Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/b498e34a-f1d1-470f-a864-7eed8f769ebc.roa
File:                     b498e34a-f1d1-470f-a864-7eed8f769ebc.roa (raw, json)
Hash identifier:          YXrV8hx5w8GmFl43jyIrIEEykmgfV0z99srkBMYllds=
Subject key identifier:   CB:0A:F9:51:96:BE:DD:C1:C5:A0:92:00:0D:A3:69:71:1F:5C:30:61
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       613B5CE37B6F310FE28E9E68FB8B91B92F867BB3
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/b498e34a-f1d1-470f-a864-7eed8f769ebc.roa
Signing time:             Mon 11 Mar 2024 00:00:00 +0000
ROA not before:           Mon 11 Mar 2024 00:00:00 +0000
ROA not after:            Mon 15 Apr 2024 23:59:59 +0000
asID:                     8987
IP address blocks:        52.61.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 29 Mar 2024 12:02:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            61:3b:5c:e3:7b:6f:31:0f:e2:8e:9e:68:fb:8b:91:b9:2f:86:7b:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Mar 11 00:00:00 2024 GMT
            Not After : Apr 15 23:59:59 2024 GMT
        Subject: serialNumber=82daf28f6fcd12f78278b241ff0c5c2c8d3f466271468c4fb88fc74e6e112baa, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:e3:d0:ae:b7:65:27:13:00:d0:fd:6c:f3:29:
                    9c:69:67:a1:9e:a5:ce:19:76:47:63:fb:3f:50:a2:
                    72:a5:10:ba:c3:fb:e8:bd:49:9b:ca:7c:73:56:22:
                    07:b0:a8:e8:5e:d6:8a:3a:a6:72:61:8d:d1:25:47:
                    6e:da:d9:d0:ff:e7:0e:27:8c:70:4a:06:29:15:59:
                    28:44:10:52:97:59:b8:aa:a1:05:44:9a:10:a7:26:
                    d2:53:02:cd:7c:4c:f9:36:1d:ff:6b:6b:dc:4d:9b:
                    c2:11:4e:a4:2d:3c:16:f3:e0:d5:fc:d4:1a:42:79:
                    d8:59:cb:aa:f7:15:cd:9e:80:e0:7d:40:df:8e:2f:
                    42:68:67:94:cd:90:62:95:a2:81:b6:b8:a4:0c:4c:
                    d8:e0:17:eb:b0:d5:b3:75:c7:8f:9b:c3:08:b1:d6:
                    86:48:e7:3f:84:d0:b1:e3:62:c2:21:a8:db:55:c7:
                    ee:8d:d6:e1:6b:b0:5f:98:a6:7b:ed:f5:5d:d1:2e:
                    44:22:ec:18:3b:a2:08:6d:59:4c:f4:51:43:13:41:
                    95:9c:fe:31:6e:3e:4f:48:34:36:b8:cd:56:77:5a:
                    17:dc:9e:5f:57:a6:38:4d:a7:85:fb:b1:57:9b:0a:
                    3e:06:77:34:05:f0:61:f0:68:39:c0:30:0c:9e:05:
                    29:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:0A:F9:51:96:BE:DD:C1:C5:A0:92:00:0D:A3:69:71:1F:5C:30:61
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/b498e34a-f1d1-470f-a864-7eed8f769ebc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.61.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         ac:7a:8e:97:4a:14:02:11:9d:e9:2f:b0:f0:f4:f9:42:6c:79:
         14:ff:e7:21:da:1a:3e:83:08:ea:5b:66:af:4b:03:53:9e:04:
         11:c2:dc:df:a1:f5:eb:65:dc:58:4d:ee:a7:d3:76:ee:b3:d9:
         d3:a4:b4:a9:09:01:b7:da:13:7b:7a:42:7d:4b:cc:c8:9b:42:
         a4:1f:b5:28:8c:79:2e:2e:44:55:72:a8:a0:bd:59:26:d8:e3:
         fd:e7:ef:7b:de:bc:39:55:65:44:69:0f:38:b8:7c:58:60:98:
         8a:4e:52:24:54:18:2f:04:95:00:88:95:11:d7:e2:e7:86:af:
         26:dd:9c:3e:00:55:70:8e:31:a2:e3:c2:9f:c6:9c:e4:61:f2:
         a7:c1:b6:df:e0:aa:f6:7f:5f:85:e5:85:d4:99:1c:b9:04:e4:
         c9:28:7d:c6:07:5a:06:63:ba:94:74:98:9c:d6:fb:cb:22:ea:
         9d:71:08:9d:91:c1:2f:39:d4:3e:70:b9:f3:73:c7:ea:84:cf:
         33:bf:0c:ce:b9:d4:2e:7f:3c:71:2c:be:54:f1:ec:34:b9:10:
         7c:7f:67:4c:75:4e:57:54:fe:5c:ac:27:b1:23:0a:02:9f:22:
         40:44:ea:81:4e:db:4e:7e:3e:22:10:77:f1:f2:7b:9d:de:a3:
         a7:82:c1:00
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUYTtc43tvMQ/ijp5o+4uRuS+Ge7MwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjQwMzExMDAwMDAwWhcNMjQwNDE1MjM1OTU5
WjB6MUkwRwYDVQQFE0A4MmRhZjI4ZjZmY2QxMmY3ODI3OGIyNDFmZjBjNWMyYzhk
M2Y0NjYyNzE0NjhjNGZiODhmYzc0ZTZlMTEyYmFhMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDj49Cut2UnEwDQ/WzzKZxpZ6Gepc4Zdkdj+z9QonKlELrD
++i9SZvKfHNWIgewqOhe1oo6pnJhjdElR27a2dD/5w4njHBKBikVWShEEFKXWbiq
oQVEmhCnJtJTAs18TPk2Hf9ra9xNm8IRTqQtPBbz4NX81BpCedhZy6r3Fc2egOB9
QN+OL0JoZ5TNkGKVooG2uKQMTNjgF+uw1bN1x4+bwwix1oZI5z+E0LHjYsIhqNtV
x+6N1uFrsF+Ypnvt9V3RLkQi7Bg7oghtWUz0UUMTQZWc/jFuPk9INDa4zVZ3Whfc
nl9XpjhNp4X7sVebCj4GdzQF8GHwaDnAMAyeBSkDAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUywr5UZa+3cHFoJIADaNpcR9cMGEwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2I0OThlMzRhLWYxZDEtNDcwZi1hODY0LTdlZWQ4Zjc2OWViYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA0PTANBgkqhkiG9w0BAQsFAAOCAQEArHqOl0oUAhGd6S+w8PT5Qmx5FP/n
IdoaPoMI6ltmr0sDU54EEcLc36H162XcWE3up9N27rPZ06S0qQkBt9oTe3pCfUvM
yJtCpB+1KIx5Li5EVXKooL1ZJtjj/efve968OVVlRGkPOLh8WGCYik5SJFQYLwSV
AIiVEdfi54avJt2cPgBVcI4xouPCn8ac5GHyp8G23+Cq9n9fheWF1JkcuQTkySh9
xgdaBmO6lHSYnNb7yyLqnXEInZHBLznUPnC583PH6oTPM78MzrnULn88cSy+VPHs
NLkQfH9nTHVOV1T+XKwnsSMKAp8iQETqgU7bTn4+IhB38fJ7nd6jp4LBAA==
-----END CERTIFICATE-----
Generated at Thu Mar 28 02:06:50 2024 by rpki-client on console-ams.rpki-client.org