Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/753bfb8d-19c1-468a-9fe9-da4787da9f96.roa
File:                     753bfb8d-19c1-468a-9fe9-da4787da9f96.roa (raw, json)
Hash identifier:          imwiyz5hvvQjJKlgKzoJ0VyuW1+iQmX4EQOFh+hIH3Y=
Subject key identifier:   E3:A0:D2:22:E9:14:D0:A7:43:88:89:8E:66:CA:C0:73:7B:31:C9:D2
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       096B72B0817E0FB3910825C9E6080B4C57781142
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/753bfb8d-19c1-468a-9fe9-da4787da9f96.roa
Signing time:             Tue 28 May 2024 00:00:00 +0000
ROA not before:           Tue 28 May 2024 00:00:00 +0000
ROA not after:            Tue 02 Jul 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        150.222.224.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 14 Jun 2024 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            09:6b:72:b0:81:7e:0f:b3:91:08:25:c9:e6:08:0b:4c:57:78:11:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 28 00:00:00 2024 GMT
            Not After : Jul  2 23:59:59 2024 GMT
        Subject: serialNumber=5a4ab6a3331d03625635274578be8ee79bda7a07d256bca5d88f12d206e0a021, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:f0:13:a8:99:b2:65:19:27:50:d4:b8:f2:5c:
                    e3:9a:18:ab:c6:c5:d4:74:b4:60:53:bf:cc:4f:73:
                    7c:d9:d8:80:26:04:dd:1c:c4:74:57:f7:fd:8a:8c:
                    e4:5b:cc:f5:98:7f:fa:db:d8:e5:a6:c6:fc:c6:f1:
                    59:1a:49:1f:7f:8c:98:2e:6d:36:4e:d7:b3:7b:4b:
                    2d:04:d8:8c:32:ef:d4:ae:65:75:9d:00:c7:ed:ab:
                    51:82:08:10:2e:9b:2c:ee:41:e5:71:db:1a:66:6f:
                    27:f4:b3:dd:9b:97:92:7c:be:96:83:b6:69:06:c6:
                    79:e1:c3:b5:e7:6d:d9:e1:c8:38:00:aa:ff:69:80:
                    93:bf:93:88:ad:33:41:52:21:99:67:82:ae:4b:40:
                    b3:8d:b9:d4:d4:bc:1a:ae:6d:7a:e4:6f:e6:58:b9:
                    54:a2:1e:f8:12:08:c0:f5:55:de:49:da:9c:4f:cb:
                    8b:b9:e5:af:36:ad:60:e5:db:48:71:28:29:be:a3:
                    e6:b0:b3:05:6d:9f:8f:0b:3a:aa:36:94:df:4e:29:
                    b9:e8:9e:40:d7:0d:04:49:af:38:34:c5:e4:67:15:
                    0e:74:09:09:a1:b7:5e:7c:24:0d:f9:85:dc:4c:d6:
                    24:66:ed:3f:fe:32:72:7e:97:1a:f1:0e:d9:13:dc:
                    e4:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:A0:D2:22:E9:14:D0:A7:43:88:89:8E:66:CA:C0:73:7B:31:C9:D2
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/753bfb8d-19c1-468a-9fe9-da4787da9f96.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  150.222.224.0/24

    Signature Algorithm: sha256WithRSAEncryption
         02:2b:00:c5:ca:aa:46:4a:f3:76:14:20:6a:d0:50:88:a8:2e:
         e1:3d:40:b8:df:9f:57:5c:01:b0:02:73:00:0f:07:75:52:a1:
         ec:3a:c3:19:d0:64:ef:79:de:09:2d:9f:ec:b5:87:59:67:d7:
         4d:66:e5:70:d5:59:11:17:e0:3b:63:b1:e9:e1:5f:0f:fc:60:
         e6:ad:06:12:92:ba:4b:0b:2c:20:20:81:2b:10:b1:da:91:93:
         6f:82:1a:89:38:09:5c:78:bb:21:52:7f:51:f6:96:fc:e2:77:
         4a:5c:c8:ba:ae:db:69:b0:4c:1d:5c:aa:72:64:07:5c:c3:e1:
         bb:23:dd:0c:b3:09:aa:1f:1e:39:83:b4:aa:e7:8d:16:35:03:
         e4:3f:33:ed:90:94:ba:87:e7:b7:3a:05:79:8a:35:4c:47:7a:
         ba:0b:e8:09:41:b8:c5:d4:37:8b:7b:67:a3:48:51:58:19:a9:
         bd:78:4d:50:07:56:ce:33:ad:38:60:71:7a:71:c4:aa:d0:6d:
         dd:c3:a3:6a:c3:f9:95:3b:ab:4c:93:1a:87:d4:75:85:70:e6:
         e2:b0:61:1d:4a:65:c8:8e:b0:4f:27:4a:16:fb:48:25:1d:f8:
         7b:32:52:ac:bf:32:5c:38:fa:2e:cb:12:6c:3c:25:2f:80:23:
         60:3b:91:54
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUCWtysIF+D7ORCCXJ5ggLTFd4EUIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjQwNTI4MDAwMDAwWhcNMjQwNzAyMjM1OTU5
WjB6MUkwRwYDVQQFE0A1YTRhYjZhMzMzMWQwMzYyNTYzNTI3NDU3OGJlOGVlNzli
ZGE3YTA3ZDI1NmJjYTVkODhmMTJkMjA2ZTBhMDIxMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC+8BOombJlGSdQ1LjyXOOaGKvGxdR0tGBTv8xPc3zZ2IAm
BN0cxHRX9/2KjORbzPWYf/rb2OWmxvzG8VkaSR9/jJgubTZO17N7Sy0E2Iwy79Su
ZXWdAMftq1GCCBAumyzuQeVx2xpmbyf0s92bl5J8vpaDtmkGxnnhw7XnbdnhyDgA
qv9pgJO/k4itM0FSIZlngq5LQLONudTUvBqubXrkb+ZYuVSiHvgSCMD1Vd5J2pxP
y4u55a82rWDl20hxKCm+o+awswVtn48LOqo2lN9OKbnonkDXDQRJrzg0xeRnFQ50
CQmht158JA35hdxM1iRm7T/+MnJ+lxrxDtkT3OQvAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU46DSIukU0KdDiImOZsrAc3sxydIwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzc1M2JmYjhkLTE5YzEtNDY4YS05ZmU5LWRhNDc4N2RhOWY5Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBACW3uAwDQYJKoZIhvcNAQELBQADggEBAAIrAMXKqkZK83YUIGrQUIioLuE9
QLjfn1dcAbACcwAPB3VSoew6wxnQZO953gktn+y1h1ln101m5XDVWREX4Dtjsenh
Xw/8YOatBhKSuksLLCAggSsQsdqRk2+CGok4CVx4uyFSf1H2lvzid0pcyLqu22mw
TB1cqnJkB1zD4bsj3QyzCaofHjmDtKrnjRY1A+Q/M+2QlLqH57c6BXmKNUxHeroL
6AlBuMXUN4t7Z6NIUVgZqb14TVAHVs4zrThgcXpxxKrQbd3Do2rD+ZU7q0yTGofU
dYVw5uKwYR1KZciOsE8nShb7SCUd+HsyUqy/Mlw4+i7LEmw8JS+AI2A7kVQ=
-----END CERTIFICATE-----
Generated at Wed Jun 12 16:27:29 2024 by rpki-client on console-fra.rpki-client.org