Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/dd1fe956-aaed-411d-9093-88449b6e454d.roa
File:                     dd1fe956-aaed-411d-9093-88449b6e454d.roa (raw, json)
Hash identifier:          /yqTXnD/HEqI8FzodGyfZQ9T1bG2cwziuwFcUXWMZnQ=
Subject key identifier:   1A:40:F7:54:F8:72:C9:8F:69:DA:85:61:A8:78:ED:6D:D7:45:EB:C1
Certificate issuer:       /CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
Certificate serial:       1FCB7D283476C0D2343B122F563AD366CD1744C6
Authority key identifier: BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/dd1fe956-aaed-411d-9093-88449b6e454d.roa
Signing time:             Sat 23 Sep 2023 00:00:00 +0000
ROA not before:           Sat 23 Sep 2023 00:00:00 +0000
ROA not after:            Sat 28 Oct 2023 23:59:59 +0000
asID:                     16509
IP address blocks:        23.251.224.0/19 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 24 Sep 2023 12:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1f:cb:7d:28:34:76:c0:d2:34:3b:12:2f:56:3a:d3:66:cd:17:44:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
        Validity
            Not Before: Sep 23 00:00:00 2023 GMT
            Not After : Oct 28 23:59:59 2023 GMT
        Subject: serialNumber=d797e71588b2e5a740fdc630e8b0e8ba00d5fac4124412de02c118371c4c6c02, CN=42519eb9-9579-4979-bdaf-164abd0e290e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:bd:95:6e:d6:9c:07:c9:a2:70:a9:db:2b:a8:
                    65:92:30:bc:ab:66:03:4d:91:e8:2d:8f:ee:ce:c5:
                    85:e6:36:dd:83:b8:97:95:30:14:c9:e3:fd:16:5b:
                    69:c8:3e:17:32:df:8f:50:4f:2f:0e:03:c7:c8:0c:
                    7e:92:1d:8a:ee:db:29:ac:8c:ee:8b:1d:aa:42:96:
                    03:b3:f8:e7:f1:12:22:50:80:39:75:60:84:0d:9f:
                    8d:98:0f:3a:a4:67:e6:dc:8d:2a:d1:f1:4c:b4:5e:
                    94:9d:d3:a4:a8:9d:87:99:30:4b:b5:2e:5d:45:4f:
                    22:84:20:30:2a:d6:e4:75:16:fd:16:6f:7d:6a:63:
                    18:5d:73:6c:c1:37:d7:b3:5f:7b:34:6e:e2:6c:ed:
                    67:25:28:93:28:0b:44:60:c8:ba:78:b6:1d:b2:9f:
                    97:86:f5:45:6b:e1:92:63:a5:32:e2:c6:5b:a9:7d:
                    06:8a:fd:5d:06:ba:23:7b:90:7f:24:da:fc:47:8f:
                    3b:36:16:52:3f:31:f2:37:e4:74:e5:b3:a0:4d:0b:
                    6e:c8:19:eb:6d:a7:ac:e7:36:03:56:00:d2:7e:fc:
                    1a:53:db:cd:ed:18:5f:8e:c2:bc:97:cb:95:85:0e:
                    7c:97:a9:e3:2d:b1:36:5d:e7:e9:3a:04:1c:4f:99:
                    f6:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:40:F7:54:F8:72:C9:8F:69:DA:85:61:A8:78:ED:6D:D7:45:EB:C1
            X509v3 Authority Key Identifier:
                keyid:BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/dd1fe956-aaed-411d-9093-88449b6e454d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  23.251.224.0/19

    Signature Algorithm: sha256WithRSAEncryption
         87:99:4c:76:c8:da:55:a4:f2:f9:ec:5a:43:9b:37:43:a8:db:
         3a:c2:63:cf:be:27:96:75:ca:a3:7e:95:38:5a:d9:ad:4e:b1:
         60:e1:f9:03:64:14:07:af:83:b2:c4:f1:14:14:55:91:0e:ab:
         69:b6:f6:83:5b:50:2d:b4:6c:c4:e5:00:88:d5:65:11:a0:36:
         8a:47:01:4a:78:dd:48:4e:12:41:eb:a1:5b:17:15:ae:89:78:
         27:a5:e0:ea:eb:bd:d0:c4:97:bf:5d:e1:8b:1a:f1:4b:e8:7c:
         fa:b1:59:8c:93:f8:fc:39:a7:80:69:91:46:ec:67:26:f6:04:
         3d:a3:53:bf:98:e7:6e:e9:d9:de:a8:c8:41:1a:13:19:6c:d7:
         21:91:18:39:45:42:55:f3:a4:b4:39:a9:b5:08:c9:94:43:53:
         d2:70:a7:d8:59:69:0b:a5:91:b6:44:ba:4b:18:b0:bb:1b:08:
         1c:45:44:ca:f4:9d:8d:6f:a4:fd:3c:aa:08:0b:c5:77:12:df:
         3c:6b:df:e5:26:c7:cb:25:d3:25:b9:5b:ad:8a:9a:8f:0e:46:
         35:d9:21:a0:7b:90:f8:c9:56:b8:6d:5d:ef:50:f2:ce:a0:a5:
         f4:fd:91:6c:c4:b2:b2:36:02:5a:b1:aa:ec:17:2f:7c:fd:11:
         16:8e:d2:df
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUH8t9KDR2wNI0OxIvVjrTZs0XRMYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2ZTNmNWM0NmU5YzJm
MmQxZDMwOWRmYmQ5ZDJhZjUwHhcNMjMwOTIzMDAwMDAwWhcNMjMxMDI4MjM1OTU5
WjB6MUkwRwYDVQQFE0BkNzk3ZTcxNTg4YjJlNWE3NDBmZGM2MzBlOGIwZThiYTAw
ZDVmYWM0MTI0NDEyZGUwMmMxMTgzNzFjNGM2YzAyMS0wKwYDVQQDEyQ0MjUxOWVi
OS05NTc5LTQ5NzktYmRhZi0xNjRhYmQwZTI5MGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCtvZVu1pwHyaJwqdsrqGWSMLyrZgNNkegtj+7OxYXmNt2D
uJeVMBTJ4/0WW2nIPhcy349QTy8OA8fIDH6SHYru2ymsjO6LHapClgOz+OfxEiJQ
gDl1YIQNn42YDzqkZ+bcjSrR8Uy0XpSd06SonYeZMEu1Ll1FTyKEIDAq1uR1Fv0W
b31qYxhdc2zBN9ezX3s0buJs7WclKJMoC0RgyLp4th2yn5eG9UVr4ZJjpTLixlup
fQaK/V0GuiN7kH8k2vxHjzs2FlI/MfI35HTls6BNC27IGettp6znNgNWANJ+/BpT
283tGF+OwryXy5WFDnyXqeMtsTZd5+k6BBxPmfZjAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUGkD3VPhyyY9p2oVhqHjtbddF68EwHwYDVR0jBBgwFoAUvJOucQ+vFCI2
CC+O2WtWy6nVAo0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xMDU5YjUyZC04
NDZhLTRjYmUtYTdkYi03OTZmMWRkOGI5MjkvZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2
ZTNmNWM0NmU5YzJmMmQxZDMwOWRmYmQ5ZDJhZjUuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvYjhhMWRkMjUtYzMxMy00ZjI1LWFjMjEtYmY1
NTUxNGQ5YzdkL2RkMWZlOTU2LWFhZWQtNDExZC05MDkzLTg4NDQ5YjZlNDU0ZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I4YTFkZDI1LWMzMTMtNGYyNS1hYzIx
LWJmNTU1MTRkOWM3ZC9heHNPcmkxdVAxeEc2Y0x5MGRNSjM3MmRLdlUuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAUX++AwDQYJKoZIhvcNAQELBQADggEBAIeZTHbI2lWk8vnsWkObN0Oo2zrC
Y8++J5Z1yqN+lTha2a1OsWDh+QNkFAevg7LE8RQUVZEOq2m29oNbUC20bMTlAIjV
ZRGgNopHAUp43UhOEkHroVsXFa6JeCel4OrrvdDEl79d4Ysa8UvofPqxWYyT+Pw5
p4BpkUbsZyb2BD2jU7+Y527p2d6oyEEaExls1yGRGDlFQlXzpLQ5qbUIyZRDU9Jw
p9hZaQulkbZEuksYsLsbCBxFRMr0nY1vpP08qggLxXcS3zxr3+Umx8sl0yW5W62K
mo8ORjXZIaB7kPjJVrhtXe9Q8s6gpfT9kWzEsrI2AlqxquwXL3z9ERaO0t8=
-----END CERTIFICATE-----
Generated at Sat Sep 23 00:38:48 2023 by rpki-client on console-ams.rpki-client.org