Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/d4974764-59a0-40e4-a61b-644f2c0fc70c.roa
File:                     d4974764-59a0-40e4-a61b-644f2c0fc70c.roa (raw, json)
Hash identifier:          ukSM1ufjC6qFwimMjy1T8P7Vp8CzUjfOMIZOdIEaxds=
Subject key identifier:   25:4B:EB:55:EC:E4:41:FF:30:9E:56:06:07:48:3E:68:BF:98:B0:E0
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       4E30DFA0DACA4A875D9EC3A93475DAB9884B8B04
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/d4974764-59a0-40e4-a61b-644f2c0fc70c.roa
Signing time:             Mon 11 Mar 2024 00:00:00 +0000
ROA not before:           Mon 11 Mar 2024 00:00:00 +0000
ROA not after:            Mon 15 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        52.46.0.0/18 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 30 Mar 2024 12:04:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4e:30:df:a0:da:ca:4a:87:5d:9e:c3:a9:34:75:da:b9:88:4b:8b:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Mar 11 00:00:00 2024 GMT
            Not After : Apr 15 23:59:59 2024 GMT
        Subject: serialNumber=54bffd27cf3a624ae39ea856a32d975cd90f84521b9a511f4b61b74f171fa0be, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:98:80:3b:04:65:b3:2f:34:90:3b:59:1c:2c:
                    c3:db:2c:fc:21:f8:a2:49:88:2e:7c:85:f5:5e:4c:
                    db:82:c8:4e:d9:e6:6c:df:13:d9:a0:f1:4c:38:33:
                    0c:8a:11:50:bb:70:58:aa:4d:e1:3c:80:41:fe:ce:
                    6b:d0:79:78:b9:cb:56:f8:b7:ef:8b:57:fd:eb:f9:
                    5b:74:03:3f:ed:06:a1:82:be:56:b4:76:69:43:79:
                    c2:d5:a1:e1:d8:a3:97:44:3c:45:28:49:fc:5b:78:
                    19:49:92:6a:fd:96:78:44:a7:f2:b4:68:b9:4f:da:
                    cc:ee:78:b8:81:85:a8:5c:de:8d:34:40:bd:ca:51:
                    64:a1:07:cc:65:c3:e5:c1:87:b2:fb:ce:d3:96:5f:
                    25:6b:04:9e:1e:fc:82:e6:ce:15:d6:f1:ee:e3:af:
                    cd:e3:b0:06:f3:52:30:ba:7b:ed:89:f3:14:cf:74:
                    ca:be:7f:55:93:89:b1:09:d6:d3:95:89:19:68:f7:
                    9a:af:47:a7:af:8d:ff:74:eb:8e:b8:2c:ad:c0:ec:
                    e9:4c:5c:64:3e:8f:19:46:57:14:af:20:e5:60:e1:
                    41:da:dd:94:0c:06:7e:db:f1:f0:7d:fc:e3:3c:c9:
                    c4:b5:49:61:3e:ca:87:db:a4:b5:29:9a:a1:9e:04:
                    21:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:4B:EB:55:EC:E4:41:FF:30:9E:56:06:07:48:3E:68:BF:98:B0:E0
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/d4974764-59a0-40e4-a61b-644f2c0fc70c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.46.0.0/18

    Signature Algorithm: sha256WithRSAEncryption
         b4:d1:3b:2b:a0:b1:a9:3f:31:ea:02:8f:0d:a5:32:ff:3d:78:
         d2:9b:53:da:40:10:e0:46:71:7f:11:e4:c7:e1:b0:32:f2:ac:
         42:30:bc:42:c9:fb:60:08:6c:c3:59:89:77:31:15:31:8a:8d:
         ae:c2:3a:6e:0f:30:f6:93:4b:1c:42:03:c6:cb:40:1b:11:b1:
         20:aa:9c:25:82:e3:c6:f4:99:f1:87:4a:f4:12:f0:37:b0:51:
         63:e2:ac:eb:1c:7c:ea:0e:a6:c8:6d:67:63:d7:10:40:a9:80:
         5e:a2:10:2d:ab:e4:14:98:d7:61:6a:8f:4f:fb:95:f2:03:dd:
         32:e8:4e:2d:5e:3d:ed:18:c7:b9:38:c8:87:22:f0:3d:64:3f:
         f9:10:f1:56:5e:b9:f0:c3:9d:6f:dd:f2:6f:eb:1a:9c:85:8c:
         61:da:d1:d4:83:e9:e7:56:d5:bc:3b:7b:9a:89:58:48:ed:09:
         78:b6:0c:2b:e4:92:e0:3b:e7:ab:32:0e:94:64:e8:d6:04:59:
         81:17:cc:c9:5e:71:70:ed:84:e9:1d:1e:88:42:09:21:f4:55:
         91:5e:52:81:3d:62:e7:8e:5d:53:7d:85:2e:5c:34:a0:05:dd:
         5b:c9:98:32:d0:17:25:10:ce:f8:f9:c0:80:ac:e7:25:59:8b:
         d2:22:14:17
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUTjDfoNrKSoddnsOpNHXauYhLiwQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjQwMzExMDAwMDAwWhcNMjQwNDE1MjM1OTU5
WjB6MUkwRwYDVQQFE0A1NGJmZmQyN2NmM2E2MjRhZTM5ZWE4NTZhMzJkOTc1Y2Q5
MGY4NDUyMWI5YTUxMWY0YjYxYjc0ZjE3MWZhMGJlMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDUmIA7BGWzLzSQO1kcLMPbLPwh+KJJiC58hfVeTNuCyE7Z
5mzfE9mg8Uw4MwyKEVC7cFiqTeE8gEH+zmvQeXi5y1b4t++LV/3r+Vt0Az/tBqGC
vla0dmlDecLVoeHYo5dEPEUoSfxbeBlJkmr9lnhEp/K0aLlP2szueLiBhahc3o00
QL3KUWShB8xlw+XBh7L7ztOWXyVrBJ4e/ILmzhXW8e7jr83jsAbzUjC6e+2J8xTP
dMq+f1WTibEJ1tOViRlo95qvR6evjf906464LK3A7OlMXGQ+jxlGVxSvIOVg4UHa
3ZQMBn7b8fB9/OM8ycS1SWE+yofbpLUpmqGeBCEpAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUJUvrVezkQf8wnlYGB0g+aL+YsOAwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2Q0OTc0NzY0LTU5YTAtNDBlNC1hNjFiLTY0NGYyYzBmYzcwYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAY0LgAwDQYJKoZIhvcNAQELBQADggEBALTROyugsak/MeoCjw2lMv89eNKb
U9pAEOBGcX8R5MfhsDLyrEIwvELJ+2AIbMNZiXcxFTGKja7COm4PMPaTSxxCA8bL
QBsRsSCqnCWC48b0mfGHSvQS8DewUWPirOscfOoOpshtZ2PXEECpgF6iEC2r5BSY
12Fqj0/7lfID3TLoTi1ePe0Yx7k4yIci8D1kP/kQ8VZeufDDnW/d8m/rGpyFjGHa
0dSD6edW1bw7e5qJWEjtCXi2DCvkkuA756syDpRk6NYEWYEXzMlecXDthOkdHohC
CSH0VZFeUoE9YueOXVN9hS5cNKAF3VvJmDLQFyUQzvj5wICs5yVZi9IiFBc=
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:38:36 2024 by rpki-client on console-fra.rpki-client.org