END CERTIFICATE-----
Generated at Thu Mar 28 02:06:48 2024 by rpki-client on console-ams.rpki-client.org