Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/5445d11e-52a9-4731-8647-9a8be823a511.roa
File:                     5445d11e-52a9-4731-8647-9a8be823a511.roa (raw, json)
Hash identifier:          BcftzkC1BxiUDvdvkvOVTJNF1WsaPsd9bflGCPYDklo=
Subject key identifier:   4B:C6:B7:DC:37:3D:B3:6C:1F:05:B8:3C:9C:A1:6F:1B:04:D8:83:9C
Certificate issuer:       /CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
Certificate serial:       45A4E476718BA4EE8520587CC3F2ABCDC217FD9F
Authority key identifier: BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/5445d11e-52a9-4731-8647-9a8be823a511.roa
Signing time:             Sat 21 Sep 2024 00:00:00 +0000
ROA not before:           Sat 21 Sep 2024 00:00:00 +0000
ROA not after:            Sat 26 Oct 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        23.251.246.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 10 Oct 2024 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            45:a4:e4:76:71:8b:a4:ee:85:20:58:7c:c3:f2:ab:cd:c2:17:fd:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
        Validity
            Not Before: Sep 21 00:00:00 2024 GMT
            Not After : Oct 26 23:59:59 2024 GMT
        Subject: serialNumber=ef12607bfbb6bca5cec0516c361a125a30b3f5bd30639c84f51c3cc28deb8260, CN=42519eb9-9579-4979-bdaf-164abd0e290e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:47:fb:af:33:b2:50:e4:f8:d9:50:e5:c2:fe:
                    bb:63:6f:e2:19:a0:18:2d:be:7c:e7:4e:b8:dd:e7:
                    03:93:56:bf:59:18:9a:58:65:66:74:0b:98:ea:f7:
                    c6:7e:af:8c:d3:9d:d8:5e:43:6e:82:49:79:67:44:
                    a8:3d:c0:2c:2e:1b:a4:43:27:aa:6c:cf:82:8f:55:
                    21:22:f2:b2:3c:ff:08:56:d1:c4:ea:36:ee:40:c0:
                    26:dc:19:45:41:2a:c5:bb:17:3f:61:9f:a7:82:0c:
                    da:e0:97:d6:70:28:28:90:97:cf:16:4d:79:9c:0a:
                    67:9b:2b:bc:7f:78:ae:cb:9c:0a:30:d0:0f:59:0c:
                    1f:eb:a1:36:69:fa:cd:1e:7c:b7:fe:a1:9a:9f:1e:
                    10:de:a8:06:7d:e6:9e:ca:af:43:27:cd:7c:08:d5:
                    9e:3c:7e:cb:bf:e8:69:3b:d2:fc:5f:47:a4:16:11:
                    ff:55:f5:6c:3f:7e:16:60:3c:a6:0c:35:d5:0a:a3:
                    2f:2c:8e:00:06:f1:f7:66:e2:b2:3e:e3:ce:d4:08:
                    89:5b:fb:ef:13:f1:db:3f:46:b2:5a:af:b5:a1:64:
                    2a:0b:39:e3:11:e0:83:60:cc:0b:9e:c6:e5:d1:a7:
                    2d:59:a2:1a:0b:33:6f:a3:84:1b:fc:59:6d:c8:f4:
                    d4:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:C6:B7:DC:37:3D:B3:6C:1F:05:B8:3C:9C:A1:6F:1B:04:D8:83:9C
            X509v3 Authority Key Identifier:
                keyid:BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/5445d11e-52a9-4731-8647-9a8be823a511.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  23.251.246.0/23

    Signature Algorithm: sha256WithRSAEncryption
         92:92:0b:62:ec:d3:49:02:08:fb:cf:60:ce:1f:81:69:73:f8:
         03:ef:02:7c:c0:22:85:e3:f3:fe:14:4f:6d:ad:d6:d0:78:09:
         71:ff:37:69:1e:c7:b0:d9:5d:a4:ca:88:8a:75:a5:f1:c6:0d:
         c7:69:19:f8:2c:d9:b2:c7:95:71:48:bd:24:5f:eb:7e:5c:7a:
         6a:3d:9b:74:d3:3e:c3:42:0a:e9:60:04:58:64:21:d9:d3:77:
         29:7b:13:c6:17:85:c9:2a:88:5e:a5:6b:ed:50:54:6f:04:dd:
         dd:ca:02:6d:cf:6d:b9:2e:04:db:d0:7c:c8:63:7d:ee:cf:1c:
         db:0b:01:71:6e:22:ea:ae:40:c6:61:b7:0e:4f:94:56:04:ac:
         0b:1f:70:e3:79:0d:97:c4:c9:ea:4e:db:5a:d8:86:a0:fa:b6:
         0e:1a:01:7f:72:82:aa:c6:95:74:79:8b:20:d7:68:52:84:28:
         0d:d2:b2:b7:5e:88:ed:4e:a2:9f:6c:d8:1d:51:17:db:89:27:
         8e:0d:a2:82:c5:1b:19:17:66:11:36:29:ba:df:e3:ba:75:c6:
         48:95:78:77:ee:09:0c:77:39:01:94:56:6c:d6:af:1c:79:8d:
         96:01:2a:b5:f5:49:aa:34:a3:16:88:c2:8a:8a:b1:2c:61:36:
         08:94:2d:1f
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIURaTkdnGLpO6FIFh8w/KrzcIX/Z8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2ZTNmNWM0NmU5YzJm
MmQxZDMwOWRmYmQ5ZDJhZjUwHhcNMjQwOTIxMDAwMDAwWhcNMjQxMDI2MjM1OTU5
WjB6MUkwRwYDVQQFE0BlZjEyNjA3YmZiYjZiY2E1Y2VjMDUxNmMzNjFhMTI1YTMw
YjNmNWJkMzA2MzljODRmNTFjM2NjMjhkZWI4MjYwMS0wKwYDVQQDEyQ0MjUxOWVi
OS05NTc5LTQ5NzktYmRhZi0xNjRhYmQwZTI5MGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCXR/uvM7JQ5PjZUOXC/rtjb+IZoBgtvnznTrjd5wOTVr9Z
GJpYZWZ0C5jq98Z+r4zTndheQ26CSXlnRKg9wCwuG6RDJ6psz4KPVSEi8rI8/whW
0cTqNu5AwCbcGUVBKsW7Fz9hn6eCDNrgl9ZwKCiQl88WTXmcCmebK7x/eK7LnAow
0A9ZDB/roTZp+s0efLf+oZqfHhDeqAZ95p7Kr0MnzXwI1Z48fsu/6Gk70vxfR6QW
Ef9V9Ww/fhZgPKYMNdUKoy8sjgAG8fdm4rI+487UCIlb++8T8ds/RrJar7WhZCoL
OeMR4INgzAuexuXRpy1ZohoLM2+jhBv8WW3I9NQDAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUS8a33Dc9s2wfBbg8nKFvGwTYg5wwHwYDVR0jBBgwFoAUvJOucQ+vFCI2
CC+O2WtWy6nVAo0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xMDU5YjUyZC04
NDZhLTRjYmUtYTdkYi03OTZmMWRkOGI5MjkvZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2
ZTNmNWM0NmU5YzJmMmQxZDMwOWRmYmQ5ZDJhZjUuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvYjhhMWRkMjUtYzMxMy00ZjI1LWFjMjEtYmY1
NTUxNGQ5YzdkLzU0NDVkMTFlLTUyYTktNDczMS04NjQ3LTlhOGJlODIzYTUxMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I4YTFkZDI1LWMzMTMtNGYyNS1hYzIx
LWJmNTU1MTRkOWM3ZC9heHNPcmkxdVAxeEc2Y0x5MGRNSjM3MmRLdlUuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAEX+/YwDQYJKoZIhvcNAQELBQADggEBAJKSC2Ls00kCCPvPYM4fgWlz+APv
AnzAIoXj8/4UT22t1tB4CXH/N2kex7DZXaTKiIp1pfHGDcdpGfgs2bLHlXFIvSRf
635cemo9m3TTPsNCCulgBFhkIdnTdyl7E8YXhckqiF6la+1QVG8E3d3KAm3Pbbku
BNvQfMhjfe7PHNsLAXFuIuquQMZhtw5PlFYErAsfcON5DZfEyepO21rYhqD6tg4a
AX9ygqrGlXR5iyDXaFKEKA3SsrdeiO1Oop9s2B1RF9uJJ44NooLFGxkXZhE2Kbrf
47p1xkiVeHfuCQx3OQGUVmzWrxx5jZYBKrX1Sao0oxaIwoqKsSxhNgiULR8=
-----END CERTIFICATE-----
Generated at Wed Oct 9 01:15:17 2024 by rpki-client on console-fra.rpki-client.org