Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/fdecee65-c952-4f49-9973-5248d6a502de.roa
File:                     fdecee65-c952-4f49-9973-5248d6a502de.roa (raw, json)
Hash identifier:          dLxDWJZ32aG9aImq4ArtuLcOQzo5wz+EHK+RDDD2Xcc=
Subject key identifier:   D2:10:D7:0C:13:E2:C0:44:43:2C:57:12:B8:2A:7E:39:55:4A:3D:B5
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       EB7BDA132CE3489B6391F43C933402E7F8BE52
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/fdecee65-c952-4f49-9973-5248d6a502de.roa
Signing time:             Tue 12 Mar 2024 00:00:00 +0000
ROA not before:           Tue 12 Mar 2024 00:00:00 +0000
ROA not after:            Tue 16 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        15.141.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 30 Mar 2024 12:04:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            eb:7b:da:13:2c:e3:48:9b:63:91:f4:3c:93:34:02:e7:f8:be:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Mar 12 00:00:00 2024 GMT
            Not After : Apr 16 23:59:59 2024 GMT
        Subject: serialNumber=2fa554fa47ee32fab7a8e0218b9a9dccd38951a521d7839fef53d47dabf3d05a, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:40:05:42:f3:68:3b:2d:b7:7d:a2:ec:27:e2:
                    a4:67:08:48:79:f3:9b:e7:8c:d9:ae:1a:ac:ee:11:
                    30:59:ea:1e:43:23:22:23:19:af:b5:f0:47:d4:e0:
                    b1:b0:16:d6:92:62:a3:7a:12:dd:a8:19:e7:1c:e9:
                    90:4a:15:a8:16:0c:58:bb:0f:6e:f6:aa:28:07:82:
                    7c:d3:5c:e3:df:e0:01:dd:3b:4f:bf:b0:e5:c2:4b:
                    cf:0b:c0:a1:19:30:96:99:09:f6:d9:6b:f6:d9:93:
                    d4:14:b6:e7:1b:dd:4c:4d:e3:ac:71:5a:ae:84:d2:
                    a4:f6:86:4f:37:2c:0c:ba:04:51:4a:41:bf:b5:14:
                    af:6b:45:bc:42:d4:7e:02:35:c3:44:36:04:bd:c7:
                    9f:76:a3:f3:cf:89:96:eb:57:48:d0:ce:4e:64:8e:
                    5d:39:46:59:53:a2:9a:37:77:29:8a:27:68:0f:e2:
                    b7:99:84:27:07:6e:27:f0:f5:a9:f6:29:d8:b6:12:
                    23:60:5c:51:6f:b4:53:2e:af:67:ba:38:fd:42:71:
                    59:d5:ce:82:fc:97:3c:f3:02:2d:cb:9b:8d:23:c6:
                    eb:23:6e:f7:1d:9c:61:b9:48:ad:da:10:72:7a:2d:
                    16:22:e5:37:76:c2:14:af:ee:3a:c1:42:da:d8:3c:
                    e8:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:10:D7:0C:13:E2:C0:44:43:2C:57:12:B8:2A:7E:39:55:4A:3D:B5
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/fdecee65-c952-4f49-9973-5248d6a502de.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  15.141.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         5f:96:d1:10:0d:7b:87:d6:40:2c:eb:99:61:89:23:07:e0:3b:
         a3:95:0f:24:07:f0:00:a6:7e:1f:4a:67:37:31:9d:11:ca:99:
         4f:bf:16:47:99:1c:5a:5c:10:2b:79:81:72:4c:4d:ba:38:4c:
         52:ab:7b:12:1b:48:0d:47:a0:f2:56:e4:61:33:39:9f:7a:d8:
         6a:56:aa:a0:5b:78:29:fc:19:72:ca:0b:cc:f8:44:15:f7:1b:
         d1:e5:12:8d:b1:05:49:b7:2c:bf:d7:d4:c4:e6:ac:3a:7e:cb:
         e3:dc:4f:c5:c9:5d:92:bd:d2:85:ee:a9:fa:55:7b:1c:0d:77:
         35:5b:b1:84:a9:41:6b:50:21:4f:b1:2a:85:92:0d:fb:93:c4:
         1b:ce:9b:b0:ae:d8:f8:e0:d5:60:d2:84:e5:89:91:00:fa:ed:
         29:a2:87:1a:fa:33:83:c5:5b:fb:01:f0:21:f5:ac:ab:7f:27:
         02:0b:e9:eb:e9:c1:cb:3e:7e:30:5e:21:a7:c8:94:0e:1e:f4:
         3a:54:a8:07:3c:d9:7b:9c:15:27:fa:fa:be:ee:d4:07:aa:7d:
         63:15:3e:9c:16:36:5e:46:13:72:d1:e0:4f:76:12:35:09:01:
         de:d7:c0:66:66:05:53:03:e5:0c:53:a3:58:a1:34:ae:85:a2:
         bf:fb:3b:ee
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUAOt72hMs40ibY5H0PJM0Auf4vlIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjQwMzEyMDAwMDAwWhcNMjQwNDE2MjM1OTU5
WjB6MUkwRwYDVQQFE0AyZmE1NTRmYTQ3ZWUzMmZhYjdhOGUwMjE4YjlhOWRjY2Qz
ODk1MWE1MjFkNzgzOWZlZjUzZDQ3ZGFiZjNkMDVhMS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDGQAVC82g7Lbd9ouwn4qRnCEh585vnjNmuGqzuETBZ6h5D
IyIjGa+18EfU4LGwFtaSYqN6Et2oGecc6ZBKFagWDFi7D272qigHgnzTXOPf4AHd
O0+/sOXCS88LwKEZMJaZCfbZa/bZk9QUtucb3UxN46xxWq6E0qT2hk83LAy6BFFK
Qb+1FK9rRbxC1H4CNcNENgS9x592o/PPiZbrV0jQzk5kjl05RllTopo3dymKJ2gP
4reZhCcHbifw9an2Kdi2EiNgXFFvtFMur2e6OP1CcVnVzoL8lzzzAi3Lm40jxusj
bvcdnGG5SK3aEHJ6LRYi5Td2whSv7jrBQtrYPOgPAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU0hDXDBPiwERDLFcSuCp+OVVKPbUwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL2ZkZWNlZTY1LWM5NTItNGY0OS05OTczLTUyNDhkNmE1MDJkZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAPjTANBgkqhkiG9w0BAQsFAAOCAQEAX5bREA17h9ZALOuZYYkjB+A7o5UP
JAfwAKZ+H0pnNzGdEcqZT78WR5kcWlwQK3mBckxNujhMUqt7EhtIDUeg8lbkYTM5
n3rYalaqoFt4KfwZcsoLzPhEFfcb0eUSjbEFSbcsv9fUxOasOn7L49xPxcldkr3S
he6p+lV7HA13NVuxhKlBa1AhT7EqhZIN+5PEG86bsK7Y+ODVYNKE5YmRAPrtKaKH
Gvozg8Vb+wHwIfWsq38nAgvp6+nByz5+MF4hp8iUDh70OlSoBzzZe5wVJ/r6vu7U
B6p9YxU+nBY2XkYTctHgT3YSNQkB3tfAZmYFUwPlDFOjWKE0roWiv/s77g==
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:38:39 2024 by rpki-client on console-fra.rpki-client.org