Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/071b4428-4363-4b2b-b1f3-73120e26d977.roa
File:                     071b4428-4363-4b2b-b1f3-73120e26d977.roa (raw, json)
Hash identifier:          PIO4hd2kU3xzs4BE710J5ZYXbKUt+LXdYv/DITjC8zc=
Subject key identifier:   56:71:82:FA:20:EA:B1:38:61:E9:6B:F6:5E:05:F4:38:89:42:68:93
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       027F0E5B5CF50A183FB93CD9AA14E1EB885F8A42
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/071b4428-4363-4b2b-b1f3-73120e26d977.roa
Signing time:             Tue 28 May 2024 00:00:00 +0000
ROA not before:           Tue 28 May 2024 00:00:00 +0000
ROA not after:            Tue 02 Jul 2024 23:59:59 +0000
asID:                     14618
IP address blocks:        18.44.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 24 Jun 2024 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            02:7f:0e:5b:5c:f5:0a:18:3f:b9:3c:d9:aa:14:e1:eb:88:5f:8a:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 28 00:00:00 2024 GMT
            Not After : Jul  2 23:59:59 2024 GMT
        Subject: serialNumber=0d700e7a0082240b0aad09b405a238d87abe56c30583a49716de0018af5ed9eb, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:52:7b:b4:6e:8d:8b:39:66:c5:8a:f6:39:23:
                    5a:e2:5e:47:91:48:cc:04:b9:9f:85:db:70:ba:b9:
                    ae:a3:42:20:3b:5b:70:d9:63:a7:f2:da:2a:b3:1f:
                    f3:40:bf:56:14:9e:06:77:01:dc:f4:73:f9:dd:eb:
                    6c:7b:30:d3:6c:27:e7:7d:b5:bc:45:60:9d:29:db:
                    9c:f6:e0:78:8c:5f:31:7b:e3:7f:47:11:3e:05:0b:
                    69:fa:b7:fc:89:c2:1d:f6:23:3a:ba:e2:64:05:ef:
                    f6:19:41:9b:61:00:34:d7:6a:fa:ba:43:2d:04:e8:
                    5f:03:cb:f8:eb:46:0e:ed:87:94:d6:eb:8f:a7:0a:
                    46:42:56:90:33:71:bb:de:0a:77:73:50:79:f6:34:
                    d8:22:d9:6f:9f:d4:20:32:7c:e1:50:08:34:8d:36:
                    5f:23:65:55:75:a0:ae:3d:94:6e:ea:31:bb:50:40:
                    cf:f1:95:4f:7c:51:1f:e8:67:04:4d:f3:d5:93:59:
                    23:b5:f8:b1:7d:af:0e:22:de:02:ef:a6:8e:c9:8e:
                    c8:dc:f0:00:9a:9a:85:f5:9e:b8:b5:dd:c1:f2:1a:
                    32:77:f6:c4:e0:9a:47:42:54:c5:a6:83:45:5c:17:
                    f2:63:84:1d:9b:30:03:6d:d4:1c:ee:f6:ab:e4:87:
                    16:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:71:82:FA:20:EA:B1:38:61:E9:6B:F6:5E:05:F4:38:89:42:68:93
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/071b4428-4363-4b2b-b1f3-73120e26d977.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  18.44.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         b0:87:80:7a:df:b3:c0:00:cd:a8:2a:cd:8c:be:e3:8f:4a:c8:
         90:57:65:ca:38:c9:c7:d2:fd:68:b5:3c:72:fd:97:11:9a:ab:
         5d:eb:77:c9:79:f5:dd:65:87:ba:82:50:7a:df:62:31:5f:6f:
         a7:fb:e2:fc:b5:35:ab:39:bb:1e:c9:41:05:d3:54:e5:f4:9b:
         35:52:81:26:29:2e:11:5f:29:6e:a0:ef:6c:93:ee:53:62:6a:
         5f:96:2d:f7:41:43:4a:63:68:ad:d7:15:4f:81:b8:ff:09:a3:
         07:13:0f:00:d7:6d:09:a7:b4:96:14:f4:c5:fb:89:ac:58:b4:
         d7:f7:a7:d9:e8:28:d2:26:39:88:f0:ad:ca:12:ff:f7:68:68:
         73:6c:4e:f9:f4:71:9a:24:56:95:73:f3:d0:b8:4e:94:44:27:
         83:3c:6a:c8:3b:e4:ba:0c:f4:2e:02:d1:d1:35:3d:73:98:e9:
         24:85:9d:fe:d6:66:29:19:42:3f:63:40:76:db:73:20:26:07:
         22:10:96:86:10:03:41:83:ab:5d:36:94:73:09:31:c2:4e:c1:
         72:6c:95:78:2b:bb:e6:f5:90:b4:ed:56:42:2c:1f:b0:bb:fd:
         df:a2:73:b8:98:da:07:a0:ce:e1:2a:c3:54:46:5a:ef:67:44:
         9f:05:6f:17
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUAn8OW1z1Chg/uTzZqhTh64hfikIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjQwNTI4MDAwMDAwWhcNMjQwNzAyMjM1OTU5
WjB6MUkwRwYDVQQFE0AwZDcwMGU3YTAwODIyNDBiMGFhZDA5YjQwNWEyMzhkODdh
YmU1NmMzMDU4M2E0OTcxNmRlMDAxOGFmNWVkOWViMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCRUnu0bo2LOWbFivY5I1riXkeRSMwEuZ+F23C6ua6jQiA7
W3DZY6fy2iqzH/NAv1YUngZ3Adz0c/nd62x7MNNsJ+d9tbxFYJ0p25z24HiMXzF7
439HET4FC2n6t/yJwh32Izq64mQF7/YZQZthADTXavq6Qy0E6F8Dy/jrRg7th5TW
64+nCkZCVpAzcbveCndzUHn2NNgi2W+f1CAyfOFQCDSNNl8jZVV1oK49lG7qMbtQ
QM/xlU98UR/oZwRN89WTWSO1+LF9rw4i3gLvpo7Jjsjc8ACamoX1nri13cHyGjJ3
9sTgmkdCVMWmg0VcF/JjhB2bMANt1Bzu9qvkhxajAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUVnGC+iDqsThh6Wv2XgX0OIlCaJMwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzA3MWI0NDI4LTQzNjMtNGIyYi1iMWYzLTczMTIwZTI2ZDk3Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwASLDANBgkqhkiG9w0BAQsFAAOCAQEAsIeAet+zwADNqCrNjL7jj0rIkFdl
yjjJx9L9aLU8cv2XEZqrXet3yXn13WWHuoJQet9iMV9vp/vi/LU1qzm7HslBBdNU
5fSbNVKBJikuEV8pbqDvbJPuU2JqX5Yt90FDSmNordcVT4G4/wmjBxMPANdtCae0
lhT0xfuJrFi01/en2ego0iY5iPCtyhL/92hoc2xO+fRxmiRWlXPz0LhOlEQngzxq
yDvkugz0LgLR0TU9c5jpJIWd/tZmKRlCP2NAdttzICYHIhCWhhADQYOrXTaUcwkx
wk7BcmyVeCu75vWQtO1WQiwfsLv936JzuJjaB6DO4SrDVEZa72dEnwVvFw==
-----END CERTIFICATE-----
Generated at Sat Jun 22 03:17:49 2024 by rpki-client on console-fra.rpki-client.org