Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c46353d6-f66a-4ac6-aeca-c8f320ebee9a.roa
File:                     c46353d6-f66a-4ac6-aeca-c8f320ebee9a.roa (raw, json)
Hash identifier:          z7xOz/NQZRGT/4aInJxJ1vjxyO9HYojqaOfRKdB8Oaw=
Subject key identifier:   6A:D4:7B:78:E5:C5:FD:48:1A:0A:9D:BC:69:DF:F1:2B:74:F7:45:05
Certificate issuer:       /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7
Certificate serial:       15165842C86ADF1B10ECCB4FEB5E2D85FAC31BF1
Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c46353d6-f66a-4ac6-aeca-c8f320ebee9a.roa
Signing time:             Tue 28 May 2024 00:00:00 +0000
ROA not before:           Tue 28 May 2024 00:00:00 +0000
ROA not after:            Tue 02 Jul 2024 23:59:59 +0000
asID:                     14618
IP address blocks:        159.248.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 18 Jun 2024 15:04:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            15:16:58:42:c8:6a:df:1b:10:ec:cb:4f:eb:5e:2d:85:fa:c3:1b:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7
        Validity
            Not Before: May 28 00:00:00 2024 GMT
            Not After : Jul  2 23:59:59 2024 GMT
        Subject: serialNumber=f378387120cbf1868368d9b9c7b56fc69d09aae5f63e7fefea68d32199ffe9c4, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:9a:0f:5b:d1:f9:a8:6b:39:b3:3c:b8:7d:24:
                    c5:5d:b0:5a:ff:6f:80:12:e0:3e:b6:78:80:8c:06:
                    5b:3e:18:0f:1d:ad:7a:0c:26:ea:10:29:05:cf:8e:
                    15:d8:08:78:01:2f:53:84:0b:73:a2:8a:b3:97:6a:
                    59:6b:d0:35:c2:21:cc:e1:d7:fd:79:4f:ce:dc:9e:
                    f7:6f:3c:55:64:55:b2:f8:6d:3a:b2:79:0d:8d:01:
                    02:ff:cd:67:a6:d3:82:08:6c:0e:4c:32:de:26:d6:
                    66:21:67:dc:10:87:57:9d:32:a3:6a:61:37:5b:e0:
                    40:5a:23:3b:0f:e2:6a:75:17:15:67:cb:6a:3d:b0:
                    87:f2:f5:fb:67:6f:27:79:7f:a1:53:5f:70:e6:9a:
                    67:26:9f:2f:40:e5:d4:da:21:d5:e9:e8:48:7f:36:
                    f0:00:e1:6e:df:11:1c:b7:2e:35:c2:d8:a1:7b:fe:
                    b9:c4:42:f4:f2:b2:33:86:17:d2:a9:c1:16:52:51:
                    cc:26:db:97:fe:30:68:89:af:8a:dc:4f:95:a1:12:
                    f9:62:f2:88:fe:b2:9c:b7:0b:76:8e:30:27:17:23:
                    50:63:66:da:ce:58:73:b2:55:85:d2:1a:0b:c4:38:
                    5a:ab:2c:8e:b0:20:b4:20:a7:e9:83:48:5d:5c:1a:
                    ad:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:D4:7B:78:E5:C5:FD:48:1A:0A:9D:BC:69:DF:F1:2B:74:F7:45:05
            X509v3 Authority Key Identifier:
                keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c46353d6-f66a-4ac6-aeca-c8f320ebee9a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  159.248.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         90:e2:0d:d6:27:0d:23:3e:41:6a:59:26:79:98:dd:0d:3b:6a:
         be:87:28:12:24:43:01:f1:5b:a3:95:26:1d:52:fb:78:eb:9c:
         71:1a:43:ab:21:14:ad:c3:d4:51:ce:d0:e8:da:ba:3a:0f:fa:
         74:44:ed:49:cd:f8:ad:93:b9:7f:38:8a:a1:e9:b5:e2:5d:15:
         85:53:81:7a:d0:1e:95:bc:5e:81:2a:3c:bb:60:99:dc:06:c6:
         29:40:90:80:92:e2:c6:99:f1:38:ec:f8:e0:7c:cc:a0:1c:29:
         5e:da:79:15:06:be:01:86:e8:79:39:0e:2a:c3:08:b5:94:a8:
         24:7c:61:df:3b:83:ce:7b:da:3a:4a:8a:ca:6b:ad:11:1f:30:
         ba:4b:87:29:db:95:ed:f3:38:c4:99:91:cd:9f:7e:ca:cb:46:
         82:a6:c5:05:29:ad:f1:70:fc:a8:23:d7:58:ce:f9:04:4a:91:
         85:0a:29:4e:aa:1a:15:8e:ef:58:4a:72:cd:7e:13:2b:3c:46:
         71:80:20:ec:12:e9:6c:0c:86:e6:37:d8:a0:46:25:8c:6f:61:
         d7:9d:1c:57:6a:4e:05:2c:a9:ea:f0:f5:e5:03:04:89:95:59:
         29:bd:45:1c:c5:21:10:a6:8a:4c:b5:cd:d9:f7:fa:f7:39:38:
         b7:fc:f0:92
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgIUFRZYQshq3xsQ7MtP614thfrDG/EwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG
QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI0MDUyODAwMDAwMFoX
DTI0MDcwMjIzNTk1OVowejFJMEcGA1UEBRNAZjM3ODM4NzEyMGNiZjE4NjgzNjhk
OWI5YzdiNTZmYzY5ZDA5YWFlNWY2M2U3ZmVmZWE2OGQzMjE5OWZmZTljNDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwpoPW9H5qGs5szy4fSTFXbBa/2+A
EuA+tniAjAZbPhgPHa16DCbqECkFz44V2Ah4AS9ThAtzooqzl2pZa9A1wiHM4df9
eU/O3J73bzxVZFWy+G06snkNjQEC/81nptOCCGwOTDLeJtZmIWfcEIdXnTKjamE3
W+BAWiM7D+JqdRcVZ8tqPbCH8vX7Z28neX+hU19w5ppnJp8vQOXU2iHV6ehIfzbw
AOFu3xEcty41wtihe/65xEL08rIzhhfSqcEWUlHMJtuX/jBoia+K3E+VoRL5YvKI
/rKctwt2jjAnFyNQY2bazlhzslWF0hoLxDhaqyyOsCC0IKfpg0hdXBqt8QIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFGrUe3jlxf1IGgqdvGnf8St090UFMB8GA1UdIwQY
MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt
alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2M0NjM1M2Q2LWY2NmEtNGFjNi1hZWNhLWM4ZjMyMGViZWU5YS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTAL
BAIAATAFAwMAn/gwDQYJKoZIhvcNAQELBQADggEBAJDiDdYnDSM+QWpZJnmY3Q07
ar6HKBIkQwHxW6OVJh1S+3jrnHEaQ6shFK3D1FHO0OjaujoP+nRE7UnN+K2TuX84
iqHpteJdFYVTgXrQHpW8XoEqPLtgmdwGxilAkICS4saZ8Tjs+OB8zKAcKV7aeRUG
vgGG6Hk5DirDCLWUqCR8Yd87g8572jpKisprrREfMLpLhynble3zOMSZkc2ffsrL
RoKmxQUprfFw/Kgj11jO+QRKkYUKKU6qGhWO71hKcs1+Eys8RnGAIOwS6WwMhuY3
2KBGJYxvYdedHFdqTgUsqerw9eUDBImVWSm9RRzFIRCmiky1zdn3+vc5OLf88JI=
-----END CERTIFICATE-----
Generated at Fri Jun 14 19:06:55 2024 by rpki-client on console-ams.rpki-client.org