Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/753bfb8d-19c1-468a-9fe9-da4787da9f96.roa
File:                     753bfb8d-19c1-468a-9fe9-da4787da9f96.roa (raw, json)
Hash identifier:          KK6MEwf6zddYKLcNQB0WKqUM8evZ0PUVUeTdbM/irRA=
Subject key identifier:   7C:88:E7:EC:76:79:9B:05:3C:8D:EE:5B:25:FE:14:9F:E0:5D:7F:12
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       352D0B19B64E36E37A62ACEDC76906CE9A189109
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/753bfb8d-19c1-468a-9fe9-da4787da9f96.roa
Signing time:             Fri 19 Jul 2024 00:00:00 +0000
ROA not before:           Fri 19 Jul 2024 00:00:00 +0000
ROA not after:            Fri 23 Aug 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        150.222.224.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 28 Jul 2024 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            35:2d:0b:19:b6:4e:36:e3:7a:62:ac:ed:c7:69:06:ce:9a:18:91:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jul 19 00:00:00 2024 GMT
            Not After : Aug 23 23:59:59 2024 GMT
        Subject: serialNumber=51f483ae0c5ad168e8710769065649e0809e13eea94b85c0d659b9f60eb31a9a, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:f2:bf:80:b3:ff:4d:a1:35:7f:b5:9f:aa:ff:
                    af:ea:46:55:1d:57:de:a2:ee:74:91:1c:a2:83:ab:
                    74:25:c2:30:88:c6:b3:91:e5:13:ea:f3:67:c5:f3:
                    64:f1:b7:2b:10:17:a3:4c:20:71:3b:b5:c3:b6:02:
                    54:62:2c:3f:e2:c6:cf:7a:be:bc:e0:2a:51:04:3e:
                    fe:5d:db:01:a0:8f:2d:23:0e:cd:a5:59:f3:cb:ce:
                    dd:64:2a:2a:5b:dc:a0:56:c5:ae:02:bd:0d:40:e0:
                    d8:68:9b:d9:22:70:71:73:ef:90:ae:be:d2:c2:a7:
                    32:75:dd:8c:49:34:72:02:c2:8b:9c:53:18:9e:a3:
                    54:32:7a:27:4d:39:9b:c8:d8:fc:a3:fb:f2:cf:1e:
                    c5:d9:ac:07:a2:26:94:28:c4:d7:39:f9:5f:70:b9:
                    bc:9c:b2:9e:13:33:98:6e:f0:5c:45:cf:1f:ce:7d:
                    52:43:01:50:ce:88:e5:a8:ae:df:44:9c:7f:a4:88:
                    44:de:e0:ca:fb:a6:ff:ab:61:e5:1f:08:1a:0c:e4:
                    7e:97:a4:05:f7:04:3d:63:3e:96:0c:d8:56:43:d9:
                    db:9f:13:2b:39:54:6a:b7:c2:69:f5:7c:ed:bd:12:
                    7c:a9:c3:61:43:8c:6b:8e:05:76:58:37:b6:27:a6:
                    eb:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:88:E7:EC:76:79:9B:05:3C:8D:EE:5B:25:FE:14:9F:E0:5D:7F:12
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/753bfb8d-19c1-468a-9fe9-da4787da9f96.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  150.222.224.0/24

    Signature Algorithm: sha256WithRSAEncryption
         59:32:22:52:97:32:7b:fb:4d:d1:0d:13:18:d5:6a:31:42:e5:
         e3:d0:ab:02:14:3d:75:42:49:5b:cf:6c:57:50:15:c0:74:f7:
         c0:9c:39:7d:14:cc:36:26:25:2e:08:21:fb:04:85:37:f7:67:
         fa:e0:6b:cf:31:17:ca:11:6b:b5:6e:7d:41:5e:ff:36:5b:90:
         91:04:7c:90:bb:65:12:e2:a7:d1:d0:ce:23:07:52:24:1a:82:
         c8:4e:34:f0:42:11:98:3e:6b:44:db:2d:d9:0d:8e:db:23:03:
         5c:7d:eb:94:96:40:6d:58:60:f6:68:3d:0f:a3:e7:33:24:86:
         33:bc:ec:df:02:aa:99:ae:32:ab:4d:74:98:aa:3b:ee:bf:ca:
         91:97:5e:20:25:db:e4:ab:eb:90:e7:02:96:af:77:98:4d:ef:
         46:c3:8e:b0:44:f6:c7:8e:e6:29:4a:33:a4:4b:c7:08:23:f3:
         82:6a:d9:6b:e4:7c:fd:a9:f3:0f:d5:e8:24:c4:36:e1:6e:42:
         11:00:2f:c8:f6:05:bc:c8:48:f6:3a:c0:25:fa:94:a8:fd:3e:
         04:3d:15:c4:62:8d:2e:45:b8:ae:32:10:6a:0d:7d:1e:13:30:
         34:c9:8c:eb:75:dd:2b:4c:06:b3:f8:3a:0e:3e:a9:66:03:13:
         21:eb:93:4e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUNS0LGbZONuN6Yqztx2kGzpoYkQkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjQwNzE5MDAwMDAwWhcNMjQwODIzMjM1OTU5
WjB6MUkwRwYDVQQFE0A1MWY0ODNhZTBjNWFkMTY4ZTg3MTA3NjkwNjU2NDllMDgw
OWUxM2VlYTk0Yjg1YzBkNjU5YjlmNjBlYjMxYTlhMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCy8r+As/9NoTV/tZ+q/6/qRlUdV96i7nSRHKKDq3QlwjCI
xrOR5RPq82fF82TxtysQF6NMIHE7tcO2AlRiLD/ixs96vrzgKlEEPv5d2wGgjy0j
Ds2lWfPLzt1kKipb3KBWxa4CvQ1A4Nhom9kicHFz75CuvtLCpzJ13YxJNHICwouc
Uxieo1QyeidNOZvI2Pyj+/LPHsXZrAeiJpQoxNc5+V9wubycsp4TM5hu8FxFzx/O
fVJDAVDOiOWort9EnH+kiETe4Mr7pv+rYeUfCBoM5H6XpAX3BD1jPpYM2FZD2duf
Eys5VGq3wmn1fO29Enypw2FDjGuOBXZYN7YnputTAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUfIjn7HZ5mwU8je5bJf4Un+BdfxIwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzc1M2JmYjhkLTE5YzEtNDY4YS05ZmU5LWRhNDc4N2RhOWY5Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBACW3uAwDQYJKoZIhvcNAQELBQADggEBAFkyIlKXMnv7TdENExjVajFC5ePQ
qwIUPXVCSVvPbFdQFcB098CcOX0UzDYmJS4IIfsEhTf3Z/rga88xF8oRa7VufUFe
/zZbkJEEfJC7ZRLip9HQziMHUiQagshONPBCEZg+a0TbLdkNjtsjA1x965SWQG1Y
YPZoPQ+j5zMkhjO87N8CqpmuMqtNdJiqO+6/ypGXXiAl2+Sr65DnApavd5hN70bD
jrBE9seO5ilKM6RLxwgj84Jq2WvkfP2p8w/V6CTENuFuQhEAL8j2BbzISPY6wCX6
lKj9PgQ9FcRijS5FuK4yEGoNfR4TMDTJjOt13StMBrP4Og4+qWYDEyHrk04=
-----END CERTIFICATE-----