Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/5f0772d8-f455-463e-9417-4ddc13856c48.roa
File:                     5f0772d8-f455-463e-9417-4ddc13856c48.roa (raw, json)
Hash identifier:          PsrNOvKZGSjiV3GtSLmW4ZQ5o247+vD4sGfAKDs5YB0=
Subject key identifier:   AB:97:A0:E7:EC:EA:9C:0C:74:20:65:AA:1E:48:8F:C0:66:25:1D:F9
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       66EB9F2DABC96B0926957C47238678D449845505
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/5f0772d8-f455-463e-9417-4ddc13856c48.roa
Signing time:             Tue 28 May 2024 00:00:00 +0000
ROA not before:           Tue 28 May 2024 00:00:00 +0000
ROA not after:            Tue 02 Jul 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        18.148.0.0/14 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 14 Jun 2024 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            66:eb:9f:2d:ab:c9:6b:09:26:95:7c:47:23:86:78:d4:49:84:55:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 28 00:00:00 2024 GMT
            Not After : Jul  2 23:59:59 2024 GMT
        Subject: serialNumber=52ac0ee75181e8352f2ac849d219a9640808d9802b70b06612f24690a06c16b6, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:fb:34:b4:33:e6:0d:29:24:35:6b:b3:34:0c:
                    79:ca:3e:c9:21:5f:6f:cf:59:11:38:b3:9d:d5:b0:
                    a1:a5:57:28:26:08:01:87:96:17:f6:c3:96:72:84:
                    03:7c:83:39:ea:01:83:c4:a0:d4:0a:b1:cf:5d:9d:
                    e5:39:a1:87:25:72:97:39:a8:37:01:36:6c:94:89:
                    43:b2:4c:df:63:58:2b:82:c0:14:18:2a:18:58:6d:
                    43:eb:84:e5:92:02:d7:bc:cc:96:e8:e6:79:80:ba:
                    b2:16:bf:86:46:60:0a:c0:b6:c8:51:0a:42:00:6f:
                    8c:18:91:a2:52:14:da:84:6f:30:57:7f:95:9d:fe:
                    cd:df:03:6b:20:69:de:bc:96:48:24:10:c1:f7:ec:
                    b1:15:cd:bf:24:ea:cd:f8:7c:b9:90:b8:25:48:e1:
                    e9:0e:88:aa:eb:ca:c3:f1:e5:c2:51:10:2c:ec:40:
                    96:f1:be:cd:ed:06:4d:89:9e:ac:5f:ee:2c:b9:bc:
                    17:70:7a:f3:cd:fd:1f:6f:4d:3d:43:88:ff:0c:a4:
                    d8:65:64:5e:87:c4:97:35:46:95:a8:df:b9:31:a5:
                    48:b2:b5:91:ba:e5:c8:51:97:bf:b8:4b:1f:50:d4:
                    40:9a:4a:5b:71:59:71:40:df:b4:88:a7:81:85:e5:
                    f0:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:97:A0:E7:EC:EA:9C:0C:74:20:65:AA:1E:48:8F:C0:66:25:1D:F9
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/5f0772d8-f455-463e-9417-4ddc13856c48.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  18.148.0.0/14

    Signature Algorithm: sha256WithRSAEncryption
         8e:bf:28:0d:eb:57:48:ed:68:3b:d5:ce:72:1a:2e:9b:4a:43:
         07:96:0e:bc:60:4f:22:b7:48:47:f8:1a:cb:d0:82:f8:82:86:
         9b:88:bd:9e:e4:d8:9f:87:12:41:12:a7:9d:d2:11:dc:fa:4b:
         66:40:e9:d0:a8:4e:56:43:b0:b5:92:4a:64:79:de:ba:56:c4:
         88:b2:12:00:08:a1:5e:63:29:9b:b1:6c:07:4e:47:8b:36:db:
         05:82:a5:6a:62:f5:e6:8e:f8:2c:1f:ca:d4:d9:55:23:ce:4d:
         14:4c:b3:a2:56:60:c4:85:84:d9:33:6f:12:e6:55:27:60:01:
         f6:e5:69:67:23:29:16:6d:04:c0:77:bb:61:89:ba:5a:73:df:
         8e:a5:1a:68:2e:01:b5:75:bb:a8:56:14:6f:fc:9e:76:58:40:
         df:5d:a0:b9:1a:db:6f:84:37:20:cd:d2:26:21:55:20:cc:81:
         b9:19:8a:cb:e6:3d:ee:67:54:6e:c3:0e:03:a2:be:77:46:23:
         dd:cb:f5:da:89:04:2e:9e:c6:ba:5c:22:5c:e5:00:cc:a4:89:
         18:94:24:90:81:d5:e2:9a:bb:52:a1:df:a4:a1:6b:e8:52:a6:
         45:10:01:17:82:05:60:ba:c6:ec:4c:4a:29:1d:62:f5:bf:7b:
         9a:2d:54:f7
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUZuufLavJawkmlXxHI4Z41EmEVQUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjQwNTI4MDAwMDAwWhcNMjQwNzAyMjM1OTU5
WjB6MUkwRwYDVQQFE0A1MmFjMGVlNzUxODFlODM1MmYyYWM4NDlkMjE5YTk2NDA4
MDhkOTgwMmI3MGIwNjYxMmYyNDY5MGEwNmMxNmI2MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCy+zS0M+YNKSQ1a7M0DHnKPskhX2/PWRE4s53VsKGlVygm
CAGHlhf2w5ZyhAN8gznqAYPEoNQKsc9dneU5oYclcpc5qDcBNmyUiUOyTN9jWCuC
wBQYKhhYbUPrhOWSAte8zJbo5nmAurIWv4ZGYArAtshRCkIAb4wYkaJSFNqEbzBX
f5Wd/s3fA2sgad68lkgkEMH37LEVzb8k6s34fLmQuCVI4ekOiKrrysPx5cJRECzs
QJbxvs3tBk2Jnqxf7iy5vBdwevPN/R9vTT1DiP8MpNhlZF6HxJc1RpWo37kxpUiy
tZG65chRl7+4Sx9Q1ECaSltxWXFA37SIp4GF5fADAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUq5eg5+zqnAx0IGWqHkiPwGYlHfkwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzVmMDc3MmQ4LWY0NTUtNDYzZS05NDE3LTRkZGMxMzg1NmM0OC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwISlDANBgkqhkiG9w0BAQsFAAOCAQEAjr8oDetXSO1oO9XOchoum0pDB5YO
vGBPIrdIR/gay9CC+IKGm4i9nuTYn4cSQRKnndIR3PpLZkDp0KhOVkOwtZJKZHne
ulbEiLISAAihXmMpm7FsB05HizbbBYKlamL15o74LB/K1NlVI85NFEyzolZgxIWE
2TNvEuZVJ2AB9uVpZyMpFm0EwHe7YYm6WnPfjqUaaC4BtXW7qFYUb/yedlhA312g
uRrbb4Q3IM3SJiFVIMyBuRmKy+Y97mdUbsMOA6K+d0Yj3cv12okELp7GulwiXOUA
zKSJGJQkkIHV4pq7UqHfpKFr6FKmRRABF4IFYLrG7ExKKR1i9b97mi1U9w==
-----END CERTIFICATE-----
Generated at Thu Jun 13 17:21:10 2024 by rpki-client on console-fra.rpki-client.org