Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/67eddc17-30ea-48fe-880d-7b5a8b03a030.roa
File:                     67eddc17-30ea-48fe-880d-7b5a8b03a030.roa (raw, json)
Hash identifier:          0IQHMnOCW/OfkhYMgEz6zzQpt3AgQmDk1BxXDJzueIA=
Subject key identifier:   DE:2D:30:11:62:77:CF:84:35:FD:B8:98:62:79:D1:CF:61:DF:91:42
Certificate issuer:       /CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
Certificate serial:       1E587F33FE41E5EA12E755EF13EF5692D7CEFB46
Authority key identifier: E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/67eddc17-30ea-48fe-880d-7b5a8b03a030.roa
Signing time:             Sat 09 Sep 2023 00:00:00 +0000
ROA not before:           Sat 09 Sep 2023 00:00:00 +0000
ROA not after:            Sat 14 Oct 2023 23:59:59 +0000
asID:                     16509
IP address blocks:        204.246.173.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 10 Sep 2023 12:03:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1e:58:7f:33:fe:41:e5:ea:12:e7:55:ef:13:ef:56:92:d7:ce:fb:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
        Validity
            Not Before: Sep  9 00:00:00 2023 GMT
            Not After : Oct 14 23:59:59 2023 GMT
        Subject: serialNumber=60f9b8c87ef2e59c0077b36843fb0e725b16f79ed9b5bf3a8b22c0303df40b08, CN=9f230fa9-aa2f-4020-ae2a-1a60374084b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:f7:48:92:01:bf:a5:f7:3b:ee:31:89:b1:84:
                    11:83:c0:bc:5d:33:24:45:32:75:a5:00:dc:c2:e9:
                    e0:65:d0:d1:68:cc:ca:2c:5b:2c:69:2b:b2:1a:27:
                    02:9f:f1:85:50:d6:93:7b:2b:f4:ed:7c:fe:c4:ac:
                    cb:20:36:54:56:08:08:88:60:96:6b:6c:aa:d8:8c:
                    ec:86:49:6e:f4:04:8c:be:c4:43:57:a1:0e:88:4e:
                    54:09:3d:dd:81:2d:6c:3e:99:97:d7:f7:f6:7c:3c:
                    0d:28:6c:17:4a:b6:8a:31:05:a9:05:e8:ab:ae:8e:
                    92:4e:2e:bc:fd:d7:ab:c7:92:c3:72:65:e8:ab:c9:
                    4b:b8:ea:77:1d:03:5c:95:30:59:6c:c7:88:1f:aa:
                    1e:9c:22:c3:73:50:b4:04:f2:ae:68:0c:94:01:c7:
                    f5:30:ce:8e:86:ca:10:d3:36:c2:8a:40:4c:61:a2:
                    62:54:0d:ed:0e:df:f6:87:10:03:4e:8d:7e:79:c0:
                    aa:08:bb:8c:bf:92:a4:99:ed:78:0a:11:85:4c:f5:
                    b3:7c:20:80:21:d9:22:5d:27:76:c1:3a:f4:d4:ae:
                    77:cc:27:d7:43:9e:cf:c4:4c:00:75:38:9f:ec:8b:
                    db:84:5a:43:41:9b:b9:b6:15:4e:80:1b:d0:03:ff:
                    ef:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:2D:30:11:62:77:CF:84:35:FD:B8:98:62:79:D1:CF:61:DF:91:42
            X509v3 Authority Key Identifier:
                keyid:E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/67eddc17-30ea-48fe-880d-7b5a8b03a030.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  204.246.173.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1b:93:f6:59:16:ad:ea:7a:b3:e2:f3:02:7c:8d:ab:82:d0:2f:
         13:f3:27:9e:ad:cb:35:f9:71:12:30:7f:db:35:ee:41:16:28:
         45:0b:7f:19:e0:11:69:74:40:37:7e:bc:bd:9a:ae:20:35:15:
         e9:34:de:a5:98:75:e2:6a:c5:0b:59:6c:b3:15:07:b4:9d:bd:
         d0:50:67:fe:b7:a9:0a:e8:93:80:c5:1c:fa:39:97:47:43:45:
         3a:c7:7e:7e:7e:20:99:a8:30:88:cc:01:a1:f2:93:4d:05:5d:
         52:5b:31:29:1f:24:6c:51:9e:a5:b0:54:f4:3e:a2:20:7d:76:
         66:3f:15:0b:67:f7:15:72:d8:fe:bc:25:f3:6a:60:90:cd:8d:
         3b:0c:36:98:4b:7a:82:91:1e:3b:6a:95:ce:9a:cd:55:ac:00:
         8e:8a:f4:81:06:24:ab:08:90:87:b3:02:3f:f7:58:ff:03:7d:
         36:dd:a8:66:a9:6d:2a:ff:b1:dc:4c:ae:35:c1:37:74:4f:cb:
         5a:34:f8:b2:2d:87:b0:0a:9f:b3:bd:f7:e8:9d:30:63:04:ea:
         dd:9b:d6:03:a2:50:3f:6c:8f:4b:ec:b5:9f:d7:a9:56:1e:21:
         7e:1c:78:3d:5e:60:7a:ff:e7:38:b2:49:4d:28:28:8a:88:44:
         a6:18:17:af
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUHlh/M/5B5eoS51XvE+9WktfO+0YwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNTUxMjA5MDI3ZjVlN2FkNTRlMDRmMDQyZTRhYzBlOWU2
NWM1NmU1NWM3NzQ3OGQyY2UwHhcNMjMwOTA5MDAwMDAwWhcNMjMxMDE0MjM1OTU5
WjB6MUkwRwYDVQQFE0A2MGY5YjhjODdlZjJlNTljMDA3N2IzNjg0M2ZiMGU3MjVi
MTZmNzllZDliNWJmM2E4YjIyYzAzMDNkZjQwYjA4MS0wKwYDVQQDEyQ5ZjIzMGZh
OS1hYTJmLTQwMjAtYWUyYS0xYTYwMzc0MDg0YjgwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCt90iSAb+l9zvuMYmxhBGDwLxdMyRFMnWlANzC6eBl0NFo
zMosWyxpK7IaJwKf8YVQ1pN7K/TtfP7ErMsgNlRWCAiIYJZrbKrYjOyGSW70BIy+
xENXoQ6ITlQJPd2BLWw+mZfX9/Z8PA0obBdKtooxBakF6KuujpJOLrz916vHksNy
ZeiryUu46ncdA1yVMFlsx4gfqh6cIsNzULQE8q5oDJQBx/Uwzo6GyhDTNsKKQExh
omJUDe0O3/aHEANOjX55wKoIu4y/kqSZ7XgKEYVM9bN8IIAh2SJdJ3bBOvTUrnfM
J9dDns/ETAB1OJ/si9uEWkNBm7m2FU6AG9AD/+9TAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU3i0wEWJ3z4Q1/biYYnnRz2HfkUIwHwYDVR0jBBgwFoAU6PPFIOIO8l06
t6IWuxQEMWo3OPEwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS85OWY4ZmVkMi0y
OTJiLTQ3MjItYjkyOC1mZWU3YmYwYTU5MTAvNTUxMjA5MDI3ZjVlN2FkNTRlMDRm
MDQyZTRhYzBlOWU2NWM1NmU1NWM3NzQ3OGQyY2UuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTc1MThhZjUtYTM0My00MjhkLWJmNzgtZjk4
MmI2ZTYwNTA1LzY3ZWRkYzE3LTMwZWEtNDhmZS04ODBkLTdiNWE4YjAzYTAzMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3NTE4YWY1LWEzNDMtNDI4ZC1iZjc4
LWY5ODJiNmU2MDUwNS9YbnJWVGdUd1F1U3NEcDVseFc1VngzUjQwczQuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADM9q0wDQYJKoZIhvcNAQELBQADggEBABuT9lkWrep6s+LzAnyNq4LQLxPz
J56tyzX5cRIwf9s17kEWKEULfxngEWl0QDd+vL2ariA1Fek03qWYdeJqxQtZbLMV
B7SdvdBQZ/63qQrok4DFHPo5l0dDRTrHfn5+IJmoMIjMAaHyk00FXVJbMSkfJGxR
nqWwVPQ+oiB9dmY/FQtn9xVy2P68JfNqYJDNjTsMNphLeoKRHjtqlc6azVWsAI6K
9IEGJKsIkIezAj/3WP8DfTbdqGapbSr/sdxMrjXBN3RPy1o0+LIth7AKn7O99+id
MGME6t2b1gOiUD9sj0vstZ/XqVYeIX4ceD1eYHr/5ziySU0oKIqIRKYYF68=
-----END CERTIFICATE-----
Generated at Sat Sep 9 00:26:30 2023 by rpki-client on console-fra.rpki-client.org