Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/cb088b4a-420f-4b13-84d1-b160e021b919.roa
File:                     cb088b4a-420f-4b13-84d1-b160e021b919.roa (raw, json)
Hash identifier:          iG0sw5OMkSlwQvXQaadr/xraB0Gq446ug+pt5v/wG4c=
Subject key identifier:   5B:04:74:02:C1:D4:99:95:13:FC:73:AD:D5:4F:A8:EE:5B:15:ED:DD
Certificate issuer:       /CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
Certificate serial:       3084D1FADD5DAEC9EAE79BDC5618C6F775EE393E
Authority key identifier: BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/cb088b4a-420f-4b13-84d1-b160e021b919.roa
Signing time:             Sat 09 Sep 2023 00:00:00 +0000
ROA not before:           Sat 09 Sep 2023 00:00:00 +0000
ROA not after:            Sat 14 Oct 2023 23:59:59 +0000
asID:                     16509
IP address blocks:        69.169.227.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 10 Sep 2023 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            30:84:d1:fa:dd:5d:ae:c9:ea:e7:9b:dc:56:18:c6:f7:75:ee:39:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
        Validity
            Not Before: Sep  9 00:00:00 2023 GMT
            Not After : Oct 14 23:59:59 2023 GMT
        Subject: serialNumber=2fc230da2bbb19ab3f273cc819e66241131929e4b9605831a6c377e0b45bed2d, CN=42519eb9-9579-4979-bdaf-164abd0e290e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:6c:d8:87:70:3a:52:82:0d:58:2c:dc:08:eb:
                    c6:29:da:35:c7:33:f3:d0:5a:45:8c:6e:4c:b2:a2:
                    eb:87:44:28:3a:db:13:8d:85:e2:ea:df:fe:67:ff:
                    4e:ec:df:b3:b6:18:73:b1:24:c6:71:53:dc:7c:e1:
                    ab:c8:33:0b:69:98:d2:65:99:7a:db:fd:61:3a:89:
                    ab:e0:fa:40:c3:3f:4f:d1:31:80:ba:eb:b6:ce:8f:
                    fd:4c:2b:dd:d6:98:51:d5:9a:65:6d:8c:6b:5a:85:
                    4d:b5:ab:d1:17:e1:96:3a:40:e7:41:81:e2:0d:4d:
                    17:96:ca:8f:e5:8c:24:ee:be:57:92:ae:3c:5c:4b:
                    c3:85:d4:9b:4f:65:04:00:24:6a:92:56:46:89:61:
                    e6:55:52:08:26:38:a1:79:fa:60:a4:85:0c:3b:7d:
                    bb:a3:59:0d:7c:af:5f:e4:9a:3b:98:e0:19:44:08:
                    bc:23:4c:e3:a3:85:d7:bf:14:c6:86:df:5d:ab:bc:
                    f2:6c:7d:6c:62:23:44:7c:71:8b:32:22:9b:ed:47:
                    ac:02:3c:2f:96:c8:92:87:d6:a9:a1:7c:7f:cc:c6:
                    87:87:ad:38:99:26:83:33:bd:24:8d:47:ee:8b:d3:
                    07:01:85:e5:77:3b:05:76:e0:a0:24:a3:0b:66:a5:
                    ff:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:04:74:02:C1:D4:99:95:13:FC:73:AD:D5:4F:A8:EE:5B:15:ED:DD
            X509v3 Authority Key Identifier:
                keyid:BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/cb088b4a-420f-4b13-84d1-b160e021b919.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  69.169.227.0/24

    Signature Algorithm: sha256WithRSAEncryption
         13:1b:b3:29:b1:e0:ad:e8:57:be:a6:37:c2:c6:93:c4:81:a3:
         55:77:41:b9:f6:3a:37:92:15:76:2d:ee:fe:66:00:a7:c9:0e:
         65:ec:cd:4e:af:57:48:41:ad:ad:f5:e5:9e:35:fb:1a:12:7c:
         40:77:bd:30:c7:5a:cb:98:2a:1a:97:77:b7:bd:e3:21:cc:93:
         2f:84:ef:1f:93:3f:8f:c7:f8:48:c0:18:a9:e1:ef:9e:b2:c7:
         ae:c8:c9:9e:a8:08:f6:d9:67:b1:ab:0e:af:66:fa:18:35:32:
         7d:5e:8b:72:b5:0b:be:f6:18:08:88:90:97:2a:0d:12:83:ec:
         1d:26:b8:12:ee:4a:04:d4:1a:6a:50:94:a7:e3:d2:e8:86:3b:
         d4:20:91:c6:4b:89:6a:21:7a:01:14:5a:66:26:23:35:86:f3:
         ce:e0:e6:63:25:0c:9f:f5:bb:2f:ea:a4:a9:54:e9:80:21:fa:
         5b:f1:d8:fc:4e:ef:13:a4:fe:28:64:7f:f4:77:1f:1f:12:bc:
         e5:f1:64:06:9b:38:3f:7c:c5:2a:e9:74:1c:ae:3c:56:1e:b2:
         a0:e4:5c:a9:41:9b:af:9c:4a:36:c6:96:1c:46:76:08:e9:7d:
         aa:19:78:a5:16:9d:9f:82:ee:fe:e9:80:22:d3:1e:23:e1:34:
         20:1c:4f:47
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUMITR+t1drsnq55vcVhjG93XuOT4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2ZTNmNWM0NmU5YzJm
MmQxZDMwOWRmYmQ5ZDJhZjUwHhcNMjMwOTA5MDAwMDAwWhcNMjMxMDE0MjM1OTU5
WjB6MUkwRwYDVQQFE0AyZmMyMzBkYTJiYmIxOWFiM2YyNzNjYzgxOWU2NjI0MTEz
MTkyOWU0Yjk2MDU4MzFhNmMzNzdlMGI0NWJlZDJkMS0wKwYDVQQDEyQ0MjUxOWVi
OS05NTc5LTQ5NzktYmRhZi0xNjRhYmQwZTI5MGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDFbNiHcDpSgg1YLNwI68Yp2jXHM/PQWkWMbkyyouuHRCg6
2xONheLq3/5n/07s37O2GHOxJMZxU9x84avIMwtpmNJlmXrb/WE6iavg+kDDP0/R
MYC667bOj/1MK93WmFHVmmVtjGtahU21q9EX4ZY6QOdBgeINTReWyo/ljCTuvleS
rjxcS8OF1JtPZQQAJGqSVkaJYeZVUggmOKF5+mCkhQw7fbujWQ18r1/kmjuY4BlE
CLwjTOOjhde/FMaG312rvPJsfWxiI0R8cYsyIpvtR6wCPC+WyJKH1qmhfH/MxoeH
rTiZJoMzvSSNR+6L0wcBheV3OwV24KAkowtmpf+JAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUWwR0AsHUmZUT/HOt1U+o7lsV7d0wHwYDVR0jBBgwFoAUvJOucQ+vFCI2
CC+O2WtWy6nVAo0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xMDU5YjUyZC04
NDZhLTRjYmUtYTdkYi03OTZmMWRkOGI5MjkvZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2
ZTNmNWM0NmU5YzJmMmQxZDMwOWRmYmQ5ZDJhZjUuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvYjhhMWRkMjUtYzMxMy00ZjI1LWFjMjEtYmY1
NTUxNGQ5YzdkL2NiMDg4YjRhLTQyMGYtNGIxMy04NGQxLWIxNjBlMDIxYjkxOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I4YTFkZDI1LWMzMTMtNGYyNS1hYzIx
LWJmNTU1MTRkOWM3ZC9heHNPcmkxdVAxeEc2Y0x5MGRNSjM3MmRLdlUuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABFqeMwDQYJKoZIhvcNAQELBQADggEBABMbsymx4K3oV76mN8LGk8SBo1V3
Qbn2OjeSFXYt7v5mAKfJDmXszU6vV0hBra315Z41+xoSfEB3vTDHWsuYKhqXd7e9
4yHMky+E7x+TP4/H+EjAGKnh756yx67IyZ6oCPbZZ7GrDq9m+hg1Mn1ei3K1C772
GAiIkJcqDRKD7B0muBLuSgTUGmpQlKfj0uiGO9QgkcZLiWohegEUWmYmIzWG887g
5mMlDJ/1uy/qpKlU6YAh+lvx2PxO7xOk/ihkf/R3Hx8SvOXxZAabOD98xSrpdByu
PFYesqDkXKlBm6+cSjbGlhxGdgjpfaoZeKUWnZ+C7v7pgCLTHiPhNCAcT0c=
-----END CERTIFICATE-----
Generated at Sat Sep 9 00:20:01 2023 by rpki-client on console-ams.rpki-client.org