Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/dd0f0284-6f6a-413a-9a4b-2d713dec18c5.roa
File:                     dd0f0284-6f6a-413a-9a4b-2d713dec18c5.roa (raw, json)
Hash identifier:          d/RDewcalSX7Ln5poon8xkJSnshx4r9yEaNld74ZMjo=
Subject key identifier:   3C:36:D6:1E:3F:2D:CF:78:FB:41:E2:C9:AD:CF:98:90:55:55:27:04
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       576BA79BFB2571FA6AED8B107EC40C9E0CA2FCDF
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/dd0f0284-6f6a-413a-9a4b-2d713dec18c5.roa
Signing time:             Mon 11 Mar 2024 00:00:00 +0000
ROA not before:           Mon 11 Mar 2024 00:00:00 +0000
ROA not after:            Mon 15 Apr 2024 23:59:59 +0000
asID:                     22394
IP address blocks:        155.146.0.0/19 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 30 Mar 2024 12:04:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            57:6b:a7:9b:fb:25:71:fa:6a:ed:8b:10:7e:c4:0c:9e:0c:a2:fc:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Mar 11 00:00:00 2024 GMT
            Not After : Apr 15 23:59:59 2024 GMT
        Subject: serialNumber=7604c3db431f5a9481b03811fe4d869a66172d2f0de4cd22e8300028fb640f10, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:f0:46:88:54:60:e4:b1:f2:51:3b:45:08:ef:
                    bc:ed:a4:93:25:a5:c5:49:c2:e3:bb:e2:c5:d0:bf:
                    88:1e:85:62:64:63:52:d4:8c:01:e9:79:14:54:9e:
                    28:10:03:dd:0c:97:ac:61:73:03:b1:ef:cf:42:43:
                    df:50:a9:5f:0a:34:0d:a2:32:04:83:18:b7:b2:91:
                    b5:9c:f1:ad:0a:89:d0:1c:5e:97:f3:96:a5:27:7a:
                    9d:ab:e3:90:34:10:87:2c:f1:06:22:80:10:75:a8:
                    26:75:25:7f:36:d5:04:bc:e4:4b:63:17:8a:00:91:
                    e4:23:08:0e:bd:4d:be:1f:3e:07:f1:7a:5f:74:61:
                    a9:68:08:41:18:89:80:66:50:9f:57:bb:89:67:51:
                    de:52:47:b4:e2:cc:65:38:24:c6:65:31:b8:a6:be:
                    e7:02:78:f8:c0:b7:29:60:da:dd:1d:02:c0:88:c3:
                    7a:93:1b:50:c8:29:60:dd:9e:90:a0:a4:18:6a:f0:
                    19:83:81:51:2c:4d:82:f0:77:62:8e:b5:93:fa:72:
                    c7:92:b7:13:ae:59:61:4a:51:26:b4:5f:29:19:75:
                    82:ff:7f:ea:3d:95:6a:b5:69:2f:48:3b:22:d0:b7:
                    0e:5c:65:f1:28:d1:e6:8c:c7:aa:f2:e5:4d:2a:1d:
                    d5:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:36:D6:1E:3F:2D:CF:78:FB:41:E2:C9:AD:CF:98:90:55:55:27:04
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/dd0f0284-6f6a-413a-9a4b-2d713dec18c5.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  155.146.0.0/19

    Signature Algorithm: sha256WithRSAEncryption
         91:eb:31:9e:b6:23:39:13:20:b4:fe:b3:72:ad:0f:f4:d8:80:
         d1:d8:13:cd:ed:f6:0d:91:66:b6:98:cb:24:bc:75:d1:cb:22:
         cc:d0:a1:7d:a8:3c:e0:ba:2b:3c:4d:7f:2f:1d:b2:9a:b5:bc:
         7a:ea:70:51:98:a1:1b:cd:67:3e:61:4f:0d:8e:24:c1:cc:69:
         4a:55:3d:44:38:18:4a:e0:c7:3b:26:95:b3:9a:3d:ad:b9:01:
         c1:dd:de:56:63:31:fd:2f:c5:80:00:65:90:3a:38:cc:7a:dd:
         95:7e:24:98:32:37:74:97:79:33:3c:72:89:03:fa:be:ba:35:
         47:6f:bd:aa:28:8e:47:65:db:75:7d:79:28:2c:1a:cc:7b:7e:
         51:a2:03:18:ac:4b:91:fb:58:b0:ba:fb:50:65:95:0c:b2:49:
         48:10:43:1e:0c:4a:18:ab:aa:8b:2e:be:bc:44:c4:f8:7c:0a:
         5e:a8:13:ba:2f:96:3b:da:41:03:9e:fd:9a:87:9c:f5:9a:fb:
         b7:ad:ed:6a:e0:53:a1:d2:ea:67:80:25:fe:88:b3:37:ef:b3:
         7a:99:bc:b0:80:a4:b7:93:04:a5:3e:ab:86:59:e8:3a:65:e6:
         e3:c2:b7:f6:e3:31:b5:22:e6:46:ea:a1:90:6a:94:ef:a1:9e:
         e0:ea:b9:4a
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUV2unm/slcfpq7YsQfsQMngyi/N8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjQwMzExMDAwMDAwWhcNMjQwNDE1MjM1OTU5
WjB6MUkwRwYDVQQFE0A3NjA0YzNkYjQzMWY1YTk0ODFiMDM4MTFmZTRkODY5YTY2
MTcyZDJmMGRlNGNkMjJlODMwMDAyOGZiNjQwZjEwMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCh8EaIVGDksfJRO0UI77ztpJMlpcVJwuO74sXQv4gehWJk
Y1LUjAHpeRRUnigQA90Ml6xhcwOx789CQ99QqV8KNA2iMgSDGLeykbWc8a0KidAc
XpfzlqUnep2r45A0EIcs8QYigBB1qCZ1JX821QS85EtjF4oAkeQjCA69Tb4fPgfx
el90YaloCEEYiYBmUJ9Xu4lnUd5SR7TizGU4JMZlMbimvucCePjAtylg2t0dAsCI
w3qTG1DIKWDdnpCgpBhq8BmDgVEsTYLwd2KOtZP6cseStxOuWWFKUSa0XykZdYL/
f+o9lWq1aS9IOyLQtw5cZfEo0eaMx6ry5U0qHdVRAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUPDbWHj8tz3j7QeLJrc+YkFVVJwQwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2RkMGYwMjg0LTZmNmEtNDEzYS05YTRiLTJkNzEzZGVjMThjNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAWbkgAwDQYJKoZIhvcNAQELBQADggEBAJHrMZ62IzkTILT+s3KtD/TYgNHY
E83t9g2RZraYyyS8ddHLIszQoX2oPOC6KzxNfy8dspq1vHrqcFGYoRvNZz5hTw2O
JMHMaUpVPUQ4GErgxzsmlbOaPa25AcHd3lZjMf0vxYAAZZA6OMx63ZV+JJgyN3SX
eTM8cokD+r66NUdvvaoojkdl23V9eSgsGsx7flGiAxisS5H7WLC6+1BllQyySUgQ
Qx4MShirqosuvrxExPh8Cl6oE7ovljvaQQOe/ZqHnPWa+7et7WrgU6HS6meAJf6I
szfvs3qZvLCApLeTBKU+q4ZZ6Dpl5uPCt/bjMbUi5kbqoZBqlO+hnuDquUo=
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:38:37 2024 by rpki-client on console-fra.rpki-client.org