Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/283f502b-4726-4849-b192-13f41302266d.roa
File:                     283f502b-4726-4849-b192-13f41302266d.roa (raw, json)
Hash identifier:          b6t15HNIjMV3BF9Sr17xPHUpZBLu5eWwboQH64mc7FU=
Subject key identifier:   1C:A0:06:E5:F7:0E:E2:92:58:AC:30:82:D2:68:6A:E2:F0:E5:B7:D2
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       5EB9827EB594E3D395A231CD947F3FF2469AE1D6
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/283f502b-4726-4849-b192-13f41302266d.roa
Signing time:             Fri 24 May 2024 00:00:00 +0000
ROA not before:           Fri 24 May 2024 00:00:00 +0000
ROA not after:            Fri 28 Jun 2024 23:59:59 +0000
asID:                     8987
IP address blocks:        15.222.0.0/15 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 14 Jun 2024 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5e:b9:82:7e:b5:94:e3:d3:95:a2:31:cd:94:7f:3f:f2:46:9a:e1:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 24 00:00:00 2024 GMT
            Not After : Jun 28 23:59:59 2024 GMT
        Subject: serialNumber=789b08d4184c3af1f5211a2f4a14527bae63e36b41accff3475e895b65258a6c, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:e8:c1:a4:97:43:01:0b:2d:cd:0e:17:8d:39:
                    2a:7d:58:55:e9:a4:c4:34:01:e9:3e:42:e9:8a:b7:
                    19:83:3b:58:3f:b8:0c:5b:0b:7d:fc:ab:cc:38:51:
                    18:1b:0d:88:90:7b:17:99:e0:59:03:40:47:c8:aa:
                    ea:c5:28:61:ee:43:bc:ae:30:67:f7:0b:c3:04:34:
                    ef:1f:90:2c:1b:e8:11:d9:e5:86:1f:02:0c:22:68:
                    d1:bc:24:e4:83:7b:08:f7:ea:6c:4c:34:42:77:ba:
                    57:b3:17:aa:00:f0:b3:a4:83:2f:fc:83:49:a6:3b:
                    7b:11:2c:9e:5e:22:c3:d4:9f:6f:2e:9f:d5:93:68:
                    eb:8b:31:5b:12:8e:7e:41:69:42:e1:df:94:a7:54:
                    40:b3:0f:52:a9:c6:42:a0:af:57:90:d6:ce:dd:a2:
                    5f:42:62:61:6c:f8:4d:e9:b4:24:1a:65:40:b3:b3:
                    cc:12:98:4e:9b:b6:57:24:ad:93:ed:fc:4f:62:88:
                    a5:82:ff:1a:ba:d6:c3:64:47:7d:81:02:19:a1:67:
                    b9:91:09:4c:ce:bd:3e:fb:73:ea:ac:3a:40:77:b0:
                    2d:6f:1f:3f:34:0b:3f:e7:e1:fc:5e:3b:7f:12:18:
                    75:9d:bb:16:0d:92:a9:5a:37:a4:7a:34:f9:66:81:
                    62:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:A0:06:E5:F7:0E:E2:92:58:AC:30:82:D2:68:6A:E2:F0:E5:B7:D2
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/283f502b-4726-4849-b192-13f41302266d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  15.222.0.0/15

    Signature Algorithm: sha256WithRSAEncryption
         00:ad:fe:c5:24:71:46:af:df:ac:c6:00:5b:80:2e:51:1f:35:
         8f:28:e2:3c:98:f5:15:7f:5d:eb:67:8e:95:8e:3b:b4:78:42:
         7a:a5:75:13:8c:ca:78:9b:66:b0:30:16:10:a8:6a:db:58:60:
         08:64:ac:28:78:e1:b2:45:44:00:25:8a:4b:56:96:2e:db:18:
         ae:aa:27:86:c9:8c:03:45:0d:cd:bb:4a:ed:93:76:95:25:54:
         b0:96:f7:55:9d:79:55:0d:01:e7:ba:64:6f:c1:b6:a4:61:e8:
         d7:9c:21:dc:1c:b7:f7:bf:65:1a:c0:93:74:f4:17:8d:1b:3d:
         3f:62:88:a4:89:13:99:cc:b3:76:34:86:ae:78:68:a0:ff:f5:
         4e:c0:fb:49:94:72:c9:67:52:be:61:45:21:ca:c0:b8:aa:1b:
         62:59:c3:4a:24:74:84:0a:6a:bc:f0:75:55:f5:39:6f:53:ae:
         2a:bc:dc:6f:09:b7:4c:ad:60:27:fc:87:2a:5c:87:52:18:5f:
         9c:6c:c7:86:a4:89:ca:e5:19:8a:d8:4c:fb:b2:33:a7:61:1e:
         cc:e0:90:4f:a5:20:ca:3b:ec:65:85:e0:3b:35:98:41:e6:d9:
         6e:fa:6d:0b:e9:97:23:ab:28:6e:64:17:d5:2e:93:2f:5b:1d:
         fc:0f:a3:93
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUXrmCfrWU49OVojHNlH8/8kaa4dYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjQwNTI0MDAwMDAwWhcNMjQwNjI4MjM1OTU5
WjB6MUkwRwYDVQQFE0A3ODliMDhkNDE4NGMzYWYxZjUyMTFhMmY0YTE0NTI3YmFl
NjNlMzZiNDFhY2NmZjM0NzVlODk1YjY1MjU4YTZjMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC56MGkl0MBCy3NDheNOSp9WFXppMQ0Aek+QumKtxmDO1g/
uAxbC338q8w4URgbDYiQexeZ4FkDQEfIqurFKGHuQ7yuMGf3C8MENO8fkCwb6BHZ
5YYfAgwiaNG8JOSDewj36mxMNEJ3ulezF6oA8LOkgy/8g0mmO3sRLJ5eIsPUn28u
n9WTaOuLMVsSjn5BaULh35SnVECzD1KpxkKgr1eQ1s7dol9CYmFs+E3ptCQaZUCz
s8wSmE6btlckrZPt/E9iiKWC/xq61sNkR32BAhmhZ7mRCUzOvT77c+qsOkB3sC1v
Hz80Cz/n4fxeO38SGHWduxYNkqlaN6R6NPlmgWLhAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUHKAG5fcO4pJYrDCC0mhq4vDlt9IwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzI4M2Y1MDJiLTQ3MjYtNDg0OS1iMTkyLTEzZjQxMzAyMjY2ZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwEP3jANBgkqhkiG9w0BAQsFAAOCAQEAAK3+xSRxRq/frMYAW4AuUR81jyji
PJj1FX9d62eOlY47tHhCeqV1E4zKeJtmsDAWEKhq21hgCGSsKHjhskVEACWKS1aW
LtsYrqonhsmMA0UNzbtK7ZN2lSVUsJb3VZ15VQ0B57pkb8G2pGHo15wh3By3979l
GsCTdPQXjRs9P2KIpIkTmcyzdjSGrnhooP/1TsD7SZRyyWdSvmFFIcrAuKobYlnD
SiR0hApqvPB1VfU5b1OuKrzcbwm3TK1gJ/yHKlyHUhhfnGzHhqSJyuUZithM+7Iz
p2EezOCQT6UgyjvsZYXgOzWYQebZbvptC+mXI6sobmQX1S6TL1sd/A+jkw==
-----END CERTIFICATE-----
Generated at Thu Jun 13 17:21:09 2024 by rpki-client on console-fra.rpki-client.org