Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/a4a32ee7-12ba-4aae-a700-cec1299317fe.roa
File:                     a4a32ee7-12ba-4aae-a700-cec1299317fe.roa (raw, json)
Hash identifier:          xIgzDZEqdTSCR64jcQ9We7raRCsuyQFmVFXR+RZA3zM=
Subject key identifier:   B2:2F:0C:ED:06:8B:56:A1:95:BD:55:BA:D3:25:D2:DB:5E:69:CA:22
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       0132B9FBFCE22DFFAA119B6516D6D884A273935B
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/a4a32ee7-12ba-4aae-a700-cec1299317fe.roa
Signing time:             Tue 28 May 2024 00:00:00 +0000
ROA not before:           Tue 28 May 2024 00:00:00 +0000
ROA not after:            Tue 02 Jul 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        52.219.144.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 20 Jun 2024 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:32:b9:fb:fc:e2:2d:ff:aa:11:9b:65:16:d6:d8:84:a2:73:93:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 28 00:00:00 2024 GMT
            Not After : Jul  2 23:59:59 2024 GMT
        Subject: serialNumber=3a5fa4ac4ab846c529575378800730d7fc8dcd100c5513d91c54425c90676367, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:e4:f8:c1:c7:e5:72:00:b8:db:b8:4d:9d:b5:
                    55:f6:96:2a:ce:d0:4d:ba:3a:0d:7f:07:10:4d:c6:
                    a7:df:5c:ed:c5:5b:eb:ea:fe:ba:32:65:d5:bc:0f:
                    1e:3c:75:fc:58:5f:2a:bf:ab:7c:da:7e:4c:a7:fb:
                    d8:cb:f5:a5:5b:1c:fa:28:3e:6e:f7:5a:70:12:4d:
                    e1:60:4f:a2:24:47:15:a7:aa:a1:e1:ae:8c:47:69:
                    17:35:01:a6:d8:ae:0d:7e:12:16:2f:55:7e:51:45:
                    31:d2:22:7c:b1:5a:89:34:1f:e2:43:3b:38:be:11:
                    46:59:8c:2d:a4:8e:08:4a:79:e1:de:eb:9b:11:58:
                    8c:ad:ad:f7:02:41:ba:2f:ed:a9:5f:34:c8:32:a7:
                    ce:a6:c0:9f:3b:c7:d1:b2:a0:80:32:30:9d:60:7b:
                    08:09:07:7a:0b:ba:1b:bf:9f:74:13:62:e8:7d:0e:
                    12:02:aa:5e:eb:7e:1e:01:c0:ca:21:33:01:ea:14:
                    cb:5c:e1:2c:73:a4:0b:97:16:fe:e7:6f:e5:c6:96:
                    fc:3e:5f:de:3f:7d:e1:7d:00:ae:3f:3d:26:8c:be:
                    78:a8:6a:f2:1d:f1:38:c5:1e:b0:76:d5:48:98:8b:
                    f0:f2:13:1f:69:1a:42:73:56:9b:0d:dc:df:3c:ec:
                    c6:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:2F:0C:ED:06:8B:56:A1:95:BD:55:BA:D3:25:D2:DB:5E:69:CA:22
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/a4a32ee7-12ba-4aae-a700-cec1299317fe.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.219.144.0/22

    Signature Algorithm: sha256WithRSAEncryption
         75:6a:ff:b0:84:eb:fa:80:34:9b:28:41:aa:1f:7c:ff:11:9c:
         2c:dc:1e:c6:89:fe:2a:5c:88:5c:0a:a8:c2:96:4a:3d:b3:3b:
         b6:ef:bd:3d:f3:99:f1:ae:e4:19:8a:0b:e4:92:e3:d4:dd:ac:
         1d:57:4b:d7:3c:cc:d2:0c:77:2b:ff:e3:8b:1d:4c:e3:06:15:
         5b:8a:04:ed:1c:87:b0:bc:65:03:29:b2:ad:0f:eb:79:79:c5:
         f6:4d:9a:8b:99:c0:98:7b:74:3c:30:9c:8f:e6:14:66:06:79:
         7c:b6:32:d8:28:29:ca:09:21:47:c2:8b:e2:f0:2a:9f:0c:4d:
         3e:ec:59:cd:2a:59:bf:78:95:b3:71:e2:96:41:b4:4b:6a:44:
         65:79:ba:43:f8:65:8a:60:91:5a:1a:f8:b9:c2:69:31:f5:6e:
         ea:26:fe:c8:0d:70:c6:6e:46:14:c1:94:8f:c5:93:28:df:75:
         5e:44:6b:d0:ab:20:49:1e:75:fd:45:83:7a:28:f5:1b:af:82:
         33:bb:f1:25:82:b1:ad:c9:c7:21:ad:74:72:df:0c:04:50:c5:
         4f:f0:f9:ed:7e:54:06:0b:c1:67:fc:e3:ff:08:48:38:40:bc:
         13:b2:7e:92:c8:a8:9d:02:cd:80:e8:d7:a8:db:98:a7:16:65:
         83:a2:9b:59
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUATK5+/ziLf+qEZtlFtbYhKJzk1swDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjQwNTI4MDAwMDAwWhcNMjQwNzAyMjM1OTU5
WjB6MUkwRwYDVQQFE0AzYTVmYTRhYzRhYjg0NmM1Mjk1NzUzNzg4MDA3MzBkN2Zj
OGRjZDEwMGM1NTEzZDkxYzU0NDI1YzkwNjc2MzY3MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDT5PjBx+VyALjbuE2dtVX2lirO0E26Og1/BxBNxqffXO3F
W+vq/royZdW8Dx48dfxYXyq/q3zafkyn+9jL9aVbHPooPm73WnASTeFgT6IkRxWn
qqHhroxHaRc1AabYrg1+EhYvVX5RRTHSInyxWok0H+JDOzi+EUZZjC2kjghKeeHe
65sRWIytrfcCQbov7alfNMgyp86mwJ87x9GyoIAyMJ1gewgJB3oLuhu/n3QTYuh9
DhICql7rfh4BwMohMwHqFMtc4SxzpAuXFv7nb+XGlvw+X94/feF9AK4/PSaMvnio
avId8TjFHrB21UiYi/DyEx9pGkJzVpsN3N887MZNAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUsi8M7QaLVqGVvVW60yXS215pyiIwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2E0YTMyZWU3LTEyYmEtNGFhZS1hNzAwLWNlYzEyOTkzMTdmZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAI025AwDQYJKoZIhvcNAQELBQADggEBAHVq/7CE6/qANJsoQaoffP8RnCzc
HsaJ/ipciFwKqMKWSj2zO7bvvT3zmfGu5BmKC+SS49TdrB1XS9c8zNIMdyv/44sd
TOMGFVuKBO0ch7C8ZQMpsq0P63l5xfZNmouZwJh7dDwwnI/mFGYGeXy2MtgoKcoJ
IUfCi+LwKp8MTT7sWc0qWb94lbNx4pZBtEtqRGV5ukP4ZYpgkVoa+LnCaTH1buom
/sgNcMZuRhTBlI/FkyjfdV5Ea9CrIEkedf1Fg3oo9RuvgjO78SWCsa3JxyGtdHLf
DARQxU/w+e1+VAYLwWf84/8ISDhAvBOyfpLIqJ0CzYDo16jbmKcWZYOim1k=
-----END CERTIFICATE-----
Generated at Tue Jun 18 03:15:32 2024 by rpki-client on console-ams.rpki-client.org