Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/9b5a7579-d866-4f39-a7e3-65def6829bc2.roa
File:                     9b5a7579-d866-4f39-a7e3-65def6829bc2.roa (raw, json)
Hash identifier:          yGl4IayzNoAHLI9j5mP0OFp/8Pnb6FSJwLa0PROvUH4=
Subject key identifier:   FA:C6:FA:17:AA:A7:5A:C6:45:EC:E2:2E:1B:27:E3:ED:D6:E0:52:9E
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       6B87E01C05498F4F2FE42AB6D4D1DC7CA3E61C13
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/9b5a7579-d866-4f39-a7e3-65def6829bc2.roa
Signing time:             Mon 27 May 2024 00:00:00 +0000
ROA not before:           Mon 27 May 2024 00:00:00 +0000
ROA not after:            Mon 01 Jul 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        18.162.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 20 Jun 2024 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6b:87:e0:1c:05:49:8f:4f:2f:e4:2a:b6:d4:d1:dc:7c:a3:e6:1c:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 27 00:00:00 2024 GMT
            Not After : Jul  1 23:59:59 2024 GMT
        Subject: serialNumber=0634501b489656f52c877385cfd23f2d8421c6e7ddaa6815e3a01669607b0c23, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:08:34:33:e5:38:9f:33:a7:be:17:47:2d:0d:
                    65:a5:0d:22:6d:1b:f0:72:a0:3e:56:ff:78:71:e4:
                    e4:2d:08:da:bf:24:88:65:8a:88:83:49:96:4d:4d:
                    e8:8c:96:54:2a:08:48:8e:2c:46:ef:f0:e8:43:9e:
                    6b:32:3c:0d:f0:15:61:5c:1d:eb:8c:d9:f8:da:71:
                    cf:97:44:48:f0:e4:ea:df:2d:e0:b4:53:65:07:d8:
                    20:f0:a3:10:95:91:eb:3d:2a:f4:1c:8d:83:0b:4c:
                    d6:62:6b:ba:68:8f:c4:01:bc:fa:e5:e3:8a:93:33:
                    ba:65:ed:ce:04:7f:02:ce:4e:6c:72:27:d7:bc:20:
                    20:0e:3e:d5:ca:a4:4e:91:92:3b:f9:7a:67:ec:18:
                    88:ad:f0:71:93:d6:bc:d1:34:be:b5:63:45:84:0f:
                    5f:c9:cd:62:b9:95:75:24:4c:c8:dc:9a:4a:1a:cb:
                    d3:df:79:bb:13:de:75:c5:81:80:14:ef:2e:ce:c2:
                    1f:e3:59:ad:5f:1b:db:fc:60:8e:58:d9:6f:a1:d8:
                    ee:c1:8e:86:b2:85:2f:19:b8:31:00:49:93:da:16:
                    bf:a2:a4:73:12:25:53:e4:e1:31:27:0a:2c:3d:b8:
                    db:51:55:93:4e:b0:d5:fb:6e:00:1f:37:4b:48:ec:
                    24:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:C6:FA:17:AA:A7:5A:C6:45:EC:E2:2E:1B:27:E3:ED:D6:E0:52:9E
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/9b5a7579-d866-4f39-a7e3-65def6829bc2.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  18.162.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         88:44:e8:02:98:70:fe:bc:75:4a:71:c1:82:61:6b:44:3c:fe:
         2b:3f:c5:3a:09:8d:69:90:05:24:b5:26:95:2d:cc:f8:b8:58:
         3f:e3:a6:b1:c6:ba:a5:e8:7c:e3:28:07:67:59:61:41:91:01:
         ed:86:58:a3:47:ad:72:9e:19:eb:a8:ea:70:28:c4:77:05:f8:
         2b:c3:fb:ad:48:ea:cf:1c:7c:e5:66:eb:2b:f0:cb:9a:6c:03:
         cd:6f:90:9a:e1:7f:94:d5:29:a3:3d:7f:19:52:9c:8e:99:7b:
         30:ab:b6:0a:f8:a2:e8:8c:05:e1:fa:7b:34:2e:4c:9c:05:de:
         21:ae:29:5f:e7:f6:02:a0:fb:8d:a7:76:a5:da:7b:c1:fb:1a:
         95:12:05:dc:6a:b2:f7:f0:aa:43:4d:32:3d:26:52:c2:a5:e7:
         68:a5:87:2a:74:81:82:c1:62:65:9c:90:f7:77:fb:53:06:5d:
         0b:4e:e2:0f:5f:b7:4f:91:81:ae:44:d1:1f:77:06:70:aa:10:
         61:4f:3f:ec:44:51:69:0d:c3:24:75:24:a5:8b:df:0c:74:ae:
         94:85:0a:5f:a3:47:e4:d6:0b:cc:bf:a4:e7:31:c8:e5:32:7e:
         fc:03:d0:bf:67:c5:ec:06:87:c6:19:fe:34:1a:6c:78:f7:08:
         49:fd:00:57
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUa4fgHAVJj08v5Cq21NHcfKPmHBMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjQwNTI3MDAwMDAwWhcNMjQwNzAxMjM1OTU5
WjB6MUkwRwYDVQQFE0AwNjM0NTAxYjQ4OTY1NmY1MmM4NzczODVjZmQyM2YyZDg0
MjFjNmU3ZGRhYTY4MTVlM2EwMTY2OTYwN2IwYzIzMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC+CDQz5TifM6e+F0ctDWWlDSJtG/ByoD5W/3hx5OQtCNq/
JIhlioiDSZZNTeiMllQqCEiOLEbv8OhDnmsyPA3wFWFcHeuM2fjacc+XREjw5Orf
LeC0U2UH2CDwoxCVkes9KvQcjYMLTNZia7poj8QBvPrl44qTM7pl7c4EfwLOTmxy
J9e8ICAOPtXKpE6Rkjv5emfsGIit8HGT1rzRNL61Y0WED1/JzWK5lXUkTMjcmkoa
y9PfebsT3nXFgYAU7y7Owh/jWa1fG9v8YI5Y2W+h2O7BjoayhS8ZuDEASZPaFr+i
pHMSJVPk4TEnCiw9uNtRVZNOsNX7bgAfN0tI7CTHAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU+sb6F6qnWsZF7OIuGyfj7dbgUp4wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzliNWE3NTc5LWQ4NjYtNGYzOS1hN2UzLTY1ZGVmNjgyOWJjMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwASojANBgkqhkiG9w0BAQsFAAOCAQEAiEToAphw/rx1SnHBgmFrRDz+Kz/F
OgmNaZAFJLUmlS3M+LhYP+Omsca6peh84ygHZ1lhQZEB7YZYo0etcp4Z66jqcCjE
dwX4K8P7rUjqzxx85WbrK/DLmmwDzW+QmuF/lNUpoz1/GVKcjpl7MKu2Cvii6IwF
4fp7NC5MnAXeIa4pX+f2AqD7jad2pdp7wfsalRIF3Gqy9/CqQ00yPSZSwqXnaKWH
KnSBgsFiZZyQ93f7UwZdC07iD1+3T5GBrkTRH3cGcKoQYU8/7ERRaQ3DJHUkpYvf
DHSulIUKX6NH5NYLzL+k5zHI5TJ+/APQv2fF7AaHxhn+NBpsePcISf0AVw==
-----END CERTIFICATE-----
Generated at Tue Jun 18 01:54:35 2024 by rpki-client on console-fra.rpki-client.org