Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/9fedb778-8922-4862-8ec0-9d4a30fe975f.roa
File:                     9fedb778-8922-4862-8ec0-9d4a30fe975f.roa (raw, json)
Hash identifier:          L0qhRbU8v+dliHSUkCv+eGWjvqz7PciNxeydnPPr4xM=
Subject key identifier:   A6:C4:B5:2E:A6:B1:69:4B:3B:DA:7B:31:D8:D3:CE:CC:A7:8B:65:AA
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       312B9DE6E169603157107F9A12374B98F013C84B
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/9fedb778-8922-4862-8ec0-9d4a30fe975f.roa
Signing time:             Mon 20 May 2024 00:00:00 +0000
ROA not before:           Mon 20 May 2024 00:00:00 +0000
ROA not after:            Mon 24 Jun 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        150.222.14.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 14 Jun 2024 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            31:2b:9d:e6:e1:69:60:31:57:10:7f:9a:12:37:4b:98:f0:13:c8:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 20 00:00:00 2024 GMT
            Not After : Jun 24 23:59:59 2024 GMT
        Subject: serialNumber=a401458a79182e731925c2fa51f1fd86da84fb3d9ceda6413204fa4a42782c46, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:b7:84:33:58:f0:a5:d9:52:a7:53:c5:ac:c3:
                    60:04:5b:59:ea:a7:57:e3:e7:63:81:ae:7a:dd:67:
                    05:aa:f1:f4:9b:c7:6d:1f:de:82:6a:94:1b:bb:c0:
                    96:31:5f:00:12:c8:ef:92:57:a6:31:02:b6:16:cf:
                    59:30:a2:ac:42:db:fe:c0:1b:5e:7b:9c:b1:9d:37:
                    28:c7:5c:ba:70:40:c4:12:1c:bd:72:84:f6:3b:57:
                    61:a3:9a:fb:53:67:c3:1c:a1:2b:26:d6:02:48:50:
                    9c:f8:6c:5f:4d:5d:43:6d:19:00:1b:ab:80:2a:3b:
                    3e:b5:61:eb:bf:5d:44:14:ef:c0:70:72:53:60:ed:
                    df:a9:26:6c:06:5e:ce:a2:09:04:bb:18:91:35:fe:
                    d2:2a:e2:76:48:d4:9a:79:90:20:90:d4:1f:fc:59:
                    13:ae:7f:94:16:95:d2:d0:5c:14:e8:fb:e8:4d:8a:
                    ad:80:8a:3a:e7:1f:d3:e6:a3:d7:a6:07:c3:36:9a:
                    13:38:35:29:e7:bd:76:7c:3c:3d:33:f6:9d:ff:e5:
                    07:32:35:bc:8b:ed:08:54:a4:da:2f:28:56:48:aa:
                    0c:8d:1f:01:49:8a:6e:b6:8f:a8:d3:42:37:62:e5:
                    06:d5:d9:20:b2:36:63:15:c7:0a:69:5f:0d:e0:40:
                    e2:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:C4:B5:2E:A6:B1:69:4B:3B:DA:7B:31:D8:D3:CE:CC:A7:8B:65:AA
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/9fedb778-8922-4862-8ec0-9d4a30fe975f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  150.222.14.0/24

    Signature Algorithm: sha256WithRSAEncryption
         01:b4:58:84:dd:01:fc:9f:2c:b2:12:fa:42:e7:2a:ab:47:f2:
         d1:93:49:89:18:3c:d0:cf:f1:97:b0:72:fc:21:e5:95:0b:0f:
         51:ac:1e:c2:14:a0:6e:fd:0f:d6:05:dd:de:f4:e4:94:ba:ec:
         23:ac:36:86:ef:54:c1:12:09:c4:c1:ac:3b:37:8d:23:ac:89:
         c5:33:ee:43:e0:6e:91:a4:c5:75:a2:0a:bc:aa:2e:3f:2b:a7:
         73:78:c1:42:34:e9:89:b1:ee:74:c8:4b:30:78:0e:10:90:7c:
         e3:e2:8a:eb:97:90:31:8f:ed:76:e5:fd:a0:63:42:41:f7:92:
         c6:8d:ed:7c:1e:60:8c:5b:8d:46:92:88:ca:86:53:a0:b0:4f:
         16:6f:d7:f2:c0:0e:da:17:0e:a9:fc:1c:92:2e:07:28:b7:e2:
         72:de:53:9b:e7:e3:64:77:d6:a1:0b:db:ec:fe:84:56:fb:41:
         27:53:5d:24:4c:9f:68:5b:47:cf:80:48:fe:63:14:e5:0f:53:
         1f:37:55:30:19:b5:59:39:e8:af:aa:67:90:a5:c7:93:fc:a7:
         0b:35:c0:75:c9:01:61:48:15:31:4f:71:b7:2f:1c:45:16:cb:
         7a:c3:08:99:93:65:4c:d6:f1:8d:c6:3c:c0:c8:54:51:f3:d9:
         b3:62:ba:dc
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUMSud5uFpYDFXEH+aEjdLmPATyEswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjQwNTIwMDAwMDAwWhcNMjQwNjI0MjM1OTU5
WjB6MUkwRwYDVQQFE0BhNDAxNDU4YTc5MTgyZTczMTkyNWMyZmE1MWYxZmQ4NmRh
ODRmYjNkOWNlZGE2NDEzMjA0ZmE0YTQyNzgyYzQ2MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCTt4QzWPCl2VKnU8Wsw2AEW1nqp1fj52OBrnrdZwWq8fSb
x20f3oJqlBu7wJYxXwASyO+SV6YxArYWz1kwoqxC2/7AG157nLGdNyjHXLpwQMQS
HL1yhPY7V2GjmvtTZ8McoSsm1gJIUJz4bF9NXUNtGQAbq4AqOz61Yeu/XUQU78Bw
clNg7d+pJmwGXs6iCQS7GJE1/tIq4nZI1Jp5kCCQ1B/8WROuf5QWldLQXBTo++hN
iq2AijrnH9Pmo9emB8M2mhM4NSnnvXZ8PD0z9p3/5QcyNbyL7QhUpNovKFZIqgyN
HwFJim62j6jTQjdi5QbV2SCyNmMVxwppXw3gQOIvAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUpsS1LqaxaUs72nsx2NPOzKeLZaowHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzlmZWRiNzc4LTg5MjItNDg2Mi04ZWMwLTlkNGEzMGZlOTc1Zi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBACW3g4wDQYJKoZIhvcNAQELBQADggEBAAG0WITdAfyfLLIS+kLnKqtH8tGT
SYkYPNDP8Zewcvwh5ZULD1GsHsIUoG79D9YF3d705JS67COsNobvVMESCcTBrDs3
jSOsicUz7kPgbpGkxXWiCryqLj8rp3N4wUI06Ymx7nTISzB4DhCQfOPiiuuXkDGP
7Xbl/aBjQkH3ksaN7XweYIxbjUaSiMqGU6CwTxZv1/LADtoXDqn8HJIuByi34nLe
U5vn42R31qEL2+z+hFb7QSdTXSRMn2hbR8+ASP5jFOUPUx83VTAZtVk56K+qZ5Cl
x5P8pws1wHXJAWFIFTFPcbcvHEUWy3rDCJmTZUzW8Y3GPMDIVFHz2bNiutw=
-----END CERTIFICATE-----
Generated at Thu Jun 13 17:21:12 2024 by rpki-client on console-fra.rpki-client.org