Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/b59643bf-eb80-414a-aca0-653646d46e07.roa
File:                     b59643bf-eb80-414a-aca0-653646d46e07.roa (raw, json)
Hash identifier:          gOpXTuc+yqs01jaI9dYorLhuzVkvGH37QRdAjBEWrSY=
Subject key identifier:   13:8B:31:25:D8:89:FA:C8:D2:32:9B:C0:E3:92:84:06:20:72:B5:67
Certificate issuer:       /CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
Certificate serial:       228F0512D33DD9720268B35E3C0DCDD7D880AB94
Authority key identifier: BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/b59643bf-eb80-414a-aca0-653646d46e07.roa
Signing time:             Wed 30 Oct 2024 00:00:00 +0000
ROA not before:           Wed 30 Oct 2024 00:00:00 +0000
ROA not after:            Wed 04 Dec 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        199.127.232.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 14 Nov 2024 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            22:8f:05:12:d3:3d:d9:72:02:68:b3:5e:3c:0d:cd:d7:d8:80:ab:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
        Validity
            Not Before: Oct 30 00:00:00 2024 GMT
            Not After : Dec  4 23:59:59 2024 GMT
        Subject: serialNumber=85fc030f7cdafbc5bb3f5136ea17b55665db3b5122fb188fb8447afe0d1704f3, CN=42519eb9-9579-4979-bdaf-164abd0e290e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:fe:0d:b3:27:2f:40:f5:23:44:fd:4c:10:38:
                    31:8c:91:fe:dc:2d:b5:9b:1b:f2:da:eb:90:94:fc:
                    7a:a6:ac:14:17:4c:cb:1b:44:9b:90:32:39:50:98:
                    91:81:61:35:d9:37:f6:ea:4f:d1:67:38:ee:b1:f9:
                    d3:bb:71:eb:a9:7c:61:6d:eb:94:21:39:81:13:ed:
                    09:ca:57:d7:95:0d:37:dc:bc:ce:8a:0a:82:2b:ee:
                    1d:f2:60:85:b0:ed:f8:d1:92:65:79:9a:ee:bf:fb:
                    bd:fb:33:bc:1c:fd:80:6b:ac:8e:73:ee:dd:e8:64:
                    c1:2e:db:9c:80:e0:eb:c8:a0:4c:57:08:77:24:2d:
                    91:9d:d8:fd:c6:4e:35:72:51:0f:a5:ad:3f:c1:33:
                    19:80:ed:55:a0:32:a6:9c:db:7d:de:de:fb:41:3a:
                    1b:ef:1f:69:63:b7:58:4f:33:36:51:c6:ab:47:25:
                    6c:dc:df:9f:37:54:fd:6d:18:fd:71:8e:36:4a:23:
                    2b:f5:62:64:5e:1b:c8:f8:49:7c:f9:60:76:ce:c1:
                    39:ea:e3:b1:08:c4:c8:09:c3:d6:db:8d:c5:05:52:
                    80:aa:a2:cf:24:92:ab:d6:a9:7d:dc:1d:f7:62:f7:
                    99:e5:d9:39:f2:1c:df:fc:84:49:c0:5a:9b:1f:d4:
                    b0:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:8B:31:25:D8:89:FA:C8:D2:32:9B:C0:E3:92:84:06:20:72:B5:67
            X509v3 Authority Key Identifier:
                keyid:BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/b59643bf-eb80-414a-aca0-653646d46e07.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.127.232.0/22

    Signature Algorithm: sha256WithRSAEncryption
         60:85:59:ac:fb:e5:78:35:77:e5:7f:08:46:2e:e9:b9:3f:c6:
         6a:90:f5:65:4b:6e:92:41:0f:58:75:e2:40:38:d6:0e:56:5b:
         a9:2e:2c:6b:0a:1a:47:24:17:f6:3c:45:ef:a2:b5:2c:9f:45:
         c3:6a:e3:a5:6a:69:30:96:21:9c:ac:39:dd:f4:2a:d9:e8:78:
         43:d2:ae:89:c0:bb:30:5b:31:4f:6c:e0:f0:17:dc:6c:0d:c2:
         24:d1:49:1f:72:47:e0:d1:fb:24:00:ab:6e:4a:1f:1b:a6:b0:
         a7:22:94:9c:71:9b:fb:0f:4f:a0:29:3d:1f:cf:f4:9f:48:5d:
         7b:8a:4e:4e:5a:08:00:59:c7:27:54:6c:62:36:7b:35:6d:b1:
         4e:aa:35:08:61:22:19:ff:bd:42:0d:d7:f5:6e:bc:92:4d:44:
         ee:31:2a:a4:78:a4:14:44:5e:77:fd:fa:e2:34:9f:1f:5d:bb:
         08:14:97:98:a2:84:60:03:0e:fb:f7:39:99:bc:3e:99:30:48:
         a6:40:a5:e2:37:5f:27:44:00:87:c9:04:9d:c7:4d:07:de:f2:
         90:1c:a8:50:94:67:13:62:df:43:19:c8:cc:d5:83:a9:21:a3:
         ab:85:22:1d:de:ca:9e:56:42:c5:9c:de:3c:fe:9b:2f:10:21:
         48:c2:25:e8
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUIo8FEtM92XICaLNePA3N19iAq5QwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2ZTNmNWM0NmU5YzJm
MmQxZDMwOWRmYmQ5ZDJhZjUwHhcNMjQxMDMwMDAwMDAwWhcNMjQxMjA0MjM1OTU5
WjB6MUkwRwYDVQQFE0A4NWZjMDMwZjdjZGFmYmM1YmIzZjUxMzZlYTE3YjU1NjY1
ZGIzYjUxMjJmYjE4OGZiODQ0N2FmZTBkMTcwNGYzMS0wKwYDVQQDEyQ0MjUxOWVi
OS05NTc5LTQ5NzktYmRhZi0xNjRhYmQwZTI5MGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDd/g2zJy9A9SNE/UwQODGMkf7cLbWbG/La65CU/HqmrBQX
TMsbRJuQMjlQmJGBYTXZN/bqT9FnOO6x+dO7ceupfGFt65QhOYET7QnKV9eVDTfc
vM6KCoIr7h3yYIWw7fjRkmV5mu6/+737M7wc/YBrrI5z7t3oZMEu25yA4OvIoExX
CHckLZGd2P3GTjVyUQ+lrT/BMxmA7VWgMqac233e3vtBOhvvH2ljt1hPMzZRxqtH
JWzc3583VP1tGP1xjjZKIyv1YmReG8j4SXz5YHbOwTnq47EIxMgJw9bbjcUFUoCq
os8kkqvWqX3cHfdi95nl2TnyHN/8hEnAWpsf1LAtAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUE4sxJdiJ+sjSMpvA45KEBiBytWcwHwYDVR0jBBgwFoAUvJOucQ+vFCI2
CC+O2WtWy6nVAo0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xMDU5YjUyZC04
NDZhLTRjYmUtYTdkYi03OTZmMWRkOGI5MjkvZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2
ZTNmNWM0NmU5YzJmMmQxZDMwOWRmYmQ5ZDJhZjUuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvYjhhMWRkMjUtYzMxMy00ZjI1LWFjMjEtYmY1
NTUxNGQ5YzdkL2I1OTY0M2JmLWViODAtNDE0YS1hY2EwLTY1MzY0NmQ0NmUwNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I4YTFkZDI1LWMzMTMtNGYyNS1hYzIx
LWJmNTU1MTRkOWM3ZC9heHNPcmkxdVAxeEc2Y0x5MGRNSjM3MmRLdlUuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBALHf+gwDQYJKoZIhvcNAQELBQADggEBAGCFWaz75Xg1d+V/CEYu6bk/xmqQ
9WVLbpJBD1h14kA41g5WW6kuLGsKGkckF/Y8Re+itSyfRcNq46VqaTCWIZysOd30
KtnoeEPSronAuzBbMU9s4PAX3GwNwiTRSR9yR+DR+yQAq25KHxumsKcilJxxm/sP
T6ApPR/P9J9IXXuKTk5aCABZxydUbGI2ezVtsU6qNQhhIhn/vUIN1/VuvJJNRO4x
KqR4pBREXnf9+uI0nx9duwgUl5iihGADDvv3OZm8PpkwSKZApeI3XydEAIfJBJ3H
TQfe8pAcqFCUZxNi30MZyMzVg6kho6uFIh3eyp5WQsWc3jz+my8QIUjCJeg=
-----END CERTIFICATE-----
Generated at Tue Nov 12 17:18:37 2024 by rpki-client on console-fra.rpki-client.org