Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/dce2db93-8fb7-42b9-be56-23f46b5bf4e0.roa
File:                     dce2db93-8fb7-42b9-be56-23f46b5bf4e0.roa (raw, json)
Hash identifier:          lp8XNi9Hf5APSg23s7USqJrqCb9VltThpoDG1a5m+zg=
Subject key identifier:   AB:FE:4F:64:66:FC:EB:29:91:D3:79:D7:C9:43:E3:0D:2B:20:E3:C1
Certificate issuer:       /CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
Certificate serial:       73450EED3D10E9F7F6C5541DE06E5BC2E6D9E4E6
Authority key identifier: BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/dce2db93-8fb7-42b9-be56-23f46b5bf4e0.roa
Signing time:             Sat 09 Sep 2023 00:00:00 +0000
ROA not before:           Sat 09 Sep 2023 00:00:00 +0000
ROA not after:            Sat 14 Oct 2023 23:59:59 +0000
asID:                     16509
IP address blocks:        76.223.189.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 10 Sep 2023 12:04:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            73:45:0e:ed:3d:10:e9:f7:f6:c5:54:1d:e0:6e:5b:c2:e6:d9:e4:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
        Validity
            Not Before: Sep  9 00:00:00 2023 GMT
            Not After : Oct 14 23:59:59 2023 GMT
        Subject: serialNumber=eb88964683a09218251342e98f3e22b9dc2e6dc44257ee5d9eb77c4e718b96ea, CN=42519eb9-9579-4979-bdaf-164abd0e290e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:ce:84:80:ee:3f:b4:5d:ad:b1:22:e3:bb:13:
                    72:9f:e8:3a:83:9f:e5:48:0d:de:57:bf:09:bd:bc:
                    cb:d2:c3:ba:78:51:16:3c:50:9e:55:b1:b5:75:6f:
                    e9:ee:03:fd:b1:54:fc:f2:72:a7:72:78:f9:83:05:
                    46:a1:18:7d:75:9a:10:54:f4:0a:fc:a7:85:60:55:
                    c5:d8:e1:9f:61:0f:a7:c8:05:82:32:34:e4:4d:d4:
                    40:71:d3:21:4d:75:43:7d:09:5a:f6:89:39:ff:c4:
                    d4:2f:01:0c:57:89:c1:c9:fd:92:b7:3b:bc:8e:7f:
                    0d:14:1b:2a:49:64:3e:cc:2c:dd:fd:1f:7e:ad:5e:
                    98:f6:96:1c:04:29:dd:68:fa:9f:1f:2c:c8:b7:94:
                    64:4f:c9:9d:1e:b9:b0:37:c5:12:e8:6e:0d:d3:4a:
                    9e:62:34:27:c9:18:a4:28:7b:72:bb:f5:6f:5c:f6:
                    c3:a7:41:e8:e0:40:72:a5:ba:f7:f3:ec:48:0a:5d:
                    91:09:ec:1c:a6:d1:cc:f3:da:a6:b6:66:bf:c9:dd:
                    56:77:14:81:c4:40:2a:6c:44:7e:48:34:69:97:f4:
                    b4:af:29:a4:f2:50:57:f0:f4:3f:1c:80:68:f6:23:
                    23:c5:c2:bb:5a:08:95:ac:62:1d:e0:ec:0c:c3:f0:
                    05:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:FE:4F:64:66:FC:EB:29:91:D3:79:D7:C9:43:E3:0D:2B:20:E3:C1
            X509v3 Authority Key Identifier:
                keyid:BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/dce2db93-8fb7-42b9-be56-23f46b5bf4e0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  76.223.189.0/24

    Signature Algorithm: sha256WithRSAEncryption
         37:d7:c9:0c:0f:46:17:d4:c3:23:f3:aa:9f:8c:c2:41:70:fd:
         28:b7:d8:2d:5d:6d:f1:05:30:d8:61:a5:fb:68:44:7d:c0:ed:
         ec:67:29:3b:d4:ea:cf:33:ae:fe:48:6c:15:d5:65:ac:ce:32:
         47:b5:00:4f:68:15:9b:51:ba:74:a0:d2:04:f7:3b:39:cd:7c:
         c7:de:dd:8a:92:f7:bb:c8:f3:ab:d6:85:6d:0c:96:ae:74:5a:
         f5:a5:2a:82:ce:61:63:bd:57:2f:58:70:16:46:92:db:40:6c:
         f4:ff:e1:f3:be:83:fa:f6:a9:d6:b3:24:42:8b:ad:8a:d2:d7:
         28:ef:8c:93:93:78:53:af:6d:f9:96:c0:f4:f7:a0:ea:dc:de:
         65:01:e4:ac:5e:46:3c:34:0f:94:44:16:8e:63:26:53:fa:14:
         59:fc:eb:46:df:a6:c9:b6:74:20:a7:82:db:2b:10:a0:81:c6:
         74:8b:dd:db:7e:dd:c5:d3:98:d7:db:40:0e:ee:db:2e:3a:c9:
         a4:91:33:0f:f9:d9:a5:37:ca:57:06:e9:ff:7d:00:2f:83:75:
         4c:3d:7f:e9:c5:71:1e:8f:7d:5f:6e:8a:84:78:ce:e7:b1:43:
         1b:25:ec:8e:9d:54:d2:8f:dc:c1:7d:87:dd:1c:cb:e4:fb:7e:
         7f:d1:6d:53
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUc0UO7T0Q6ff2xVQd4G5bwubZ5OYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2ZTNmNWM0NmU5YzJm
MmQxZDMwOWRmYmQ5ZDJhZjUwHhcNMjMwOTA5MDAwMDAwWhcNMjMxMDE0MjM1OTU5
WjB6MUkwRwYDVQQFE0BlYjg4OTY0NjgzYTA5MjE4MjUxMzQyZTk4ZjNlMjJiOWRj
MmU2ZGM0NDI1N2VlNWQ5ZWI3N2M0ZTcxOGI5NmVhMS0wKwYDVQQDEyQ0MjUxOWVi
OS05NTc5LTQ5NzktYmRhZi0xNjRhYmQwZTI5MGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCgzoSA7j+0Xa2xIuO7E3Kf6DqDn+VIDd5Xvwm9vMvSw7p4
URY8UJ5VsbV1b+nuA/2xVPzycqdyePmDBUahGH11mhBU9Ar8p4VgVcXY4Z9hD6fI
BYIyNORN1EBx0yFNdUN9CVr2iTn/xNQvAQxXicHJ/ZK3O7yOfw0UGypJZD7MLN39
H36tXpj2lhwEKd1o+p8fLMi3lGRPyZ0eubA3xRLobg3TSp5iNCfJGKQoe3K79W9c
9sOnQejgQHKluvfz7EgKXZEJ7Bym0czz2qa2Zr/J3VZ3FIHEQCpsRH5INGmX9LSv
KaTyUFfw9D8cgGj2IyPFwrtaCJWsYh3g7AzD8AU3AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUq/5PZGb86ymR03nXyUPjDSsg48EwHwYDVR0jBBgwFoAUvJOucQ+vFCI2
CC+O2WtWy6nVAo0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xMDU5YjUyZC04
NDZhLTRjYmUtYTdkYi03OTZmMWRkOGI5MjkvZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2
ZTNmNWM0NmU5YzJmMmQxZDMwOWRmYmQ5ZDJhZjUuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvYjhhMWRkMjUtYzMxMy00ZjI1LWFjMjEtYmY1
NTUxNGQ5YzdkL2RjZTJkYjkzLThmYjctNDJiOS1iZTU2LTIzZjQ2YjViZjRlMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I4YTFkZDI1LWMzMTMtNGYyNS1hYzIx
LWJmNTU1MTRkOWM3ZC9heHNPcmkxdVAxeEc2Y0x5MGRNSjM3MmRLdlUuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABM370wDQYJKoZIhvcNAQELBQADggEBADfXyQwPRhfUwyPzqp+MwkFw/Si3
2C1dbfEFMNhhpftoRH3A7exnKTvU6s8zrv5IbBXVZazOMke1AE9oFZtRunSg0gT3
OznNfMfe3YqS97vI86vWhW0Mlq50WvWlKoLOYWO9Vy9YcBZGkttAbPT/4fO+g/r2
qdazJEKLrYrS1yjvjJOTeFOvbfmWwPT3oOrc3mUB5KxeRjw0D5REFo5jJlP6FFn8
60bfpsm2dCCngtsrEKCBxnSL3dt+3cXTmNfbQA7u2y46yaSRMw/52aU3ylcG6f99
AC+DdUw9f+nFcR6PfV9uioR4zuexQxsl7I6dVNKP3MF9h90cy+T7fn/RbVM=
-----END CERTIFICATE-----
Generated at Sat Sep 9 00:50:17 2023 by rpki-client on console-ams.rpki-client.org