Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/639621c0-050e-4e66-b3a2-1dd129de2c24.roa
File:                     639621c0-050e-4e66-b3a2-1dd129de2c24.roa (raw, json)
Hash identifier:          jwPIiXA3vZNaAyMiOdaubBW7ZX4KMRUHXRrkOeBQwR4=
Subject key identifier:   9C:85:46:6E:3D:CD:BD:E7:DD:9B:C5:D3:57:A3:50:6F:48:A2:94:71
Certificate issuer:       /CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
Certificate serial:       2FA8241E2F8DFB35C339754E4BFE70B66F3B1CA8
Authority key identifier: BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/639621c0-050e-4e66-b3a2-1dd129de2c24.roa
Signing time:             Sat 09 Sep 2023 00:00:00 +0000
ROA not before:           Sat 09 Sep 2023 00:00:00 +0000
ROA not after:            Sat 14 Oct 2023 23:59:59 +0000
asID:                     16509
IP address blocks:        76.223.182.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 10 Sep 2023 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2f:a8:24:1e:2f:8d:fb:35:c3:39:75:4e:4b:fe:70:b6:6f:3b:1c:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
        Validity
            Not Before: Sep  9 00:00:00 2023 GMT
            Not After : Oct 14 23:59:59 2023 GMT
        Subject: serialNumber=22d3ec22af70b03f1f471d91c02c3a7eaeb9b57f8b6595489475159f2e27dbba, CN=42519eb9-9579-4979-bdaf-164abd0e290e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:32:89:f7:4b:c7:af:75:83:b0:9e:a2:2a:31:
                    1d:13:d3:e7:af:c8:3c:16:fc:4d:d8:3b:d7:c3:5b:
                    8a:d2:70:a8:02:ad:ee:8d:a8:22:94:ad:48:72:2c:
                    e2:8e:df:f5:03:e8:40:f6:66:f9:3d:66:6d:d9:81:
                    1b:9e:79:37:4d:49:5e:bd:8e:31:a5:92:1c:8d:b2:
                    99:73:dc:72:eb:ef:df:fc:e8:d9:07:ec:cd:9f:91:
                    9b:50:c9:4a:39:21:0b:bb:04:f7:34:d5:6d:3c:14:
                    40:d6:52:7c:95:38:8d:1f:49:39:d6:ce:d4:98:ef:
                    3d:44:48:61:be:9e:bd:2a:79:81:32:c3:8a:04:54:
                    76:48:55:dd:1c:b2:1e:67:bd:9d:fa:0f:35:bb:f7:
                    f5:ad:c3:b7:a7:a4:3a:85:e7:4f:a5:00:75:0d:14:
                    b6:e5:dc:10:e8:8b:c9:75:a5:54:b7:fb:f9:35:81:
                    51:a8:7d:d2:82:77:cc:c0:86:b8:cd:f4:72:8c:94:
                    43:d5:cd:45:4a:ef:88:52:16:6e:e6:2f:1a:55:98:
                    7e:12:1d:8e:44:fb:99:bd:38:76:dc:d3:c8:05:0a:
                    9e:61:44:34:50:c0:b2:0e:1a:97:c7:f0:ac:12:9d:
                    05:fd:00:04:8c:b9:fe:0b:1a:44:1c:2b:01:68:77:
                    87:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:85:46:6E:3D:CD:BD:E7:DD:9B:C5:D3:57:A3:50:6F:48:A2:94:71
            X509v3 Authority Key Identifier:
                keyid:BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/639621c0-050e-4e66-b3a2-1dd129de2c24.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  76.223.182.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3e:2b:0b:83:2d:97:3d:80:16:b6:36:ff:0a:2d:52:09:77:61:
         ed:2a:5d:bb:0c:2b:41:de:9f:71:d9:d1:bb:ec:a6:5d:a8:91:
         45:0e:ae:84:db:d5:83:10:1d:5d:fc:6a:55:cd:50:39:c6:55:
         88:a4:a1:69:1b:ac:1c:8a:12:df:01:9e:c7:7d:63:38:06:c8:
         4a:fd:ad:fc:78:76:a8:82:44:65:6c:f9:b8:47:d1:b7:8a:f5:
         be:a5:49:46:92:7e:63:0a:6e:20:38:06:e7:e8:8c:58:8a:d6:
         12:94:97:a6:26:5b:7c:a7:e8:ac:5a:96:af:bb:71:50:3f:af:
         30:a1:af:19:f9:72:7a:85:ba:5f:29:f6:fe:ad:1c:b0:45:06:
         9b:b1:60:40:aa:7a:1e:f1:5a:d0:18:f2:6b:9b:b7:4e:8c:34:
         ec:fc:de:b0:13:b7:bf:14:bc:04:db:b0:33:8e:33:15:e2:48:
         8e:06:a8:b0:6c:de:4c:39:18:75:67:d0:3c:0a:0c:46:4f:d6:
         72:e3:72:64:21:ce:08:cb:49:f6:7c:c8:db:4c:0d:91:8b:d3:
         ea:0d:91:df:0c:3e:96:5c:73:c6:34:13:fe:0a:17:87:83:ff:
         41:b3:70:ff:76:f8:54:3e:74:2f:41:18:a9:1f:88:93:ff:b9:
         ae:3a:76:7b
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUL6gkHi+N+zXDOXVOS/5wtm87HKgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2ZTNmNWM0NmU5YzJm
MmQxZDMwOWRmYmQ5ZDJhZjUwHhcNMjMwOTA5MDAwMDAwWhcNMjMxMDE0MjM1OTU5
WjB6MUkwRwYDVQQFE0AyMmQzZWMyMmFmNzBiMDNmMWY0NzFkOTFjMDJjM2E3ZWFl
YjliNTdmOGI2NTk1NDg5NDc1MTU5ZjJlMjdkYmJhMS0wKwYDVQQDEyQ0MjUxOWVi
OS05NTc5LTQ5NzktYmRhZi0xNjRhYmQwZTI5MGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDNMon3S8evdYOwnqIqMR0T0+evyDwW/E3YO9fDW4rScKgC
re6NqCKUrUhyLOKO3/UD6ED2Zvk9Zm3ZgRueeTdNSV69jjGlkhyNsplz3HLr79/8
6NkH7M2fkZtQyUo5IQu7BPc01W08FEDWUnyVOI0fSTnWztSY7z1ESGG+nr0qeYEy
w4oEVHZIVd0csh5nvZ36DzW79/Wtw7enpDqF50+lAHUNFLbl3BDoi8l1pVS3+/k1
gVGofdKCd8zAhrjN9HKMlEPVzUVK74hSFm7mLxpVmH4SHY5E+5m9OHbc08gFCp5h
RDRQwLIOGpfH8KwSnQX9AASMuf4LGkQcKwFod4dTAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUnIVGbj3Nvefdm8XTV6NQb0iilHEwHwYDVR0jBBgwFoAUvJOucQ+vFCI2
CC+O2WtWy6nVAo0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xMDU5YjUyZC04
NDZhLTRjYmUtYTdkYi03OTZmMWRkOGI5MjkvZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2
ZTNmNWM0NmU5YzJmMmQxZDMwOWRmYmQ5ZDJhZjUuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvYjhhMWRkMjUtYzMxMy00ZjI1LWFjMjEtYmY1
NTUxNGQ5YzdkLzYzOTYyMWMwLTA1MGUtNGU2Ni1iM2EyLTFkZDEyOWRlMmMyNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I4YTFkZDI1LWMzMTMtNGYyNS1hYzIx
LWJmNTU1MTRkOWM3ZC9heHNPcmkxdVAxeEc2Y0x5MGRNSjM3MmRLdlUuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABM37YwDQYJKoZIhvcNAQELBQADggEBAD4rC4Mtlz2AFrY2/wotUgl3Ye0q
XbsMK0Hen3HZ0bvspl2okUUOroTb1YMQHV38alXNUDnGVYikoWkbrByKEt8Bnsd9
YzgGyEr9rfx4dqiCRGVs+bhH0beK9b6lSUaSfmMKbiA4BufojFiK1hKUl6YmW3yn
6Kxalq+7cVA/rzChrxn5cnqFul8p9v6tHLBFBpuxYECqeh7xWtAY8mubt06MNOz8
3rATt78UvATbsDOOMxXiSI4GqLBs3kw5GHVn0DwKDEZP1nLjcmQhzgjLSfZ8yNtM
DZGL0+oNkd8MPpZcc8Y0E/4KF4eD/0GzcP92+FQ+dC9BGKkfiJP/ua46dns=
-----END CERTIFICATE-----
Generated at Sat Sep 9 00:20:01 2023 by rpki-client on console-ams.rpki-client.org