Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/a4c7585a-f3a5-4160-874c-2cca824fc68a.roa
File:                     a4c7585a-f3a5-4160-874c-2cca824fc68a.roa (raw, json)
Hash identifier:          mgJUC1K43WFophMMur3mdeSVRzWUJjs1kYwfrZxofjk=
Subject key identifier:   8B:F6:0E:AA:01:88:8E:E5:78:8D:F4:A3:5D:94:04:35:07:27:A6:A0
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       6C661A43194E1AC9119095B1CDB23E46B25FF6B7
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/a4c7585a-f3a5-4160-874c-2cca824fc68a.roa
Signing time:             Tue 28 May 2024 00:00:00 +0000
ROA not before:           Tue 28 May 2024 00:00:00 +0000
ROA not after:            Tue 02 Jul 2024 23:59:59 +0000
asID:                     398378
IP address blocks:        161.188.148.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 14 Jun 2024 20:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6c:66:1a:43:19:4e:1a:c9:11:90:95:b1:cd:b2:3e:46:b2:5f:f6:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: May 28 00:00:00 2024 GMT
            Not After : Jul  2 23:59:59 2024 GMT
        Subject: serialNumber=51891982e6c8a14ce7bfcef8e7266d44bbef1df43ca535bb4897bc35b7ef339f, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:55:07:f9:d3:66:ca:ff:17:67:78:95:f7:74:
                    ea:78:90:56:de:12:19:86:b4:f1:99:09:db:2f:a5:
                    61:8f:d6:a6:64:d9:1d:19:8b:71:7e:84:d9:1a:4b:
                    34:42:be:7d:77:af:0b:c4:20:65:96:a7:0b:ca:09:
                    f3:29:d9:20:d4:9b:f9:2e:c0:32:b0:99:52:cc:4e:
                    9c:3e:7e:88:d6:0b:7b:9e:7a:32:ba:9a:ce:d7:73:
                    b5:7e:ce:6b:d5:21:08:55:60:97:b1:38:1d:43:e1:
                    55:f0:b2:f2:c9:a8:28:f0:75:f8:a1:bb:e2:4a:48:
                    f1:a5:6e:db:0e:70:e5:16:0b:2f:d8:f4:0d:48:c4:
                    72:03:9e:89:5e:3c:e6:5c:c6:61:74:fc:57:65:20:
                    9d:96:a2:97:86:c1:b4:54:ce:dd:b1:ca:dc:41:78:
                    b5:5e:aa:c5:98:ed:a7:9a:6c:63:b8:9d:4a:ef:be:
                    7c:69:eb:80:7e:8f:be:84:11:23:6f:48:86:8e:3d:
                    5a:66:1f:62:91:e3:1e:19:c8:26:22:f4:19:99:2a:
                    1b:56:82:92:89:90:88:c1:d4:a9:a4:3a:1d:37:a2:
                    cc:ce:50:7d:2b:a7:96:18:13:12:eb:f4:5d:66:61:
                    28:1b:c5:4c:38:b2:ed:4d:5d:6c:44:4e:34:67:66:
                    90:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:F6:0E:AA:01:88:8E:E5:78:8D:F4:A3:5D:94:04:35:07:27:A6:A0
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/a4c7585a-f3a5-4160-874c-2cca824fc68a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  161.188.148.0/23

    Signature Algorithm: sha256WithRSAEncryption
         18:84:df:77:df:81:8c:53:06:16:fc:f4:1b:2d:44:08:5a:76:
         ca:47:a9:34:50:ce:78:14:38:8f:ec:8a:e5:ca:82:3a:42:71:
         39:86:73:0c:68:23:44:fd:0a:ef:e7:45:13:6c:68:0d:8d:80:
         f8:1f:b3:13:97:c2:54:6a:33:e4:e0:37:8c:99:86:5e:5a:d8:
         80:b2:a6:de:e1:be:41:94:f2:a1:79:d0:d9:6d:68:c7:ba:09:
         82:45:5e:3a:12:2f:51:8d:48:90:c5:8d:eb:a0:c4:2e:24:79:
         a8:da:a1:d8:60:03:3b:eb:50:f6:fc:2e:07:47:fb:b3:bf:5f:
         94:7c:e2:e6:e0:98:2c:93:16:db:ec:ec:bf:58:f6:09:e3:7f:
         bb:9c:82:e0:06:c8:61:7b:02:ef:e2:56:02:a2:b8:e1:77:43:
         54:86:de:ab:eb:d6:15:18:15:eb:11:98:5d:f6:77:ae:cb:3c:
         23:56:9a:ee:be:16:f4:3e:81:10:36:1a:c7:f1:ca:14:68:c1:
         b1:cb:4d:97:88:f4:42:96:de:44:7a:ce:55:8b:d6:53:e3:2d:
         ac:b6:6c:ac:7d:67:54:57:27:4b:f6:da:a2:0d:8d:42:e2:88:
         9e:db:68:cb:be:eb:92:65:ad:bb:f8:d1:cf:ec:68:73:b8:66:
         b1:ae:c0:ba
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUbGYaQxlOGskRkJWxzbI+RrJf9rcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjQwNTI4MDAwMDAwWhcNMjQwNzAyMjM1OTU5
WjB6MUkwRwYDVQQFE0A1MTg5MTk4MmU2YzhhMTRjZTdiZmNlZjhlNzI2NmQ0NGJi
ZWYxZGY0M2NhNTM1YmI0ODk3YmMzNWI3ZWYzMzlmMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC2VQf502bK/xdneJX3dOp4kFbeEhmGtPGZCdsvpWGP1qZk
2R0Zi3F+hNkaSzRCvn13rwvEIGWWpwvKCfMp2SDUm/kuwDKwmVLMTpw+fojWC3ue
ejK6ms7Xc7V+zmvVIQhVYJexOB1D4VXwsvLJqCjwdfihu+JKSPGlbtsOcOUWCy/Y
9A1IxHIDnolePOZcxmF0/FdlIJ2WopeGwbRUzt2xytxBeLVeqsWY7aeabGO4nUrv
vnxp64B+j76EESNvSIaOPVpmH2KR4x4ZyCYi9BmZKhtWgpKJkIjB1KmkOh03oszO
UH0rp5YYExLr9F1mYSgbxUw4su1NXWxETjRnZpDHAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUi/YOqgGIjuV4jfSjXZQENQcnpqAwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2E0Yzc1ODVhLWYzYTUtNDE2MC04NzRjLTJjY2E4MjRmYzY4YS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAGhvJQwDQYJKoZIhvcNAQELBQADggEBABiE33ffgYxTBhb89BstRAhadspH
qTRQzngUOI/siuXKgjpCcTmGcwxoI0T9Cu/nRRNsaA2NgPgfsxOXwlRqM+TgN4yZ
hl5a2ICypt7hvkGU8qF50NltaMe6CYJFXjoSL1GNSJDFjeugxC4keajaodhgAzvr
UPb8LgdH+7O/X5R84ubgmCyTFtvs7L9Y9gnjf7ucguAGyGF7Au/iVgKiuOF3Q1SG
3qvr1hUYFesRmF32d67LPCNWmu6+FvQ+gRA2GsfxyhRowbHLTZeI9EKW3kR6zlWL
1lPjLay2bKx9Z1RXJ0v22qINjULiiJ7baMu+65Jlrbv40c/saHO4ZrGuwLo=
-----END CERTIFICATE-----
Generated at Thu Jun 13 17:21:12 2024 by rpki-client on console-fra.rpki-client.org