Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/d61aefde-15db-4326-8486-f4cd98992cbc.roa
File:                     d61aefde-15db-4326-8486-f4cd98992cbc.roa (raw, json)
Hash identifier:          JZBTF/c42pYFUw2tq0fd3c5gc0Gv7qtp8iOBVgk4JU0=
Subject key identifier:   29:83:3A:D5:44:8F:B1:EE:87:E9:77:52:0A:0A:DF:BD:00:4D:D5:01
Certificate issuer:       /CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
Certificate serial:       30E405C733DB64E523E24F2F808F5D6F03A131EA
Authority key identifier: BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/d61aefde-15db-4326-8486-f4cd98992cbc.roa
Signing time:             Mon 11 Nov 2024 00:00:00 +0000
ROA not before:           Mon 11 Nov 2024 00:00:00 +0000
ROA not after:            Mon 16 Dec 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        23.249.223.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 26 Nov 2024 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            30:e4:05:c7:33:db:64:e5:23:e2:4f:2f:80:8f:5d:6f:03:a1:31:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
        Validity
            Not Before: Nov 11 00:00:00 2024 GMT
            Not After : Dec 16 23:59:59 2024 GMT
        Subject: serialNumber=8e15c8c4689513328dbed13faef9559db3412bdd4f518bc552b33c3c8b073a61, CN=42519eb9-9579-4979-bdaf-164abd0e290e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:3e:61:1f:54:9b:a0:09:84:ba:ac:8f:14:b4:
                    15:a5:f1:97:87:1c:cd:e7:e0:d0:3b:c0:00:ae:49:
                    22:2d:5f:c5:f4:c4:11:a1:aa:18:90:fa:ee:07:fd:
                    17:e8:8d:06:59:de:ef:9d:cd:88:cc:2c:a5:cf:ff:
                    99:e0:2c:9a:1e:40:86:34:d0:9b:aa:2e:87:a0:e2:
                    98:ba:0e:33:59:3a:34:7d:92:ff:d4:8d:86:b4:39:
                    8c:11:8e:48:35:b5:5f:67:80:53:19:5e:40:65:8e:
                    25:95:c4:03:15:e3:b2:76:91:73:3a:a2:94:a6:1e:
                    2f:ec:27:21:72:7f:b2:1b:0f:11:93:05:1f:97:86:
                    8f:ad:12:ad:94:4c:bb:0c:2a:fc:24:7d:e3:a9:b4:
                    25:b4:95:b5:b9:fa:d2:69:9c:36:2b:df:c8:36:fd:
                    ff:8b:cf:d7:15:91:01:20:ca:35:60:15:ac:49:8a:
                    58:2f:38:b1:c5:74:21:a5:ae:e4:51:1c:e8:23:d0:
                    08:9f:1a:bb:46:ea:63:04:52:32:2b:4b:3c:f1:ef:
                    0c:11:2d:d8:02:3d:fb:12:d4:3f:51:5e:fe:48:19:
                    4c:d6:f4:c5:86:8e:c6:39:75:1a:b2:23:8f:fe:a3:
                    a5:ff:46:9c:66:96:68:b2:9e:c2:5a:ac:06:dc:74:
                    50:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:83:3A:D5:44:8F:B1:EE:87:E9:77:52:0A:0A:DF:BD:00:4D:D5:01
            X509v3 Authority Key Identifier:
                keyid:BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/d61aefde-15db-4326-8486-f4cd98992cbc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  23.249.223.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2d:b8:74:13:26:33:cf:da:65:4c:62:ac:6d:9a:ff:ce:27:0d:
         64:b0:84:ee:a6:bf:a2:24:73:95:9f:a5:d8:61:18:a5:9b:cc:
         c9:01:7d:d7:83:37:77:49:fc:0c:d9:b9:f0:99:99:fb:67:f2:
         32:b1:9b:62:40:2d:ac:ea:d6:61:62:df:a0:aa:1a:30:6f:07:
         1e:fe:75:03:3a:d5:87:f7:f9:e4:6d:2f:80:d3:3f:43:72:40:
         6f:e1:3c:ae:7d:a4:12:ad:26:eb:a9:9e:3f:e7:c2:d9:e2:f9:
         8c:f4:05:44:5d:ce:92:1a:7e:5f:b8:77:4f:e5:74:92:83:7b:
         06:59:78:17:79:9d:3f:cc:f8:df:cc:34:22:6f:a0:bf:13:7a:
         9d:d1:08:b0:4f:97:a4:d7:92:a5:f7:ce:84:41:33:6f:a4:74:
         39:9d:dd:93:6a:d3:53:20:a4:51:57:59:9f:8b:11:f9:1a:5a:
         69:46:5b:1f:12:67:0d:d5:02:28:a1:99:27:58:27:ef:ee:da:
         b2:f1:11:4d:14:ea:f4:77:3f:bf:0d:69:34:b5:91:50:72:0d:
         e3:62:73:d4:66:4b:91:4d:8c:d8:67:b2:54:2f:55:06:74:8c:
         4d:7e:ec:dd:f5:7b:e1:c9:7a:bd:84:80:c0:f2:fb:17:8d:f8:
         32:aa:79:09
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUMOQFxzPbZOUj4k8vgI9dbwOhMeowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2ZTNmNWM0NmU5YzJm
MmQxZDMwOWRmYmQ5ZDJhZjUwHhcNMjQxMTExMDAwMDAwWhcNMjQxMjE2MjM1OTU5
WjB6MUkwRwYDVQQFE0A4ZTE1YzhjNDY4OTUxMzMyOGRiZWQxM2ZhZWY5NTU5ZGIz
NDEyYmRkNGY1MThiYzU1MmIzM2MzYzhiMDczYTYxMS0wKwYDVQQDEyQ0MjUxOWVi
OS05NTc5LTQ5NzktYmRhZi0xNjRhYmQwZTI5MGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDXPmEfVJugCYS6rI8UtBWl8ZeHHM3n4NA7wACuSSItX8X0
xBGhqhiQ+u4H/RfojQZZ3u+dzYjMLKXP/5ngLJoeQIY00JuqLoeg4pi6DjNZOjR9
kv/UjYa0OYwRjkg1tV9ngFMZXkBljiWVxAMV47J2kXM6opSmHi/sJyFyf7IbDxGT
BR+Xho+tEq2UTLsMKvwkfeOptCW0lbW5+tJpnDYr38g2/f+Lz9cVkQEgyjVgFaxJ
ilgvOLHFdCGlruRRHOgj0AifGrtG6mMEUjIrSzzx7wwRLdgCPfsS1D9RXv5IGUzW
9MWGjsY5dRqyI4/+o6X/RpxmlmiynsJarAbcdFA5AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUKYM61USPse6H6XdSCgrfvQBN1QEwHwYDVR0jBBgwFoAUvJOucQ+vFCI2
CC+O2WtWy6nVAo0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xMDU5YjUyZC04
NDZhLTRjYmUtYTdkYi03OTZmMWRkOGI5MjkvZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2
ZTNmNWM0NmU5YzJmMmQxZDMwOWRmYmQ5ZDJhZjUuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvYjhhMWRkMjUtYzMxMy00ZjI1LWFjMjEtYmY1
NTUxNGQ5YzdkL2Q2MWFlZmRlLTE1ZGItNDMyNi04NDg2LWY0Y2Q5ODk5MmNiYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I4YTFkZDI1LWMzMTMtNGYyNS1hYzIx
LWJmNTU1MTRkOWM3ZC9heHNPcmkxdVAxeEc2Y0x5MGRNSjM3MmRLdlUuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAX+d8wDQYJKoZIhvcNAQELBQADggEBAC24dBMmM8/aZUxirG2a/84nDWSw
hO6mv6Ikc5WfpdhhGKWbzMkBfdeDN3dJ/AzZufCZmftn8jKxm2JALazq1mFi36Cq
GjBvBx7+dQM61Yf3+eRtL4DTP0NyQG/hPK59pBKtJuupnj/nwtni+Yz0BURdzpIa
fl+4d0/ldJKDewZZeBd5nT/M+N/MNCJvoL8Tep3RCLBPl6TXkqX3zoRBM2+kdDmd
3ZNq01MgpFFXWZ+LEfkaWmlGWx8SZw3VAiihmSdYJ+/u2rLxEU0U6vR3P78NaTS1
kVByDeNic9RmS5FNjNhnslQvVQZ0jE1+7N31e+HJer2EgMDy+xeN+DKqeQk=
-----END CERTIFICATE-----
Generated at Mon Nov 25 01:15:21 2024 by rpki-client on console-fra.rpki-client.org