Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/142ce907-aedc-4605-8862-c3d7f5104b02.roa
File:                     142ce907-aedc-4605-8862-c3d7f5104b02.roa (raw, json)
Hash identifier:          eDlTSsVd2VloyX8Xo/BC0UYsYnOkfuVImkR6dO2PGUw=
Subject key identifier:   2E:72:0C:F4:0A:75:B8:F3:C2:66:19:0C:AE:2A:BB:3E:4A:3E:27:54
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       580D0F416CB113E2F2F9BABBF762951B4D0D350E
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/142ce907-aedc-4605-8862-c3d7f5104b02.roa
Signing time:             Mon 02 Dec 2024 00:00:00 +0000
ROA not before:           Mon 02 Dec 2024 00:00:00 +0000
ROA not after:            Mon 06 Jan 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        15.177.104.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 07 Dec 2024 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            58:0d:0f:41:6c:b1:13:e2:f2:f9:ba:bb:f7:62:95:1b:4d:0d:35:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Dec  2 00:00:00 2024 GMT
            Not After : Jan  6 23:59:59 2025 GMT
        Subject: serialNumber=365e18d295474cb31b77f7b9b8a0d1fe9ae18d914c89c7db67e44f88569da5e3, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f6:89:24:6f:5c:42:80:2e:b2:31:cb:1e:43:bc:
                    fa:2c:64:58:f8:12:3b:8c:ab:cc:d8:cc:76:6e:d1:
                    a3:e9:1b:d9:41:0d:37:09:e4:e6:b9:24:d3:4e:b8:
                    d0:ee:82:9a:8b:85:eb:35:7f:d7:ce:65:09:4d:aa:
                    4f:db:56:5f:94:9d:49:b7:73:86:72:40:2b:92:14:
                    e4:12:8e:5a:6e:34:d3:7f:f0:41:0e:5b:04:93:e4:
                    03:b1:54:d8:e0:f1:f7:77:1e:94:28:9e:f6:96:9c:
                    d7:cc:c8:9b:3c:3e:ae:80:e9:cd:7a:55:aa:84:86:
                    17:e2:9b:53:c9:d2:ac:ed:8f:85:18:2c:67:2d:26:
                    5b:0b:fb:cc:57:56:43:f4:c7:37:4a:78:3a:9c:8d:
                    9a:43:3c:cc:5a:e6:e8:b6:8c:8a:79:ba:2c:55:d3:
                    4b:93:c7:03:31:78:4f:19:98:d9:43:74:8a:61:e7:
                    c4:d1:bc:0d:d3:e3:5a:78:ff:fa:21:6a:7d:1a:db:
                    98:79:ba:be:6f:44:17:88:12:c0:ee:58:b0:99:16:
                    34:8b:3f:69:0a:ae:d7:24:6b:06:18:ac:98:d0:b4:
                    a5:6a:3c:6a:a8:e2:94:33:e2:f5:86:0b:2b:ec:17:
                    87:e8:d7:e7:eb:31:e1:5e:cf:e8:f6:8b:67:3e:a9:
                    5f:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:72:0C:F4:0A:75:B8:F3:C2:66:19:0C:AE:2A:BB:3E:4A:3E:27:54
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/142ce907-aedc-4605-8862-c3d7f5104b02.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  15.177.104.0/24

    Signature Algorithm: sha256WithRSAEncryption
         aa:b4:3b:cb:5b:7c:26:85:a8:c0:45:94:a9:92:00:2b:ea:a3:
         73:e6:59:66:79:11:bd:c3:56:d2:a2:78:0e:54:d1:e4:5c:21:
         4c:cf:18:cf:a8:e8:88:a9:09:11:81:67:cc:20:94:14:30:b2:
         56:7e:af:bc:ab:e7:d6:af:d1:06:d4:e8:ad:5f:c3:31:3a:8d:
         8c:89:7a:b3:ce:bd:f7:16:81:c8:d0:b7:2e:64:ef:38:0e:bc:
         6a:b5:49:56:9b:2f:88:87:14:ad:76:9f:52:d3:eb:aa:af:bb:
         64:b1:c8:bb:6b:52:d3:7e:7a:5e:7b:00:21:2b:4f:12:ea:ee:
         e5:73:05:88:15:6b:c4:44:7a:8e:2d:17:fe:1b:d3:a8:98:13:
         1e:13:c7:e7:c7:ee:44:ba:de:3c:50:6a:1b:c6:fa:f2:b0:3a:
         7b:12:e8:bd:1a:2c:51:53:d8:c0:76:b5:71:4b:40:6b:97:ef:
         23:93:e9:f8:63:36:7d:39:8a:7d:b6:61:5f:a9:87:3a:20:84:
         38:fe:9d:46:eb:80:82:51:ed:72:7b:e9:db:37:28:6c:6b:db:
         e1:bc:bb:4b:d7:50:40:68:a7:e4:c8:27:e1:30:03:cb:e5:48:
         5f:7d:a9:29:12:32:de:16:5e:80:ed:0f:80:26:7d:42:71:e2:
         46:d9:a8:dd
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUWA0PQWyxE+Ly+bq792KVG00NNQ4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjQxMjAyMDAwMDAwWhcNMjUwMTA2MjM1OTU5
WjB6MUkwRwYDVQQFE0AzNjVlMThkMjk1NDc0Y2IzMWI3N2Y3YjliOGEwZDFmZTlh
ZTE4ZDkxNGM4OWM3ZGI2N2U0NGY4ODU2OWRhNWUzMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQD2iSRvXEKALrIxyx5DvPosZFj4EjuMq8zYzHZu0aPpG9lB
DTcJ5Oa5JNNOuNDugpqLhes1f9fOZQlNqk/bVl+UnUm3c4ZyQCuSFOQSjlpuNNN/
8EEOWwST5AOxVNjg8fd3HpQonvaWnNfMyJs8Pq6A6c16VaqEhhfim1PJ0qztj4UY
LGctJlsL+8xXVkP0xzdKeDqcjZpDPMxa5ui2jIp5uixV00uTxwMxeE8ZmNlDdIph
58TRvA3T41p4//ohan0a25h5ur5vRBeIEsDuWLCZFjSLP2kKrtckawYYrJjQtKVq
PGqo4pQz4vWGCyvsF4fo1+frMeFez+j2i2c+qV9pAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQULnIM9Ap1uPPCZhkMriq7Pko+J1QwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzE0MmNlOTA3LWFlZGMtNDYwNS04ODYyLWMzZDdmNTEwNGIwMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAPsWgwDQYJKoZIhvcNAQELBQADggEBAKq0O8tbfCaFqMBFlKmSACvqo3Pm
WWZ5Eb3DVtKieA5U0eRcIUzPGM+o6IipCRGBZ8wglBQwslZ+r7yr59av0QbU6K1f
wzE6jYyJerPOvfcWgcjQty5k7zgOvGq1SVabL4iHFK12n1LT66qvu2SxyLtrUtN+
el57ACErTxLq7uVzBYgVa8REeo4tF/4b06iYEx4Tx+fH7kS63jxQahvG+vKwOnsS
6L0aLFFT2MB2tXFLQGuX7yOT6fhjNn05in22YV+phzoghDj+nUbrgIJR7XJ76ds3
KGxr2+G8u0vXUEBop+TIJ+EwA8vlSF99qSkSMt4WXoDtD4AmfUJx4kbZqN0=
-----END CERTIFICATE-----
Generated at Fri Dec 6 04:31:02 2024 by rpki-client on console-fra.rpki-client.org