Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/639621c0-050e-4e66-b3a2-1dd129de2c24.roa
File:                     639621c0-050e-4e66-b3a2-1dd129de2c24.roa (raw, json)
Hash identifier:          EqP8d4xRxx+DrBEc+k+G5XTOY34B+CnxbieQVfHrIuA=
Subject key identifier:   C3:2D:C0:AE:8D:90:E8:30:0D:A3:38:7C:46:D8:78:D8:97:DA:5F:DB
Certificate issuer:       /CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
Certificate serial:       786B2E0E0C158152E1816A7021C6ACF18B3459B8
Authority key identifier: BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/639621c0-050e-4e66-b3a2-1dd129de2c24.roa
Signing time:             Sat 25 Jan 2025 00:00:00 +0000
ROA not before:           Sat 25 Jan 2025 00:00:00 +0000
ROA not after:            Sat 01 Mar 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        76.223.182.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 17 Feb 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            78:6b:2e:0e:0c:15:81:52:e1:81:6a:70:21:c6:ac:f1:8b:34:59:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
        Validity
            Not Before: Jan 25 00:00:00 2025 GMT
            Not After : Mar  1 23:59:59 2025 GMT
        Subject: CN=42519eb9-9579-4979-bdaf-164abd0e290e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:a9:90:57:5a:25:57:f9:0f:87:72:94:e6:14:
                    99:72:52:ee:8c:68:d3:90:c4:d8:28:43:58:a2:3e:
                    11:7e:20:3a:c5:cb:a0:4d:eb:e6:8c:7e:ec:ef:13:
                    44:78:b2:9c:21:a6:96:58:ae:b8:fd:a9:d7:cd:2f:
                    36:d1:9c:37:bf:2a:af:e2:19:78:ae:3c:ad:46:33:
                    4a:61:44:a4:6b:86:05:97:b5:3b:54:45:50:b6:25:
                    13:d5:ca:38:fe:ef:a5:3a:88:56:01:c8:ec:fa:f4:
                    55:9e:98:a4:97:2e:c5:07:a3:28:17:49:23:f2:39:
                    4f:cd:a8:70:d6:8f:63:f2:3f:d5:94:cf:f0:c4:5a:
                    8f:15:4b:77:87:e0:ea:8a:18:93:d1:b6:03:71:c7:
                    5c:1f:ce:db:f7:7e:e2:3d:d7:7d:7c:11:5e:27:4b:
                    4e:75:6e:43:68:f5:bb:35:7c:66:42:da:0a:bd:1d:
                    12:62:17:e1:96:da:00:d3:d6:4f:d4:91:9d:25:f9:
                    14:39:4c:af:3a:62:92:d0:30:65:0f:7b:e3:cd:7d:
                    aa:10:5c:f6:69:96:74:0e:d7:c5:9f:d8:19:4a:f4:
                    db:6d:59:f1:da:e8:b1:e2:42:79:9a:1f:71:e3:f9:
                    75:3e:79:54:54:6a:2b:a2:4b:3a:cb:ea:da:fc:3b:
                    d7:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:2D:C0:AE:8D:90:E8:30:0D:A3:38:7C:46:D8:78:D8:97:DA:5F:DB
            X509v3 Authority Key Identifier:
                keyid:BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/639621c0-050e-4e66-b3a2-1dd129de2c24.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  76.223.182.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1d:0f:90:0a:f4:50:48:cd:20:ca:bb:9e:3e:bf:45:e2:6b:aa:
         7e:b3:bb:ae:c6:07:1f:f7:07:2c:c3:9f:2c:3b:8d:60:12:d2:
         a0:5f:40:57:90:03:f0:ec:c5:3c:46:dd:75:7c:52:f5:0b:e6:
         14:5e:e1:91:4f:d7:e4:33:30:32:23:30:09:d5:8b:06:06:ac:
         38:09:02:30:79:9c:f7:15:64:80:b2:17:5c:4c:c7:2e:ee:8a:
         81:15:52:1b:6f:e8:e8:3c:ee:52:22:e1:3d:85:4a:7b:95:0b:
         af:7e:c1:87:f4:df:2e:65:79:16:97:cc:e6:da:64:d6:ca:13:
         fa:48:7a:8f:8b:49:e9:cc:33:99:f4:8f:e6:32:2e:0c:f5:91:
         27:a6:f7:f9:f1:0b:a1:56:a9:aa:c1:12:cc:b4:05:b1:75:22:
         19:da:72:18:d8:9c:f3:56:e3:48:69:30:34:61:b5:9f:1c:af:
         68:ec:ed:4d:75:77:7f:30:ef:99:17:c3:df:15:5e:eb:70:31:
         99:37:79:94:7e:6b:9e:53:a3:3a:8f:5e:eb:93:f0:c9:77:c6:
         99:5f:a0:98:48:f8:a5:bb:e1:b2:7f:66:b9:e3:ae:d2:4b:28:
         83:df:0c:6f:da:3a:b4:e9:85:87:4f:ee:03:74:25:1e:72:15:
         a9:c9:39:aa
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUeGsuDgwVgVLhgWpwIcas8Ys0WbgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2ZTNmNWM0NmU5YzJm
MmQxZDMwOWRmYmQ5ZDJhZjUwHhcNMjUwMTI1MDAwMDAwWhcNMjUwMzAxMjM1OTU5
WjB6MUkwRwYDVQQFE0BlYmIwNTVlYjkxYTVkM2MyOTRhZTE1MTllYTYxZjMzYjU3
YmE1N2MwMWVhNWQ2OWM4YzFkNDhhZmI5M2Q1MGViMS0wKwYDVQQDEyQ0MjUxOWVi
OS05NTc5LTQ5NzktYmRhZi0xNjRhYmQwZTI5MGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCeqZBXWiVX+Q+HcpTmFJlyUu6MaNOQxNgoQ1iiPhF+IDrF
y6BN6+aMfuzvE0R4spwhppZYrrj9qdfNLzbRnDe/Kq/iGXiuPK1GM0phRKRrhgWX
tTtURVC2JRPVyjj+76U6iFYByOz69FWemKSXLsUHoygXSSPyOU/NqHDWj2PyP9WU
z/DEWo8VS3eH4OqKGJPRtgNxx1wfztv3fuI91318EV4nS051bkNo9bs1fGZC2gq9
HRJiF+GW2gDT1k/UkZ0l+RQ5TK86YpLQMGUPe+PNfaoQXPZplnQO18Wf2BlK9Ntt
WfHa6LHiQnmaH3Hj+XU+eVRUaiuiSzrL6tr8O9clAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUwy3Aro2Q6DANozh8Rth42JfaX9swHwYDVR0jBBgwFoAUvJOucQ+vFCI2
CC+O2WtWy6nVAo0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xMDU5YjUyZC04
NDZhLTRjYmUtYTdkYi03OTZmMWRkOGI5MjkvZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2
ZTNmNWM0NmU5YzJmMmQxZDMwOWRmYmQ5ZDJhZjUuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvYjhhMWRkMjUtYzMxMy00ZjI1LWFjMjEtYmY1
NTUxNGQ5YzdkLzYzOTYyMWMwLTA1MGUtNGU2Ni1iM2EyLTFkZDEyOWRlMmMyNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I4YTFkZDI1LWMzMTMtNGYyNS1hYzIx
LWJmNTU1MTRkOWM3ZC9heHNPcmkxdVAxeEc2Y0x5MGRNSjM3MmRLdlUuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABM37YwDQYJKoZIhvcNAQELBQADggEBAB0PkAr0UEjNIMq7nj6/ReJrqn6z
u67GBx/3ByzDnyw7jWAS0qBfQFeQA/DsxTxG3XV8UvUL5hRe4ZFP1+QzMDIjMAnV
iwYGrDgJAjB5nPcVZICyF1xMxy7uioEVUhtv6Og87lIi4T2FSnuVC69+wYf03y5l
eRaXzObaZNbKE/pIeo+LSenMM5n0j+YyLgz1kSem9/nxC6FWqarBEsy0BbF1Ihna
chjYnPNW40hpMDRhtZ8cr2js7U11d38w75kXw98VXutwMZk3eZR+a55TozqPXuuT
8Ml3xplfoJhI+KW74bJ/ZrnjrtJLKIPfDG/aOrTphYdP7gN0JR5yFanJOao=
-----END CERTIFICATE-----