Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/a11f9364-e88a-440b-a95f-a94c5ecdc863.roa
File:                     a11f9364-e88a-440b-a95f-a94c5ecdc863.roa (raw, json)
Hash identifier:          1x5XOy2iSzSjBBOgFgCf8DOuG/ekdc2fqCLx5KgtRU4=
Subject key identifier:   72:84:26:2D:D5:DF:BE:D8:49:A3:DF:0F:FC:66:E4:1B:54:D7:F6:BE
Certificate issuer:       /CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
Certificate serial:       529F6E537D4C323BF4536379BC5CE71466C61B7E
Authority key identifier: BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/a11f9364-e88a-440b-a95f-a94c5ecdc863.roa
Signing time:             Fri 29 Mar 2024 00:00:00 +0000
ROA not before:           Fri 29 Mar 2024 00:00:00 +0000
ROA not after:            Fri 03 May 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        69.169.237.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 30 Mar 2024 12:04:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            52:9f:6e:53:7d:4c:32:3b:f4:53:63:79:bc:5c:e7:14:66:c6:1b:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
        Validity
            Not Before: Mar 29 00:00:00 2024 GMT
            Not After : May  3 23:59:59 2024 GMT
        Subject: serialNumber=c079df87074054549942e7f748fe917550ceda02ff1e2192cb7460cc7e1167f1, CN=42519eb9-9579-4979-bdaf-164abd0e290e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:10:19:88:49:dc:94:1d:26:04:1c:77:3e:81:
                    d8:8f:5f:b6:59:21:cf:bd:fa:64:77:38:b4:f1:61:
                    8a:70:34:2d:9e:46:0e:59:2a:a1:42:8c:5e:9d:55:
                    d1:f1:e0:93:3b:75:33:20:3d:14:1d:f6:3a:e4:aa:
                    d1:94:c8:36:60:59:f4:4e:20:9f:60:29:8c:30:03:
                    a8:aa:a5:ae:e0:0e:5f:50:8f:d9:5e:31:c0:b2:dc:
                    fe:9b:95:97:f8:51:1f:43:9e:7c:68:00:c8:5d:10:
                    a3:bc:56:7c:0d:d4:44:37:63:ba:e9:40:a0:27:df:
                    32:be:eb:af:2b:42:50:7f:e7:bd:a0:bb:11:d3:93:
                    95:22:fd:6f:83:71:12:2f:3e:0d:1f:87:9e:ba:1a:
                    41:2b:45:54:85:3b:7b:89:a9:49:0c:57:d0:bd:07:
                    be:30:da:a1:64:29:64:d8:6c:1a:cf:51:09:20:a7:
                    d1:87:d6:3f:b1:b2:fa:b1:ce:26:2b:ba:ac:65:60:
                    c0:b3:02:9c:5b:7a:a1:70:c5:d2:a9:90:f5:6e:6f:
                    44:79:ab:a3:aa:fc:c0:34:47:f9:50:32:6d:17:e0:
                    32:55:7a:0a:6b:d6:5f:f6:b3:50:7a:ed:da:6d:d9:
                    4f:79:3a:a3:09:95:13:f3:b5:bc:00:b1:41:94:8e:
                    9a:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:84:26:2D:D5:DF:BE:D8:49:A3:DF:0F:FC:66:E4:1B:54:D7:F6:BE
            X509v3 Authority Key Identifier:
                keyid:BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/a11f9364-e88a-440b-a95f-a94c5ecdc863.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  69.169.237.0/24

    Signature Algorithm: sha256WithRSAEncryption
         80:a2:24:b0:33:cf:16:27:70:ff:2a:5f:d1:83:df:34:c6:34:
         3d:ce:f3:2a:08:de:a7:2f:80:e0:ca:c9:d4:69:01:61:e4:d2:
         e5:09:fe:b7:20:3d:be:18:4c:4f:e2:6f:4f:c0:ee:53:be:5f:
         6f:41:6a:8c:83:89:88:5a:09:eb:f0:40:ad:c0:cf:3e:8b:d7:
         c7:5f:ea:0d:c6:69:fc:4c:23:6c:21:4f:4b:4b:2d:11:bf:76:
         1d:3f:1e:cd:12:92:ff:d3:6b:f6:d2:6a:00:ca:f9:2b:0e:05:
         37:a0:76:bf:f2:d8:f1:a0:3d:c8:14:3f:4f:18:a8:2e:6d:ff:
         09:c9:eb:9a:0f:90:cd:3d:fc:30:53:4c:d8:02:c9:d8:9b:c2:
         7c:8a:d3:c7:ca:01:3f:4f:f0:95:d6:8e:ea:73:57:35:d8:27:
         4b:78:c7:e2:2c:65:1f:43:18:d7:1c:84:50:50:be:50:80:6c:
         f8:b2:1f:95:69:58:9c:d7:21:b5:00:f1:79:80:7f:91:48:90:
         43:0d:26:94:cf:18:07:6f:fa:d9:bd:a2:49:8d:ae:bb:eb:f3:
         f5:17:73:8f:46:41:ff:28:9e:51:eb:83:fe:c4:ef:c5:95:b6:
         a3:7d:51:98:7e:e2:d1:c5:d2:83:c6:b4:66:2e:8b:f6:1a:cc:
         2d:89:69:91
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUUp9uU31MMjv0U2N5vFznFGbGG34wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2ZTNmNWM0NmU5YzJm
MmQxZDMwOWRmYmQ5ZDJhZjUwHhcNMjQwMzI5MDAwMDAwWhcNMjQwNTAzMjM1OTU5
WjB6MUkwRwYDVQQFE0BjMDc5ZGY4NzA3NDA1NDU0OTk0MmU3Zjc0OGZlOTE3NTUw
Y2VkYTAyZmYxZTIxOTJjYjc0NjBjYzdlMTE2N2YxMS0wKwYDVQQDEyQ0MjUxOWVi
OS05NTc5LTQ5NzktYmRhZi0xNjRhYmQwZTI5MGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCYEBmISdyUHSYEHHc+gdiPX7ZZIc+9+mR3OLTxYYpwNC2e
Rg5ZKqFCjF6dVdHx4JM7dTMgPRQd9jrkqtGUyDZgWfROIJ9gKYwwA6iqpa7gDl9Q
j9leMcCy3P6blZf4UR9DnnxoAMhdEKO8VnwN1EQ3Y7rpQKAn3zK+668rQlB/572g
uxHTk5Ui/W+DcRIvPg0fh566GkErRVSFO3uJqUkMV9C9B74w2qFkKWTYbBrPUQkg
p9GH1j+xsvqxziYruqxlYMCzApxbeqFwxdKpkPVub0R5q6Oq/MA0R/lQMm0X4DJV
egpr1l/2s1B67dpt2U95OqMJlRPztbwAsUGUjppvAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUcoQmLdXfvthJo98P/GbkG1TX9r4wHwYDVR0jBBgwFoAUvJOucQ+vFCI2
CC+O2WtWy6nVAo0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xMDU5YjUyZC04
NDZhLTRjYmUtYTdkYi03OTZmMWRkOGI5MjkvZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2
ZTNmNWM0NmU5YzJmMmQxZDMwOWRmYmQ5ZDJhZjUuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvYjhhMWRkMjUtYzMxMy00ZjI1LWFjMjEtYmY1
NTUxNGQ5YzdkL2ExMWY5MzY0LWU4OGEtNDQwYi1hOTVmLWE5NGM1ZWNkYzg2My5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I4YTFkZDI1LWMzMTMtNGYyNS1hYzIx
LWJmNTU1MTRkOWM3ZC9heHNPcmkxdVAxeEc2Y0x5MGRNSjM3MmRLdlUuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABFqe0wDQYJKoZIhvcNAQELBQADggEBAICiJLAzzxYncP8qX9GD3zTGND3O
8yoI3qcvgODKydRpAWHk0uUJ/rcgPb4YTE/ib0/A7lO+X29BaoyDiYhaCevwQK3A
zz6L18df6g3GafxMI2whT0tLLRG/dh0/Hs0Skv/Ta/bSagDK+SsOBTegdr/y2PGg
PcgUP08YqC5t/wnJ65oPkM09/DBTTNgCydibwnyK08fKAT9P8JXWjupzVzXYJ0t4
x+IsZR9DGNcchFBQvlCAbPiyH5VpWJzXIbUA8XmAf5FIkEMNJpTPGAdv+tm9okmN
rrvr8/UXc49GQf8onlHrg/7E78WVtqN9UZh+4tHF0oPGtGYui/YazC2JaZE=
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:38:21 2024 by rpki-client on console-fra.rpki-client.org