Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/99997502-0b95-43c1-b542-64941f8d54e8.roa
File:                     99997502-0b95-43c1-b542-64941f8d54e8.roa (raw, json)
Hash identifier:          mOjeqHGeiGIwAgglKzUJ28I3IdI9Rn50gGw7s0n98RE=
Subject key identifier:   59:B6:60:21:A9:1E:3C:02:BC:06:18:D3:D7:F2:66:88:64:F8:E3:F3
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       71A79627B6038139410BC3BACC7CD7978068888E
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/99997502-0b95-43c1-b542-64941f8d54e8.roa
Signing time:             Mon 17 Jun 2024 00:00:00 +0000
ROA not before:           Mon 17 Jun 2024 00:00:00 +0000
ROA not after:            Mon 22 Jul 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        52.95.170.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 18 Jun 2024 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            71:a7:96:27:b6:03:81:39:41:0b:c3:ba:cc:7c:d7:97:80:68:88:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jun 17 00:00:00 2024 GMT
            Not After : Jul 22 23:59:59 2024 GMT
        Subject: serialNumber=ec675b771d05c16c3ad17ffdf0a68bde800e435b3d067bb9e4e3db028aa04b76, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:36:e4:62:13:ed:45:94:9b:68:21:e5:54:1b:
                    7d:60:9d:a6:34:07:cb:11:96:12:d8:f0:6e:67:db:
                    ed:56:57:29:ea:6e:76:35:3a:fb:11:f8:90:2b:80:
                    16:f4:4d:d1:f1:17:e8:ce:13:79:85:30:c7:b7:98:
                    ab:54:d9:90:2a:53:fb:cf:5a:ed:0a:e8:f6:b7:53:
                    88:aa:10:c7:93:6d:ca:b9:1b:11:3e:d4:a8:79:30:
                    0b:d2:cc:a5:71:07:5d:4a:e7:58:73:e2:39:47:ce:
                    30:aa:4c:e2:d3:ff:25:58:27:95:bf:ea:63:e7:53:
                    15:02:fc:a2:74:1b:b2:42:e2:eb:f5:14:df:e0:74:
                    c1:b0:6c:c5:6a:39:af:18:98:89:a7:1e:40:dd:5a:
                    c2:6b:9e:59:f7:4f:52:3e:7d:c9:5d:14:77:3f:70:
                    1a:6b:3c:3e:87:7a:c6:27:bd:cb:f9:86:5f:c1:57:
                    5f:b1:03:2d:a1:ba:78:bf:87:04:4d:05:4c:d5:2f:
                    f1:18:18:e9:4d:3c:9e:ea:bd:ed:81:fa:ad:e7:fb:
                    ec:e7:7b:e0:e9:d9:c6:8a:be:42:7a:86:f7:6e:15:
                    8f:9f:94:a1:f7:8a:f3:67:fa:54:cd:54:6e:90:22:
                    32:0d:ad:92:12:90:ec:a7:fd:18:ed:d0:77:73:c3:
                    5e:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:B6:60:21:A9:1E:3C:02:BC:06:18:D3:D7:F2:66:88:64:F8:E3:F3
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/99997502-0b95-43c1-b542-64941f8d54e8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.95.170.0/23

    Signature Algorithm: sha256WithRSAEncryption
         12:3f:16:0a:36:79:be:54:d6:41:df:62:3f:05:52:dd:87:0d:
         78:75:4a:b6:b4:e0:d3:9f:03:3c:59:d9:8c:19:d5:e0:13:3a:
         85:a9:51:db:f3:22:74:f1:e6:ee:c5:b9:b2:9f:c5:ce:ed:6e:
         e7:82:4d:5d:e9:1d:c0:b5:20:35:9a:93:e1:e7:f2:90:bb:35:
         56:e7:d0:a0:3e:3b:0c:62:9d:67:5e:4b:66:9d:12:bd:78:e5:
         b7:b8:77:8f:ef:b5:4f:51:81:52:3b:af:eb:72:b2:4c:47:18:
         60:43:4b:c3:f4:37:6b:cf:99:7b:48:50:01:7e:a9:6e:1d:83:
         91:62:13:00:f8:1e:25:3e:d7:e0:ad:92:d4:aa:fb:81:85:84:
         fa:40:0d:8c:c8:04:b0:63:6d:0f:db:85:c1:fe:06:3b:35:24:
         94:ba:a6:8b:c0:cd:f0:7c:ba:6e:67:0e:69:bf:ca:0b:cd:47:
         56:ba:90:b9:a5:e8:6f:65:f5:b1:c2:62:d7:aa:aa:5e:eb:64:
         31:14:87:37:37:1a:dd:a3:2a:95:24:6e:1f:9f:a2:65:f7:63:
         f2:82:2d:e4:92:f5:44:53:4d:d6:ad:02:b2:92:00:ff:ad:8a:
         fd:0c:ea:4d:ca:ec:69:49:c4:20:77:95:f7:17:75:0b:36:a1:
         3d:1a:0a:fe
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUcaeWJ7YDgTlBC8O6zHzXl4BoiI4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjQwNjE3MDAwMDAwWhcNMjQwNzIyMjM1OTU5
WjB6MUkwRwYDVQQFE0BlYzY3NWI3NzFkMDVjMTZjM2FkMTdmZmRmMGE2OGJkZTgw
MGU0MzViM2QwNjdiYjllNGUzZGIwMjhhYTA0Yjc2MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCeNuRiE+1FlJtoIeVUG31gnaY0B8sRlhLY8G5n2+1WVynq
bnY1OvsR+JArgBb0TdHxF+jOE3mFMMe3mKtU2ZAqU/vPWu0K6Pa3U4iqEMeTbcq5
GxE+1Kh5MAvSzKVxB11K51hz4jlHzjCqTOLT/yVYJ5W/6mPnUxUC/KJ0G7JC4uv1
FN/gdMGwbMVqOa8YmImnHkDdWsJrnln3T1I+fcldFHc/cBprPD6HesYnvcv5hl/B
V1+xAy2huni/hwRNBUzVL/EYGOlNPJ7qve2B+q3n++zne+Dp2caKvkJ6hvduFY+f
lKH3ivNn+lTNVG6QIjINrZISkOyn/Rjt0Hdzw14PAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUWbZgIakePAK8BhjT1/JmiGT44/MwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzk5OTk3NTAyLTBiOTUtNDNjMS1iNTQyLTY0OTQxZjhkNTRlOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAE0X6owDQYJKoZIhvcNAQELBQADggEBABI/Fgo2eb5U1kHfYj8FUt2HDXh1
Sra04NOfAzxZ2YwZ1eATOoWpUdvzInTx5u7FubKfxc7tbueCTV3pHcC1IDWak+Hn
8pC7NVbn0KA+OwxinWdeS2adEr145be4d4/vtU9RgVI7r+tyskxHGGBDS8P0N2vP
mXtIUAF+qW4dg5FiEwD4HiU+1+CtktSq+4GFhPpADYzIBLBjbQ/bhcH+Bjs1JJS6
povAzfB8um5nDmm/ygvNR1a6kLml6G9l9bHCYteqql7rZDEUhzc3Gt2jKpUkbh+f
omX3Y/KCLeSS9URTTdatArKSAP+tiv0M6k3K7GlJxCB3lfcXdQs2oT0aCv4=
-----END CERTIFICATE-----
Generated at Mon Jun 17 18:17:45 2024 by rpki-client on console-fra.rpki-client.org