Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/b0911cc9-d9cd-4c59-bcac-4485c5bded3b.roa
File:                     b0911cc9-d9cd-4c59-bcac-4485c5bded3b.roa (raw, json)
Hash identifier:          XmmrekAY5FUrMdZuBXEmqF060cfUnQ/TEEeVpmhrmXM=
Subject key identifier:   94:3F:22:03:2E:4C:19:04:5C:96:D4:9B:6B:43:20:A2:BB:E8:26:34
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       252A78B2643FD7734D4E798092D9C97D693ECF4C
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/b0911cc9-d9cd-4c59-bcac-4485c5bded3b.roa
Signing time:             Wed 06 Mar 2024 00:00:00 +0000
ROA not before:           Wed 06 Mar 2024 00:00:00 +0000
ROA not after:            Wed 10 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        15.190.32.0/20 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 30 Mar 2024 12:04:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            25:2a:78:b2:64:3f:d7:73:4d:4e:79:80:92:d9:c9:7d:69:3e:cf:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Mar  6 00:00:00 2024 GMT
            Not After : Apr 10 23:59:59 2024 GMT
        Subject: serialNumber=3b90ebdd2e3717d2fe14bef9750c34d264fbe29293e70fb4d87302345753f668, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:d9:d4:e6:19:f0:d6:d6:6e:54:00:c8:ef:04:
                    82:49:c6:7c:1b:1c:8d:43:85:8d:d2:e0:57:94:3b:
                    d0:42:16:aa:87:e3:5f:26:2f:e0:35:30:98:a1:0d:
                    54:52:28:d2:3f:89:db:fb:51:1d:0e:b6:c0:f9:d8:
                    f5:e7:bc:67:08:13:07:94:8a:c5:b1:84:77:94:c3:
                    3f:33:3c:b2:bb:6c:3c:e4:dc:ba:eb:f7:76:e3:13:
                    ff:a0:4b:4b:74:be:35:7d:29:6e:3d:7d:7c:65:f2:
                    f3:57:fa:3a:12:78:dc:b5:a1:ac:f1:22:ad:b8:8c:
                    9b:79:31:24:2f:c6:11:23:f7:95:19:f1:68:65:6f:
                    a5:5f:86:f0:fc:34:92:26:20:26:b1:7a:86:8b:7d:
                    f0:64:81:82:6b:5f:91:75:6a:8a:67:cf:e5:78:b9:
                    18:7d:0c:75:98:0b:72:19:a1:ac:f5:25:b5:85:1f:
                    f2:68:a3:1a:81:0d:d7:e4:42:d8:d1:7d:fd:8e:05:
                    33:7e:79:32:a3:09:fe:52:68:9b:5f:65:86:f9:d1:
                    c2:dd:77:f4:a2:8d:d6:01:1a:77:6e:e7:00:d7:f8:
                    db:91:79:69:c5:90:9b:01:1e:02:77:03:a0:82:c9:
                    f5:c8:a5:8f:82:50:18:01:3e:f8:9e:15:44:79:82:
                    2e:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:3F:22:03:2E:4C:19:04:5C:96:D4:9B:6B:43:20:A2:BB:E8:26:34
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/b0911cc9-d9cd-4c59-bcac-4485c5bded3b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  15.190.32.0/20

    Signature Algorithm: sha256WithRSAEncryption
         1a:92:48:29:c4:90:88:76:94:fb:79:ff:2f:5e:48:28:74:10:
         7d:e9:6c:8a:cb:d6:0f:ea:4c:0e:99:11:53:b8:c7:ac:9e:59:
         8c:10:e7:dd:04:66:cc:44:37:78:11:57:d7:f1:40:43:f0:1a:
         08:82:91:4c:08:6d:6b:38:3c:48:d3:0d:2a:98:32:7b:b3:b0:
         af:fe:98:b1:59:8d:5f:71:47:8f:2a:ec:94:a5:27:6c:09:07:
         31:6b:a4:63:2c:7d:70:d0:9c:8f:e5:be:71:07:0b:01:f3:f6:
         a2:7d:91:5e:f7:a2:49:13:24:54:01:dd:ca:e7:06:fc:27:16:
         80:a7:ee:f0:e3:89:c7:0c:75:5c:84:53:ce:b0:6d:3d:25:0f:
         c3:6d:d8:6e:e1:e4:c6:ef:43:59:cc:14:46:a4:57:bc:d1:dc:
         d3:3d:af:2c:24:8b:d8:53:c5:12:6a:02:5e:9c:c8:6f:f0:4b:
         7d:71:dc:65:6f:ad:ec:0b:b6:1b:a5:ee:4d:d2:08:d2:63:0f:
         f0:df:93:7f:6c:d9:21:db:26:3c:75:c0:1d:27:78:55:28:0f:
         ed:b7:0a:e2:d8:f5:ff:32:3a:ee:76:a6:5a:be:45:6d:fa:08:
         f4:01:b3:6b:eb:2c:e6:02:6a:59:59:d6:79:68:84:f2:60:c0:
         36:76:77:c1
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUJSp4smQ/13NNTnmAktnJfWk+z0wwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjQwMzA2MDAwMDAwWhcNMjQwNDEwMjM1OTU5
WjB6MUkwRwYDVQQFE0AzYjkwZWJkZDJlMzcxN2QyZmUxNGJlZjk3NTBjMzRkMjY0
ZmJlMjkyOTNlNzBmYjRkODczMDIzNDU3NTNmNjY4MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCx2dTmGfDW1m5UAMjvBIJJxnwbHI1DhY3S4FeUO9BCFqqH
418mL+A1MJihDVRSKNI/idv7UR0OtsD52PXnvGcIEweUisWxhHeUwz8zPLK7bDzk
3Lrr93bjE/+gS0t0vjV9KW49fXxl8vNX+joSeNy1oazxIq24jJt5MSQvxhEj95UZ
8Whlb6VfhvD8NJImICaxeoaLffBkgYJrX5F1aopnz+V4uRh9DHWYC3IZoaz1JbWF
H/JooxqBDdfkQtjRff2OBTN+eTKjCf5SaJtfZYb50cLdd/SijdYBGndu5wDX+NuR
eWnFkJsBHgJ3A6CCyfXIpY+CUBgBPvieFUR5gi7PAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUlD8iAy5MGQRcltSba0MgorvoJjQwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2IwOTExY2M5LWQ5Y2QtNGM1OS1iY2FjLTQ0ODVjNWJkZWQzYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAQPviAwDQYJKoZIhvcNAQELBQADggEBABqSSCnEkIh2lPt5/y9eSCh0EH3p
bIrL1g/qTA6ZEVO4x6yeWYwQ590EZsxEN3gRV9fxQEPwGgiCkUwIbWs4PEjTDSqY
MnuzsK/+mLFZjV9xR48q7JSlJ2wJBzFrpGMsfXDQnI/lvnEHCwHz9qJ9kV73okkT
JFQB3crnBvwnFoCn7vDjiccMdVyEU86wbT0lD8Nt2G7h5MbvQ1nMFEakV7zR3NM9
rywki9hTxRJqAl6cyG/wS31x3GVvrewLthul7k3SCNJjD/Dfk39s2SHbJjx1wB0n
eFUoD+23CuLY9f8yOu52plq+RW36CPQBs2vrLOYCallZ1nlohPJgwDZ2d8E=
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:18:37 2024 by rpki-client on console-ams.rpki-client.org