Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/88f09a26-8b70-4d31-b73b-01df50c56e50.roa
File:                     88f09a26-8b70-4d31-b73b-01df50c56e50.roa (raw, json)
Hash identifier:          yiO5lccQP7dcM6EzlJ6Cl9A1WVDFagBqn2E29aTTxoI=
Subject key identifier:   A7:FB:27:DF:7B:9E:C9:CE:0D:47:93:ED:7B:66:0B:10:5A:A2:79:4F
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       29B6B2BFA4548AC58E326818CDA9513C7EAE52B4
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/88f09a26-8b70-4d31-b73b-01df50c56e50.roa
Signing time:             Tue 18 Jun 2024 00:00:00 +0000
ROA not before:           Tue 18 Jun 2024 00:00:00 +0000
ROA not after:            Tue 23 Jul 2024 23:59:59 +0000
asID:                     6167
IP address blocks:        155.146.128.0/20 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 24 Jun 2024 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            29:b6:b2:bf:a4:54:8a:c5:8e:32:68:18:cd:a9:51:3c:7e:ae:52:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Jun 18 00:00:00 2024 GMT
            Not After : Jul 23 23:59:59 2024 GMT
        Subject: serialNumber=bd0b150391aaa6ff1dfc868914a9b76e9c221704ad1f0314f697492cacecc40e, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:a1:01:71:f0:be:5b:c3:6f:40:9f:4d:61:4b:
                    27:57:4f:f2:53:42:da:7c:b8:9e:51:6c:d2:e7:00:
                    d0:9c:1a:21:ef:23:a5:ee:6b:9a:ef:35:57:82:50:
                    a4:68:22:44:ea:73:47:3e:09:7d:41:f4:2e:87:f6:
                    10:d6:02:93:bf:cb:60:5c:19:95:a2:fe:52:30:b6:
                    e3:a1:5f:0b:3b:94:70:b1:8a:d6:80:fe:38:88:82:
                    ce:5f:e8:e2:75:39:8d:23:f1:48:b1:90:66:24:cf:
                    58:3b:a0:05:c6:28:e1:f4:74:25:d5:42:45:5c:29:
                    0b:bb:c2:dc:38:b3:fc:ad:45:db:61:9a:65:01:9a:
                    fd:c8:87:7e:89:11:2c:49:99:e0:31:94:b9:83:d8:
                    6a:d1:79:83:5e:ae:40:8f:84:e5:07:e0:24:03:f4:
                    bf:be:73:e4:e5:da:32:79:28:6d:f3:9f:c8:10:3f:
                    ae:87:a3:b2:9b:fa:b0:61:f7:da:f0:5f:24:0e:7a:
                    1e:3b:e8:d1:85:7a:9b:4b:33:9b:90:25:8f:de:53:
                    e7:29:f3:bf:97:c2:16:88:b0:71:2b:f5:f1:16:37:
                    e7:81:20:fb:20:42:e8:4a:88:80:17:6b:e2:f4:89:
                    66:a8:ae:bb:3e:b7:15:47:dc:d0:b3:06:35:b6:5f:
                    aa:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:FB:27:DF:7B:9E:C9:CE:0D:47:93:ED:7B:66:0B:10:5A:A2:79:4F
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/88f09a26-8b70-4d31-b73b-01df50c56e50.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  155.146.128.0/20

    Signature Algorithm: sha256WithRSAEncryption
         23:6a:26:6f:01:ca:c9:6b:2c:7c:1c:75:00:0d:d9:f7:c4:db:
         56:f8:c6:27:79:2b:bc:42:fb:7d:90:f4:42:73:68:d2:13:b8:
         bf:60:d8:5d:15:0b:5c:31:e4:12:24:83:4e:df:0b:d0:32:88:
         3c:05:f7:ac:cc:36:f9:3f:0e:d8:a5:97:ee:cb:34:01:97:1f:
         6a:b8:70:7e:a8:19:14:fc:fc:74:2e:7d:69:10:c4:46:61:7a:
         dd:7b:6e:13:c8:e1:21:14:91:fb:74:06:1f:35:bf:13:1a:56:
         32:00:16:2f:d1:b0:89:1a:6f:97:70:9c:32:c9:40:0b:e1:0a:
         c3:e5:21:71:61:25:2e:82:20:1b:e7:b6:20:3a:5b:f6:7c:fb:
         6f:e5:a4:0e:0c:b6:8d:dd:99:0e:58:f9:71:6d:a6:2e:b8:a4:
         84:03:c9:c8:fd:e0:49:b4:2f:4e:04:19:25:d9:03:d3:e7:75:
         5c:67:f3:f1:b0:cb:d3:1d:1d:cc:1f:ad:b5:4e:05:fe:aa:ad:
         65:60:6a:cd:51:2d:f7:bb:bb:47:27:f2:14:d7:a1:65:06:c8:
         af:9a:f1:5e:70:65:bb:1f:0a:51:38:2a:cd:61:5f:f1:17:3e:
         1f:d3:a6:1f:48:41:23:46:10:de:67:95:12:df:ce:f9:4d:a8:
         f4:81:e2:0a
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUKbayv6RUisWOMmgYzalRPH6uUrQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjQwNjE4MDAwMDAwWhcNMjQwNzIzMjM1OTU5
WjB6MUkwRwYDVQQFE0BiZDBiMTUwMzkxYWFhNmZmMWRmYzg2ODkxNGE5Yjc2ZTlj
MjIxNzA0YWQxZjAzMTRmNjk3NDkyY2FjZWNjNDBlMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCgoQFx8L5bw29An01hSydXT/JTQtp8uJ5RbNLnANCcGiHv
I6Xua5rvNVeCUKRoIkTqc0c+CX1B9C6H9hDWApO/y2BcGZWi/lIwtuOhXws7lHCx
itaA/jiIgs5f6OJ1OY0j8UixkGYkz1g7oAXGKOH0dCXVQkVcKQu7wtw4s/ytRdth
mmUBmv3Ih36JESxJmeAxlLmD2GrReYNerkCPhOUH4CQD9L++c+Tl2jJ5KG3zn8gQ
P66Ho7Kb+rBh99rwXyQOeh476NGFeptLM5uQJY/eU+cp87+XwhaIsHEr9fEWN+eB
IPsgQuhKiIAXa+L0iWaorrs+txVH3NCzBjW2X6p9AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUp/sn33ueyc4NR5Pte2YLEFqieU8wHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzg4ZjA5YTI2LThiNzAtNGQzMS1iNzNiLTAxZGY1MGM1NmU1MC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBASbkoAwDQYJKoZIhvcNAQELBQADggEBACNqJm8ByslrLHwcdQAN2ffE21b4
xid5K7xC+32Q9EJzaNITuL9g2F0VC1wx5BIkg07fC9AyiDwF96zMNvk/Dtill+7L
NAGXH2q4cH6oGRT8/HQufWkQxEZhet17bhPI4SEUkft0Bh81vxMaVjIAFi/RsIka
b5dwnDLJQAvhCsPlIXFhJS6CIBvntiA6W/Z8+2/lpA4Mto3dmQ5Y+XFtpi64pIQD
ycj94Em0L04EGSXZA9PndVxn8/Gwy9MdHcwfrbVOBf6qrWVgas1RLfe7u0cn8hTX
oWUGyK+a8V5wZbsfClE4Ks1hX/EXPh/Tph9IQSNGEN5nlRLfzvlNqPSB4go=
-----END CERTIFICATE-----
Generated at Sat Jun 22 03:13:31 2024 by rpki-client on console-ams.rpki-client.org