Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/5e5969f2-a684-4a42-b450-03c061cb8145.roa
File:                     5e5969f2-a684-4a42-b450-03c061cb8145.roa (raw, json)
Hash identifier:          7/Agkbd9A0qlwQHECbsznKlzEJFMLFQzsdJ4kTJjQJk=
Subject key identifier:   D2:53:06:57:2A:E3:FB:0C:EA:EB:21:8C:56:A6:97:56:45:F8:4A:F6
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       2F87E7F693305286B42BFBB81B3FE89C567764D5
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/5e5969f2-a684-4a42-b450-03c061cb8145.roa
Signing time:             Tue 12 Mar 2024 00:00:00 +0000
ROA not before:           Tue 12 Mar 2024 00:00:00 +0000
ROA not after:            Tue 16 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        18.156.0.0/14 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 30 Mar 2024 12:04:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2f:87:e7:f6:93:30:52:86:b4:2b:fb:b8:1b:3f:e8:9c:56:77:64:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Mar 12 00:00:00 2024 GMT
            Not After : Apr 16 23:59:59 2024 GMT
        Subject: serialNumber=6880e54a2b3a60c6109aa15324fbadd7da7a2bf13b09ebbddc8605a692e79d26, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:1e:50:1b:8d:f7:44:7a:c4:1f:3d:b4:a2:d4:
                    94:41:ea:76:52:07:ed:a1:8b:29:06:db:29:9b:71:
                    fb:ab:bb:d2:99:90:7c:a2:3a:03:61:89:70:cb:01:
                    06:69:d3:58:ca:69:b7:95:d9:7f:45:6c:06:ba:9e:
                    b8:6f:1b:93:9b:96:8a:f7:f6:07:de:f7:a0:05:b3:
                    a9:64:f2:d3:39:b8:f8:22:56:68:78:d3:26:eb:88:
                    af:39:a7:f8:7f:59:c2:52:86:e1:98:f8:5a:f7:01:
                    a3:fa:75:3f:3c:fc:16:8f:ce:0f:5c:11:48:86:9a:
                    1b:b8:a4:85:6e:b1:1e:4b:0e:28:82:c2:fc:09:dc:
                    8d:e1:3c:68:8d:20:ad:f5:f4:b2:4e:9a:24:7f:a1:
                    1b:2f:e2:e5:56:1f:31:fb:4f:52:53:04:c6:72:59:
                    82:cf:06:6d:fd:b4:98:37:ac:11:87:8a:09:27:20:
                    58:86:74:08:84:b5:09:ec:dd:0a:e7:e8:7a:d5:a5:
                    5f:ad:ae:9b:75:64:b2:f7:6e:e1:c6:d1:a1:4a:35:
                    2c:6c:44:ea:65:79:87:53:08:04:97:6c:55:08:67:
                    08:f7:3e:5b:71:d6:6f:c2:a8:b4:f3:e1:02:cd:b3:
                    68:b1:0e:23:1c:97:3d:73:b5:dc:4f:d1:9f:eb:5a:
                    29:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:53:06:57:2A:E3:FB:0C:EA:EB:21:8C:56:A6:97:56:45:F8:4A:F6
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/5e5969f2-a684-4a42-b450-03c061cb8145.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  18.156.0.0/14

    Signature Algorithm: sha256WithRSAEncryption
         06:a9:38:8b:c1:3a:73:4e:ea:c7:6a:39:1d:be:16:d2:56:32:
         f3:50:0d:3b:b0:e7:e6:fe:6d:12:1e:30:04:50:62:be:ab:8a:
         3e:8d:34:59:1e:5c:6c:9d:5b:89:17:03:5a:6f:83:59:60:f1:
         19:e1:09:30:ec:e5:35:13:ca:80:65:13:c0:da:4d:0e:19:ee:
         c3:c4:cf:22:fd:a2:66:70:d6:ac:ed:ac:6a:95:75:53:8d:1d:
         32:1b:08:b6:6e:53:e3:6f:41:49:56:64:a9:cd:c4:47:a0:37:
         36:80:da:f5:92:61:52:a6:ca:08:cf:9d:8c:2e:a3:af:3a:5a:
         fd:a8:84:35:84:af:f1:df:4b:ba:94:eb:1c:15:2e:72:c2:54:
         0e:06:8a:4a:6c:fc:fe:45:2d:74:3f:c9:9a:e4:47:ea:6c:88:
         f5:ae:48:6c:cd:25:db:35:5c:2f:ee:91:22:d6:a7:c4:27:79:
         a7:b8:54:15:eb:85:59:6d:ef:f1:c8:9a:3d:30:f2:50:fe:25:
         b6:50:9e:30:b9:b6:8d:f9:74:fd:06:15:c0:ed:73:c1:32:9d:
         b8:46:96:98:5a:5c:09:ac:28:ca:89:8a:27:23:46:39:ed:ab:
         37:da:f3:33:df:d2:de:ce:fb:5f:10:88:d1:e9:d4:2c:59:6b:
         95:c9:2c:89
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUL4fn9pMwUoa0K/u4Gz/onFZ3ZNUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjQwMzEyMDAwMDAwWhcNMjQwNDE2MjM1OTU5
WjB6MUkwRwYDVQQFE0A2ODgwZTU0YTJiM2E2MGM2MTA5YWExNTMyNGZiYWRkN2Rh
N2EyYmYxM2IwOWViYmRkYzg2MDVhNjkyZTc5ZDI2MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDMHlAbjfdEesQfPbSi1JRB6nZSB+2hiykG2ymbcfuru9KZ
kHyiOgNhiXDLAQZp01jKabeV2X9FbAa6nrhvG5Oblor39gfe96AFs6lk8tM5uPgi
Vmh40ybriK85p/h/WcJShuGY+Fr3AaP6dT88/BaPzg9cEUiGmhu4pIVusR5LDiiC
wvwJ3I3hPGiNIK319LJOmiR/oRsv4uVWHzH7T1JTBMZyWYLPBm39tJg3rBGHigkn
IFiGdAiEtQns3Qrn6HrVpV+trpt1ZLL3buHG0aFKNSxsROpleYdTCASXbFUIZwj3
Pltx1m/CqLTz4QLNs2ixDiMclz1ztdxP0Z/rWilvAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU0lMGVyrj+wzq6yGMVqaXVkX4SvYwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzVlNTk2OWYyLWE2ODQtNGE0Mi1iNDUwLTAzYzA2MWNiODE0NS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwISnDANBgkqhkiG9w0BAQsFAAOCAQEABqk4i8E6c07qx2o5Hb4W0lYy81AN
O7Dn5v5tEh4wBFBivquKPo00WR5cbJ1biRcDWm+DWWDxGeEJMOzlNRPKgGUTwNpN
Dhnuw8TPIv2iZnDWrO2sapV1U40dMhsItm5T429BSVZkqc3ER6A3NoDa9ZJhUqbK
CM+djC6jrzpa/aiENYSv8d9LupTrHBUucsJUDgaKSmz8/kUtdD/JmuRH6myI9a5I
bM0l2zVcL+6RItanxCd5p7hUFeuFWW3v8ciaPTDyUP4ltlCeMLm2jfl0/QYVwO1z
wTKduEaWmFpcCawoyomKJyNGOe2rN9rzM9/S3s77XxCI0enULFlrlcksiQ==
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:38:28 2024 by rpki-client on console-fra.rpki-client.org