Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/b59643bf-eb80-414a-aca0-653646d46e07.roa
File:                     b59643bf-eb80-414a-aca0-653646d46e07.roa (raw, json)
Hash identifier:          Iz78xiERj6VLCPgBG+700UKuNDLbqIOegwygXM89kvY=
Subject key identifier:   36:7E:9D:A6:1A:45:5B:4D:9F:03:27:F4:A5:7C:82:D3:E1:2C:00:D8
Certificate issuer:       /CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
Certificate serial:       15D0227F0A3C627542DA7299BA46489D0CF0F5D5
Authority key identifier: BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/b59643bf-eb80-414a-aca0-653646d46e07.roa
Signing time:             Mon 18 Mar 2024 00:00:00 +0000
ROA not before:           Mon 18 Mar 2024 00:00:00 +0000
ROA not after:            Mon 22 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        199.127.232.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 29 Mar 2024 12:02:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            15:d0:22:7f:0a:3c:62:75:42:da:72:99:ba:46:48:9d:0c:f0:f5:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
        Validity
            Not Before: Mar 18 00:00:00 2024 GMT
            Not After : Apr 22 23:59:59 2024 GMT
        Subject: serialNumber=d82749a3741c2bce539a1c280c7a5d664d4f56d3785ac16c9526a2d99bdb841a, CN=42519eb9-9579-4979-bdaf-164abd0e290e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:bf:f4:44:bc:f6:41:4f:95:85:6e:82:f4:cb:
                    a4:c3:3a:3b:7c:72:ee:30:1b:dc:c9:bd:d5:73:38:
                    78:2d:e1:7b:45:49:7b:f9:e6:e6:7c:f5:08:31:31:
                    88:10:7a:b7:5f:dd:82:89:e6:c0:8f:66:0b:af:1f:
                    ba:78:cf:d5:6a:5b:1a:66:3e:cd:69:c1:1d:5f:b9:
                    3c:d7:6a:3c:2b:b8:fb:e0:23:9f:ac:64:d4:a8:cf:
                    2d:08:bd:ac:c6:b9:db:9e:08:19:89:c3:84:18:93:
                    22:72:df:50:85:9c:c3:63:43:bf:60:36:06:f8:84:
                    0b:ef:98:f0:5f:58:42:34:b4:de:96:75:a8:1c:e1:
                    4c:a1:26:3b:08:41:51:ce:dc:a6:17:bd:73:62:d5:
                    27:b7:29:94:84:66:58:df:59:9e:d5:d8:90:75:c8:
                    0b:63:04:48:9e:98:a1:19:96:9a:83:16:e7:b2:46:
                    1a:da:50:4e:df:65:44:a1:2a:ad:62:ce:c1:70:33:
                    ae:06:73:bb:87:80:74:01:ba:7f:d9:6d:21:72:bb:
                    2f:fa:40:6c:69:77:68:95:76:64:e9:16:7c:a5:4c:
                    d2:b1:d2:8d:de:d2:00:3c:df:e7:cd:37:16:9e:65:
                    be:5d:59:91:c8:02:20:3b:e3:3b:ec:f9:ab:c2:f8:
                    f5:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:7E:9D:A6:1A:45:5B:4D:9F:03:27:F4:A5:7C:82:D3:E1:2C:00:D8
            X509v3 Authority Key Identifier:
                keyid:BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/b59643bf-eb80-414a-aca0-653646d46e07.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.127.232.0/22

    Signature Algorithm: sha256WithRSAEncryption
         53:a1:c2:aa:d6:5a:8e:95:67:7d:06:e0:95:42:70:88:9a:a6:
         ac:05:3b:70:32:74:85:bf:a4:3c:4d:d5:9f:eb:0b:00:46:5b:
         2a:fb:33:21:05:5d:01:d4:18:8e:15:b8:06:f9:81:90:49:e4:
         de:b4:3c:4e:50:27:6f:8c:39:12:99:e0:ce:be:c3:c3:14:b6:
         ab:1d:c4:f8:53:4d:95:ba:0b:a9:7b:53:03:a8:dc:8b:e0:1d:
         9d:20:3c:13:f2:77:63:b1:cb:c0:64:55:82:f0:5c:b0:fa:20:
         a7:a1:de:be:cd:24:aa:98:6c:23:24:80:a1:16:71:db:1f:38:
         f4:96:84:18:02:7a:3b:c6:71:47:cc:3f:58:c0:93:89:a2:08:
         e1:bd:fe:72:7f:fc:e5:30:38:30:2c:d2:cc:7f:9f:05:05:14:
         03:84:c9:0f:0a:d8:42:30:09:0a:ba:94:8c:9d:a9:ad:b4:d5:
         bd:c4:aa:2f:5b:a5:93:2c:c3:45:eb:8c:88:66:9e:42:1e:60:
         05:e4:42:43:b7:d4:14:66:37:6b:a9:5c:03:d4:18:b6:c4:9a:
         2c:98:48:ac:27:f8:88:3e:5a:3b:ea:14:19:10:81:49:e1:93:
         28:d1:1e:2b:68:77:e1:22:70:33:fe:10:c6:b7:e2:37:3e:fe:
         b3:2c:c5:f1
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUFdAifwo8YnVC2nKZukZInQzw9dUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2ZTNmNWM0NmU5YzJm
MmQxZDMwOWRmYmQ5ZDJhZjUwHhcNMjQwMzE4MDAwMDAwWhcNMjQwNDIyMjM1OTU5
WjB6MUkwRwYDVQQFE0BkODI3NDlhMzc0MWMyYmNlNTM5YTFjMjgwYzdhNWQ2NjRk
NGY1NmQzNzg1YWMxNmM5NTI2YTJkOTliZGI4NDFhMS0wKwYDVQQDEyQ0MjUxOWVi
OS05NTc5LTQ5NzktYmRhZi0xNjRhYmQwZTI5MGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDHv/REvPZBT5WFboL0y6TDOjt8cu4wG9zJvdVzOHgt4XtF
SXv55uZ89QgxMYgQerdf3YKJ5sCPZguvH7p4z9VqWxpmPs1pwR1fuTzXajwruPvg
I5+sZNSozy0IvazGudueCBmJw4QYkyJy31CFnMNjQ79gNgb4hAvvmPBfWEI0tN6W
dagc4UyhJjsIQVHO3KYXvXNi1Se3KZSEZljfWZ7V2JB1yAtjBEiemKEZlpqDFuey
RhraUE7fZUShKq1izsFwM64Gc7uHgHQBun/ZbSFyuy/6QGxpd2iVdmTpFnylTNKx
0o3e0gA83+fNNxaeZb5dWZHIAiA74zvs+avC+PVDAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUNn6dphpFW02fAyf0pXyC0+EsANgwHwYDVR0jBBgwFoAUvJOucQ+vFCI2
CC+O2WtWy6nVAo0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xMDU5YjUyZC04
NDZhLTRjYmUtYTdkYi03OTZmMWRkOGI5MjkvZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2
ZTNmNWM0NmU5YzJmMmQxZDMwOWRmYmQ5ZDJhZjUuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvYjhhMWRkMjUtYzMxMy00ZjI1LWFjMjEtYmY1
NTUxNGQ5YzdkL2I1OTY0M2JmLWViODAtNDE0YS1hY2EwLTY1MzY0NmQ0NmUwNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I4YTFkZDI1LWMzMTMtNGYyNS1hYzIx
LWJmNTU1MTRkOWM3ZC9heHNPcmkxdVAxeEc2Y0x5MGRNSjM3MmRLdlUuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBALHf+gwDQYJKoZIhvcNAQELBQADggEBAFOhwqrWWo6VZ30G4JVCcIiapqwF
O3AydIW/pDxN1Z/rCwBGWyr7MyEFXQHUGI4VuAb5gZBJ5N60PE5QJ2+MORKZ4M6+
w8MUtqsdxPhTTZW6C6l7UwOo3IvgHZ0gPBPyd2Oxy8BkVYLwXLD6IKeh3r7NJKqY
bCMkgKEWcdsfOPSWhBgCejvGcUfMP1jAk4miCOG9/nJ//OUwODAs0sx/nwUFFAOE
yQ8K2EIwCQq6lIydqa201b3Eqi9bpZMsw0XrjIhmnkIeYAXkQkO31BRmN2upXAPU
GLbEmiyYSKwn+Ig+WjvqFBkQgUnhkyjRHitod+EicDP+EMa34jc+/rMsxfE=
-----END CERTIFICATE-----
Generated at Thu Mar 28 01:01:25 2024 by rpki-client on console-fra.rpki-client.org