Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/df197ecf-bb9a-42ae-a19a-a4168fe6a3a2.roa
File:                     df197ecf-bb9a-42ae-a19a-a4168fe6a3a2.roa (raw, json)
Hash identifier:          vAtyYT31s31No42ydnvndVNdlCVCr0+HI+/peAXbtU8=
Subject key identifier:   4E:D1:7F:A0:5A:CD:C5:63:51:10:1F:F5:F9:6F:92:B7:79:17:D5:AE
Certificate issuer:       /CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
Certificate serial:       75BFCDBF480B3F38692853445931334614E3C3BD
Authority key identifier: BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/df197ecf-bb9a-42ae-a19a-a4168fe6a3a2.roa
Signing time:             Sat 09 Sep 2023 00:00:00 +0000
ROA not before:           Sat 09 Sep 2023 00:00:00 +0000
ROA not after:            Sat 14 Oct 2023 23:59:59 +0000
asID:                     16509
IP address blocks:        23.251.232.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 10 Sep 2023 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            75:bf:cd:bf:48:0b:3f:38:69:28:53:44:59:31:33:46:14:e3:c3:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
        Validity
            Not Before: Sep  9 00:00:00 2023 GMT
            Not After : Oct 14 23:59:59 2023 GMT
        Subject: serialNumber=5276452226a19b9fec4e01df1f127e9f60296912d4e374f964443bfa2c1a5ca6, CN=42519eb9-9579-4979-bdaf-164abd0e290e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:6f:ff:70:80:13:f3:e8:f1:fe:21:b1:26:e5:
                    f9:c8:dd:32:7b:b8:ce:48:57:7a:63:bd:0f:c0:76:
                    bd:d6:8e:0f:8d:4c:17:04:03:1e:1c:90:12:23:31:
                    65:c7:cf:a7:27:37:9b:11:29:d3:28:46:72:1f:73:
                    bf:bf:66:16:51:a5:28:12:0d:b2:b5:3d:80:05:5e:
                    f2:58:87:f5:bc:64:cb:6b:b4:d5:b1:a9:10:cf:35:
                    b0:a8:1a:fd:bb:df:7d:6c:2a:9b:9d:1a:4c:1c:96:
                    c7:0a:ab:38:5a:8e:6f:31:1d:80:0a:ec:74:b1:f1:
                    dd:50:8e:84:0f:4a:eb:b4:e4:1d:c1:5f:c6:d6:a4:
                    da:8a:f4:65:8e:9a:c2:0b:ea:80:65:1c:0c:f0:13:
                    34:9c:51:4b:01:3b:42:66:9a:79:22:dd:cf:06:06:
                    0f:ed:37:16:6c:50:1b:4d:87:ca:de:36:10:c7:89:
                    b5:a4:c0:fa:de:3c:5f:54:92:29:54:ef:90:9c:14:
                    30:2d:5a:96:a6:1c:d3:12:8a:b9:45:66:af:d4:97:
                    79:69:00:1e:44:16:09:39:e4:03:a7:81:29:5e:1b:
                    46:4e:5e:22:1d:a6:34:06:a9:2b:7e:0b:be:9f:6c:
                    d7:0e:af:f2:8c:4d:7b:c3:c3:a6:ed:73:fe:fb:76:
                    7f:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:D1:7F:A0:5A:CD:C5:63:51:10:1F:F5:F9:6F:92:B7:79:17:D5:AE
            X509v3 Authority Key Identifier:
                keyid:BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/df197ecf-bb9a-42ae-a19a-a4168fe6a3a2.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  23.251.232.0/24

    Signature Algorithm: sha256WithRSAEncryption
         48:a7:83:31:33:ae:31:b8:cc:75:9f:38:3e:6f:83:a9:84:93:
         5e:96:b7:f3:14:95:11:89:46:6c:aa:02:a0:84:f6:ab:e1:dc:
         45:80:6c:37:7d:9d:ee:e5:cc:0d:77:f7:29:ac:79:13:78:34:
         70:f2:87:c7:d8:d7:78:6c:17:d2:36:e9:cd:37:7d:ad:0f:92:
         d8:36:2f:ab:86:42:e9:79:86:02:1f:9f:4f:31:9b:ac:95:28:
         23:fe:61:cc:59:10:bb:7f:e6:65:25:89:d7:1f:92:a5:03:21:
         79:1c:bb:16:b6:98:e6:93:48:1c:06:a6:a9:32:fc:bb:f4:d0:
         6f:08:ba:18:86:ba:33:25:c9:68:fe:b7:83:ab:f0:a2:12:69:
         d0:19:08:05:53:95:d0:31:a5:0e:52:f2:67:c6:6c:71:6e:d5:
         fd:73:72:71:a9:cc:40:b1:1c:95:59:b4:0a:0a:6a:9f:27:2e:
         be:69:9f:c2:1d:50:ce:32:d7:74:76:27:08:3b:26:ca:0e:32:
         35:64:f7:3b:ee:6e:c4:dc:75:db:72:66:49:3e:63:ee:45:d8:
         08:ef:5d:e4:9b:a6:99:6c:ec:96:a6:73:4d:40:e2:33:94:d2:
         d9:b6:dd:0f:b7:2d:40:ef:d1:da:2b:35:80:59:84:58:68:e4:
         0b:41:15:3b
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUdb/Nv0gLPzhpKFNEWTEzRhTjw70wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2ZTNmNWM0NmU5YzJm
MmQxZDMwOWRmYmQ5ZDJhZjUwHhcNMjMwOTA5MDAwMDAwWhcNMjMxMDE0MjM1OTU5
WjB6MUkwRwYDVQQFE0A1Mjc2NDUyMjI2YTE5YjlmZWM0ZTAxZGYxZjEyN2U5ZjYw
Mjk2OTEyZDRlMzc0Zjk2NDQ0M2JmYTJjMWE1Y2E2MS0wKwYDVQQDEyQ0MjUxOWVi
OS05NTc5LTQ5NzktYmRhZi0xNjRhYmQwZTI5MGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCqb/9wgBPz6PH+IbEm5fnI3TJ7uM5IV3pjvQ/Adr3Wjg+N
TBcEAx4ckBIjMWXHz6cnN5sRKdMoRnIfc7+/ZhZRpSgSDbK1PYAFXvJYh/W8ZMtr
tNWxqRDPNbCoGv27331sKpudGkwclscKqzhajm8xHYAK7HSx8d1QjoQPSuu05B3B
X8bWpNqK9GWOmsIL6oBlHAzwEzScUUsBO0Jmmnki3c8GBg/tNxZsUBtNh8reNhDH
ibWkwPrePF9UkilU75CcFDAtWpamHNMSirlFZq/Ul3lpAB5EFgk55AOngSleG0ZO
XiIdpjQGqSt+C76fbNcOr/KMTXvDw6btc/77dn+LAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUTtF/oFrNxWNREB/1+W+St3kX1a4wHwYDVR0jBBgwFoAUvJOucQ+vFCI2
CC+O2WtWy6nVAo0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xMDU5YjUyZC04
NDZhLTRjYmUtYTdkYi03OTZmMWRkOGI5MjkvZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2
ZTNmNWM0NmU5YzJmMmQxZDMwOWRmYmQ5ZDJhZjUuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvYjhhMWRkMjUtYzMxMy00ZjI1LWFjMjEtYmY1
NTUxNGQ5YzdkL2RmMTk3ZWNmLWJiOWEtNDJhZS1hMTlhLWE0MTY4ZmU2YTNhMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I4YTFkZDI1LWMzMTMtNGYyNS1hYzIx
LWJmNTU1MTRkOWM3ZC9heHNPcmkxdVAxeEc2Y0x5MGRNSjM3MmRLdlUuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAX++gwDQYJKoZIhvcNAQELBQADggEBAEingzEzrjG4zHWfOD5vg6mEk16W
t/MUlRGJRmyqAqCE9qvh3EWAbDd9ne7lzA139ymseRN4NHDyh8fY13hsF9I26c03
fa0Pktg2L6uGQul5hgIfn08xm6yVKCP+YcxZELt/5mUlidcfkqUDIXkcuxa2mOaT
SBwGpqky/Lv00G8IuhiGujMlyWj+t4Or8KISadAZCAVTldAxpQ5S8mfGbHFu1f1z
cnGpzECxHJVZtAoKap8nLr5pn8IdUM4y13R2Jwg7JsoOMjVk9zvubsTcddtyZkk+
Y+5F2AjvXeSbppls7Jamc01A4jOU0tm23Q+3LUDv0dorNYBZhFho5AtBFTs=
-----END CERTIFICATE-----
Generated at Sat Sep 9 00:20:01 2023 by rpki-client on console-ams.rpki-client.org