Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/f99236be-03a7-4f91-be31-5366989c9d7b.roa
File:                     f99236be-03a7-4f91-be31-5366989c9d7b.roa (raw, json)
Hash identifier:          rJ3M+qYul70p3EHHSc8vPbqt1PRtAPjortzTpFy8cOY=
Subject key identifier:   DF:93:C6:92:0F:92:91:36:26:AF:5F:A5:4A:B1:24:79:BA:7E:26:50
Certificate issuer:       /CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
Certificate serial:       27A978B560ADBCD15D9C629830C57754AC99240B
Authority key identifier: BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/f99236be-03a7-4f91-be31-5366989c9d7b.roa
Signing time:             Mon 18 Mar 2024 00:00:00 +0000
ROA not before:           Mon 18 Mar 2024 00:00:00 +0000
ROA not after:            Mon 22 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        199.255.192.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 30 Mar 2024 12:04:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            27:a9:78:b5:60:ad:bc:d1:5d:9c:62:98:30:c5:77:54:ac:99:24:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
        Validity
            Not Before: Mar 18 00:00:00 2024 GMT
            Not After : Apr 22 23:59:59 2024 GMT
        Subject: serialNumber=58a47adc9b8817be604bbae4ecc13fdda8631e757fde1d9e8d2284924e7b1cc2, CN=42519eb9-9579-4979-bdaf-164abd0e290e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:cd:f5:fe:c8:c4:0c:47:c2:6f:6c:61:4f:77:
                    72:f3:30:6e:4b:08:98:68:8a:0b:16:e9:bc:b5:42:
                    9b:0b:be:03:92:41:aa:07:83:28:5e:8a:1d:b8:de:
                    b1:42:a9:17:12:b3:44:c4:71:0d:c2:76:eb:6e:61:
                    4a:bd:4d:2d:0e:5d:b5:2a:c6:9d:16:cd:5e:f4:ed:
                    49:94:9e:2e:b2:19:fa:f0:f7:47:15:aa:82:89:92:
                    d7:80:c8:4c:41:dc:1e:8c:dd:de:31:0c:59:ba:ac:
                    aa:54:b3:e1:0d:2d:05:ee:76:1a:92:e5:d6:07:28:
                    3e:b8:fa:f6:16:27:34:7a:34:d9:87:f0:83:6f:cd:
                    13:39:d0:83:56:68:67:fc:c9:e6:4b:8d:47:bf:30:
                    ef:45:54:99:82:39:0e:8a:8a:a3:54:ac:4c:ee:c4:
                    c8:fe:f9:b6:31:32:3f:54:59:c8:38:35:9b:2b:86:
                    2b:3d:13:d2:c2:93:1c:c4:1c:78:9b:f9:90:ad:11:
                    1a:de:cc:fb:ac:99:a8:30:c2:f0:07:e3:98:16:d4:
                    33:87:fc:0c:81:0b:3c:0d:bb:64:66:2c:53:59:04:
                    2e:f2:55:9a:4c:bc:f8:e1:26:63:c8:eb:33:9f:de:
                    e1:44:8d:bc:39:f6:58:5a:86:7a:4b:5d:49:63:0a:
                    65:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:93:C6:92:0F:92:91:36:26:AF:5F:A5:4A:B1:24:79:BA:7E:26:50
            X509v3 Authority Key Identifier:
                keyid:BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/f99236be-03a7-4f91-be31-5366989c9d7b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.255.192.0/22

    Signature Algorithm: sha256WithRSAEncryption
         5a:86:b0:a2:de:3b:8d:e1:ed:7f:7a:a9:8d:66:ab:ae:35:9d:
         ca:00:42:6c:4b:69:cd:15:4a:f5:08:fb:37:b7:e2:94:12:c1:
         52:29:28:8e:b7:ec:33:6c:d5:dc:30:24:18:77:88:26:38:39:
         65:df:71:4b:17:e9:1a:d4:ac:cc:c5:c9:f1:57:69:3d:b8:26:
         75:bd:59:d5:ba:d7:57:dd:a3:2c:21:ac:a9:a2:a6:93:b9:9e:
         a3:9f:e6:ad:7b:3f:a3:82:bb:f7:e3:06:97:9a:82:6c:65:04:
         37:10:24:c1:9d:52:ba:6f:41:6c:10:77:0f:f8:d5:4f:41:d2:
         b5:49:81:56:30:84:53:6b:91:a5:05:d7:47:d2:08:e3:a9:07:
         e8:37:6e:0e:b0:2c:6b:34:98:25:07:db:95:d4:dc:fb:74:06:
         de:11:97:1a:d2:91:9c:69:2b:09:8b:5d:e9:bf:29:1c:7e:9b:
         10:91:3e:a4:58:1f:7e:81:63:cc:dc:1c:01:ed:4a:9a:e3:65:
         13:f6:d7:95:72:d2:b7:79:20:59:25:a5:81:29:7b:b7:24:3b:
         dc:c0:86:ec:40:66:c4:98:51:2c:44:9f:9a:01:30:1f:1b:73:
         ff:d8:cf:8d:a9:a7:07:eb:7b:ec:b0:6f:92:c4:bd:14:b5:e1:
         98:bf:c0:25
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUJ6l4tWCtvNFdnGKYMMV3VKyZJAswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2ZTNmNWM0NmU5YzJm
MmQxZDMwOWRmYmQ5ZDJhZjUwHhcNMjQwMzE4MDAwMDAwWhcNMjQwNDIyMjM1OTU5
WjB6MUkwRwYDVQQFE0A1OGE0N2FkYzliODgxN2JlNjA0YmJhZTRlY2MxM2ZkZGE4
NjMxZTc1N2ZkZTFkOWU4ZDIyODQ5MjRlN2IxY2MyMS0wKwYDVQQDEyQ0MjUxOWVi
OS05NTc5LTQ5NzktYmRhZi0xNjRhYmQwZTI5MGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDHzfX+yMQMR8JvbGFPd3LzMG5LCJhoigsW6by1QpsLvgOS
QaoHgyheih243rFCqRcSs0TEcQ3CdutuYUq9TS0OXbUqxp0WzV707UmUni6yGfrw
90cVqoKJkteAyExB3B6M3d4xDFm6rKpUs+ENLQXudhqS5dYHKD64+vYWJzR6NNmH
8INvzRM50INWaGf8yeZLjUe/MO9FVJmCOQ6KiqNUrEzuxMj++bYxMj9UWcg4NZsr
his9E9LCkxzEHHib+ZCtERrezPusmagwwvAH45gW1DOH/AyBCzwNu2RmLFNZBC7y
VZpMvPjhJmPI6zOf3uFEjbw59lhahnpLXUljCmVTAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU35PGkg+SkTYmr1+lSrEkebp+JlAwHwYDVR0jBBgwFoAUvJOucQ+vFCI2
CC+O2WtWy6nVAo0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xMDU5YjUyZC04
NDZhLTRjYmUtYTdkYi03OTZmMWRkOGI5MjkvZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2
ZTNmNWM0NmU5YzJmMmQxZDMwOWRmYmQ5ZDJhZjUuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvYjhhMWRkMjUtYzMxMy00ZjI1LWFjMjEtYmY1
NTUxNGQ5YzdkL2Y5OTIzNmJlLTAzYTctNGY5MS1iZTMxLTUzNjY5ODljOWQ3Yi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I4YTFkZDI1LWMzMTMtNGYyNS1hYzIx
LWJmNTU1MTRkOWM3ZC9heHNPcmkxdVAxeEc2Y0x5MGRNSjM3MmRLdlUuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBALH/8AwDQYJKoZIhvcNAQELBQADggEBAFqGsKLeO43h7X96qY1mq641ncoA
QmxLac0VSvUI+ze34pQSwVIpKI637DNs1dwwJBh3iCY4OWXfcUsX6RrUrMzFyfFX
aT24JnW9WdW611fdoywhrKmippO5nqOf5q17P6OCu/fjBpeagmxlBDcQJMGdUrpv
QWwQdw/41U9B0rVJgVYwhFNrkaUF10fSCOOpB+g3bg6wLGs0mCUH25XU3Pt0Bt4R
lxrSkZxpKwmLXem/KRx+mxCRPqRYH36BY8zcHAHtSprjZRP215Vy0rd5IFklpYEp
e7ckO9zAhuxAZsSYUSxEn5oBMB8bc//Yz42ppwfre+ywb5LEvRS14Zi/wCU=
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:18:29 2024 by rpki-client on console-ams.rpki-client.org