Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/33b30779-b2a5-475b-b004-99eb3c86d86d.roa
File:                     33b30779-b2a5-475b-b004-99eb3c86d86d.roa (raw, json)
Hash identifier:          /SvuVZzb32GJOTFn7q7NqkOXjkQHkFBjq+owd2WJc10=
Subject key identifier:   DD:C9:4F:1C:22:10:96:10:B8:4A:3A:04:A7:E4:37:40:FB:C8:B8:AB
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       2CD00481B9CD53F0D171483EA5C09EC67A86CF6F
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/33b30779-b2a5-475b-b004-99eb3c86d86d.roa
Signing time:             Tue 18 Jun 2024 00:00:00 +0000
ROA not before:           Tue 18 Jun 2024 00:00:00 +0000
ROA not after:            Tue 23 Jul 2024 23:59:59 +0000
asID:                     22394
IP address blocks:        155.146.80.0/20 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 26 Jun 2024 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2c:d0:04:81:b9:cd:53:f0:d1:71:48:3e:a5:c0:9e:c6:7a:86:cf:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jun 18 00:00:00 2024 GMT
            Not After : Jul 23 23:59:59 2024 GMT
        Subject: serialNumber=37f8aaace26d7f5158f25e9a575a60ba4942254c92299ca527c0f195610cbab4, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:29:30:8d:38:cd:54:2b:7f:c2:4e:53:5a:15:
                    6f:00:03:09:03:27:93:ff:e1:b7:3a:f6:3d:5f:e3:
                    75:9c:f7:d4:a0:96:11:50:67:73:79:bf:b2:b2:56:
                    25:57:d8:c6:59:55:16:79:d3:20:f3:f2:7e:fa:42:
                    91:ef:8f:f8:e3:3c:0d:ec:80:3b:3a:6b:b0:17:8b:
                    87:a9:2c:68:d8:38:71:c9:c2:96:48:29:bb:77:48:
                    06:ab:97:0a:8b:15:03:55:a9:8b:b8:b3:81:f3:e8:
                    51:b4:6a:17:6d:e3:f5:3b:fc:f3:a2:8e:5f:da:7f:
                    3a:76:0a:82:8f:6d:4d:01:f9:52:71:af:0e:75:95:
                    9f:c1:d0:57:d7:b5:15:d7:a8:60:1a:82:85:54:e8:
                    40:2e:2f:c2:f6:63:3d:f1:42:8f:2e:e7:9a:a2:9f:
                    49:61:9f:25:a3:8d:12:d7:3d:1b:51:6a:79:62:bc:
                    0f:a6:ca:05:28:97:9a:bf:fb:c4:fa:ff:dc:35:0c:
                    f8:40:5a:b7:67:fa:87:7b:12:8e:d3:5f:37:4c:51:
                    71:fe:31:a7:84:0e:92:ec:a7:42:86:a6:a9:fc:1e:
                    f5:fe:47:20:db:63:16:e0:e9:ae:83:56:ee:a7:da:
                    f5:ed:be:ed:8b:f8:2e:bb:68:1c:8e:fb:0c:8a:cb:
                    18:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:C9:4F:1C:22:10:96:10:B8:4A:3A:04:A7:E4:37:40:FB:C8:B8:AB
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/33b30779-b2a5-475b-b004-99eb3c86d86d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  155.146.80.0/20

    Signature Algorithm: sha256WithRSAEncryption
         42:4d:1a:26:ce:c7:e7:9e:dd:8f:81:bd:54:6d:a6:21:2e:51:
         12:b1:70:c6:ae:ce:a6:27:4c:4b:13:5f:50:6f:f6:ae:ef:d4:
         e9:3f:4f:5a:22:e0:55:46:81:65:c4:12:72:93:63:83:db:4a:
         13:a9:9d:e5:f6:44:ce:e8:92:55:45:7c:c3:a6:7b:e2:ce:94:
         49:95:b3:2e:dc:3f:47:18:ca:ce:f4:e0:f4:83:f4:e3:7e:76:
         fa:d7:15:23:15:13:fc:38:f2:7e:5f:ed:af:7d:50:27:cd:89:
         cd:ab:f2:a7:8f:77:d9:9b:d4:d8:7c:de:be:99:d7:29:02:73:
         2f:b3:4c:8c:3d:88:53:27:34:11:33:ad:de:dc:26:d2:15:24:
         53:79:fc:2b:85:11:3e:00:e3:e5:9e:21:30:1c:f7:3b:45:43:
         44:54:44:95:69:a4:59:73:65:52:aa:47:86:1f:64:7f:20:5c:
         08:45:5c:3a:13:c6:b4:f6:70:37:6e:f8:63:a0:a4:ba:61:4f:
         6d:6d:86:83:ac:39:4e:eb:53:dd:1b:dd:b3:47:91:57:9f:b4:
         27:e8:0c:77:ae:39:c3:29:cf:ca:63:6c:5f:ff:f7:39:c0:af:
         05:68:87:c7:f4:6a:de:5d:dd:f0:54:db:26:55:5f:38:e0:8c:
         ef:68:16:1d
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIULNAEgbnNU/DRcUg+pcCexnqGz28wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjQwNjE4MDAwMDAwWhcNMjQwNzIzMjM1OTU5
WjB6MUkwRwYDVQQFE0AzN2Y4YWFhY2UyNmQ3ZjUxNThmMjVlOWE1NzVhNjBiYTQ5
NDIyNTRjOTIyOTljYTUyN2MwZjE5NTYxMGNiYWI0MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDDKTCNOM1UK3/CTlNaFW8AAwkDJ5P/4bc69j1f43Wc99Sg
lhFQZ3N5v7KyViVX2MZZVRZ50yDz8n76QpHvj/jjPA3sgDs6a7AXi4epLGjYOHHJ
wpZIKbt3SAarlwqLFQNVqYu4s4Hz6FG0ahdt4/U7/POijl/afzp2CoKPbU0B+VJx
rw51lZ/B0FfXtRXXqGAagoVU6EAuL8L2Yz3xQo8u55qin0lhnyWjjRLXPRtRanli
vA+mygUol5q/+8T6/9w1DPhAWrdn+od7Eo7TXzdMUXH+MaeEDpLsp0KGpqn8HvX+
RyDbYxbg6a6DVu6n2vXtvu2L+C67aByO+wyKyxiBAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU3clPHCIQlhC4SjoEp+Q3QPvIuKswHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzMzYjMwNzc5LWIyYTUtNDc1Yi1iMDA0LTk5ZWIzYzg2ZDg2ZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBASbklAwDQYJKoZIhvcNAQELBQADggEBAEJNGibOx+ee3Y+BvVRtpiEuURKx
cMauzqYnTEsTX1Bv9q7v1Ok/T1oi4FVGgWXEEnKTY4PbShOpneX2RM7oklVFfMOm
e+LOlEmVsy7cP0cYys704PSD9ON+dvrXFSMVE/w48n5f7a99UCfNic2r8qePd9mb
1Nh83r6Z1ykCcy+zTIw9iFMnNBEzrd7cJtIVJFN5/CuFET4A4+WeITAc9ztFQ0RU
RJVppFlzZVKqR4YfZH8gXAhFXDoTxrT2cDdu+GOgpLphT21thoOsOU7rU90b3bNH
kVeftCfoDHeuOcMpz8pjbF//9znArwVoh8f0at5d3fBU2yZVXzjgjO9oFh0=
-----END CERTIFICATE-----
Generated at Mon Jun 24 01:29:17 2024 by rpki-client on console-ams.rpki-client.org