Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/6cc80c0a-c7cf-4eda-8529-53154b873db1.roa
File:                     6cc80c0a-c7cf-4eda-8529-53154b873db1.roa (raw, json)
Hash identifier:          CcmpyYpDbirOGKcuerSHByRXkSB57puXli10+4CirCY=
Subject key identifier:   28:A7:AA:9A:E2:CD:E0:AD:51:05:77:A2:CF:92:50:60:36:46:8E:1B
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       219C4D212720AAF527D374A62A258F63D6626FC1
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/6cc80c0a-c7cf-4eda-8529-53154b873db1.roa
Signing time:             Tue 12 Mar 2024 00:00:00 +0000
ROA not before:           Tue 12 Mar 2024 00:00:00 +0000
ROA not after:            Tue 16 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        15.190.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 30 Mar 2024 12:04:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            21:9c:4d:21:27:20:aa:f5:27:d3:74:a6:2a:25:8f:63:d6:62:6f:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Mar 12 00:00:00 2024 GMT
            Not After : Apr 16 23:59:59 2024 GMT
        Subject: serialNumber=637340049f210e5c6a8a0f353f07be31e2f0a427a2022673d8eb718010db061f, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:d1:b7:0a:3c:05:73:bc:ae:3c:a2:46:d3:18:
                    bf:96:27:5d:48:ac:16:fc:0e:72:f4:46:d9:bd:a3:
                    51:78:80:c4:e0:bb:57:35:53:a8:3e:2e:7a:a7:c7:
                    56:e7:d7:8a:22:13:c4:ce:16:d9:fd:6d:d8:0b:06:
                    76:4c:a7:ef:16:4e:55:d0:9e:55:2a:fc:1d:20:a9:
                    04:fa:a9:1f:f4:63:1f:17:ce:b8:43:69:11:44:ca:
                    b3:d9:36:de:8a:b5:f4:3c:73:14:8e:24:d2:53:dd:
                    d1:e6:f8:43:18:9c:4e:7a:f3:60:fc:fe:82:c0:d8:
                    91:fc:cb:35:15:0f:bc:e4:07:35:57:49:f7:ac:fd:
                    da:6a:8a:a3:e7:8e:f1:3a:17:b7:86:ba:a4:9a:1a:
                    c6:3c:03:61:40:1b:76:db:30:7b:8b:4b:c0:a5:ce:
                    3c:25:96:97:57:4f:85:8d:90:43:89:f9:86:fc:8e:
                    c8:28:a6:67:f3:80:64:3b:b8:7d:77:fa:34:ad:e8:
                    1a:71:9f:28:15:5f:94:c5:27:bd:ee:d0:88:84:3c:
                    44:cc:9e:aa:ac:26:70:f8:6c:1c:e1:bb:71:00:cc:
                    8b:81:17:e8:b2:8a:45:dd:3c:59:31:75:34:68:ef:
                    0b:48:44:2c:b8:4b:2c:a4:01:30:85:24:5c:a5:fc:
                    b8:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:A7:AA:9A:E2:CD:E0:AD:51:05:77:A2:CF:92:50:60:36:46:8E:1B
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/6cc80c0a-c7cf-4eda-8529-53154b873db1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  15.190.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         39:b1:1b:41:a1:31:71:52:36:a8:9e:44:46:19:b1:80:90:18:
         95:54:2b:37:06:0f:5c:a5:90:f2:55:ee:02:26:34:b0:11:86:
         f7:b5:1f:ea:45:d1:a5:e5:b4:fe:00:66:fb:61:cf:0b:48:31:
         69:43:fc:48:c7:03:1a:1b:8b:ba:1e:1a:4a:3e:81:d7:fb:9c:
         1b:b0:ac:65:1f:7e:e2:b3:08:40:1e:d2:42:b1:46:5c:13:36:
         be:97:09:dc:b9:96:11:34:81:9f:37:f1:98:10:ad:9f:bb:ba:
         9e:ac:26:d2:3c:c8:c3:de:d4:65:18:2d:69:82:f2:a5:b1:f1:
         ac:cb:ae:43:46:96:e7:a9:72:5c:63:bc:62:09:d3:dc:4f:42:
         a4:a7:fa:76:45:41:57:53:db:af:a7:8b:ab:19:8c:d7:f2:fd:
         00:45:13:22:81:54:e7:77:79:61:16:f6:2b:0b:c3:b0:3f:ac:
         f4:ee:3e:7c:7a:a9:8f:21:c9:b4:e7:19:06:4e:10:3f:eb:d8:
         22:d6:c7:19:b0:8c:d4:55:cf:57:63:69:a2:c0:e0:98:5d:40:
         33:0e:fc:04:05:b7:c6:85:e4:9e:91:2a:d2:59:5b:87:46:d7:
         aa:6e:a6:e1:06:5d:31:5c:ef:ea:32:00:f2:8e:b0:ae:c4:97:
         b1:93:1a:c3
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUIZxNIScgqvUn03SmKiWPY9Zib8EwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjQwMzEyMDAwMDAwWhcNMjQwNDE2MjM1OTU5
WjB6MUkwRwYDVQQFE0A2MzczNDAwNDlmMjEwZTVjNmE4YTBmMzUzZjA3YmUzMWUy
ZjBhNDI3YTIwMjI2NzNkOGViNzE4MDEwZGIwNjFmMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDX0bcKPAVzvK48okbTGL+WJ11IrBb8DnL0Rtm9o1F4gMTg
u1c1U6g+Lnqnx1bn14oiE8TOFtn9bdgLBnZMp+8WTlXQnlUq/B0gqQT6qR/0Yx8X
zrhDaRFEyrPZNt6KtfQ8cxSOJNJT3dHm+EMYnE5682D8/oLA2JH8yzUVD7zkBzVX
Sfes/dpqiqPnjvE6F7eGuqSaGsY8A2FAG3bbMHuLS8ClzjwllpdXT4WNkEOJ+Yb8
jsgopmfzgGQ7uH13+jSt6BpxnygVX5TFJ73u0IiEPETMnqqsJnD4bBzhu3EAzIuB
F+iyikXdPFkxdTRo7wtIRCy4SyykATCFJFyl/Li/AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUKKeqmuLN4K1RBXeiz5JQYDZGjhswHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzZjYzgwYzBhLWM3Y2YtNGVkYS04NTI5LTUzMTU0Yjg3M2RiMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAPvjANBgkqhkiG9w0BAQsFAAOCAQEAObEbQaExcVI2qJ5ERhmxgJAYlVQr
NwYPXKWQ8lXuAiY0sBGG97Uf6kXRpeW0/gBm+2HPC0gxaUP8SMcDGhuLuh4aSj6B
1/ucG7CsZR9+4rMIQB7SQrFGXBM2vpcJ3LmWETSBnzfxmBCtn7u6nqwm0jzIw97U
ZRgtaYLypbHxrMuuQ0aW56lyXGO8YgnT3E9CpKf6dkVBV1Pbr6eLqxmM1/L9AEUT
IoFU53d5YRb2KwvDsD+s9O4+fHqpjyHJtOcZBk4QP+vYItbHGbCM1FXPV2NposDg
mF1AMw78BAW3xoXknpEq0llbh0bXqm6m4QZdMVzv6jIA8o6wrsSXsZMaww==
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:38:29 2024 by rpki-client on console-fra.rpki-client.org