Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/498f334e-4dc8-4118-b1a1-4c9a15d14b92.roa
File:                     498f334e-4dc8-4118-b1a1-4c9a15d14b92.roa (raw, json)
Hash identifier:          ht4L17AvIwcS8I0o5uUW7yfu4hwxx9w3BAnc+6OiKWs=
Subject key identifier:   4A:0C:41:A6:8E:C7:91:EA:34:7B:45:6D:CE:C3:32:00:7D:6A:32:A6
Certificate issuer:       /CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
Certificate serial:       42A72A39142B0D60D6C3494C173FD28BD85B7DBA
Authority key identifier: BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/498f334e-4dc8-4118-b1a1-4c9a15d14b92.roa
Signing time:             Sat 09 Sep 2023 00:00:00 +0000
ROA not before:           Sat 09 Sep 2023 00:00:00 +0000
ROA not after:            Sat 14 Oct 2023 23:59:59 +0000
asID:                     16509
IP address blocks:        76.223.186.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 10 Sep 2023 12:04:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            42:a7:2a:39:14:2b:0d:60:d6:c3:49:4c:17:3f:d2:8b:d8:5b:7d:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
        Validity
            Not Before: Sep  9 00:00:00 2023 GMT
            Not After : Oct 14 23:59:59 2023 GMT
        Subject: serialNumber=5a8bee094ab09b70ed016f31b15d7c5e7b7a5fb3ec5af023eaeb4b8dd0325bf2, CN=42519eb9-9579-4979-bdaf-164abd0e290e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:0e:32:81:fd:77:80:9a:f9:d3:53:d2:23:6a:
                    c9:7d:22:0f:be:a3:d5:88:a7:c5:de:91:45:21:79:
                    2f:71:48:c2:dd:5a:96:b1:63:ae:fe:41:f1:08:a2:
                    04:9c:71:75:7b:c8:d5:0a:01:dc:78:e9:cf:a1:b4:
                    9e:76:64:75:23:d2:10:ec:ab:76:a2:90:7f:ea:5e:
                    5b:70:a5:bf:32:74:f9:5b:6a:d6:b7:c2:f9:72:26:
                    eb:48:8e:8b:10:c3:9d:4a:56:bd:67:52:a8:69:29:
                    85:74:f3:d2:a4:0f:04:e2:8a:a3:b2:f8:ef:33:ea:
                    8d:af:d8:16:15:43:58:af:32:f0:1b:93:81:6c:b4:
                    ea:74:53:87:5a:e5:ff:65:f7:b8:17:e4:97:6b:0a:
                    de:eb:86:24:eb:c1:5f:6a:64:91:7e:cd:53:c0:7c:
                    1f:2a:81:ef:c1:0a:38:ce:4e:02:15:87:e6:b1:da:
                    3b:2d:da:b4:88:b0:7c:3b:85:e1:a8:48:71:82:5c:
                    65:a0:24:f2:af:72:c2:38:86:8a:ed:de:be:ae:9d:
                    4e:d8:40:f6:29:21:09:ee:23:58:7b:e7:53:b8:25:
                    e0:2d:b9:5d:f9:51:c1:3b:ab:bf:3c:45:7f:86:64:
                    30:25:c0:2c:bf:e0:16:5d:d4:25:ec:a8:23:11:8a:
                    8f:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:0C:41:A6:8E:C7:91:EA:34:7B:45:6D:CE:C3:32:00:7D:6A:32:A6
            X509v3 Authority Key Identifier:
                keyid:BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/498f334e-4dc8-4118-b1a1-4c9a15d14b92.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  76.223.186.0/24

    Signature Algorithm: sha256WithRSAEncryption
         57:b4:75:e9:7a:05:7f:1f:47:45:c1:3d:e0:f1:31:e8:43:59:
         1c:b2:54:00:16:70:f4:c3:4c:5a:1d:fd:3b:14:d0:0e:3a:22:
         b5:61:13:e7:7a:74:15:41:a5:f1:36:ac:6f:8f:27:97:fb:76:
         f1:b9:1d:95:df:17:1c:d8:9c:d9:e9:b0:ac:26:b5:dd:a5:b5:
         f1:6b:8c:e3:9e:ab:5c:ec:9f:2c:05:7c:a2:65:20:4d:ec:67:
         9f:47:f1:82:bf:47:ce:f8:d3:23:25:ca:e8:f8:e0:1a:7e:37:
         16:0c:72:87:c0:2e:7a:cf:ef:84:82:44:2c:81:73:45:cd:8a:
         fd:4b:67:b8:f6:73:5e:fe:0c:95:d7:39:7b:64:57:44:5f:2b:
         ee:d0:87:79:3a:a1:b8:9b:23:59:75:13:e2:d0:52:82:af:3a:
         6b:95:53:b8:ac:8d:7f:60:f8:8f:57:60:f9:77:1c:08:da:9c:
         ba:ed:67:cd:65:0f:64:a7:c0:ff:ab:c1:df:86:ba:6a:0b:23:
         88:d3:d1:ee:20:f7:1d:39:10:20:c4:ae:cc:03:26:98:fa:93:
         9e:15:8d:f5:6d:60:09:10:dc:fa:b1:31:b6:87:8e:2b:4b:46:
         1b:90:fa:15:8d:83:a3:0f:1f:e1:2b:f1:c4:2d:ac:cb:0e:85:
         6d:4d:2c:96
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUQqcqORQrDWDWw0lMFz/Si9hbfbowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2ZTNmNWM0NmU5YzJm
MmQxZDMwOWRmYmQ5ZDJhZjUwHhcNMjMwOTA5MDAwMDAwWhcNMjMxMDE0MjM1OTU5
WjB6MUkwRwYDVQQFE0A1YThiZWUwOTRhYjA5YjcwZWQwMTZmMzFiMTVkN2M1ZTdi
N2E1ZmIzZWM1YWYwMjNlYWViNGI4ZGQwMzI1YmYyMS0wKwYDVQQDEyQ0MjUxOWVi
OS05NTc5LTQ5NzktYmRhZi0xNjRhYmQwZTI5MGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCcDjKB/XeAmvnTU9Ijasl9Ig++o9WIp8XekUUheS9xSMLd
WpaxY67+QfEIogSccXV7yNUKAdx46c+htJ52ZHUj0hDsq3aikH/qXltwpb8ydPlb
ata3wvlyJutIjosQw51KVr1nUqhpKYV089KkDwTiiqOy+O8z6o2v2BYVQ1ivMvAb
k4FstOp0U4da5f9l97gX5JdrCt7rhiTrwV9qZJF+zVPAfB8qge/BCjjOTgIVh+ax
2jst2rSIsHw7heGoSHGCXGWgJPKvcsI4hort3r6unU7YQPYpIQnuI1h751O4JeAt
uV35UcE7q788RX+GZDAlwCy/4BZd1CXsqCMRio8/AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUSgxBpo7Hkeo0e0VtzsMyAH1qMqYwHwYDVR0jBBgwFoAUvJOucQ+vFCI2
CC+O2WtWy6nVAo0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xMDU5YjUyZC04
NDZhLTRjYmUtYTdkYi03OTZmMWRkOGI5MjkvZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2
ZTNmNWM0NmU5YzJmMmQxZDMwOWRmYmQ5ZDJhZjUuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvYjhhMWRkMjUtYzMxMy00ZjI1LWFjMjEtYmY1
NTUxNGQ5YzdkLzQ5OGYzMzRlLTRkYzgtNDExOC1iMWExLTRjOWExNWQxNGI5Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I4YTFkZDI1LWMzMTMtNGYyNS1hYzIx
LWJmNTU1MTRkOWM3ZC9heHNPcmkxdVAxeEc2Y0x5MGRNSjM3MmRLdlUuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABM37owDQYJKoZIhvcNAQELBQADggEBAFe0del6BX8fR0XBPeDxMehDWRyy
VAAWcPTDTFod/TsU0A46IrVhE+d6dBVBpfE2rG+PJ5f7dvG5HZXfFxzYnNnpsKwm
td2ltfFrjOOeq1zsnywFfKJlIE3sZ59H8YK/R8740yMlyuj44Bp+NxYMcofALnrP
74SCRCyBc0XNiv1LZ7j2c17+DJXXOXtkV0RfK+7Qh3k6obibI1l1E+LQUoKvOmuV
U7isjX9g+I9XYPl3HAjanLrtZ81lD2SnwP+rwd+GumoLI4jT0e4g9x05ECDErswD
Jpj6k54VjfVtYAkQ3PqxMbaHjitLRhuQ+hWNg6MPH+Er8cQtrMsOhW1NLJY=
-----END CERTIFICATE-----
Generated at Sat Sep 9 00:26:29 2023 by rpki-client on console-fra.rpki-client.org