Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/dbfe95fa-70d4-4ef4-8cbf-5cd8c85384b1.roa
File:                     dbfe95fa-70d4-4ef4-8cbf-5cd8c85384b1.roa (raw, json)
Hash identifier:          Ux+yLczXCwgdncAmLD8TSFqA59NpzorqRlT0Z7xag/Y=
Subject key identifier:   F7:66:59:E5:B7:87:29:9E:17:88:6B:44:27:58:A7:9B:F6:39:9A:A7
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       40585B5B5FDCF3D901800CD84C694283626DAA40
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/dbfe95fa-70d4-4ef4-8cbf-5cd8c85384b1.roa
Signing time:             Tue 12 Mar 2024 00:00:00 +0000
ROA not before:           Tue 12 Mar 2024 00:00:00 +0000
ROA not after:            Tue 16 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        52.219.211.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 30 Mar 2024 12:04:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            40:58:5b:5b:5f:dc:f3:d9:01:80:0c:d8:4c:69:42:83:62:6d:aa:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Mar 12 00:00:00 2024 GMT
            Not After : Apr 16 23:59:59 2024 GMT
        Subject: serialNumber=7054627de19f28261033cc1403a7d466393b5d2cd75617a7521881de8352ef44, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:b0:5c:3b:f2:62:c1:33:4f:c1:a6:9e:af:52:
                    40:0a:10:e5:25:cf:46:f0:d2:5e:29:e5:ef:a7:db:
                    81:83:0c:1b:f7:59:7b:be:d1:ec:5b:f5:93:ea:e5:
                    88:07:02:5c:0d:f5:9f:ba:0c:6e:8a:c4:ca:40:57:
                    e6:77:7f:e1:3f:f1:f9:c6:b1:d0:45:89:a7:c5:75:
                    df:a6:13:79:a0:f1:3b:50:ea:18:92:0a:1d:f7:c5:
                    fe:fd:e0:a1:94:23:75:7d:4d:4e:a8:78:6c:6e:49:
                    a2:b2:33:c6:95:93:8d:82:56:b1:33:42:a1:e2:7b:
                    e8:ea:a2:99:1f:cb:b8:f3:f1:c6:fa:c5:f4:d0:57:
                    f2:6d:9c:0a:59:62:a6:b9:14:db:bb:1d:12:e9:fe:
                    ea:c1:ad:1f:cc:f2:bf:82:84:09:c0:fe:c6:d2:38:
                    f7:7f:58:95:31:79:eb:90:d8:9a:c0:41:0e:67:32:
                    85:2b:98:b8:7e:90:a4:55:05:72:73:13:fc:cf:1e:
                    20:e9:d3:78:b6:da:50:36:5a:9e:27:39:30:a3:bb:
                    c9:ab:86:8b:7e:5d:b2:4d:6e:50:be:6f:14:09:93:
                    6b:f7:9f:ea:cb:f4:de:56:2e:0e:99:5f:da:f7:49:
                    5a:95:d5:cb:d2:0c:33:a0:01:2f:b6:f2:a1:f1:41:
                    cd:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:66:59:E5:B7:87:29:9E:17:88:6B:44:27:58:A7:9B:F6:39:9A:A7
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/dbfe95fa-70d4-4ef4-8cbf-5cd8c85384b1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.219.211.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7c:cf:a3:f7:54:ea:80:f0:95:0b:6f:4d:08:99:bc:27:a2:67:
         9f:23:67:f9:76:38:5b:16:87:9f:fe:43:de:e2:13:0e:41:a0:
         d3:31:90:41:8d:b5:0a:82:f8:71:b5:c8:33:b9:a9:09:2f:81:
         e9:4c:e9:f6:6b:fb:f7:c8:be:4c:94:dd:d9:2b:e9:46:78:15:
         f4:66:94:4d:20:73:c9:7a:af:23:60:76:02:f7:42:af:a9:43:
         04:53:20:18:3d:cb:db:c9:95:24:57:76:19:97:ae:e4:dd:c3:
         91:5f:69:35:2e:bf:19:62:97:d5:62:10:8a:c4:40:bc:cd:40:
         a6:2b:1d:04:c6:56:05:74:dc:1a:6e:1a:7d:d1:09:41:84:1f:
         f6:83:0b:ea:14:ba:bb:fd:49:97:c4:e0:8c:de:aa:5e:da:21:
         65:40:b8:56:17:94:b3:62:35:b6:bd:62:3e:63:e9:0a:0b:eb:
         b8:89:b5:e2:82:08:65:61:48:33:56:3a:4f:f8:04:35:86:08:
         fe:e8:e6:40:65:6c:c3:b6:1c:6e:02:13:3e:a6:9f:d1:a4:34:
         31:4d:00:65:f8:9d:fb:46:54:f7:8c:d5:15:07:c4:d8:82:36:
         50:59:e9:4c:e7:fa:f1:3d:2e:3c:8c:e6:77:5f:89:cf:04:f2:
         e5:b2:26:d8
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUQFhbW1/c89kBgAzYTGlCg2JtqkAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjQwMzEyMDAwMDAwWhcNMjQwNDE2MjM1OTU5
WjB6MUkwRwYDVQQFE0A3MDU0NjI3ZGUxOWYyODI2MTAzM2NjMTQwM2E3ZDQ2NjM5
M2I1ZDJjZDc1NjE3YTc1MjE4ODFkZTgzNTJlZjQ0MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC2sFw78mLBM0/Bpp6vUkAKEOUlz0bw0l4p5e+n24GDDBv3
WXu+0exb9ZPq5YgHAlwN9Z+6DG6KxMpAV+Z3f+E/8fnGsdBFiafFdd+mE3mg8TtQ
6hiSCh33xf794KGUI3V9TU6oeGxuSaKyM8aVk42CVrEzQqHie+jqopkfy7jz8cb6
xfTQV/JtnApZYqa5FNu7HRLp/urBrR/M8r+ChAnA/sbSOPd/WJUxeeuQ2JrAQQ5n
MoUrmLh+kKRVBXJzE/zPHiDp03i22lA2Wp4nOTCju8mrhot+XbJNblC+bxQJk2v3
n+rL9N5WLg6ZX9r3SVqV1cvSDDOgAS+28qHxQc3RAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU92ZZ5beHKZ4XiGtEJ1inm/Y5mqcwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2RiZmU5NWZhLTcwZDQtNGVmNC04Y2JmLTVjZDhjODUzODRiMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAA029MwDQYJKoZIhvcNAQELBQADggEBAHzPo/dU6oDwlQtvTQiZvCeiZ58j
Z/l2OFsWh5/+Q97iEw5BoNMxkEGNtQqC+HG1yDO5qQkvgelM6fZr+/fIvkyU3dkr
6UZ4FfRmlE0gc8l6ryNgdgL3Qq+pQwRTIBg9y9vJlSRXdhmXruTdw5FfaTUuvxli
l9ViEIrEQLzNQKYrHQTGVgV03BpuGn3RCUGEH/aDC+oUurv9SZfE4Izeql7aIWVA
uFYXlLNiNba9Yj5j6QoL67iJteKCCGVhSDNWOk/4BDWGCP7o5kBlbMO2HG4CEz6m
n9GkNDFNAGX4nftGVPeM1RUHxNiCNlBZ6Uzn+vE9LjyM5ndfic8E8uWyJtg=
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:18:38 2024 by rpki-client on console-ams.rpki-client.org