Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/58e16aa5-88bf-46d4-912c-c7c87d3bc3d1.roa
File:                     58e16aa5-88bf-46d4-912c-c7c87d3bc3d1.roa (raw, json)
Hash identifier:          UU299T2UCWeiX/GurZlPu7hoSRdNsFjV8n01U7XRzC8=
Subject key identifier:   33:94:01:C3:F8:42:3B:96:6F:C3:F0:22:15:5F:DB:3F:D4:69:23:5D
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       27694906BA1ADFE090F51191FD0F50C526BDC2A0
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/58e16aa5-88bf-46d4-912c-c7c87d3bc3d1.roa
Signing time:             Tue 28 Feb 2023 00:00:00 +0000
ROA not before:           Tue 28 Feb 2023 00:00:00 +0000
ROA not after:            Tue 04 Apr 2023 23:59:59 +0000
asID:                     16509
IP address blocks:        3.192.0.0/10 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 16 Mar 2023 10:13:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            27:69:49:06:ba:1a:df:e0:90:f5:11:91:fd:0f:50:c5:26:bd:c2:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Feb 28 00:00:00 2023 GMT
            Not After : Apr  4 23:59:59 2023 GMT
        Subject: serialNumber=fe877ea5eea921df600147ef2be445ee7f4e892bbd80f3e6a1f1b7b12e02d0a8, CN=5f276045-5b9f-45ef-923d-f3fce24a6225, OU=Amazon RPKI, O=Amazon.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:1e:dd:2c:25:10:85:6e:fb:c5:f5:96:3f:44:
                    3b:1d:f6:ac:53:77:c6:aa:fd:ff:32:96:66:2a:1d:
                    1d:42:6f:f3:30:67:d7:8b:f5:4b:ff:5c:83:30:9d:
                    ed:98:fd:50:69:c8:21:2d:c3:08:7e:df:f6:11:18:
                    dc:fa:85:51:89:d9:a8:e0:61:d2:e5:d0:4f:c2:42:
                    fb:3e:8c:56:c6:af:e0:2c:7b:4b:94:09:aa:e5:be:
                    b9:ae:0b:78:c0:e2:ec:4d:ae:3e:a4:05:72:4e:18:
                    df:66:26:f5:38:62:c4:41:25:73:94:c6:2b:a3:cf:
                    61:ac:2c:fe:e1:59:ae:51:5c:41:ea:6d:e2:d1:99:
                    ce:d1:f5:72:09:19:84:7d:0f:e0:34:37:a5:8a:45:
                    86:ab:b2:20:6e:3e:85:73:43:19:00:44:6f:b0:ab:
                    1a:5f:0b:c8:39:03:73:b3:8a:ae:0c:bc:b7:1b:5f:
                    c6:94:eb:c7:a9:17:69:67:71:f3:16:67:5d:3e:07:
                    f3:05:44:7a:f1:b6:dd:9e:69:a1:cf:41:8a:92:25:
                    36:88:4d:c2:b6:68:d8:0a:36:17:b5:6f:81:a8:ba:
                    53:41:32:a1:bf:90:12:99:a6:17:65:26:83:5c:75:
                    f1:24:d0:94:5a:65:53:51:2f:bc:a7:cc:4b:c9:7c:
                    41:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                33:94:01:C3:F8:42:3B:96:6F:C3:F0:22:15:5F:DB:3F:D4:69:23:5D
            X509v3 Authority Key Identifier: 
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/58e16aa5-88bf-46d4-912c-c7c87d3bc3d1.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  3.192.0.0/10

    Signature Algorithm: sha256WithRSAEncryption
         5e:4a:0d:6a:ae:d5:75:e1:0e:4f:0b:6b:cf:32:9e:9a:76:34:
         28:0c:c1:0e:64:7d:a0:ba:f1:48:a8:00:b6:34:92:95:67:3f:
         0c:47:14:3e:3c:62:8b:95:cf:4c:8a:49:45:ad:99:12:1b:2c:
         23:1d:9e:c1:c2:1e:31:e3:70:6a:46:c1:1d:9f:a2:6f:9d:f3:
         b0:4d:f9:8f:82:34:c0:a8:d6:91:39:b1:61:4a:7a:60:27:ce:
         98:23:7f:ff:85:b7:64:7b:78:a1:00:33:0e:0d:26:78:2a:2b:
         de:3f:a4:b3:f7:85:1a:71:d5:83:37:56:b3:7d:9b:31:06:3c:
         fe:37:0b:17:39:4a:46:1b:57:97:f0:f9:60:9e:4f:11:d1:f6:
         6b:b9:62:dd:95:ed:13:74:81:5b:e3:60:b2:a5:2f:ce:15:33:
         31:64:32:ef:2d:cb:27:ba:a7:a7:ef:c3:f8:14:88:19:7f:0b:
         fa:19:01:81:41:10:4e:41:4a:0b:03:fd:22:2c:bc:67:53:3e:
         c3:eb:1f:e9:bb:de:29:f0:4d:c2:1b:a0:4f:49:91:29:7a:ea:
         f3:9b:fd:d2:ca:4e:a7:60:6a:bc:dd:5c:2d:f8:b8:d2:e1:50:
         f6:98:14:c4:a7:2d:9c:0b:25:d5:31:4f:40:c1:43:f9:74:c7:
         1b:e0:b8:67
-----BEGIN CERTIFICATE-----
MIIGIzCCBQugAwIBAgIUJ2lJBroa3+CQ9RGR/Q9QxSa9wqAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjMwMjI4MDAwMDAwWhcNMjMwNDA0MjM1OTU5
WjCBpTFJMEcGA1UEBRNAZmU4NzdlYTVlZWE5MjFkZjYwMDE0N2VmMmJlNDQ1ZWU3
ZjRlODkyYmJkODBmM2U2YTFmMWI3YjEyZTAyZDBhODEtMCsGA1UEAxMkNWYyNzYw
NDUtNWI5Zi00NWVmLTkyM2QtZjNmY2UyNGE2MjI1MRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBALEe3SwlEIVu+8X1lj9EOx32rFN3xqr9/zKWZiodHUJv8zBn14v1
S/9cgzCd7Zj9UGnIIS3DCH7f9hEY3PqFUYnZqOBh0uXQT8JC+z6MVsav4Cx7S5QJ
quW+ua4LeMDi7E2uPqQFck4Y32Ym9ThixEElc5TGK6PPYaws/uFZrlFcQept4tGZ
ztH1cgkZhH0P4DQ3pYpFhquyIG4+hXNDGQBEb7CrGl8LyDkDc7OKrgy8txtfxpTr
x6kXaWdx8xZnXT4H8wVEevG23Z5poc9BipIlNohNwrZo2Ao2F7Vvgai6U0Eyob+Q
EpmmF2Umg1x18STQlFplU1EvvKfMS8l8QU0CAwEAAaOCArAwggKsMB0GA1UdDgQW
BBQzlAHD+EI7lm/D8CIVX9s/1GkjXTAfBgNVHSMEGDAWgBQlrdNCsB63pY6tGZAm
iLVLP4H0uDAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMmEy
NDY5NDctMmQ2Mi00YTZjLWJhMDUtODcxODdmMDA5OWIyLzg1MWNlZjE3LTEzMmEt
NDMzNy1iN2QxLWJmMTZhNTJmZmQwMy9kZjZmM2IzYTM0YjYzODZkMWEzMmQ4ZjRm
YTMxNzhlZjMxODg3ZDhiNDI4ZGZhYTQ3Ni5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9mNzAzNjk2ZS1lNDdiLTRjMjAtYmQ5My02ZjgwOTA0
ZTQyZDIvNThlMTZhYTUtODhiZi00NmQ0LTkxMmMtYzdjODdkM2JjM2QxLnJvYTCB
iAYDVR0fBIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL3RqaHRHakxZOVBveGVPOHhpSDJMUW8zNnBIWS5jcmwwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMD
BgPAMA0GCSqGSIb3DQEBCwUAA4IBAQBeSg1qrtV14Q5PC2vPMp6adjQoDMEOZH2g
uvFIqAC2NJKVZz8MRxQ+PGKLlc9MiklFrZkSGywjHZ7Bwh4x43BqRsEdn6JvnfOw
TfmPgjTAqNaRObFhSnpgJ86YI3//hbdke3ihADMODSZ4KiveP6Sz94UacdWDN1az
fZsxBjz+NwsXOUpGG1eX8Plgnk8R0fZruWLdle0TdIFb42CypS/OFTMxZDLvLcsn
uqen78P4FIgZfwv6GQGBQRBOQUoLA/0iLLxnUz7D6x/pu94p8E3CG6BPSZEpeurz
m/3Syk6nYGq83Vwt+LjS4VD2mBTEpy2cCyXVMU9AwUP5dMcb4Lhn
-----END CERTIFICATE-----
Generated at Wed Mar 15 11:52:48 2023 by rpki-client on console-fra.rpki-client.org