Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/182bb1db-9058-4744-b73a-73568471b556.roa
File:                     182bb1db-9058-4744-b73a-73568471b556.roa (raw, json)
Hash identifier:          OPJkGJv9ZpUmGlAByB196T+QPpAkYfYjhEiOmZidVps=
Subject key identifier:   82:45:AF:33:06:DD:B1:FB:7B:63:F9:DD:35:BC:0C:F1:59:71:7D:5E
Certificate issuer:       /CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
Certificate serial:       4C1AC406A5E247726EC61A257BB4DC48EA35C3F8
Authority key identifier: BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/182bb1db-9058-4744-b73a-73568471b556.roa
Signing time:             Sat 09 Sep 2023 00:00:00 +0000
ROA not before:           Sat 09 Sep 2023 00:00:00 +0000
ROA not after:            Sat 14 Oct 2023 23:59:59 +0000
asID:                     16509
IP address blocks:        76.223.180.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 10 Sep 2023 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4c:1a:c4:06:a5:e2:47:72:6e:c6:1a:25:7b:b4:dc:48:ea:35:c3:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
        Validity
            Not Before: Sep  9 00:00:00 2023 GMT
            Not After : Oct 14 23:59:59 2023 GMT
        Subject: serialNumber=8d1f5634cac1c0676cedcbd0f84db615bb89357519e23bc744317cc4eb827447, CN=42519eb9-9579-4979-bdaf-164abd0e290e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:e3:d6:34:e6:d5:76:1b:d6:0c:a7:a0:08:10:
                    6b:2f:ae:b9:c2:f6:fd:51:27:54:0d:d7:44:98:7c:
                    4e:5e:30:cf:84:80:19:b9:fe:ad:8a:8c:2d:8f:d7:
                    8c:1d:3a:7b:0b:a9:4a:26:f5:9a:3b:0e:e2:c9:4f:
                    3d:30:66:97:0a:ee:ca:25:39:b7:ac:6f:da:96:50:
                    9d:6d:4c:eb:a6:9b:c1:d8:9c:bb:a0:6b:b0:5b:04:
                    ed:09:a9:14:eb:fc:a1:14:58:c4:2d:12:66:85:61:
                    52:be:e8:cf:73:0f:4c:31:94:5a:2c:63:ca:af:ae:
                    66:7f:4f:a7:3c:fc:21:46:52:b1:8e:d7:e3:f6:2b:
                    48:ff:71:c3:7e:f4:62:73:18:ee:61:ef:9b:c9:e5:
                    2b:fe:a3:f6:ac:ea:35:94:9d:04:e0:38:e5:1a:3b:
                    cb:5f:fd:1f:48:a2:55:e3:c2:3e:bd:83:d1:1d:2f:
                    8e:e1:b9:f2:d6:e6:5e:da:45:93:d7:8a:50:26:da:
                    57:f6:d8:06:22:59:92:62:98:e1:39:d7:e5:1d:d3:
                    05:34:0f:f7:81:f3:75:9c:43:5b:29:a4:7b:8b:59:
                    8f:b4:1d:3d:e2:1d:56:2d:08:3c:39:75:c9:08:65:
                    21:2b:7d:b1:ea:8c:7d:90:85:67:90:a6:4f:32:aa:
                    7d:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:45:AF:33:06:DD:B1:FB:7B:63:F9:DD:35:BC:0C:F1:59:71:7D:5E
            X509v3 Authority Key Identifier:
                keyid:BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/182bb1db-9058-4744-b73a-73568471b556.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  76.223.180.0/23

    Signature Algorithm: sha256WithRSAEncryption
         60:0a:0c:c4:b2:db:e0:68:75:56:93:21:f6:18:2b:73:b6:23:
         0f:56:ee:e4:26:63:87:3e:7f:eb:c4:f5:85:4a:96:c4:b3:24:
         0e:ab:48:4f:ef:55:e2:9d:d8:e5:e2:09:b0:c2:c1:b5:a6:62:
         23:f7:34:27:71:ab:ed:95:de:0f:dd:86:5f:7a:6c:3a:c9:7b:
         f3:49:aa:d9:07:13:ad:ba:84:cf:69:d0:e9:0c:4e:49:a8:52:
         99:cd:63:d8:6e:80:13:1a:fb:85:eb:5a:f5:bd:b1:8e:a9:bc:
         5c:d0:e9:1c:61:66:1e:c0:72:3d:35:2c:28:df:7d:60:9c:8f:
         b6:d5:a0:fa:d8:9a:5a:39:65:d1:88:83:6b:5d:d3:65:9c:fc:
         8c:78:be:c0:ae:24:b7:d2:c5:98:61:93:1b:2a:55:86:38:15:
         99:7b:b0:5b:27:84:a1:fa:97:3a:05:a0:6c:d3:56:0b:51:2d:
         4d:e3:b9:ff:67:b2:2b:35:47:e2:e4:e5:f6:a3:4f:8d:de:44:
         64:81:e9:86:e9:d9:e8:74:c0:06:15:c6:3f:e6:d0:d6:05:af:
         cf:0d:cd:36:1e:2d:92:b8:0f:22:61:6e:92:ef:fb:65:d1:e6:
         96:5a:52:f9:9e:f7:40:43:03:91:ee:fa:dc:31:20:f1:0a:39:
         5c:e8:d2:6f
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUTBrEBqXiR3Juxhole7TcSOo1w/gwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2ZTNmNWM0NmU5YzJm
MmQxZDMwOWRmYmQ5ZDJhZjUwHhcNMjMwOTA5MDAwMDAwWhcNMjMxMDE0MjM1OTU5
WjB6MUkwRwYDVQQFE0A4ZDFmNTYzNGNhYzFjMDY3NmNlZGNiZDBmODRkYjYxNWJi
ODkzNTc1MTllMjNiYzc0NDMxN2NjNGViODI3NDQ3MS0wKwYDVQQDEyQ0MjUxOWVi
OS05NTc5LTQ5NzktYmRhZi0xNjRhYmQwZTI5MGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC349Y05tV2G9YMp6AIEGsvrrnC9v1RJ1QN10SYfE5eMM+E
gBm5/q2KjC2P14wdOnsLqUom9Zo7DuLJTz0wZpcK7solObesb9qWUJ1tTOumm8HY
nLuga7BbBO0JqRTr/KEUWMQtEmaFYVK+6M9zD0wxlFosY8qvrmZ/T6c8/CFGUrGO
1+P2K0j/ccN+9GJzGO5h75vJ5Sv+o/as6jWUnQTgOOUaO8tf/R9IolXjwj69g9Ed
L47hufLW5l7aRZPXilAm2lf22AYiWZJimOE51+Ud0wU0D/eB83WcQ1sppHuLWY+0
HT3iHVYtCDw5dckIZSErfbHqjH2QhWeQpk8yqn3JAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUgkWvMwbdsft7Y/ndNbwM8VlxfV4wHwYDVR0jBBgwFoAUvJOucQ+vFCI2
CC+O2WtWy6nVAo0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xMDU5YjUyZC04
NDZhLTRjYmUtYTdkYi03OTZmMWRkOGI5MjkvZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2
ZTNmNWM0NmU5YzJmMmQxZDMwOWRmYmQ5ZDJhZjUuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvYjhhMWRkMjUtYzMxMy00ZjI1LWFjMjEtYmY1
NTUxNGQ5YzdkLzE4MmJiMWRiLTkwNTgtNDc0NC1iNzNhLTczNTY4NDcxYjU1Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I4YTFkZDI1LWMzMTMtNGYyNS1hYzIx
LWJmNTU1MTRkOWM3ZC9heHNPcmkxdVAxeEc2Y0x5MGRNSjM3MmRLdlUuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAFM37QwDQYJKoZIhvcNAQELBQADggEBAGAKDMSy2+BodVaTIfYYK3O2Iw9W
7uQmY4c+f+vE9YVKlsSzJA6rSE/vVeKd2OXiCbDCwbWmYiP3NCdxq+2V3g/dhl96
bDrJe/NJqtkHE626hM9p0OkMTkmoUpnNY9hugBMa+4XrWvW9sY6pvFzQ6RxhZh7A
cj01LCjffWCcj7bVoPrYmlo5ZdGIg2td02Wc/Ix4vsCuJLfSxZhhkxsqVYY4FZl7
sFsnhKH6lzoFoGzTVgtRLU3juf9nsis1R+Lk5fajT43eRGSB6Ybp2eh0wAYVxj/m
0NYFr88NzTYeLZK4DyJhbpLv+2XR5pZaUvme90BDA5Hu+twxIPEKOVzo0m8=
-----END CERTIFICATE-----
Generated at Sat Sep 9 00:20:01 2023 by rpki-client on console-ams.rpki-client.org