Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/dce2db93-8fb7-42b9-be56-23f46b5bf4e0.roa
File:                     dce2db93-8fb7-42b9-be56-23f46b5bf4e0.roa (raw, json)
Hash identifier:          uLEjjau5pBCpoT6Mlf5Nm/vYx4BmNQ3h4+SEKGS6rcc=
Subject key identifier:   26:FC:FD:42:75:95:BD:B3:18:CB:6C:97:21:CB:A3:12:63:BF:A3:61
Certificate issuer:       /CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
Certificate serial:       5BE77815DF1E7AAA8CD1CF624F614C7D97BDAD13
Authority key identifier: BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/dce2db93-8fb7-42b9-be56-23f46b5bf4e0.roa
Signing time:             Mon 11 Nov 2024 00:00:00 +0000
ROA not before:           Mon 11 Nov 2024 00:00:00 +0000
ROA not after:            Mon 16 Dec 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        76.223.189.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 26 Nov 2024 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5b:e7:78:15:df:1e:7a:aa:8c:d1:cf:62:4f:61:4c:7d:97:bd:ad:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
        Validity
            Not Before: Nov 11 00:00:00 2024 GMT
            Not After : Dec 16 23:59:59 2024 GMT
        Subject: serialNumber=9801adc50f4d83a68d2513694227b50bd81fce6262ea4d0d2a75d9f4abbefbd7, CN=42519eb9-9579-4979-bdaf-164abd0e290e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:47:fe:f4:34:d5:0e:17:b8:5d:c8:42:97:96:
                    df:48:89:e7:fc:71:01:29:9e:22:89:9b:c2:59:00:
                    eb:6c:c7:e5:f9:42:a2:30:30:4e:ae:a1:74:9b:89:
                    30:8a:ec:c1:a8:70:c2:b8:4d:6b:46:b6:6c:33:73:
                    50:a3:d4:3c:cd:93:e9:01:1b:0d:58:d2:fc:0a:15:
                    41:36:2f:11:1f:d2:48:76:ef:82:21:86:88:00:1f:
                    29:4f:a8:9a:e7:d9:39:45:29:4c:87:a2:a2:45:10:
                    42:2b:2b:c5:2a:b3:24:4d:c2:22:50:1e:f1:be:0e:
                    91:e3:75:3d:a3:ed:1a:45:16:dd:f6:d7:29:86:81:
                    82:d0:74:de:ec:8a:97:ec:f4:b2:a0:12:f2:71:11:
                    47:3e:8a:1e:77:c6:a1:fb:60:6f:0f:57:ae:13:ac:
                    85:c0:fc:42:25:02:ca:b5:ae:9a:28:7e:bf:52:49:
                    e6:f9:ed:ba:b9:b2:33:79:e5:4d:a3:24:08:53:0f:
                    39:a5:02:f7:22:06:10:1c:47:4f:1a:3b:df:26:65:
                    85:17:4e:01:86:76:9c:31:37:c5:3e:11:42:9c:17:
                    75:3e:99:88:f3:76:99:4e:18:e9:b9:86:78:59:b9:
                    16:cc:60:bd:08:0b:bd:aa:c0:4b:9d:d9:4e:1c:60:
                    06:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:FC:FD:42:75:95:BD:B3:18:CB:6C:97:21:CB:A3:12:63:BF:A3:61
            X509v3 Authority Key Identifier:
                keyid:BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/dce2db93-8fb7-42b9-be56-23f46b5bf4e0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  76.223.189.0/24

    Signature Algorithm: sha256WithRSAEncryption
         45:7e:89:86:bb:03:7d:25:58:07:f8:f0:c8:fe:75:9c:c2:45:
         03:1b:31:30:4a:a6:90:49:95:ef:f3:69:d4:1e:e0:a6:b8:f5:
         aa:e0:1f:11:f3:b8:f6:89:c3:43:09:fc:01:54:f9:bc:7d:10:
         b0:17:0a:4b:44:af:e7:d9:de:02:e1:98:27:45:22:a1:ba:68:
         8b:a5:69:73:bf:54:ac:7d:b2:e0:fd:2c:83:ce:a6:56:20:3c:
         46:b2:32:20:09:a3:ef:01:4c:df:3b:99:bd:67:ee:5b:8f:42:
         42:a9:9d:8f:dc:6b:e2:54:bd:b9:38:9a:19:5c:93:11:2e:62:
         10:f1:b8:12:6c:85:d0:f5:e2:c2:82:9e:7b:6c:8a:fe:ed:23:
         d8:94:0d:64:f6:06:a9:e5:b3:ca:ac:eb:47:28:c4:89:27:ba:
         89:ae:cd:6f:67:6f:cc:3e:e2:73:bf:a0:e1:3b:3d:f2:40:13:
         fe:e0:e3:31:71:22:3e:32:83:27:db:8e:92:b6:9d:08:a4:5c:
         e2:84:fb:eb:42:a5:9a:3f:a4:91:80:8a:4c:f4:24:5e:d1:b0:
         56:b1:a8:a4:c3:98:6f:d5:39:7f:a7:fc:3b:f3:14:13:7e:92:
         cb:11:69:59:55:84:f9:6d:b2:9a:b4:cd:33:e0:62:a5:a6:a2:
         fb:9d:b3:0e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUW+d4Fd8eeqqM0c9iT2FMfZe9rRMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2ZTNmNWM0NmU5YzJm
MmQxZDMwOWRmYmQ5ZDJhZjUwHhcNMjQxMTExMDAwMDAwWhcNMjQxMjE2MjM1OTU5
WjB6MUkwRwYDVQQFE0A5ODAxYWRjNTBmNGQ4M2E2OGQyNTEzNjk0MjI3YjUwYmQ4
MWZjZTYyNjJlYTRkMGQyYTc1ZDlmNGFiYmVmYmQ3MS0wKwYDVQQDEyQ0MjUxOWVi
OS05NTc5LTQ5NzktYmRhZi0xNjRhYmQwZTI5MGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDJR/70NNUOF7hdyEKXlt9Iief8cQEpniKJm8JZAOtsx+X5
QqIwME6uoXSbiTCK7MGocMK4TWtGtmwzc1Cj1DzNk+kBGw1Y0vwKFUE2LxEf0kh2
74IhhogAHylPqJrn2TlFKUyHoqJFEEIrK8UqsyRNwiJQHvG+DpHjdT2j7RpFFt32
1ymGgYLQdN7sipfs9LKgEvJxEUc+ih53xqH7YG8PV64TrIXA/EIlAsq1rpoofr9S
Seb57bq5sjN55U2jJAhTDzmlAvciBhAcR08aO98mZYUXTgGGdpwxN8U+EUKcF3U+
mYjzdplOGOm5hnhZuRbMYL0IC72qwEud2U4cYAZPAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUJvz9QnWVvbMYy2yXIcujEmO/o2EwHwYDVR0jBBgwFoAUvJOucQ+vFCI2
CC+O2WtWy6nVAo0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xMDU5YjUyZC04
NDZhLTRjYmUtYTdkYi03OTZmMWRkOGI5MjkvZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2
ZTNmNWM0NmU5YzJmMmQxZDMwOWRmYmQ5ZDJhZjUuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvYjhhMWRkMjUtYzMxMy00ZjI1LWFjMjEtYmY1
NTUxNGQ5YzdkL2RjZTJkYjkzLThmYjctNDJiOS1iZTU2LTIzZjQ2YjViZjRlMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I4YTFkZDI1LWMzMTMtNGYyNS1hYzIx
LWJmNTU1MTRkOWM3ZC9heHNPcmkxdVAxeEc2Y0x5MGRNSjM3MmRLdlUuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABM370wDQYJKoZIhvcNAQELBQADggEBAEV+iYa7A30lWAf48Mj+dZzCRQMb
MTBKppBJle/zadQe4Ka49argHxHzuPaJw0MJ/AFU+bx9ELAXCktEr+fZ3gLhmCdF
IqG6aIulaXO/VKx9suD9LIPOplYgPEayMiAJo+8BTN87mb1n7luPQkKpnY/ca+JU
vbk4mhlckxEuYhDxuBJshdD14sKCnntsiv7tI9iUDWT2Bqnls8qs60coxIknuomu
zW9nb8w+4nO/oOE7PfJAE/7g4zFxIj4ygyfbjpK2nQikXOKE++tCpZo/pJGAikz0
JF7RsFaxqKTDmG/VOX+n/DvzFBN+kssRaVlVhPltspq0zTPgYqWmovudsw4=
-----END CERTIFICATE-----
Generated at Mon Nov 25 01:15:21 2024 by rpki-client on console-fra.rpki-client.org