Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/93d7471b-56b1-4f53-982e-a84765e52ef3.roa
File:                     93d7471b-56b1-4f53-982e-a84765e52ef3.roa (raw, json)
Hash identifier:          D9Q0A/zsnt0NG8fA+m20PRztL5nRgC9FZKHbrwpesgk=
Subject key identifier:   7C:D0:11:8B:2A:28:4C:9A:05:94:12:AA:53:24:15:52:DF:09:C1:C8
Certificate issuer:       /CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
Certificate serial:       7A389A14CF23CDCDD3633F5CE3332A7D8B965011
Authority key identifier: BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/93d7471b-56b1-4f53-982e-a84765e52ef3.roa
Signing time:             Sat 09 Sep 2023 00:00:00 +0000
ROA not before:           Sat 09 Sep 2023 00:00:00 +0000
ROA not after:            Sat 14 Oct 2023 23:59:59 +0000
asID:                     16509
IP address blocks:        76.223.188.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 10 Sep 2023 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7a:38:9a:14:cf:23:cd:cd:d3:63:3f:5c:e3:33:2a:7d:8b:96:50:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
        Validity
            Not Before: Sep  9 00:00:00 2023 GMT
            Not After : Oct 14 23:59:59 2023 GMT
        Subject: serialNumber=3b57a822f3566aee1dfb4c5cd8128468556d5eadcc5b5be723e73b528b4cc194, CN=42519eb9-9579-4979-bdaf-164abd0e290e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:6a:86:aa:ae:67:b6:f2:96:98:a1:66:a9:d1:
                    27:8f:03:4e:d6:6c:8f:5d:e3:5d:0d:d3:c9:a3:73:
                    a7:d8:f9:9d:8e:0e:b7:49:4a:99:4b:b7:2a:ad:45:
                    fa:0b:1e:91:42:05:60:8f:35:94:40:b8:38:2f:af:
                    1e:95:36:34:02:b6:e7:d3:ae:f8:f2:21:5e:5c:3f:
                    35:6f:5e:a0:d8:12:ed:b1:42:bc:1b:4d:a5:c3:47:
                    1d:96:76:be:c3:d9:dd:51:a7:d4:35:10:59:9d:02:
                    12:ca:58:fe:54:3f:f1:f7:75:9b:01:44:0c:fe:b0:
                    fd:41:03:c2:90:6a:fb:38:34:ea:52:78:43:24:0b:
                    00:a0:31:64:b0:f8:71:65:27:f6:78:67:35:cb:e4:
                    3f:99:b8:e2:76:a9:f4:fb:e7:a5:b5:02:46:47:0b:
                    23:1e:ba:44:b7:db:c1:aa:32:cf:df:8b:14:16:09:
                    be:85:e5:3e:ed:ed:13:aa:da:40:84:99:45:8c:7c:
                    da:02:8a:1e:ce:75:12:07:12:2c:40:4c:22:f3:49:
                    e1:dd:ab:5e:a2:47:62:9b:bd:ef:53:78:6f:55:0d:
                    44:d8:7f:61:2d:9d:8f:c6:f0:6a:ab:bb:f9:0e:10:
                    07:81:b9:41:86:22:fc:a1:8d:cb:cf:d6:87:ce:c1:
                    9b:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:D0:11:8B:2A:28:4C:9A:05:94:12:AA:53:24:15:52:DF:09:C1:C8
            X509v3 Authority Key Identifier:
                keyid:BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/93d7471b-56b1-4f53-982e-a84765e52ef3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  76.223.188.0/24

    Signature Algorithm: sha256WithRSAEncryption
         74:f3:fd:15:5c:b9:1d:a1:ce:4b:f0:c1:8b:27:5c:00:fb:75:
         dd:90:cf:6d:4d:20:72:f8:0a:62:a1:4c:75:04:cc:0e:1b:e6:
         d7:6c:0e:cc:10:d6:1a:a7:ef:77:6e:1d:64:60:79:d7:dc:62:
         c7:33:cf:d0:7a:3b:9f:8b:95:c5:17:3e:15:6f:ae:b4:d6:f8:
         fc:d0:84:cb:4a:3b:48:c0:b9:da:30:b0:5a:69:93:c0:87:e3:
         46:6e:d6:4b:4a:48:3b:69:93:44:ab:45:df:bc:c6:44:b4:ee:
         01:85:49:44:e3:b5:39:5d:fa:6f:d5:eb:e4:e3:14:99:c7:9e:
         69:b6:79:f7:8f:cc:6b:2d:2c:1d:ad:25:b8:96:f1:2e:05:0d:
         8a:b7:35:fd:8b:9d:3c:18:5c:c2:06:d6:1f:52:0d:17:bc:73:
         8f:81:bc:18:6e:f4:4e:5f:c7:90:93:3a:42:23:fc:d9:e7:e4:
         6d:9a:1a:34:a4:56:2f:1e:28:7a:c2:a4:e1:38:6a:74:87:e7:
         20:98:43:1f:13:1f:a8:ca:36:53:2c:d3:d6:66:4b:07:b3:87:
         fb:fd:e9:23:61:5b:0a:a2:1a:90:8e:37:e8:43:64:01:78:eb:
         fd:63:33:10:8a:dd:4f:a3:2b:6e:08:d2:fe:89:41:77:fc:99:
         af:88:b1:c7
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUejiaFM8jzc3TYz9c4zMqfYuWUBEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2ZTNmNWM0NmU5YzJm
MmQxZDMwOWRmYmQ5ZDJhZjUwHhcNMjMwOTA5MDAwMDAwWhcNMjMxMDE0MjM1OTU5
WjB6MUkwRwYDVQQFE0AzYjU3YTgyMmYzNTY2YWVlMWRmYjRjNWNkODEyODQ2ODU1
NmQ1ZWFkY2M1YjViZTcyM2U3M2I1MjhiNGNjMTk0MS0wKwYDVQQDEyQ0MjUxOWVi
OS05NTc5LTQ5NzktYmRhZi0xNjRhYmQwZTI5MGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQChaoaqrme28paYoWap0SePA07WbI9d410N08mjc6fY+Z2O
DrdJSplLtyqtRfoLHpFCBWCPNZRAuDgvrx6VNjQCtufTrvjyIV5cPzVvXqDYEu2x
QrwbTaXDRx2Wdr7D2d1Rp9Q1EFmdAhLKWP5UP/H3dZsBRAz+sP1BA8KQavs4NOpS
eEMkCwCgMWSw+HFlJ/Z4ZzXL5D+ZuOJ2qfT756W1AkZHCyMeukS328GqMs/fixQW
Cb6F5T7t7ROq2kCEmUWMfNoCih7OdRIHEixATCLzSeHdq16iR2Kbve9TeG9VDUTY
f2EtnY/G8Gqru/kOEAeBuUGGIvyhjcvP1ofOwZsrAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUfNARiyooTJoFlBKqUyQVUt8JwcgwHwYDVR0jBBgwFoAUvJOucQ+vFCI2
CC+O2WtWy6nVAo0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xMDU5YjUyZC04
NDZhLTRjYmUtYTdkYi03OTZmMWRkOGI5MjkvZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2
ZTNmNWM0NmU5YzJmMmQxZDMwOWRmYmQ5ZDJhZjUuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvYjhhMWRkMjUtYzMxMy00ZjI1LWFjMjEtYmY1
NTUxNGQ5YzdkLzkzZDc0NzFiLTU2YjEtNGY1My05ODJlLWE4NDc2NWU1MmVmMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I4YTFkZDI1LWMzMTMtNGYyNS1hYzIx
LWJmNTU1MTRkOWM3ZC9heHNPcmkxdVAxeEc2Y0x5MGRNSjM3MmRLdlUuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABM37wwDQYJKoZIhvcNAQELBQADggEBAHTz/RVcuR2hzkvwwYsnXAD7dd2Q
z21NIHL4CmKhTHUEzA4b5tdsDswQ1hqn73duHWRgedfcYsczz9B6O5+LlcUXPhVv
rrTW+PzQhMtKO0jAudowsFppk8CH40Zu1ktKSDtpk0SrRd+8xkS07gGFSUTjtTld
+m/V6+TjFJnHnmm2efePzGstLB2tJbiW8S4FDYq3Nf2LnTwYXMIG1h9SDRe8c4+B
vBhu9E5fx5CTOkIj/Nnn5G2aGjSkVi8eKHrCpOE4anSH5yCYQx8TH6jKNlMs09Zm
Swezh/v96SNhWwqiGpCON+hDZAF46/1jMxCK3U+jK24I0v6JQXf8ma+Iscc=
-----END CERTIFICATE-----
Generated at Sat Sep 9 00:20:01 2023 by rpki-client on console-ams.rpki-client.org