Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/025bca09-86b7-48bd-a586-a44ce744234f.roa
File:                     025bca09-86b7-48bd-a586-a44ce744234f.roa (raw, json)
Hash identifier:          vzQATQCDpBaqVKlSf22O/AN+0E6JG1ZFm3rFkEyGgcY=
Subject key identifier:   E0:FB:DB:18:AF:B4:4D:D7:25:8B:22:21:C6:33:7A:FC:5D:F0:74:AC
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       69930F0770EEF9523B1C7B7A8492D2CDA6079653
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/025bca09-86b7-48bd-a586-a44ce744234f.roa
Signing time:             Tue 12 Sep 2023 00:00:00 +0000
ROA not before:           Tue 12 Sep 2023 00:00:00 +0000
ROA not after:            Tue 17 Oct 2023 23:59:59 +0000
asID:                     16509
IP address blocks:        15.220.168.0/21 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 13 Sep 2023 12:13:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            69:93:0f:07:70:ee:f9:52:3b:1c:7b:7a:84:92:d2:cd:a6:07:96:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Sep 12 00:00:00 2023 GMT
            Not After : Oct 17 23:59:59 2023 GMT
        Subject: serialNumber=7d4fc0cbde1ccb53dfe9ccb666cf83329946f981119373e13ed0c1e8ad551ada, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:4e:6b:80:84:54:0a:d3:b5:e6:61:15:1c:91:
                    d3:67:2b:03:8d:6c:12:b5:dc:b8:54:fd:90:64:2a:
                    2f:78:f4:2b:0a:07:9b:12:03:33:eb:54:61:93:4a:
                    a4:c3:2e:ec:29:3f:c2:35:72:2d:ba:39:b6:97:2b:
                    0d:bf:46:45:83:88:d2:e6:1b:03:e5:84:84:5b:83:
                    de:b9:90:81:d3:f9:b0:3a:5f:88:31:f2:97:12:2f:
                    a4:e4:e0:1e:52:39:27:3e:59:cd:be:6f:7a:87:03:
                    3d:91:7b:f0:60:9d:0c:7d:1a:2c:c0:99:5d:a9:f3:
                    6f:75:a6:d5:8a:43:42:b7:2a:f0:92:b6:ea:2b:8a:
                    d6:44:de:5b:e0:c7:20:b6:4a:f1:1a:ba:5e:11:77:
                    36:91:37:ff:2d:3b:a8:47:d1:d6:06:99:be:bd:59:
                    67:c0:cb:69:75:40:61:9a:ad:1e:d8:08:fc:0a:61:
                    34:08:c2:ab:a0:47:66:1d:a2:f4:94:ce:f0:74:2e:
                    98:10:59:65:c4:f0:21:fa:18:39:cc:79:38:77:59:
                    02:c0:24:5b:50:bb:bd:cb:d8:d6:10:44:ff:0a:a3:
                    8d:76:19:a0:3e:42:22:e2:a0:cc:e2:e2:ba:00:13:
                    70:5d:72:b3:6a:7d:26:66:6f:e0:d6:a3:17:f9:1d:
                    98:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:FB:DB:18:AF:B4:4D:D7:25:8B:22:21:C6:33:7A:FC:5D:F0:74:AC
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/025bca09-86b7-48bd-a586-a44ce744234f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  15.220.168.0/21

    Signature Algorithm: sha256WithRSAEncryption
         68:1a:eb:d2:92:6f:6e:2f:d7:2e:97:db:6c:7a:12:65:5d:9d:
         38:53:d2:92:d5:c8:7e:fb:61:46:06:71:42:32:4e:2e:0f:b4:
         16:a1:b6:a4:df:c0:27:35:b9:1a:ac:a8:14:1c:3d:80:ff:d5:
         0f:51:2b:d7:3d:0e:70:6d:ce:20:f4:78:cd:3b:4e:cd:ac:c1:
         9d:c9:b5:a7:17:6e:d3:5b:2d:b2:5e:20:51:c1:00:a4:c8:02:
         1b:f5:ea:9a:df:49:7b:2e:06:3b:92:3b:ae:5a:32:0b:6d:4e:
         3b:44:35:e4:86:04:92:df:18:1f:bd:43:ed:40:a4:dd:e8:3c:
         05:95:ff:a4:06:92:e5:0e:4e:d1:93:9a:c6:5b:0a:e3:97:44:
         4b:6b:34:9f:c5:8a:96:cb:38:9a:61:0b:5f:d7:70:80:40:fd:
         c3:22:ef:cd:87:2d:d7:2f:ef:9a:96:5e:84:3e:db:51:ac:87:
         58:37:e0:9f:6a:a4:52:e7:2d:17:91:48:da:1f:7b:fa:e1:9d:
         9c:68:1a:61:65:73:68:67:7d:ff:35:a1:9b:c5:d5:59:73:4a:
         6a:46:62:89:82:1d:69:71:c6:c3:5d:b7:a6:77:b8:52:39:5a:
         f3:93:8f:53:4e:ba:24:b3:dd:97:91:32:1c:ec:ac:58:70:79:
         ca:81:53:51
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUaZMPB3Du+VI7HHt6hJLSzaYHllMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjMwOTEyMDAwMDAwWhcNMjMxMDE3MjM1OTU5
WjB6MUkwRwYDVQQFE0A3ZDRmYzBjYmRlMWNjYjUzZGZlOWNjYjY2NmNmODMzMjk5
NDZmOTgxMTE5MzczZTEzZWQwYzFlOGFkNTUxYWRhMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCyTmuAhFQK07XmYRUckdNnKwONbBK13LhU/ZBkKi949CsK
B5sSAzPrVGGTSqTDLuwpP8I1ci26ObaXKw2/RkWDiNLmGwPlhIRbg965kIHT+bA6
X4gx8pcSL6Tk4B5SOSc+Wc2+b3qHAz2Re/BgnQx9GizAmV2p8291ptWKQ0K3KvCS
tuoritZE3lvgxyC2SvEaul4RdzaRN/8tO6hH0dYGmb69WWfAy2l1QGGarR7YCPwK
YTQIwqugR2YdovSUzvB0LpgQWWXE8CH6GDnMeTh3WQLAJFtQu73L2NYQRP8Ko412
GaA+QiLioMzi4roAE3BdcrNqfSZmb+DWoxf5HZgdAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU4PvbGK+0TdcliyIhxjN6/F3wdKwwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzAyNWJjYTA5LTg2YjctNDhiZC1hNTg2LWE0NGNlNzQ0MjM0Zi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAMP3KgwDQYJKoZIhvcNAQELBQADggEBAGga69KSb24v1y6X22x6EmVdnThT
0pLVyH77YUYGcUIyTi4PtBahtqTfwCc1uRqsqBQcPYD/1Q9RK9c9DnBtziD0eM07
Ts2swZ3JtacXbtNbLbJeIFHBAKTIAhv16prfSXsuBjuSO65aMgttTjtENeSGBJLf
GB+9Q+1ApN3oPAWV/6QGkuUOTtGTmsZbCuOXREtrNJ/FipbLOJphC1/XcIBA/cMi
782HLdcv75qWXoQ+21Gsh1g34J9qpFLnLReRSNofe/rhnZxoGmFlc2hnff81oZvF
1VlzSmpGYomCHWlxxsNdt6Z3uFI5WvOTj1NOuiSz3ZeRMhzsrFhwecqBU1E=
-----END CERTIFICATE-----
Generated at Tue Sep 12 00:34:23 2023 by rpki-client on console-ams.rpki-client.org