Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/cb088b4a-420f-4b13-84d1-b160e021b919.roa
File:                     cb088b4a-420f-4b13-84d1-b160e021b919.roa (raw, json)
Hash identifier:          3Gp/VDG1CszuyCZczOoht2QYkXVHRizVHBVn6shqqaU=
Subject key identifier:   55:59:13:8F:67:0B:B1:08:9D:7D:42:A1:32:15:61:61:15:0B:07:DD
Certificate issuer:       /CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
Certificate serial:       7BF954C16FE1C7FC3F3FAED81DBBDD78AC953B3B
Authority key identifier: BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/cb088b4a-420f-4b13-84d1-b160e021b919.roa
Signing time:             Fri 06 Dec 2024 00:00:00 +0000
ROA not before:           Fri 06 Dec 2024 00:00:00 +0000
ROA not after:            Fri 10 Jan 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        69.169.227.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 12 Dec 2024 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7b:f9:54:c1:6f:e1:c7:fc:3f:3f:ae:d8:1d:bb:dd:78:ac:95:3b:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
        Validity
            Not Before: Dec  6 00:00:00 2024 GMT
            Not After : Jan 10 23:59:59 2025 GMT
        Subject: serialNumber=eea853948e72f47868117cb838ad9895777037532340ce91376ff28951aa90bb, CN=42519eb9-9579-4979-bdaf-164abd0e290e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:2f:fb:c0:bc:bf:0f:dd:c4:44:b3:b4:ce:72:
                    bc:c8:e2:96:ec:5c:62:c3:3a:69:0b:31:3d:c8:23:
                    80:2e:32:f3:81:64:ad:13:d6:8c:02:65:29:31:8a:
                    e9:f1:42:b5:f3:0b:5b:13:0a:d7:b2:17:08:ca:0c:
                    b9:c5:5c:04:cf:48:b9:3e:61:4b:1f:d7:69:89:03:
                    be:21:77:91:11:93:45:42:53:2c:78:be:c9:38:b6:
                    63:81:e2:10:95:ea:ae:56:82:b2:7a:b1:cf:82:53:
                    31:27:0e:7c:27:38:41:58:f7:06:c7:80:6c:be:46:
                    74:3a:f6:f9:af:f7:cb:42:f7:9a:9b:d8:b2:c3:6a:
                    42:6f:d6:05:18:11:a0:81:35:51:80:2a:db:21:75:
                    e5:dd:c9:01:6d:0c:67:10:cb:0a:ee:b8:59:04:0a:
                    c1:9c:1e:7e:f2:cb:1b:08:fd:c0:37:ec:f7:b9:dd:
                    5c:e7:34:5e:ee:ef:d6:8b:e9:29:3d:7d:ac:c5:aa:
                    72:56:cf:65:8a:a0:ac:9c:5b:f8:05:de:08:33:5f:
                    25:c1:4c:9c:e8:b4:e9:f0:54:8f:4d:56:e9:9a:eb:
                    b5:8d:1d:68:89:36:47:1b:e0:00:35:10:bd:fc:b2:
                    a8:2d:97:e2:c2:f1:39:a6:46:f2:5c:69:20:92:28:
                    e0:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:59:13:8F:67:0B:B1:08:9D:7D:42:A1:32:15:61:61:15:0B:07:DD
            X509v3 Authority Key Identifier:
                keyid:BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/cb088b4a-420f-4b13-84d1-b160e021b919.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  69.169.227.0/24

    Signature Algorithm: sha256WithRSAEncryption
         24:bd:65:7e:2d:34:c9:47:a7:32:e2:31:b4:13:06:24:4d:30:
         a3:e6:4b:85:70:c9:cd:06:73:72:5c:49:3c:26:cd:1e:9e:12:
         48:49:09:d7:ee:89:fd:47:5a:62:b5:2e:25:dd:9c:61:40:0f:
         a9:5a:d9:68:75:60:ea:72:3f:24:db:c1:46:b1:91:48:1e:e6:
         60:18:97:90:ec:69:68:4e:82:64:bc:60:e0:16:71:e6:37:e3:
         ca:e9:11:81:02:ba:73:ac:e6:68:31:ab:8e:ef:69:b7:98:67:
         8b:8a:b8:ed:b0:cd:47:30:84:ed:ee:1a:27:9f:7f:81:a2:0e:
         1c:42:3d:bd:41:59:f9:8b:7c:04:4c:3c:d1:42:05:62:07:08:
         33:22:6b:8f:85:b1:12:88:4c:00:17:a0:13:e3:84:f3:de:98:
         ef:8e:ab:74:57:cd:98:fa:28:a5:11:1c:fd:71:13:14:55:fe:
         f6:36:1a:13:2f:fd:3e:73:93:e6:1d:78:8a:69:0a:ae:3e:f5:
         13:b2:82:46:f6:eb:44:fa:d1:b9:3c:ef:f2:f3:f1:bd:eb:4d:
         f1:fd:3f:bb:09:65:f2:5b:cc:7c:6e:ab:eb:0d:f3:4a:e8:22:
         ee:22:b9:ab:b6:f7:35:4e:fb:bc:af:7d:b4:80:7a:43:16:01:
         3f:ea:0e:14
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUe/lUwW/hx/w/P67YHbvdeKyVOzswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2ZTNmNWM0NmU5YzJm
MmQxZDMwOWRmYmQ5ZDJhZjUwHhcNMjQxMjA2MDAwMDAwWhcNMjUwMTEwMjM1OTU5
WjB6MUkwRwYDVQQFE0BlZWE4NTM5NDhlNzJmNDc4NjgxMTdjYjgzOGFkOTg5NTc3
NzAzNzUzMjM0MGNlOTEzNzZmZjI4OTUxYWE5MGJiMS0wKwYDVQQDEyQ0MjUxOWVi
OS05NTc5LTQ5NzktYmRhZi0xNjRhYmQwZTI5MGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDDL/vAvL8P3cREs7TOcrzI4pbsXGLDOmkLMT3II4AuMvOB
ZK0T1owCZSkxiunxQrXzC1sTCteyFwjKDLnFXATPSLk+YUsf12mJA74hd5ERk0VC
Uyx4vsk4tmOB4hCV6q5WgrJ6sc+CUzEnDnwnOEFY9wbHgGy+RnQ69vmv98tC95qb
2LLDakJv1gUYEaCBNVGAKtshdeXdyQFtDGcQywruuFkECsGcHn7yyxsI/cA37Pe5
3VznNF7u79aL6Sk9fazFqnJWz2WKoKycW/gF3ggzXyXBTJzotOnwVI9NVuma67WN
HWiJNkcb4AA1EL38sqgtl+LC8TmmRvJcaSCSKOA3AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUVVkTj2cLsQidfUKhMhVhYRULB90wHwYDVR0jBBgwFoAUvJOucQ+vFCI2
CC+O2WtWy6nVAo0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xMDU5YjUyZC04
NDZhLTRjYmUtYTdkYi03OTZmMWRkOGI5MjkvZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2
ZTNmNWM0NmU5YzJmMmQxZDMwOWRmYmQ5ZDJhZjUuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvYjhhMWRkMjUtYzMxMy00ZjI1LWFjMjEtYmY1
NTUxNGQ5YzdkL2NiMDg4YjRhLTQyMGYtNGIxMy04NGQxLWIxNjBlMDIxYjkxOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I4YTFkZDI1LWMzMTMtNGYyNS1hYzIx
LWJmNTU1MTRkOWM3ZC9heHNPcmkxdVAxeEc2Y0x5MGRNSjM3MmRLdlUuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABFqeMwDQYJKoZIhvcNAQELBQADggEBACS9ZX4tNMlHpzLiMbQTBiRNMKPm
S4Vwyc0Gc3JcSTwmzR6eEkhJCdfuif1HWmK1LiXdnGFAD6la2Wh1YOpyPyTbwUax
kUge5mAYl5DsaWhOgmS8YOAWceY348rpEYECunOs5mgxq47vabeYZ4uKuO2wzUcw
hO3uGieff4GiDhxCPb1BWfmLfARMPNFCBWIHCDMia4+FsRKITAAXoBPjhPPemO+O
q3RXzZj6KKURHP1xExRV/vY2GhMv/T5zk+YdeIppCq4+9ROygkb260T60bk87/Lz
8b3rTfH9P7sJZfJbzHxuq+sN80roIu4iuau29zVO+7yvfbSAekMWAT/qDhQ=
-----END CERTIFICATE-----
Generated at Tue Dec 10 19:07:35 2024 by rpki-client on console-fra.rpki-client.org