Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/44893a20-cc5e-4d43-a59f-e7dd9c9fee02.roa
File:                     44893a20-cc5e-4d43-a59f-e7dd9c9fee02.roa (raw, json)
Hash identifier:          ZYrRVjArLPhnGn//Spixh3rMHl2rIhPN5gbXIPsadUk=
Subject key identifier:   D6:5C:49:8B:0E:55:CF:C7:F0:F3:A2:F8:35:67:FF:D9:73:D0:7E:EC
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       75E7D00FEF82BF0B1024923173DEC195F67DD142
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/44893a20-cc5e-4d43-a59f-e7dd9c9fee02.roa
Signing time:             Mon 27 May 2024 00:00:00 +0000
ROA not before:           Mon 27 May 2024 00:00:00 +0000
ROA not after:            Mon 01 Jul 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        141.186.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 20 Jun 2024 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            75:e7:d0:0f:ef:82:bf:0b:10:24:92:31:73:de:c1:95:f6:7d:d1:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 27 00:00:00 2024 GMT
            Not After : Jul  1 23:59:59 2024 GMT
        Subject: serialNumber=f54d1427dca9b0cb9a5089b79500f1afb178f4451c62554c993aed81cf28fc01, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:4c:e4:9d:46:f9:46:4c:ed:2f:cc:24:7b:39:
                    9b:0c:e4:d7:57:a4:06:48:93:05:a3:aa:7f:83:8e:
                    56:24:2f:4b:ee:8d:0b:e2:71:cb:f8:28:e0:68:32:
                    1d:5e:71:e9:e4:49:91:30:17:0a:da:7a:18:ce:72:
                    78:6b:ac:54:e0:d4:fd:0e:17:22:66:62:8d:e4:85:
                    95:9f:1a:6f:39:61:b1:f6:d5:8a:e5:51:05:43:df:
                    b3:a4:df:66:7d:5d:4f:6a:b5:a9:6d:03:1b:bb:c4:
                    90:1a:f3:d1:f4:3f:11:5d:f0:6d:85:09:d1:bc:8e:
                    02:ea:48:54:85:48:3f:43:3c:0d:40:e5:a2:32:70:
                    2b:26:90:76:72:37:3e:00:69:a1:1d:e6:d9:a7:5b:
                    05:5a:92:6a:03:bc:65:15:fc:4d:e4:cc:8d:6d:a7:
                    6a:19:1f:9a:8c:74:ce:30:98:99:01:ce:5a:f6:c8:
                    97:6f:03:fa:9e:05:1f:b8:84:35:40:aa:06:d3:62:
                    83:5d:bb:70:c2:ff:4b:45:4c:16:88:7f:4d:26:84:
                    ee:f7:89:b1:84:36:2a:cb:4f:15:12:46:cb:b4:57:
                    59:47:cd:5a:2c:4c:d2:b3:19:36:3b:27:42:a9:ab:
                    a9:0d:d9:0c:b7:ff:b0:c8:e8:6a:3c:bc:27:65:fe:
                    56:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:5C:49:8B:0E:55:CF:C7:F0:F3:A2:F8:35:67:FF:D9:73:D0:7E:EC
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/44893a20-cc5e-4d43-a59f-e7dd9c9fee02.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  141.186.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         99:16:d7:4c:5a:d2:83:2c:20:f3:35:8f:42:37:b4:9d:c5:28:
         3c:0b:11:77:2a:a3:08:97:85:4a:e0:15:dd:e9:c4:d2:75:48:
         39:17:17:6b:0f:2f:25:6d:77:7d:47:4e:3c:aa:2d:76:6f:69:
         88:37:e4:cd:91:f9:a8:04:c3:52:a8:88:7e:85:1a:c7:6d:68:
         9b:63:0e:7e:7e:86:f6:59:07:50:69:8b:f9:e8:a7:03:bb:5c:
         1e:64:c6:32:67:64:60:b5:90:e9:30:30:1e:fa:9f:e9:b3:a6:
         a5:76:19:89:c6:01:d9:40:c1:a8:6d:88:0d:ce:a0:7a:26:ba:
         cb:71:c3:b0:8e:a7:a6:46:ee:82:de:b1:4a:08:85:0a:04:c1:
         b7:ea:33:2f:10:2b:27:17:c7:d9:0c:04:99:06:53:66:d9:ec:
         7e:52:3a:6d:92:d2:fc:0b:d6:9c:4d:36:c4:29:1e:dd:7d:56:
         b4:eb:7d:95:af:3e:86:c8:af:a0:62:69:1a:3e:51:2f:22:ed:
         ba:26:81:3a:8a:1f:df:30:66:22:01:29:13:c6:6d:88:1e:11:
         1c:c1:67:b6:10:e7:03:a9:4c:0d:2c:cc:53:41:52:68:f7:4a:
         7a:19:f5:57:2a:3f:4e:be:f3:25:66:da:e0:81:a8:b4:a0:d6:
         43:23:6a:88
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUdefQD++CvwsQJJIxc97BlfZ90UIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjQwNTI3MDAwMDAwWhcNMjQwNzAxMjM1OTU5
WjB6MUkwRwYDVQQFE0BmNTRkMTQyN2RjYTliMGNiOWE1MDg5Yjc5NTAwZjFhZmIx
NzhmNDQ1MWM2MjU1NGM5OTNhZWQ4MWNmMjhmYzAxMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCnTOSdRvlGTO0vzCR7OZsM5NdXpAZIkwWjqn+DjlYkL0vu
jQviccv4KOBoMh1ecenkSZEwFwraehjOcnhrrFTg1P0OFyJmYo3khZWfGm85YbH2
1YrlUQVD37Ok32Z9XU9qtaltAxu7xJAa89H0PxFd8G2FCdG8jgLqSFSFSD9DPA1A
5aIycCsmkHZyNz4AaaEd5tmnWwVakmoDvGUV/E3kzI1tp2oZH5qMdM4wmJkBzlr2
yJdvA/qeBR+4hDVAqgbTYoNdu3DC/0tFTBaIf00mhO73ibGENirLTxUSRsu0V1lH
zVosTNKzGTY7J0Kpq6kN2Qy3/7DI6Go8vCdl/lZ3AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU1lxJiw5Vz8fw86L4NWf/2XPQfuwwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzQ0ODkzYTIwLWNjNWUtNGQ0My1hNTlmLWU3ZGQ5YzlmZWUwMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCNujANBgkqhkiG9w0BAQsFAAOCAQEAmRbXTFrSgywg8zWPQje0ncUoPAsR
dyqjCJeFSuAV3enE0nVIORcXaw8vJW13fUdOPKotdm9piDfkzZH5qATDUqiIfoUa
x21om2MOfn6G9lkHUGmL+einA7tcHmTGMmdkYLWQ6TAwHvqf6bOmpXYZicYB2UDB
qG2IDc6geia6y3HDsI6npkbugt6xSgiFCgTBt+ozLxArJxfH2QwEmQZTZtnsflI6
bZLS/AvWnE02xCke3X1WtOt9la8+hsivoGJpGj5RLyLtuiaBOoof3zBmIgEpE8Zt
iB4RHMFnthDnA6lMDSzMU0FSaPdKehn1Vyo/Tr7zJWba4IGotKDWQyNqiA==
-----END CERTIFICATE-----
Generated at Tue Jun 18 16:14:27 2024 by rpki-client on console-fra.rpki-client.org