Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/a2caf31b-a8dd-44f6-b7ad-40d80a0a2f50.roa
File:                     a2caf31b-a8dd-44f6-b7ad-40d80a0a2f50.roa (raw, json)
Hash identifier:          cjgeW8rVytnPaaTcf2mQ8KV9xesGkSVCqBccNoP6Kvw=
Subject key identifier:   98:08:A3:33:F3:F7:69:9D:D2:6C:2B:D3:A7:19:DA:5D:D2:2A:5F:CC
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       2E38F66098ED60C117A5DB692979F949794BA88A
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/a2caf31b-a8dd-44f6-b7ad-40d80a0a2f50.roa
Signing time:             Tue 05 Mar 2024 00:00:00 +0000
ROA not before:           Tue 05 Mar 2024 00:00:00 +0000
ROA not after:            Tue 09 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        3.33.44.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 30 Mar 2024 12:04:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2e:38:f6:60:98:ed:60:c1:17:a5:db:69:29:79:f9:49:79:4b:a8:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Mar  5 00:00:00 2024 GMT
            Not After : Apr  9 23:59:59 2024 GMT
        Subject: serialNumber=e870bfb36d9b441df76787e799ee020be1629b81ff967828ef719bc02a238b6f, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:d3:d2:8d:6a:1c:e1:d6:55:d4:75:4a:71:08:
                    76:47:9a:10:65:f6:2e:63:ee:b6:a2:7c:a9:0b:23:
                    e4:bc:4a:f8:46:69:02:1f:99:79:64:83:d0:9a:9c:
                    b6:39:44:b3:94:03:9e:b8:19:87:f2:97:f5:18:a8:
                    af:9f:32:2a:c6:d2:1d:3e:54:32:f8:70:34:20:46:
                    87:7c:d6:30:65:de:d8:53:e5:da:8c:e4:73:5d:a6:
                    11:c0:70:d1:ac:56:bc:83:e4:de:53:75:76:32:e8:
                    9d:e3:fd:61:b0:7c:e6:5f:b2:e9:a1:e6:27:d4:d3:
                    0d:79:be:c9:9f:66:b7:1e:a9:03:ca:a6:78:71:0f:
                    61:ec:9e:e0:d9:03:19:07:ea:da:ec:29:e3:60:57:
                    da:d5:50:e6:8b:80:99:02:ff:dd:11:fe:73:aa:99:
                    e0:b9:9d:0c:1b:0c:48:c6:07:4c:e2:8e:eb:10:3d:
                    bd:29:b1:84:9e:5b:b1:ca:9d:cd:3e:a5:ec:8f:73:
                    a4:4d:96:6d:82:73:7e:30:60:0f:36:a4:f2:f8:f8:
                    85:3e:91:8d:96:43:d2:3f:ed:9f:bc:84:8a:92:8c:
                    a9:e8:ec:ef:ad:9a:c6:d0:c9:c3:fe:4a:b8:54:a7:
                    c1:de:ea:89:08:05:e0:a5:c1:94:60:f8:78:6a:63:
                    fa:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:08:A3:33:F3:F7:69:9D:D2:6C:2B:D3:A7:19:DA:5D:D2:2A:5F:CC
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/a2caf31b-a8dd-44f6-b7ad-40d80a0a2f50.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  3.33.44.0/22

    Signature Algorithm: sha256WithRSAEncryption
         26:37:84:65:35:bf:6b:93:4f:df:ea:8f:11:a4:66:4d:d3:a7:
         7b:6a:3c:fc:ea:05:7d:b8:4f:3f:26:98:76:40:2b:99:1c:a1:
         3f:2b:2e:e7:21:2d:09:a3:87:33:7d:7c:eb:a8:35:8d:14:7d:
         2a:d9:02:f4:41:32:65:0f:5b:f0:f5:2b:ce:4c:ab:4a:9c:8f:
         84:e7:88:69:ec:77:2c:b8:97:a2:a5:9d:43:18:5f:83:d4:ba:
         5e:4b:3b:80:c7:95:0c:ea:84:a8:76:ba:8d:f3:79:77:44:cd:
         1c:18:47:13:c4:6a:27:2c:86:6a:48:3f:69:df:a9:bc:24:2f:
         f6:d2:19:46:f5:ac:55:39:9e:b1:10:e3:54:2a:d4:38:c3:9d:
         ca:72:a1:fa:49:5c:2c:67:bb:52:10:b5:d0:28:55:c1:e1:96:
         13:3e:fa:82:79:1a:a5:2b:07:96:26:f6:2e:a7:48:76:67:4a:
         2c:77:a9:02:71:97:cb:f7:d0:fb:00:9d:f7:9a:4d:71:e2:5e:
         bc:37:51:3b:23:59:f7:dd:0f:c4:70:13:48:e8:c9:3e:52:10:
         48:b8:67:76:55:61:c1:d1:4c:a4:c9:21:a1:8c:91:96:8e:33:
         b4:26:61:a0:72:2b:89:aa:63:c4:c1:bc:3b:18:05:af:8a:b5:
         2a:fd:9c:63
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIULjj2YJjtYMEXpdtpKXn5SXlLqIowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjQwMzA1MDAwMDAwWhcNMjQwNDA5MjM1OTU5
WjB6MUkwRwYDVQQFE0BlODcwYmZiMzZkOWI0NDFkZjc2Nzg3ZTc5OWVlMDIwYmUx
NjI5YjgxZmY5Njc4MjhlZjcxOWJjMDJhMjM4YjZmMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCj09KNahzh1lXUdUpxCHZHmhBl9i5j7raifKkLI+S8SvhG
aQIfmXlkg9CanLY5RLOUA564GYfyl/UYqK+fMirG0h0+VDL4cDQgRod81jBl3thT
5dqM5HNdphHAcNGsVryD5N5TdXYy6J3j/WGwfOZfsumh5ifU0w15vsmfZrceqQPK
pnhxD2HsnuDZAxkH6trsKeNgV9rVUOaLgJkC/90R/nOqmeC5nQwbDEjGB0zijusQ
Pb0psYSeW7HKnc0+peyPc6RNlm2Cc34wYA82pPL4+IU+kY2WQ9I/7Z+8hIqSjKno
7O+tmsbQycP+SrhUp8He6okIBeClwZRg+HhqY/pfAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUmAijM/P3aZ3SbCvTpxnaXdIqX8wwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2EyY2FmMzFiLWE4ZGQtNDRmNi1iN2FkLTQwZDgwYTBhMmY1MC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAIDISwwDQYJKoZIhvcNAQELBQADggEBACY3hGU1v2uTT9/qjxGkZk3Tp3tq
PPzqBX24Tz8mmHZAK5kcoT8rLuchLQmjhzN9fOuoNY0UfSrZAvRBMmUPW/D1K85M
q0qcj4TniGnsdyy4l6KlnUMYX4PUul5LO4DHlQzqhKh2uo3zeXdEzRwYRxPEaics
hmpIP2nfqbwkL/bSGUb1rFU5nrEQ41Qq1DjDncpyofpJXCxnu1IQtdAoVcHhlhM+
+oJ5GqUrB5Ym9i6nSHZnSix3qQJxl8v30PsAnfeaTXHiXrw3UTsjWffdD8RwE0jo
yT5SEEi4Z3ZVYcHRTKTJIaGMkZaOM7QmYaByK4mqY8TBvDsYBa+KtSr9nGM=
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:38:33 2024 by rpki-client on console-fra.rpki-client.org