Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/926673fa-2a99-4a67-830e-3f0967580dd6.roa
File:                     926673fa-2a99-4a67-830e-3f0967580dd6.roa (raw, json)
Hash identifier:          YZrVB/AScnOAQvthqebg5q8bYsdogHuTlSAqpHHkxdU=
Subject key identifier:   B8:F3:E6:76:62:63:AE:C2:1C:0D:E1:42:F3:CD:BF:36:89:8C:27:F3
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       787F0FF0B6AFBBD53C2B4CE9A1CC5B93B1E433F0
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/926673fa-2a99-4a67-830e-3f0967580dd6.roa
Signing time:             Tue 28 May 2024 00:00:00 +0000
ROA not before:           Tue 28 May 2024 00:00:00 +0000
ROA not after:            Tue 02 Jul 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        136.13.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 14 Jun 2024 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            78:7f:0f:f0:b6:af:bb:d5:3c:2b:4c:e9:a1:cc:5b:93:b1:e4:33:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 28 00:00:00 2024 GMT
            Not After : Jul  2 23:59:59 2024 GMT
        Subject: serialNumber=75f72d6cb5ebe4ea42368c4e5386f1f75b87f8f9c7441baf1d4f497171b46495, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:6d:50:8b:b2:a6:87:81:89:3d:a7:49:cb:10:
                    70:b3:4e:d8:8d:e7:01:3c:60:54:c1:d4:27:f0:f6:
                    8b:aa:6a:d3:31:60:84:fa:3b:e0:03:92:d9:b9:ff:
                    44:6c:00:55:1c:af:b1:d8:31:5c:e4:94:16:45:e9:
                    55:4a:07:3b:64:06:33:04:b1:72:23:6f:8b:25:f8:
                    d5:cb:b5:21:e2:04:16:c1:5e:17:1f:8b:09:a0:ea:
                    df:dc:29:9e:0f:3d:6a:7a:6d:6a:ca:c7:51:83:49:
                    d8:a8:56:91:f8:8f:8c:69:4a:ed:a3:ee:15:e6:3d:
                    d6:fc:61:67:90:15:44:fc:20:79:00:71:2b:bf:99:
                    b3:51:99:58:7d:3f:81:aa:81:f7:6f:fe:e9:f2:f2:
                    e8:3e:b8:24:8c:06:c2:a3:93:6a:62:81:a8:e6:4e:
                    dd:15:c7:e4:34:29:58:65:ca:45:8e:14:34:a7:c3:
                    fc:59:6c:ad:6a:f6:d2:23:b6:24:a8:e9:d0:73:d4:
                    a5:69:7c:09:4f:4f:22:b5:55:fa:81:02:3f:f8:44:
                    db:87:af:15:d4:3f:e9:b4:05:59:50:58:6e:19:33:
                    ff:d1:48:ed:56:40:a5:2e:50:03:89:28:c3:b2:79:
                    7e:50:10:34:ee:4a:83:e1:8d:1e:0c:17:b7:d8:d0:
                    69:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:F3:E6:76:62:63:AE:C2:1C:0D:E1:42:F3:CD:BF:36:89:8C:27:F3
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/926673fa-2a99-4a67-830e-3f0967580dd6.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  136.13.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         81:68:4a:f9:bc:d3:68:55:96:a9:73:39:22:c0:13:aa:48:78:
         ca:fe:00:07:21:15:9e:c0:8b:f3:a2:d1:af:62:52:0a:6b:3e:
         03:a7:f3:09:28:f1:eb:da:5c:2f:d7:62:ca:d6:7c:45:2b:2b:
         7e:14:79:bd:ce:20:9b:83:cf:b5:02:ca:5a:72:03:ff:e5:f8:
         c0:17:13:f1:15:9b:4c:74:a0:15:cb:cd:92:4c:90:67:dd:37:
         c1:2b:4c:18:2b:e3:54:b7:29:b1:05:df:ef:57:6c:17:60:fb:
         5e:6a:68:fb:6f:ff:df:bb:d6:5b:85:79:74:96:15:92:87:67:
         b4:55:80:22:1c:52:16:15:a9:3f:f0:a7:1f:58:78:fb:f3:85:
         e7:e4:c9:12:10:32:c0:c9:9b:85:3d:40:6b:ea:07:91:14:92:
         d7:3b:12:e6:0a:95:7a:74:63:e4:3d:1a:0f:2b:6b:97:99:ba:
         bd:2f:bf:dd:e3:85:a0:b9:ba:10:0c:ad:1d:53:55:d9:d9:a6:
         d0:95:ff:b9:dd:68:eb:a9:d6:24:7a:7a:b2:50:16:fd:8f:3f:
         1b:fd:ed:2e:c8:58:e4:b1:07:8d:6c:1d:39:0a:c9:bc:4f:b5:
         7f:87:b5:b5:a7:5d:27:d0:81:75:3f:71:37:a2:8f:89:71:21:
         a4:10:24:bb
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUeH8P8Lavu9U8K0zpocxbk7HkM/AwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjQwNTI4MDAwMDAwWhcNMjQwNzAyMjM1OTU5
WjB6MUkwRwYDVQQFE0A3NWY3MmQ2Y2I1ZWJlNGVhNDIzNjhjNGU1Mzg2ZjFmNzVi
ODdmOGY5Yzc0NDFiYWYxZDRmNDk3MTcxYjQ2NDk1MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDEbVCLsqaHgYk9p0nLEHCzTtiN5wE8YFTB1Cfw9ouqatMx
YIT6O+ADktm5/0RsAFUcr7HYMVzklBZF6VVKBztkBjMEsXIjb4sl+NXLtSHiBBbB
Xhcfiwmg6t/cKZ4PPWp6bWrKx1GDSdioVpH4j4xpSu2j7hXmPdb8YWeQFUT8IHkA
cSu/mbNRmVh9P4Gqgfdv/uny8ug+uCSMBsKjk2pigajmTt0Vx+Q0KVhlykWOFDSn
w/xZbK1q9tIjtiSo6dBz1KVpfAlPTyK1VfqBAj/4RNuHrxXUP+m0BVlQWG4ZM//R
SO1WQKUuUAOJKMOyeX5QEDTuSoPhjR4MF7fY0Gl/AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUuPPmdmJjrsIcDeFC882/NomMJ/MwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzkyNjY3M2ZhLTJhOTktNGE2Ny04MzBlLTNmMDk2NzU4MGRkNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCIDTANBgkqhkiG9w0BAQsFAAOCAQEAgWhK+bzTaFWWqXM5IsATqkh4yv4A
ByEVnsCL86LRr2JSCms+A6fzCSjx69pcL9diytZ8RSsrfhR5vc4gm4PPtQLKWnID
/+X4wBcT8RWbTHSgFcvNkkyQZ903wStMGCvjVLcpsQXf71dsF2D7Xmpo+2//37vW
W4V5dJYVkodntFWAIhxSFhWpP/CnH1h4+/OF5+TJEhAywMmbhT1Aa+oHkRSS1zsS
5gqVenRj5D0aDytrl5m6vS+/3eOFoLm6EAytHVNV2dmm0JX/ud1o66nWJHp6slAW
/Y8/G/3tLshY5LEHjWwdOQrJvE+1f4e1taddJ9CBdT9xN6KPiXEhpBAkuw==
-----END CERTIFICATE-----
Generated at Wed Jun 12 16:27:30 2024 by rpki-client on console-fra.rpki-client.org