Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/32455956-13c0-46bb-a8e9-260aa92255fe.roa
File:                     32455956-13c0-46bb-a8e9-260aa92255fe.roa (raw, json)
Hash identifier:          rjmqiIfEj1UI3WHXkO0RpEak++6Przn0iC/vY8rQ/0I=
Subject key identifier:   A0:40:DE:BE:95:94:F8:E4:3B:DA:B8:B5:90:A9:4A:6A:0A:B1:FD:A2
Certificate issuer:       /CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
Certificate serial:       0943D6B66CCD186B001C2186CFC47987A0EEEDE0
Authority key identifier: BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/32455956-13c0-46bb-a8e9-260aa92255fe.roa
Signing time:             Sat 09 Sep 2023 00:00:00 +0000
ROA not before:           Sat 09 Sep 2023 00:00:00 +0000
ROA not after:            Sat 14 Oct 2023 23:59:59 +0000
asID:                     16509
IP address blocks:        23.251.240.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 10 Sep 2023 12:04:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            09:43:d6:b6:6c:cd:18:6b:00:1c:21:86:cf:c4:79:87:a0:ee:ed:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
        Validity
            Not Before: Sep  9 00:00:00 2023 GMT
            Not After : Oct 14 23:59:59 2023 GMT
        Subject: serialNumber=b5f1546d4cb77d15d2922d56028091c7c02b471c7618990ae33b3475f551f49c, CN=42519eb9-9579-4979-bdaf-164abd0e290e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:95:7a:27:76:ea:66:ce:25:4a:15:c5:6c:f7:
                    b6:82:78:94:52:70:8e:7a:4c:83:54:86:02:31:33:
                    2c:f0:16:81:87:8a:bd:34:0f:86:f1:db:39:2a:96:
                    49:5b:76:77:29:a9:91:38:10:30:65:e1:14:6b:82:
                    ac:a1:06:4f:82:c6:ab:d2:5e:99:98:45:3b:ad:e9:
                    e8:ee:d5:44:0c:50:7d:8b:c5:25:b9:77:8c:cd:4c:
                    de:11:d0:bc:16:c5:08:ea:6f:c5:e0:44:56:3b:8f:
                    40:98:ed:60:ab:79:a1:2e:f4:8d:86:f5:88:7e:1d:
                    2d:21:34:f7:49:35:71:0f:71:fa:b3:56:00:93:0d:
                    f7:08:be:e5:72:f2:04:3e:51:02:be:1f:36:fc:f4:
                    5d:7e:2b:5b:58:78:ab:cb:15:92:d9:bc:04:ec:3c:
                    90:be:c1:2b:98:2b:a0:3a:21:26:d3:5c:04:6a:16:
                    e9:a6:2f:51:7c:2e:36:de:92:a8:7a:a5:29:99:f4:
                    ba:7a:c0:cb:76:fb:aa:ca:70:8f:b7:74:75:2e:9a:
                    f4:9e:e1:2e:0e:48:3c:56:78:95:01:57:f3:33:69:
                    1f:96:d9:32:32:27:3b:26:11:38:c6:c2:96:73:87:
                    e3:e1:44:9c:75:6f:7f:86:51:14:9d:dc:2f:35:c6:
                    55:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:40:DE:BE:95:94:F8:E4:3B:DA:B8:B5:90:A9:4A:6A:0A:B1:FD:A2
            X509v3 Authority Key Identifier:
                keyid:BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/32455956-13c0-46bb-a8e9-260aa92255fe.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  23.251.240.0/23

    Signature Algorithm: sha256WithRSAEncryption
         8f:3c:20:cd:ec:80:8f:db:84:a1:23:42:ac:da:b1:b1:0a:1b:
         fa:d6:e7:66:20:61:e8:4f:92:bd:31:ae:d4:cb:0f:0e:1a:21:
         93:88:9c:a8:c1:05:b7:3c:97:98:5b:8d:c7:a2:74:86:c1:8e:
         05:25:17:c8:af:a5:66:97:b2:2a:65:0f:5f:fb:97:48:ab:f6:
         ff:b8:49:a5:5b:84:95:c8:38:4a:27:1f:e7:c0:eb:c9:72:f0:
         4c:38:bc:e5:b0:1f:e1:33:12:3d:1e:25:0e:9b:52:8d:5c:43:
         5f:fd:05:0e:5f:c8:51:1a:0c:00:3a:b4:35:90:2b:af:61:4a:
         d4:66:04:b5:71:d2:2c:90:e8:92:52:92:96:69:c5:5f:6e:ed:
         5e:a9:38:e9:38:40:c1:78:56:70:1a:34:00:31:db:c2:64:0d:
         7b:31:ac:e8:53:fd:c4:3b:de:10:f3:de:b5:24:3d:03:57:6b:
         a1:0c:85:99:45:63:08:d7:c0:5c:14:51:46:38:f3:48:27:d4:
         2f:55:01:02:65:7b:37:ac:6a:c9:da:c9:43:1c:b7:53:d4:3e:
         98:c3:29:9b:79:e0:05:97:0f:46:d2:7a:99:b6:16:d7:3d:19:
         e0:7e:36:7a:16:68:92:07:9c:1e:cd:6b:13:62:ab:27:b1:9f:
         d7:4e:c6:06
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUCUPWtmzNGGsAHCGGz8R5h6Du7eAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2ZTNmNWM0NmU5YzJm
MmQxZDMwOWRmYmQ5ZDJhZjUwHhcNMjMwOTA5MDAwMDAwWhcNMjMxMDE0MjM1OTU5
WjB6MUkwRwYDVQQFE0BiNWYxNTQ2ZDRjYjc3ZDE1ZDI5MjJkNTYwMjgwOTFjN2Mw
MmI0NzFjNzYxODk5MGFlMzNiMzQ3NWY1NTFmNDljMS0wKwYDVQQDEyQ0MjUxOWVi
OS05NTc5LTQ5NzktYmRhZi0xNjRhYmQwZTI5MGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC7lXondupmziVKFcVs97aCeJRScI56TINUhgIxMyzwFoGH
ir00D4bx2zkqlklbdncpqZE4EDBl4RRrgqyhBk+CxqvSXpmYRTut6eju1UQMUH2L
xSW5d4zNTN4R0LwWxQjqb8XgRFY7j0CY7WCreaEu9I2G9Yh+HS0hNPdJNXEPcfqz
VgCTDfcIvuVy8gQ+UQK+Hzb89F1+K1tYeKvLFZLZvATsPJC+wSuYK6A6ISbTXARq
FummL1F8Ljbekqh6pSmZ9Lp6wMt2+6rKcI+3dHUumvSe4S4OSDxWeJUBV/MzaR+W
2TIyJzsmETjGwpZzh+PhRJx1b3+GURSd3C81xlVpAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUoEDevpWU+OQ72ri1kKlKagqx/aIwHwYDVR0jBBgwFoAUvJOucQ+vFCI2
CC+O2WtWy6nVAo0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xMDU5YjUyZC04
NDZhLTRjYmUtYTdkYi03OTZmMWRkOGI5MjkvZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2
ZTNmNWM0NmU5YzJmMmQxZDMwOWRmYmQ5ZDJhZjUuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvYjhhMWRkMjUtYzMxMy00ZjI1LWFjMjEtYmY1
NTUxNGQ5YzdkLzMyNDU1OTU2LTEzYzAtNDZiYi1hOGU5LTI2MGFhOTIyNTVmZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I4YTFkZDI1LWMzMTMtNGYyNS1hYzIx
LWJmNTU1MTRkOWM3ZC9heHNPcmkxdVAxeEc2Y0x5MGRNSjM3MmRLdlUuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAEX+/AwDQYJKoZIhvcNAQELBQADggEBAI88IM3sgI/bhKEjQqzasbEKG/rW
52YgYehPkr0xrtTLDw4aIZOInKjBBbc8l5hbjceidIbBjgUlF8ivpWaXsiplD1/7
l0ir9v+4SaVbhJXIOEonH+fA68ly8Ew4vOWwH+EzEj0eJQ6bUo1cQ1/9BQ5fyFEa
DAA6tDWQK69hStRmBLVx0iyQ6JJSkpZpxV9u7V6pOOk4QMF4VnAaNAAx28JkDXsx
rOhT/cQ73hDz3rUkPQNXa6EMhZlFYwjXwFwUUUY480gn1C9VAQJlezesasnayUMc
t1PUPpjDKZt54AWXD0bSepm2Ftc9GeB+NnoWaJIHnB7NaxNiqyexn9dOxgY=
-----END CERTIFICATE-----
Generated at Sat Sep 9 00:26:29 2023 by rpki-client on console-fra.rpki-client.org