Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/5eadccc1-2a48-4240-972e-4e5473a01e2e.roa
File:                     5eadccc1-2a48-4240-972e-4e5473a01e2e.roa (raw, json)
Hash identifier:          Sv12u1bfQKLyxSGbNXQO7PUNnbrCj6LdtK4FOlddppY=
Subject key identifier:   DC:41:40:A3:FF:1B:A9:BE:AF:BE:29:10:76:D9:23:CA:00:52:87:37
Certificate issuer:       /CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
Certificate serial:       056ADD341031578CC67B4F36EB8A4D4B2BD715EA
Authority key identifier: BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/5eadccc1-2a48-4240-972e-4e5473a01e2e.roa
Signing time:             Sat 23 Sep 2023 00:00:00 +0000
ROA not before:           Sat 23 Sep 2023 00:00:00 +0000
ROA not after:            Sat 28 Oct 2023 23:59:59 +0000
asID:                     16509
IP address blocks:        23.249.208.0/20 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 24 Sep 2023 12:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            05:6a:dd:34:10:31:57:8c:c6:7b:4f:36:eb:8a:4d:4b:2b:d7:15:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
        Validity
            Not Before: Sep 23 00:00:00 2023 GMT
            Not After : Oct 28 23:59:59 2023 GMT
        Subject: serialNumber=d6d7caeba4c3da6d4098aaf0900e75d44578587b93eb9def694a6d41d8034c1e, CN=42519eb9-9579-4979-bdaf-164abd0e290e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:c2:47:af:bc:6a:1e:21:b6:c8:b2:65:f1:8f:
                    8f:4f:85:94:0c:59:53:88:e3:d2:a0:b3:dc:45:7a:
                    18:bd:a7:fc:ae:29:ea:0d:af:a5:74:03:3d:9e:b1:
                    d0:89:e2:fa:38:98:58:2d:b3:f6:b4:a2:eb:65:45:
                    40:9d:f8:f3:1a:40:6c:d0:b7:9c:e8:81:3d:13:73:
                    4c:4a:ff:74:8e:f6:08:94:a7:f6:32:07:9c:b6:d3:
                    f5:8c:fc:1c:02:13:bf:ef:9f:c5:c7:4f:3c:50:2c:
                    d9:26:33:f2:26:72:eb:a9:f9:8a:68:d9:26:2c:01:
                    f0:1b:68:26:00:ea:76:f5:02:5f:70:0d:14:47:28:
                    4c:9a:c3:97:ce:2b:bb:83:d4:50:18:61:ba:28:17:
                    eb:7c:13:09:f2:ef:54:21:ae:01:d4:03:a1:fd:39:
                    14:aa:cb:bc:ec:50:08:d7:cf:81:4e:99:c9:4a:b6:
                    2f:14:7b:a4:07:ae:c8:ce:22:a7:11:6e:a6:c2:98:
                    a4:2f:16:f8:99:fe:d9:28:70:bc:5e:40:42:9b:c4:
                    81:b9:73:e8:91:15:af:31:80:c2:d1:0f:44:7e:fe:
                    8f:84:5f:51:05:a9:b6:28:ce:e0:6c:43:66:84:56:
                    49:6c:7e:27:79:4c:86:70:a1:a3:85:1e:4f:b5:d8:
                    85:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:41:40:A3:FF:1B:A9:BE:AF:BE:29:10:76:D9:23:CA:00:52:87:37
            X509v3 Authority Key Identifier:
                keyid:BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/5eadccc1-2a48-4240-972e-4e5473a01e2e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  23.249.208.0/20

    Signature Algorithm: sha256WithRSAEncryption
         60:f0:31:8c:65:47:93:3c:7c:31:5c:f4:63:fb:ca:65:8b:1c:
         e1:8c:bf:05:7e:db:c9:19:ae:d1:38:25:fd:11:5f:03:2f:a1:
         be:67:1a:2f:f2:da:f3:e7:bc:42:f3:d3:96:40:63:72:1f:f9:
         21:d8:30:7d:96:8f:46:83:17:19:c1:31:b1:21:4d:7a:7c:79:
         0b:eb:e3:86:7f:09:5f:d4:6e:46:f9:1c:be:c9:9e:88:9f:67:
         b8:76:8f:b4:45:6c:09:e5:2b:58:60:a2:fc:04:8b:da:49:7f:
         49:1a:78:3c:e2:7c:94:3b:fb:1f:21:47:d3:55:f2:c4:8f:89:
         25:73:49:96:87:6c:54:79:5e:a0:5a:3e:af:b1:29:71:9e:4d:
         2e:b7:95:58:bc:39:fd:05:da:01:ad:cb:d0:d5:55:2d:f9:ed:
         40:ff:57:83:16:5d:bf:01:91:b4:dc:c2:ae:8b:3c:7b:1a:0c:
         2c:10:50:39:8a:48:b6:c9:f2:0e:29:44:75:d5:9e:1d:43:f5:
         5b:f9:b2:01:ad:0c:03:eb:d2:02:db:fc:55:af:35:20:9f:60:
         16:68:fd:48:16:91:4a:4d:96:f7:fa:d9:b9:25:2c:22:66:d4:
         92:a9:8a:6e:2d:93:59:f4:74:1a:e0:bc:ae:9b:55:1f:1f:ea:
         ff:ad:37:c9
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUBWrdNBAxV4zGe08264pNSyvXFeowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2ZTNmNWM0NmU5YzJm
MmQxZDMwOWRmYmQ5ZDJhZjUwHhcNMjMwOTIzMDAwMDAwWhcNMjMxMDI4MjM1OTU5
WjB6MUkwRwYDVQQFE0BkNmQ3Y2FlYmE0YzNkYTZkNDA5OGFhZjA5MDBlNzVkNDQ1
Nzg1ODdiOTNlYjlkZWY2OTRhNmQ0MWQ4MDM0YzFlMS0wKwYDVQQDEyQ0MjUxOWVi
OS05NTc5LTQ5NzktYmRhZi0xNjRhYmQwZTI5MGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDJwkevvGoeIbbIsmXxj49PhZQMWVOI49Kgs9xFehi9p/yu
KeoNr6V0Az2esdCJ4vo4mFgts/a0outlRUCd+PMaQGzQt5zogT0Tc0xK/3SO9giU
p/YyB5y20/WM/BwCE7/vn8XHTzxQLNkmM/Imcuup+Ypo2SYsAfAbaCYA6nb1Al9w
DRRHKEyaw5fOK7uD1FAYYbooF+t8Ewny71QhrgHUA6H9ORSqy7zsUAjXz4FOmclK
ti8Ue6QHrsjOIqcRbqbCmKQvFviZ/tkocLxeQEKbxIG5c+iRFa8xgMLRD0R+/o+E
X1EFqbYozuBsQ2aEVklsfid5TIZwoaOFHk+12IUZAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU3EFAo/8bqb6vvikQdtkjygBShzcwHwYDVR0jBBgwFoAUvJOucQ+vFCI2
CC+O2WtWy6nVAo0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xMDU5YjUyZC04
NDZhLTRjYmUtYTdkYi03OTZmMWRkOGI5MjkvZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2
ZTNmNWM0NmU5YzJmMmQxZDMwOWRmYmQ5ZDJhZjUuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvYjhhMWRkMjUtYzMxMy00ZjI1LWFjMjEtYmY1
NTUxNGQ5YzdkLzVlYWRjY2MxLTJhNDgtNDI0MC05NzJlLTRlNTQ3M2EwMWUyZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I4YTFkZDI1LWMzMTMtNGYyNS1hYzIx
LWJmNTU1MTRkOWM3ZC9heHNPcmkxdVAxeEc2Y0x5MGRNSjM3MmRLdlUuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAQX+dAwDQYJKoZIhvcNAQELBQADggEBAGDwMYxlR5M8fDFc9GP7ymWLHOGM
vwV+28kZrtE4Jf0RXwMvob5nGi/y2vPnvELz05ZAY3If+SHYMH2Wj0aDFxnBMbEh
TXp8eQvr44Z/CV/Ubkb5HL7JnoifZ7h2j7RFbAnlK1hgovwEi9pJf0kaeDzifJQ7
+x8hR9NV8sSPiSVzSZaHbFR5XqBaPq+xKXGeTS63lVi8Of0F2gGty9DVVS357UD/
V4MWXb8BkbTcwq6LPHsaDCwQUDmKSLbJ8g4pRHXVnh1D9Vv5sgGtDAPr0gLb/FWv
NSCfYBZo/UgWkUpNlvf62bklLCJm1JKpim4tk1n0dBrgvK6bVR8f6v+tN8k=
-----END CERTIFICATE-----
Generated at Sat Sep 23 00:38:48 2023 by rpki-client on console-ams.rpki-client.org