Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/f99236be-03a7-4f91-be31-5366989c9d7b.roa
File:                     f99236be-03a7-4f91-be31-5366989c9d7b.roa (raw, json)
Hash identifier:          j7M/94cxPXTJCdsaQSilp342RNQ9sEA81IBRyNK0/rs=
Subject key identifier:   3A:6B:A8:6D:45:DB:2A:05:1C:50:D6:03:BC:AC:B1:06:73:2B:E2:25
Certificate issuer:       /CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
Certificate serial:       0FFC9883788DAE1A6C2788FC556B647241C152B2
Authority key identifier: BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/f99236be-03a7-4f91-be31-5366989c9d7b.roa
Signing time:             Sat 23 Sep 2023 00:00:00 +0000
ROA not before:           Sat 23 Sep 2023 00:00:00 +0000
ROA not after:            Sat 28 Oct 2023 23:59:59 +0000
asID:                     16509
IP address blocks:        199.255.192.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 24 Sep 2023 12:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0f:fc:98:83:78:8d:ae:1a:6c:27:88:fc:55:6b:64:72:41:c1:52:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5
        Validity
            Not Before: Sep 23 00:00:00 2023 GMT
            Not After : Oct 28 23:59:59 2023 GMT
        Subject: serialNumber=fa04f2c24e90786ea3deb93f91862748d8e4d86982ab2906079fe74d3474f01b, CN=42519eb9-9579-4979-bdaf-164abd0e290e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:d6:91:e2:ea:d6:36:dc:51:9e:2c:f0:bc:cf:
                    73:26:62:e2:d6:5f:3b:a8:2e:75:6b:2d:13:9c:df:
                    b2:76:a6:1a:a4:6e:67:5b:78:b5:03:e7:4a:ae:49:
                    0d:0a:e4:93:2d:fd:ae:a6:19:d0:fd:34:ff:5e:85:
                    e5:af:0e:89:fd:6a:2b:e7:dd:65:c3:f1:d2:5b:49:
                    79:f9:b8:b3:2f:38:31:54:00:96:ea:c0:82:27:0f:
                    a7:50:66:72:fe:80:1e:67:35:91:ea:a7:a4:e7:71:
                    f8:27:db:df:c1:3a:dd:e4:15:a4:bb:53:6c:2e:d4:
                    40:e6:1d:d7:3c:72:96:4b:55:b3:16:bf:28:52:a9:
                    47:df:18:49:4a:ff:08:0e:0e:24:b7:dc:a8:db:11:
                    32:0c:89:e3:ab:10:d5:37:59:df:d2:9f:f0:d6:ab:
                    b8:18:f9:e8:29:6a:11:ff:20:bd:e8:0f:ce:9e:6d:
                    9e:3d:aa:85:9f:f3:1f:67:08:84:d7:4f:fe:89:e8:
                    36:23:f7:c8:a7:7e:fa:b6:32:38:dd:cd:23:3e:f8:
                    7d:3d:3d:db:80:51:8b:3b:df:f6:cf:97:30:89:9b:
                    fd:b1:b5:12:64:20:71:c1:4f:05:52:fe:d1:bb:d2:
                    6b:d2:81:1f:5b:ed:4e:db:25:70:29:2e:96:b0:c3:
                    d6:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:6B:A8:6D:45:DB:2A:05:1C:50:D6:03:BC:AC:B1:06:73:2B:E2:25
            X509v3 Authority Key Identifier:
                keyid:BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/f99236be-03a7-4f91-be31-5366989c9d7b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.255.192.0/22

    Signature Algorithm: sha256WithRSAEncryption
         52:cc:58:91:92:47:ba:a8:d8:b5:44:d4:26:9a:43:81:c0:91:
         3f:6f:43:6a:84:9e:e1:12:db:4e:96:14:60:27:4d:60:57:57:
         62:b3:d2:89:b5:09:7f:0f:e6:56:e5:ae:cb:9f:df:1d:7e:e5:
         24:77:51:eb:24:13:7d:48:95:fc:56:21:f3:72:df:bf:dc:09:
         01:d4:bc:0c:d7:bf:8b:5d:6b:bb:5d:ed:79:9e:5f:34:52:21:
         62:86:0d:89:bf:bc:c5:9f:9c:35:1f:e2:c0:1b:cd:c4:66:d7:
         3b:5b:0f:09:f7:93:64:b1:a9:6c:c9:e4:db:dd:b4:58:a0:9c:
         74:e7:0f:5e:42:96:40:84:46:55:9c:c9:4d:2a:a7:0f:2e:52:
         5e:f8:c5:6e:a7:9d:98:a6:bf:1e:2e:9f:9c:f6:fb:b7:ef:ad:
         c9:2f:c7:3f:65:7a:f8:f3:79:32:64:5b:ea:9b:70:b5:28:c8:
         c3:5c:59:15:45:6d:db:ce:7e:e3:67:07:78:2e:13:62:0d:92:
         2c:68:9e:5e:d0:e6:a4:57:60:17:0f:30:16:3b:b8:7e:91:20:
         45:dc:53:b7:c8:ab:98:a7:7d:fd:6c:5c:75:3b:6e:e2:42:c9:
         e7:87:83:d0:5e:66:46:f4:01:a6:5a:88:7c:0a:3f:46:e0:69:
         c7:3d:55:2c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUD/yYg3iNrhpsJ4j8VWtkckHBUrIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2ZTNmNWM0NmU5YzJm
MmQxZDMwOWRmYmQ5ZDJhZjUwHhcNMjMwOTIzMDAwMDAwWhcNMjMxMDI4MjM1OTU5
WjB6MUkwRwYDVQQFE0BmYTA0ZjJjMjRlOTA3ODZlYTNkZWI5M2Y5MTg2Mjc0OGQ4
ZTRkODY5ODJhYjI5MDYwNzlmZTc0ZDM0NzRmMDFiMS0wKwYDVQQDEyQ0MjUxOWVi
OS05NTc5LTQ5NzktYmRhZi0xNjRhYmQwZTI5MGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCg1pHi6tY23FGeLPC8z3MmYuLWXzuoLnVrLROc37J2phqk
bmdbeLUD50quSQ0K5JMt/a6mGdD9NP9eheWvDon9aivn3WXD8dJbSXn5uLMvODFU
AJbqwIInD6dQZnL+gB5nNZHqp6Tncfgn29/BOt3kFaS7U2wu1EDmHdc8cpZLVbMW
vyhSqUffGElK/wgODiS33KjbETIMieOrENU3Wd/Sn/DWq7gY+egpahH/IL3oD86e
bZ49qoWf8x9nCITXT/6J6DYj98infvq2MjjdzSM++H09PduAUYs73/bPlzCJm/2x
tRJkIHHBTwVS/tG70mvSgR9b7U7bJXApLpaww9ZVAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUOmuobUXbKgUcUNYDvKyxBnMr4iUwHwYDVR0jBBgwFoAUvJOucQ+vFCI2
CC+O2WtWy6nVAo0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xMDU5YjUyZC04
NDZhLTRjYmUtYTdkYi03OTZmMWRkOGI5MjkvZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2
ZTNmNWM0NmU5YzJmMmQxZDMwOWRmYmQ5ZDJhZjUuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvYjhhMWRkMjUtYzMxMy00ZjI1LWFjMjEtYmY1
NTUxNGQ5YzdkL2Y5OTIzNmJlLTAzYTctNGY5MS1iZTMxLTUzNjY5ODljOWQ3Yi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I4YTFkZDI1LWMzMTMtNGYyNS1hYzIx
LWJmNTU1MTRkOWM3ZC9heHNPcmkxdVAxeEc2Y0x5MGRNSjM3MmRLdlUuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBALH/8AwDQYJKoZIhvcNAQELBQADggEBAFLMWJGSR7qo2LVE1CaaQ4HAkT9v
Q2qEnuES206WFGAnTWBXV2Kz0om1CX8P5lblrsuf3x1+5SR3UeskE31IlfxWIfNy
37/cCQHUvAzXv4tda7td7XmeXzRSIWKGDYm/vMWfnDUf4sAbzcRm1ztbDwn3k2Sx
qWzJ5NvdtFignHTnD15ClkCERlWcyU0qpw8uUl74xW6nnZimvx4un5z2+7fvrckv
xz9levjzeTJkW+qbcLUoyMNcWRVFbdvOfuNnB3guE2INkixonl7Q5qRXYBcPMBY7
uH6RIEXcU7fIq5inff1sXHU7buJCyeeHg9BeZkb0AaZaiHwKP0bgacc9VSw=
-----END CERTIFICATE-----
Generated at Sat Sep 23 00:38:48 2023 by rpki-client on console-ams.rpki-client.org