Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/3ad2ae9c-d505-4b53-8a03-c0034602d40e.roa
File:                     3ad2ae9c-d505-4b53-8a03-c0034602d40e.roa (raw, json)
Hash identifier:          n7OfBnbNcReFfCr8H8jkECAlmXP0MJTXwHZIYQtYMvk=
Subject key identifier:   68:A6:46:5E:C0:0B:87:34:87:B2:AB:D6:C5:C5:47:82:EA:0C:50:C7
Certificate issuer:       /CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
Certificate serial:       0CE18D5DA59C53B6936035A8C8DF0769A5EC8517
Authority key identifier: BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/3ad2ae9c-d505-4b53-8a03-c0034602d40e.roa
Signing time:             Sat 09 Sep 2023 00:00:00 +0000
ROA not before:           Sat 09 Sep 2023 00:00:00 +0000
ROA not after:            Sat 14 Oct 2023 23:59:59 +0000
asID:                     16509
IP address blocks:        23.251.224.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 10 Sep 2023 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0c:e1:8d:5d:a5:9c:53:b6:93:60:35:a8:c8:df:07:69:a5:ec:85:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
        Validity
            Not Before: Sep  9 00:00:00 2023 GMT
            Not After : Oct 14 23:59:59 2023 GMT
        Subject: serialNumber=ee8e0a595febe716fe212dd9f21885d7b55daee7757b650465ea4e909f1ef2f1, CN=42519eb9-9579-4979-bdaf-164abd0e290e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:84:85:b1:4b:90:36:59:2d:32:2b:52:2e:26:
                    c6:f2:98:19:aa:d3:37:ae:7d:c6:f5:9a:fa:ef:0a:
                    95:35:62:82:0f:cb:bf:90:a1:55:45:47:20:bb:c0:
                    aa:97:c2:54:76:a7:a2:61:90:d8:29:7d:14:48:8c:
                    78:fd:c3:19:f4:20:13:05:af:d6:a4:ea:2f:c5:b2:
                    6c:1e:f0:4f:02:b1:16:9a:c0:33:27:46:e3:df:f4:
                    06:b3:2a:3e:a1:23:6e:d8:8f:5c:b0:a1:cb:24:52:
                    5e:b5:ce:23:de:af:7a:af:03:ca:59:52:5b:36:ac:
                    52:be:37:df:bf:e1:69:2d:f8:38:f6:4a:50:22:a8:
                    d5:0e:59:d0:7d:7e:2b:56:f9:ac:26:71:b0:e1:9a:
                    6f:a9:39:1b:0f:ea:f8:d3:96:97:3a:2c:d9:71:b6:
                    d0:d3:2a:27:99:11:db:af:e3:79:52:1f:fc:5a:2c:
                    06:a4:e3:17:d1:66:17:de:82:fb:b6:32:08:2a:8a:
                    f5:98:a2:7c:3c:6e:3c:d6:de:a8:fd:69:ec:61:b5:
                    c0:85:a1:6e:d3:a9:64:a6:e3:70:4b:37:89:e7:04:
                    7c:ad:4d:ca:f2:18:89:56:92:32:15:59:28:1b:cc:
                    72:43:90:51:a8:1b:7f:0a:0a:8c:38:38:2d:46:bd:
                    2a:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:A6:46:5E:C0:0B:87:34:87:B2:AB:D6:C5:C5:47:82:EA:0C:50:C7
            X509v3 Authority Key Identifier:
                keyid:BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/3ad2ae9c-d505-4b53-8a03-c0034602d40e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  23.251.224.0/24

    Signature Algorithm: sha256WithRSAEncryption
         77:ea:69:e0:cb:52:fb:70:2a:c1:1d:48:1b:e4:8e:36:44:26:
         fb:d9:08:cb:f3:e3:5e:71:a1:ab:05:3f:a8:ea:2d:5a:49:22:
         71:77:7f:29:80:79:e8:ac:1f:bb:83:6b:f2:67:05:d9:aa:7c:
         6b:01:34:74:f6:21:d2:cc:7d:e2:04:ce:55:ea:05:4e:87:76:
         b7:97:7c:75:df:1a:5f:b3:12:ec:8a:dc:73:bc:95:2f:59:7b:
         b3:85:2f:3f:90:3d:e1:7c:8a:6b:bc:cc:5c:d0:4d:86:c9:5a:
         e8:d1:4e:ce:50:bf:b3:74:bd:07:09:ea:2e:22:f0:84:26:ad:
         1d:4c:ff:9f:90:6c:08:1b:a0:e0:8e:bc:80:1d:22:72:73:84:
         bc:e7:21:65:41:9f:e9:56:80:c8:7c:43:c9:6d:eb:1f:87:78:
         b6:93:10:28:8d:ac:65:64:47:c4:33:06:e0:25:8a:b5:32:0f:
         52:b6:14:6c:37:c3:32:c4:f5:17:15:e6:2a:46:4b:a2:c9:0d:
         f1:c4:0d:64:ce:c3:1a:de:6d:61:c1:13:6d:6e:17:c3:c8:0e:
         df:d4:37:71:6d:ba:7c:81:d4:e5:67:bb:5a:5e:5a:52:d8:e6:
         2c:fc:df:70:c8:d6:ad:2c:54:27:81:43:86:95:5a:b6:ca:d5:
         ab:50:77:ee
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUDOGNXaWcU7aTYDWoyN8HaaXshRcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2ZTNmNWM0NmU5YzJm
MmQxZDMwOWRmYmQ5ZDJhZjUwHhcNMjMwOTA5MDAwMDAwWhcNMjMxMDE0MjM1OTU5
WjB6MUkwRwYDVQQFE0BlZThlMGE1OTVmZWJlNzE2ZmUyMTJkZDlmMjE4ODVkN2I1
NWRhZWU3NzU3YjY1MDQ2NWVhNGU5MDlmMWVmMmYxMS0wKwYDVQQDEyQ0MjUxOWVi
OS05NTc5LTQ5NzktYmRhZi0xNjRhYmQwZTI5MGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCXhIWxS5A2WS0yK1IuJsbymBmq0zeufcb1mvrvCpU1YoIP
y7+QoVVFRyC7wKqXwlR2p6JhkNgpfRRIjHj9wxn0IBMFr9ak6i/Fsmwe8E8CsRaa
wDMnRuPf9AazKj6hI27Yj1ywocskUl61ziPer3qvA8pZUls2rFK+N9+/4Wkt+Dj2
SlAiqNUOWdB9fitW+awmcbDhmm+pORsP6vjTlpc6LNlxttDTKieZEduv43lSH/xa
LAak4xfRZhfegvu2MggqivWYonw8bjzW3qj9aexhtcCFoW7TqWSm43BLN4nnBHyt
TcryGIlWkjIVWSgbzHJDkFGoG38KCow4OC1GvSrfAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUaKZGXsALhzSHsqvWxcVHguoMUMcwHwYDVR0jBBgwFoAUvJOucQ+vFCI2
CC+O2WtWy6nVAo0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xMDU5YjUyZC04
NDZhLTRjYmUtYTdkYi03OTZmMWRkOGI5MjkvZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2
ZTNmNWM0NmU5YzJmMmQxZDMwOWRmYmQ5ZDJhZjUuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvYjhhMWRkMjUtYzMxMy00ZjI1LWFjMjEtYmY1
NTUxNGQ5YzdkLzNhZDJhZTljLWQ1MDUtNGI1My04YTAzLWMwMDM0NjAyZDQwZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I4YTFkZDI1LWMzMTMtNGYyNS1hYzIx
LWJmNTU1MTRkOWM3ZC9heHNPcmkxdVAxeEc2Y0x5MGRNSjM3MmRLdlUuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAX++AwDQYJKoZIhvcNAQELBQADggEBAHfqaeDLUvtwKsEdSBvkjjZEJvvZ
CMvz415xoasFP6jqLVpJInF3fymAeeisH7uDa/JnBdmqfGsBNHT2IdLMfeIEzlXq
BU6HdreXfHXfGl+zEuyK3HO8lS9Ze7OFLz+QPeF8imu8zFzQTYbJWujRTs5Qv7N0
vQcJ6i4i8IQmrR1M/5+QbAgboOCOvIAdInJzhLznIWVBn+lWgMh8Q8lt6x+HeLaT
ECiNrGVkR8QzBuAlirUyD1K2FGw3wzLE9RcV5ipGS6LJDfHEDWTOwxrebWHBE21u
F8PIDt/UN3FtunyB1OVnu1peWlLY5iz833DI1q0sVCeBQ4aVWrbK1atQd+4=
-----END CERTIFICATE-----
Generated at Sat Sep 9 00:20:01 2023 by rpki-client on console-ams.rpki-client.org