Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/4313963e-2afd-46de-8092-197b5608fedc.roa
File:                     4313963e-2afd-46de-8092-197b5608fedc.roa (raw, json)
Hash identifier:          HlQ9AB/pb1fMX0pg5U2yb+5KLfbq0Nx1z1sLJVCB+8I=
Subject key identifier:   B1:93:A6:63:D2:CD:78:82:EC:C8:4D:8F:7D:D6:5F:76:E8:8D:7C:3F
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       7067711C25D0F4B5FB6C794C684A1380EB2B6292
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/4313963e-2afd-46de-8092-197b5608fedc.roa
Signing time:             Tue 12 Mar 2024 00:00:00 +0000
ROA not before:           Tue 12 Mar 2024 00:00:00 +0000
ROA not after:            Tue 16 Apr 2024 23:59:59 +0000
asID:                     8987
IP address blocks:        15.141.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 30 Mar 2024 12:04:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            70:67:71:1c:25:d0:f4:b5:fb:6c:79:4c:68:4a:13:80:eb:2b:62:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Mar 12 00:00:00 2024 GMT
            Not After : Apr 16 23:59:59 2024 GMT
        Subject: serialNumber=415b9c886135d1f74c56f4a679bda3178fbad9692b7555385edf541103dc284b, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:56:6e:ad:99:15:df:fd:0c:cc:11:cb:40:5a:
                    11:f4:50:0f:7f:f2:00:ec:1a:96:27:34:07:35:b2:
                    c4:72:77:5c:9b:b7:4f:84:8e:0b:ac:b1:1a:a6:21:
                    00:b2:c5:05:dc:58:bd:37:01:dc:e7:0a:a6:a6:91:
                    3c:49:65:65:7a:24:fc:aa:ac:c0:59:fb:52:0b:ea:
                    5e:bd:5d:eb:1f:cf:f1:99:0b:37:18:56:d7:5f:08:
                    29:db:57:69:a8:d2:c5:d3:16:38:b3:83:14:5e:af:
                    8c:fe:ad:f2:35:7a:79:69:dc:6c:cd:20:72:50:32:
                    45:4b:69:4f:9e:b5:cd:43:87:46:87:91:7b:85:69:
                    42:d6:e4:84:a3:f2:d5:1f:7d:55:47:e0:0a:c6:29:
                    ea:d2:4a:ce:73:7b:90:6d:60:8b:3c:a4:f3:1c:e6:
                    9e:85:49:62:74:32:9e:ad:73:4c:3f:9b:c9:fd:3b:
                    bf:4c:38:25:ca:c7:72:c0:89:c2:a2:ce:34:55:8b:
                    96:21:4a:6a:eb:17:32:b4:c1:4e:13:9b:ba:e4:ea:
                    8e:b4:d9:12:e0:43:4e:ed:13:cc:08:98:74:c7:a5:
                    c0:96:1f:1a:70:1b:fc:d8:2d:f6:cf:50:55:58:75:
                    01:ea:33:39:d7:6c:48:c0:4e:63:49:3b:22:e7:71:
                    0e:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:93:A6:63:D2:CD:78:82:EC:C8:4D:8F:7D:D6:5F:76:E8:8D:7C:3F
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/4313963e-2afd-46de-8092-197b5608fedc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  15.141.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         50:2a:29:1f:c7:f7:4d:fb:de:18:d2:fb:c9:0e:6d:ab:f0:9e:
         e7:46:ec:83:d9:b8:c0:79:fc:95:20:20:31:f1:74:41:8b:71:
         98:8e:b8:dd:b8:1a:63:4c:0a:d3:64:2d:2a:93:a8:53:46:34:
         6e:3e:99:04:de:4e:ee:1a:e2:7a:46:a0:8a:e5:17:dc:f3:9d:
         d9:1d:ff:af:62:a1:d2:51:4f:f4:6e:05:36:4a:8b:0c:2d:65:
         93:02:25:51:65:c3:7c:5e:e9:1d:e1:79:24:25:21:51:ec:f5:
         a2:ff:e1:7f:15:da:fc:60:41:54:0f:2a:21:1c:7e:7b:1f:de:
         3e:09:28:85:0c:db:56:5f:ee:c6:dc:df:1f:16:b1:12:a8:6c:
         69:d0:d3:af:c6:f9:12:60:4a:84:aa:a5:d1:c7:40:f6:cb:1b:
         e3:ab:bc:9f:67:1c:a0:dd:4c:0b:07:ad:47:c9:13:cd:ce:5e:
         70:3e:dd:84:ea:20:de:83:83:5a:5c:95:89:e9:73:f4:d7:5b:
         95:1b:75:2e:98:cf:fb:cb:d9:bf:d7:db:f9:3c:4b:7d:da:9f:
         94:ef:fe:87:f5:d9:6f:a2:2c:d9:6e:be:61:74:b9:81:a6:98:
         db:a3:a7:8a:8f:47:27:83:90:1a:f2:7e:cf:94:80:cb:89:d0:
         2b:61:82:88
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUcGdxHCXQ9LX7bHlMaEoTgOsrYpIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjQwMzEyMDAwMDAwWhcNMjQwNDE2MjM1OTU5
WjB6MUkwRwYDVQQFE0A0MTViOWM4ODYxMzVkMWY3NGM1NmY0YTY3OWJkYTMxNzhm
YmFkOTY5MmI3NTU1Mzg1ZWRmNTQxMTAzZGMyODRiMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCHVm6tmRXf/QzMEctAWhH0UA9/8gDsGpYnNAc1ssRyd1yb
t0+EjgussRqmIQCyxQXcWL03AdznCqamkTxJZWV6JPyqrMBZ+1IL6l69Xesfz/GZ
CzcYVtdfCCnbV2mo0sXTFjizgxRer4z+rfI1enlp3GzNIHJQMkVLaU+etc1Dh0aH
kXuFaULW5ISj8tUffVVH4ArGKerSSs5ze5BtYIs8pPMc5p6FSWJ0Mp6tc0w/m8n9
O79MOCXKx3LAicKizjRVi5YhSmrrFzK0wU4Tm7rk6o602RLgQ07tE8wImHTHpcCW
HxpwG/zYLfbPUFVYdQHqMznXbEjATmNJOyLncQ6FAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUsZOmY9LNeILsyE2PfdZfduiNfD8wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzQzMTM5NjNlLTJhZmQtNDZkZS04MDkyLTE5N2I1NjA4ZmVkYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAPjTANBgkqhkiG9w0BAQsFAAOCAQEAUCopH8f3TfveGNL7yQ5tq/Ce50bs
g9m4wHn8lSAgMfF0QYtxmI643bgaY0wK02QtKpOoU0Y0bj6ZBN5O7hriekagiuUX
3POd2R3/r2Kh0lFP9G4FNkqLDC1lkwIlUWXDfF7pHeF5JCUhUez1ov/hfxXa/GBB
VA8qIRx+ex/ePgkohQzbVl/uxtzfHxaxEqhsadDTr8b5EmBKhKql0cdA9ssb46u8
n2ccoN1MCwetR8kTzc5ecD7dhOog3oODWlyVielz9NdblRt1LpjP+8vZv9fb+TxL
fdqflO/+h/XZb6Is2W6+YXS5gaaY26Onio9HJ4OQGvJ+z5SAy4nQK2GCiA==
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:38:27 2024 by rpki-client on console-fra.rpki-client.org