Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/93d7471b-56b1-4f53-982e-a84765e52ef3.roa
File:                     93d7471b-56b1-4f53-982e-a84765e52ef3.roa (raw, json)
Hash identifier:          sPzYwk5jyzWhWCZEZUFGtjI1DUqP41h4aIIetzMAKJ0=
Subject key identifier:   17:D9:06:D1:B9:A7:5B:E6:0D:39:45:86:9A:A4:65:80:B0:59:24:52
Certificate issuer:       /CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
Certificate serial:       6E5457642869A47976A2A162BF9C47F3BC3C44D5
Authority key identifier: BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/93d7471b-56b1-4f53-982e-a84765e52ef3.roa
Signing time:             Mon 08 Jul 2024 00:00:00 +0000
ROA not before:           Mon 08 Jul 2024 00:00:00 +0000
ROA not after:            Mon 12 Aug 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        76.223.188.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 19 Jul 2024 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6e:54:57:64:28:69:a4:79:76:a2:a1:62:bf:9c:47:f3:bc:3c:44:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
        Validity
            Not Before: Jul  8 00:00:00 2024 GMT
            Not After : Aug 12 23:59:59 2024 GMT
        Subject: serialNumber=c4cf045730ee93e1877bcee2d88b3dd29a848d59b2afce421fbda5ffba4a9b9e, CN=42519eb9-9579-4979-bdaf-164abd0e290e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:6b:a2:79:d4:2f:d0:6d:d6:57:08:fd:6d:91:
                    39:4b:25:28:c5:9c:35:0a:e7:03:f4:04:81:62:22:
                    cd:62:ac:9c:9b:c7:95:6a:9c:ce:78:66:14:ee:a5:
                    05:3b:68:cc:f6:23:1c:fb:5d:3c:91:d9:36:a8:6d:
                    68:7a:33:4c:fd:0f:c9:fa:d9:68:e9:73:04:06:85:
                    b3:30:17:15:9b:35:38:35:f0:d5:36:f3:47:16:7d:
                    dd:bc:1a:79:2d:9b:24:5b:dd:c7:fe:96:11:25:fd:
                    48:eb:ed:43:1c:d6:5f:54:f5:91:23:6b:88:d1:04:
                    bb:65:e6:8e:47:b8:c9:b6:e4:4a:c7:9c:e6:05:8d:
                    e1:3a:22:76:20:6d:f3:e4:5d:30:ff:65:c2:c4:99:
                    d4:47:cb:7d:25:67:19:aa:da:dd:ab:61:00:51:cf:
                    de:e5:25:15:30:96:44:73:66:d0:2a:09:af:03:4a:
                    9a:7f:d9:53:ca:89:51:44:62:06:11:50:ed:3d:7e:
                    b6:57:c4:1e:8e:17:4f:d3:fb:16:0f:1b:40:03:c4:
                    cb:f6:83:30:c7:db:74:48:93:fe:60:3e:86:00:a5:
                    92:8a:18:5d:23:c0:8d:6b:93:65:a9:74:94:12:66:
                    45:12:72:96:02:7c:f7:64:29:72:02:28:fc:79:d9:
                    e0:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:D9:06:D1:B9:A7:5B:E6:0D:39:45:86:9A:A4:65:80:B0:59:24:52
            X509v3 Authority Key Identifier:
                keyid:BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/93d7471b-56b1-4f53-982e-a84765e52ef3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  76.223.188.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8a:89:c6:6f:5d:66:cc:14:13:2e:4a:70:85:88:be:af:fa:0c:
         61:5b:6a:2f:41:a3:78:7f:0b:22:7d:29:55:3f:fa:de:65:80:
         71:a3:ce:a6:4e:e1:06:87:6b:28:42:2b:17:f7:0c:33:62:20:
         4e:62:b1:4c:83:0a:d1:53:75:ab:b2:ba:e8:55:6e:1c:59:07:
         8c:0d:92:1f:6e:25:79:68:39:b9:37:c0:27:95:8d:03:5b:54:
         f8:68:5d:6b:6c:19:23:06:6e:3c:3f:dc:e1:da:44:de:68:ec:
         e4:a9:66:d1:5d:ba:4e:c7:09:69:96:97:71:e4:52:8b:0b:89:
         c9:a2:3d:af:3d:43:e6:61:9d:7a:54:7c:ee:b7:c0:d3:f4:c3:
         a5:39:60:52:a5:f0:dc:d7:aa:b1:b6:b9:1d:eb:6c:f0:49:c7:
         78:25:b4:98:44:c9:05:d4:f5:26:f9:9a:a1:c9:b1:f3:41:15:
         88:30:82:cc:00:a7:f5:fa:a5:0b:69:d4:bf:fa:0c:c9:4c:58:
         c6:7a:91:38:61:4b:fc:8f:e7:33:0b:a3:a2:09:2d:06:65:d8:
         db:ed:79:07:35:b8:5f:e2:6a:14:43:23:f6:56:21:8a:c0:83:
         20:80:5e:fb:59:7c:60:a9:42:70:2d:2b:d1:b5:51:78:92:7c:
         ff:cf:9a:2c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUblRXZChppHl2oqFiv5xH87w8RNUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2ZTNmNWM0NmU5YzJm
MmQxZDMwOWRmYmQ5ZDJhZjUwHhcNMjQwNzA4MDAwMDAwWhcNMjQwODEyMjM1OTU5
WjB6MUkwRwYDVQQFE0BjNGNmMDQ1NzMwZWU5M2UxODc3YmNlZTJkODhiM2RkMjlh
ODQ4ZDU5YjJhZmNlNDIxZmJkYTVmZmJhNGE5YjllMS0wKwYDVQQDEyQ0MjUxOWVi
OS05NTc5LTQ5NzktYmRhZi0xNjRhYmQwZTI5MGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCYa6J51C/QbdZXCP1tkTlLJSjFnDUK5wP0BIFiIs1irJyb
x5VqnM54ZhTupQU7aMz2Ixz7XTyR2TaobWh6M0z9D8n62WjpcwQGhbMwFxWbNTg1
8NU280cWfd28GnktmyRb3cf+lhEl/Ujr7UMc1l9U9ZEja4jRBLtl5o5HuMm25ErH
nOYFjeE6InYgbfPkXTD/ZcLEmdRHy30lZxmq2t2rYQBRz97lJRUwlkRzZtAqCa8D
Spp/2VPKiVFEYgYRUO09frZXxB6OF0/T+xYPG0ADxMv2gzDH23RIk/5gPoYApZKK
GF0jwI1rk2WpdJQSZkUScpYCfPdkKXICKPx52eD5AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUF9kG0bmnW+YNOUWGmqRlgLBZJFIwHwYDVR0jBBgwFoAUvJOucQ+vFCI2
CC+O2WtWy6nVAo0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xMDU5YjUyZC04
NDZhLTRjYmUtYTdkYi03OTZmMWRkOGI5MjkvZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2
ZTNmNWM0NmU5YzJmMmQxZDMwOWRmYmQ5ZDJhZjUuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvYjhhMWRkMjUtYzMxMy00ZjI1LWFjMjEtYmY1
NTUxNGQ5YzdkLzkzZDc0NzFiLTU2YjEtNGY1My05ODJlLWE4NDc2NWU1MmVmMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I4YTFkZDI1LWMzMTMtNGYyNS1hYzIx
LWJmNTU1MTRkOWM3ZC9heHNPcmkxdVAxeEc2Y0x5MGRNSjM3MmRLdlUuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABM37wwDQYJKoZIhvcNAQELBQADggEBAIqJxm9dZswUEy5KcIWIvq/6DGFb
ai9Bo3h/CyJ9KVU/+t5lgHGjzqZO4QaHayhCKxf3DDNiIE5isUyDCtFTdauyuuhV
bhxZB4wNkh9uJXloObk3wCeVjQNbVPhoXWtsGSMGbjw/3OHaRN5o7OSpZtFduk7H
CWmWl3HkUosLicmiPa89Q+ZhnXpUfO63wNP0w6U5YFKl8NzXqrG2uR3rbPBJx3gl
tJhEyQXU9Sb5mqHJsfNBFYgwgswAp/X6pQtp1L/6DMlMWMZ6kThhS/yP5zMLo6IJ
LQZl2NvteQc1uF/iahRDI/ZWIYrAgyCAXvtZfGCpQnAtK9G1UXiSfP/Pmiw=
-----END CERTIFICATE-----
Generated at Wed Jul 17 18:13:59 2024 by rpki-client on console-fra.rpki-client.org