Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/70cfbc47-a64a-4cd8-a271-ff8c8b9efe87.roa
File:                     70cfbc47-a64a-4cd8-a271-ff8c8b9efe87.roa (raw, json)
Hash identifier:          N5x7sNB5g2MImJ3utaCoUY7zI+dbPKRf+EPiXj/gZ54=
Subject key identifier:   7F:1A:8A:FA:04:F6:F9:1B:EE:53:E0:03:D8:40:DF:A8:37:81:02:32
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       02574233C63B96492B892E44A659214C9CE1CF42
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/70cfbc47-a64a-4cd8-a271-ff8c8b9efe87.roa
Signing time:             Tue 28 May 2024 00:00:00 +0000
ROA not before:           Tue 28 May 2024 00:00:00 +0000
ROA not after:            Tue 02 Jul 2024 23:59:59 +0000
asID:                     8987
IP address blocks:        15.170.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 14 Jun 2024 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            02:57:42:33:c6:3b:96:49:2b:89:2e:44:a6:59:21:4c:9c:e1:cf:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 28 00:00:00 2024 GMT
            Not After : Jul  2 23:59:59 2024 GMT
        Subject: serialNumber=790f38aeb393b92622b7f20f2d9c819465e16f253d6041f3cba590f8adb143df, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:1f:e2:49:34:d4:a7:74:4d:be:3c:e9:eb:26:
                    42:1b:12:b9:28:bc:22:f6:87:b0:ae:a1:37:44:8e:
                    7b:ef:8f:40:39:72:5b:e7:76:da:3b:61:9a:f5:1b:
                    a4:fd:6d:2d:bf:e3:a0:1c:0f:20:06:49:7a:47:8b:
                    71:7b:1c:bd:00:56:f2:87:39:8d:3f:35:93:44:90:
                    83:be:1e:d1:fb:30:ea:49:38:a7:20:32:c9:95:7c:
                    d0:65:cb:58:33:63:d8:95:40:d2:40:40:95:be:83:
                    fc:c0:0e:29:e2:5f:c8:91:b1:ff:d1:36:37:a8:a4:
                    ca:11:36:fa:2a:50:da:ce:33:19:60:53:b5:33:7e:
                    79:8a:05:65:c4:32:63:e6:96:ca:58:64:1d:7b:fa:
                    94:dc:94:f5:c3:14:3b:ea:f9:cf:ab:ae:f1:5b:f8:
                    e0:0d:f7:cd:0e:02:5c:a9:72:2d:47:60:7d:77:76:
                    00:e2:5e:ca:f8:e1:c0:7c:68:53:b5:59:c2:40:49:
                    1e:f0:c3:db:61:b1:e7:52:28:dd:93:80:88:ed:a3:
                    4e:f6:a9:4e:f2:cc:2a:d5:c6:5d:b9:46:ac:bf:8b:
                    b0:14:f0:be:4a:01:8a:00:4e:28:01:bb:99:90:f2:
                    e0:50:d3:59:d3:e9:ef:83:95:c7:0f:62:e0:e5:32:
                    c1:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:1A:8A:FA:04:F6:F9:1B:EE:53:E0:03:D8:40:DF:A8:37:81:02:32
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/70cfbc47-a64a-4cd8-a271-ff8c8b9efe87.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  15.170.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         1f:67:e5:3d:e6:f5:91:53:7e:ec:85:12:c2:38:33:4e:c7:48:
         8a:91:b7:05:ec:e4:8f:a4:ed:78:f0:b4:00:2e:ee:8c:af:a7:
         7f:0d:86:aa:f4:12:9c:bb:b8:c1:66:8d:26:43:67:8b:52:ed:
         f2:89:5d:b1:bc:b1:c2:2a:db:46:ec:cf:56:a6:99:47:d2:a4:
         86:c3:87:a3:f6:ed:86:cb:ee:57:ee:29:ac:96:92:f0:ed:db:
         d1:89:95:27:f9:08:69:31:1c:59:ad:c4:cb:f9:6e:35:aa:55:
         e8:ad:43:05:be:ce:b3:d3:c7:94:21:e0:16:e2:4b:a8:b9:56:
         6d:7d:7e:17:18:7a:71:2d:34:d8:3c:81:e5:84:0c:04:fb:4c:
         fe:fa:de:22:f2:e5:fd:13:99:00:59:05:eb:18:ae:64:27:ce:
         14:84:2a:ef:6a:84:7b:10:e6:40:90:fc:11:aa:17:7f:bc:5e:
         8f:cf:24:a1:e8:fd:f7:5b:21:d7:b8:ab:fc:44:8b:f9:bb:e6:
         8e:2c:7e:c7:fd:c5:e1:09:c9:27:cf:ec:0f:a8:30:cc:d6:d1:
         a5:7b:ff:f3:c6:ca:77:70:9b:f8:02:32:6d:bd:28:d9:80:74:
         88:6c:70:bd:f5:29:18:48:15:3d:a5:c8:c0:f5:08:b8:ec:31:
         b3:14:1f:a2
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUAldCM8Y7lkkriS5EplkhTJzhz0IwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjQwNTI4MDAwMDAwWhcNMjQwNzAyMjM1OTU5
WjB6MUkwRwYDVQQFE0A3OTBmMzhhZWIzOTNiOTI2MjJiN2YyMGYyZDljODE5NDY1
ZTE2ZjI1M2Q2MDQxZjNjYmE1OTBmOGFkYjE0M2RmMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDDH+JJNNSndE2+POnrJkIbErkovCL2h7CuoTdEjnvvj0A5
clvndto7YZr1G6T9bS2/46AcDyAGSXpHi3F7HL0AVvKHOY0/NZNEkIO+HtH7MOpJ
OKcgMsmVfNBly1gzY9iVQNJAQJW+g/zADiniX8iRsf/RNjeopMoRNvoqUNrOMxlg
U7UzfnmKBWXEMmPmlspYZB17+pTclPXDFDvq+c+rrvFb+OAN980OAlypci1HYH13
dgDiXsr44cB8aFO1WcJASR7ww9thsedSKN2TgIjto072qU7yzCrVxl25Rqy/i7AU
8L5KAYoATigBu5mQ8uBQ01nT6e+DlccPYuDlMsFhAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUfxqK+gT2+RvuU+AD2EDfqDeBAjIwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzcwY2ZiYzQ3LWE2NGEtNGNkOC1hMjcxLWZmOGM4YjllZmU4Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAPqjANBgkqhkiG9w0BAQsFAAOCAQEAH2flPeb1kVN+7IUSwjgzTsdIipG3
Bezkj6TtePC0AC7ujK+nfw2GqvQSnLu4wWaNJkNni1Lt8oldsbyxwirbRuzPVqaZ
R9KkhsOHo/bthsvuV+4prJaS8O3b0YmVJ/kIaTEcWa3Ey/luNapV6K1DBb7Os9PH
lCHgFuJLqLlWbX1+Fxh6cS002DyB5YQMBPtM/vreIvLl/ROZAFkF6xiuZCfOFIQq
72qEexDmQJD8EaoXf7xej88koej991sh17ir/ESL+bvmjix+x/3F4QnJJ8/sD6gw
zNbRpXv/88bKd3Cb+AIybb0o2YB0iGxwvfUpGEgVPaXIwPUIuOwxsxQfog==
-----END CERTIFICATE-----
Generated at Thu Jun 13 17:54:03 2024 by rpki-client on console-ams.rpki-client.org