Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/a38622f8-5fb2-4f4a-95ef-57202780478d.roa
File:                     a38622f8-5fb2-4f4a-95ef-57202780478d.roa (raw, json)
Hash identifier:          uZwgYeUFJQXxgzBRYLV9g69QXHYhF2PnT0649Ay36rM=
Subject key identifier:   AB:9A:66:8C:2F:8E:D6:CB:17:74:03:FC:0D:08:71:58:37:14:B3:F6
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       4D0169BE7F171B6F641524DF40276E85E1DC7B2A
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/a38622f8-5fb2-4f4a-95ef-57202780478d.roa
Signing time:             Tue 28 May 2024 00:00:00 +0000
ROA not before:           Tue 28 May 2024 00:00:00 +0000
ROA not after:            Tue 02 Jul 2024 23:59:59 +0000
asID:                     14618
IP address blocks:        15.170.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 24 Jun 2024 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4d:01:69:be:7f:17:1b:6f:64:15:24:df:40:27:6e:85:e1:dc:7b:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 28 00:00:00 2024 GMT
            Not After : Jul  2 23:59:59 2024 GMT
        Subject: serialNumber=f3a3948e332d88d155beb62edb6f16bf3e347f5fa453fd350b26d3108d4ab2e6, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:e4:19:c0:08:e9:0e:7e:c3:2e:48:3e:ba:61:
                    a3:84:ac:8b:ae:5d:fb:73:3a:66:a0:be:a9:00:65:
                    0b:e1:be:4a:d7:38:6c:6e:11:62:49:ae:76:3e:54:
                    8c:71:64:ba:70:20:ae:12:2d:47:e7:3a:62:9a:e8:
                    9f:32:f4:3c:ff:42:9c:71:29:6c:63:f6:f7:24:cb:
                    9d:0d:26:e2:1d:6c:88:f9:79:40:39:f8:1e:7b:5b:
                    df:bb:2b:7d:d2:8d:de:dd:78:8d:6a:77:62:f7:94:
                    b7:2c:7d:3d:b6:a4:a2:c4:26:34:23:55:7b:00:49:
                    f1:c5:e5:a4:23:a3:0a:22:78:3a:8f:c5:ca:ca:5e:
                    db:18:5e:e2:9e:73:b9:e2:11:11:ce:2b:7f:2b:44:
                    30:79:50:f5:17:48:fb:6e:27:18:19:ce:b5:4a:08:
                    22:f8:c1:0a:5b:42:cf:f7:b3:26:18:99:58:12:c0:
                    c6:4e:bc:85:b4:23:2f:4c:44:00:f1:d8:b8:47:c6:
                    bc:b4:d3:4f:ae:5c:bf:28:d5:af:70:f9:6d:26:e9:
                    d6:f3:2a:52:70:1c:1c:45:7d:bc:3b:af:fe:69:2c:
                    54:86:a8:5f:5c:7e:c2:9f:4e:38:ef:c8:f7:8d:4c:
                    30:4f:ae:de:d6:b0:9b:10:de:c0:a5:71:c6:f1:70:
                    bc:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:9A:66:8C:2F:8E:D6:CB:17:74:03:FC:0D:08:71:58:37:14:B3:F6
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/a38622f8-5fb2-4f4a-95ef-57202780478d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  15.170.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         60:4d:8a:b8:98:b9:3c:22:3c:12:41:30:5f:e0:d6:c4:13:92:
         1e:0b:9f:d1:43:bc:20:14:6a:03:60:9f:7d:97:a9:25:df:e7:
         98:6e:07:00:ea:31:f6:5a:ac:10:cb:1e:a1:fd:27:31:b5:74:
         62:e6:7e:fa:57:3b:c0:8d:25:70:6a:e2:a7:62:ef:a2:10:32:
         a2:1a:2a:b4:e8:cc:d2:39:da:88:cc:51:eb:db:bb:40:c0:b0:
         9d:31:7d:4a:ba:86:da:49:4e:e6:1a:12:f3:7d:4c:33:42:69:
         34:bc:9b:a8:71:ec:57:04:26:44:46:ff:01:d7:e1:b9:01:e9:
         f4:00:6f:6b:9b:f7:93:ce:13:b6:a7:b4:f8:6d:db:2a:3f:5b:
         15:3f:92:9f:ce:ce:ce:44:33:87:76:6d:9e:13:c1:34:42:00:
         72:83:3f:72:fc:80:3c:cf:51:12:a6:71:df:d4:36:4b:7e:ba:
         4d:be:f6:0d:1d:69:80:f1:7b:20:ba:2e:70:7d:38:55:59:a3:
         24:54:71:22:cf:da:b7:58:08:3e:c1:80:ad:86:aa:28:4d:32:
         0f:77:63:1d:a2:c2:65:d2:81:dc:93:04:f9:b8:15:d9:b7:ac:
         d3:70:99:e9:be:8b:4a:84:c9:3b:61:34:39:7b:33:ca:78:67:
         07:d8:2d:12
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUTQFpvn8XG29kFSTfQCduheHceyowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjQwNTI4MDAwMDAwWhcNMjQwNzAyMjM1OTU5
WjB6MUkwRwYDVQQFE0BmM2EzOTQ4ZTMzMmQ4OGQxNTViZWI2MmVkYjZmMTZiZjNl
MzQ3ZjVmYTQ1M2ZkMzUwYjI2ZDMxMDhkNGFiMmU2MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC55BnACOkOfsMuSD66YaOErIuuXftzOmagvqkAZQvhvkrX
OGxuEWJJrnY+VIxxZLpwIK4SLUfnOmKa6J8y9Dz/QpxxKWxj9vcky50NJuIdbIj5
eUA5+B57W9+7K33Sjd7deI1qd2L3lLcsfT22pKLEJjQjVXsASfHF5aQjowoieDqP
xcrKXtsYXuKec7niERHOK38rRDB5UPUXSPtuJxgZzrVKCCL4wQpbQs/3syYYmVgS
wMZOvIW0Iy9MRADx2LhHxry000+uXL8o1a9w+W0m6dbzKlJwHBxFfbw7r/5pLFSG
qF9cfsKfTjjvyPeNTDBPrt7WsJsQ3sClccbxcLyfAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUq5pmjC+O1ssXdAP8DQhxWDcUs/YwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2EzODYyMmY4LTVmYjItNGY0YS05NWVmLTU3MjAyNzgwNDc4ZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAPqjANBgkqhkiG9w0BAQsFAAOCAQEAYE2KuJi5PCI8EkEwX+DWxBOSHguf
0UO8IBRqA2CffZepJd/nmG4HAOox9lqsEMseof0nMbV0YuZ++lc7wI0lcGrip2Lv
ohAyohoqtOjM0jnaiMxR69u7QMCwnTF9SrqG2klO5hoS831MM0JpNLybqHHsVwQm
REb/AdfhuQHp9ABva5v3k84Ttqe0+G3bKj9bFT+Sn87OzkQzh3ZtnhPBNEIAcoM/
cvyAPM9REqZx39Q2S366Tb72DR1pgPF7ILoucH04VVmjJFRxIs/at1gIPsGArYaq
KE0yD3djHaLCZdKB3JME+bgV2bes03CZ6b6LSoTJO2E0OXszynhnB9gtEg==
-----END CERTIFICATE-----
Generated at Sat Jun 22 03:18:03 2024 by rpki-client on console-fra.rpki-client.org