Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/5d34f797-6d16-498a-b66d-8c7d0fcac77f.roa
File:                     5d34f797-6d16-498a-b66d-8c7d0fcac77f.roa (raw, json)
Hash identifier:          pvqKEgTDGUtA4JNG0x9m74eIHaHilpM5BUVZYPSsD0k=
Subject key identifier:   E1:80:4F:19:DD:CF:FF:4A:B4:E8:37:E5:2C:49:1D:56:06:74:6E:BB
Certificate issuer:       /CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
Certificate serial:       24E6CC58E9BB01F3EEE19328F1A90B2428F0DEBE
Authority key identifier: BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/5d34f797-6d16-498a-b66d-8c7d0fcac77f.roa
Signing time:             Tue 06 May 2025 00:00:49 +0000
ROA not before:           Tue 06 May 2025 00:00:49 +0000
ROA not after:            Tue 10 Jun 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        23.251.233.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 10 May 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            24:e6:cc:58:e9:bb:01:f3:ee:e1:93:28:f1:a9:0b:24:28:f0:de:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
        Validity
            Not Before: May  6 00:00:49 2025 GMT
            Not After : Jun 10 23:59:59 2025 GMT
        Subject: serialNumber=540139798ccdd8a0d1705c6e220449f09425a640fc0a35e89f0e1b2e0dde1a99, CN=42519eb9-9579-4979-bdaf-164abd0e290e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:6b:b9:50:6e:fe:ff:a4:0e:f1:1c:06:18:72:
                    fe:ef:b0:ab:01:4b:7d:32:df:b4:a2:5c:e6:35:34:
                    8b:66:4a:f7:35:52:69:d9:dd:85:26:84:d5:6d:c1:
                    e7:2c:3e:75:a0:45:38:9f:fe:e4:50:75:85:a6:f2:
                    77:8d:84:91:df:c7:de:f2:04:ec:96:98:49:65:6b:
                    ec:3d:78:44:ce:40:1a:4d:71:75:a1:35:8a:f4:0c:
                    12:3f:91:36:e7:bc:bc:1a:b9:b1:c6:e1:aa:78:09:
                    0a:d4:5a:fe:a3:3a:90:5d:5f:ab:12:98:43:52:7d:
                    bf:f6:8d:b4:51:b8:d7:1c:6d:cb:4b:54:a0:3c:0b:
                    d7:1d:18:6e:b5:91:3a:f1:38:e5:81:ec:6e:c0:68:
                    17:2b:e5:1f:1b:84:69:a4:68:be:e9:47:a6:6f:88:
                    6a:65:92:4b:63:95:0c:a6:f6:aa:e4:e5:b4:f7:af:
                    88:28:9d:47:7a:a2:01:d1:39:88:a9:2b:b3:9c:71:
                    98:e9:4f:86:da:f4:22:d1:bc:fd:29:68:0f:0b:0c:
                    d3:8b:c7:c9:2d:5c:7b:d6:02:e8:a6:20:c5:da:fa:
                    62:84:b0:86:16:09:83:dd:a5:53:8c:ef:16:c4:38:
                    5e:e3:6f:6f:1d:f1:ba:45:fc:43:af:c0:7d:97:cc:
                    ec:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:80:4F:19:DD:CF:FF:4A:B4:E8:37:E5:2C:49:1D:56:06:74:6E:BB
            X509v3 Authority Key Identifier:
                keyid:BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/5d34f797-6d16-498a-b66d-8c7d0fcac77f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  23.251.233.0/24

    Signature Algorithm: sha256WithRSAEncryption
         48:34:7e:f9:07:b6:3e:8d:aa:ea:83:0c:74:ef:71:2e:82:1b:
         5a:ad:87:d4:1a:5b:06:c1:30:93:27:5e:49:8e:6a:5b:63:4e:
         4f:15:e8:4d:19:09:63:79:2d:10:07:f1:f5:31:85:df:79:2b:
         38:87:6e:0c:e0:8c:99:41:31:7c:ad:5b:2d:ef:90:98:6c:11:
         6a:32:f6:d5:10:2b:8a:8b:84:01:f9:c9:12:6a:69:56:ed:47:
         04:f3:60:34:81:8e:28:8f:bb:cf:c7:99:dd:24:52:6c:a7:34:
         2c:7d:e3:e5:2d:20:de:21:86:a7:0f:0a:1a:cf:71:9c:81:84:
         91:07:71:f9:e6:38:5d:4c:86:c7:35:9b:b2:3b:23:de:f4:1d:
         87:55:3b:2b:bc:3a:77:13:77:d0:95:b9:84:39:9a:5d:94:74:
         8d:22:c6:25:86:20:12:49:42:64:cf:52:ca:83:18:05:e8:83:
         96:2e:a4:a3:80:b6:fa:53:7d:3f:2c:05:ec:bd:d5:2f:f2:e9:
         f4:41:81:15:0a:41:dd:d0:16:df:12:12:61:ff:b4:7a:a6:de:
         11:0a:e3:b2:fa:c3:c2:91:93:72:38:64:2c:cd:e5:32:f4:22:
         23:dd:5c:93:60:dd:1d:30:1d:2a:74:ed:61:fd:55:66:7c:44:
         1b:5b:5f:ff
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUJObMWOm7AfPu4ZMo8akLJCjw3r4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2ZTNmNWM0NmU5YzJm
MmQxZDMwOWRmYmQ5ZDJhZjUwHhcNMjUwNTA2MDAwMDQ5WhcNMjUwNjEwMjM1OTU5
WjB6MUkwRwYDVQQFE0A1NDAxMzk3OThjY2RkOGEwZDE3MDVjNmUyMjA0NDlmMDk0
MjVhNjQwZmMwYTM1ZTg5ZjBlMWIyZTBkZGUxYTk5MS0wKwYDVQQDEyQ0MjUxOWVi
OS05NTc5LTQ5NzktYmRhZi0xNjRhYmQwZTI5MGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDNa7lQbv7/pA7xHAYYcv7vsKsBS30y37SiXOY1NItmSvc1
UmnZ3YUmhNVtwecsPnWgRTif/uRQdYWm8neNhJHfx97yBOyWmElla+w9eETOQBpN
cXWhNYr0DBI/kTbnvLwaubHG4ap4CQrUWv6jOpBdX6sSmENSfb/2jbRRuNccbctL
VKA8C9cdGG61kTrxOOWB7G7AaBcr5R8bhGmkaL7pR6ZviGplkktjlQym9qrk5bT3
r4gonUd6ogHROYipK7OccZjpT4ba9CLRvP0paA8LDNOLx8ktXHvWAuimIMXa+mKE
sIYWCYPdpVOM7xbEOF7jb28d8bpF/EOvwH2XzOxZAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU4YBPGd3P/0q06DflLEkdVgZ0brswHwYDVR0jBBgwFoAUvJOucQ+vFCI2
CC+O2WtWy6nVAo0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xMDU5YjUyZC04
NDZhLTRjYmUtYTdkYi03OTZmMWRkOGI5MjkvZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2
ZTNmNWM0NmU5YzJmMmQxZDMwOWRmYmQ5ZDJhZjUuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvYjhhMWRkMjUtYzMxMy00ZjI1LWFjMjEtYmY1
NTUxNGQ5YzdkLzVkMzRmNzk3LTZkMTYtNDk4YS1iNjZkLThjN2QwZmNhYzc3Zi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I4YTFkZDI1LWMzMTMtNGYyNS1hYzIx
LWJmNTU1MTRkOWM3ZC9heHNPcmkxdVAxeEc2Y0x5MGRNSjM3MmRLdlUuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAX++kwDQYJKoZIhvcNAQELBQADggEBAEg0fvkHtj6NquqDDHTvcS6CG1qt
h9QaWwbBMJMnXkmOaltjTk8V6E0ZCWN5LRAH8fUxhd95KziHbgzgjJlBMXytWy3v
kJhsEWoy9tUQK4qLhAH5yRJqaVbtRwTzYDSBjiiPu8/Hmd0kUmynNCx94+UtIN4h
hqcPChrPcZyBhJEHcfnmOF1Mhsc1m7I7I970HYdVOyu8OncTd9CVuYQ5ml2UdI0i
xiWGIBJJQmTPUsqDGAXog5YupKOAtvpTfT8sBey91S/y6fRBgRUKQd3QFt8SEmH/
tHqm3hEK47L6w8KRk3I4ZCzN5TL0IiPdXJNg3R0wHSp07WH9VWZ8RBtbX/8=
-----END CERTIFICATE-----
Generated at Fri May 9 08:52:44 2025 by rpki-client