Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/06bef077-f186-4620-b0e8-edae475c1fe6.roa
File:                     06bef077-f186-4620-b0e8-edae475c1fe6.roa (raw, json)
Hash identifier:          tilyeVq8kg0LDZKl32SGB8QbjnvoWIBsmKeJ7zIhO+8=
Subject key identifier:   40:80:0E:42:9A:68:DC:3F:45:A6:A3:E9:62:B4:66:05:C9:35:AD:5C
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       762BBF0A420670A313FF578455252243C77D1C93
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/06bef077-f186-4620-b0e8-edae475c1fe6.roa
Signing time:             Tue 19 Mar 2024 00:00:00 +0000
ROA not before:           Tue 19 Mar 2024 00:00:00 +0000
ROA not after:            Tue 23 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        96.0.131.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 29 Mar 2024 12:02:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            76:2b:bf:0a:42:06:70:a3:13:ff:57:84:55:25:22:43:c7:7d:1c:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 19 00:00:00 2024 GMT
            Not After : Apr 23 23:59:59 2024 GMT
        Subject: serialNumber=49fd44152bfced3dca3069852c3e44f9762cc875f37f9b55736513620fab022a, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:3a:6a:9d:81:52:75:3a:72:c0:53:cb:99:59:
                    c0:90:d4:54:94:5a:13:2f:31:09:d2:1e:bc:c6:aa:
                    90:7c:7d:98:79:64:78:e9:fc:4d:e3:14:21:c8:59:
                    27:4a:72:e1:cd:f1:6d:72:fe:fc:7f:c4:fb:db:33:
                    9e:e6:43:5b:2b:0c:3e:87:36:37:fa:b6:b6:8c:03:
                    54:6a:29:54:6e:5f:94:66:0d:32:44:f2:a0:d1:4b:
                    32:e1:a4:21:ed:a3:45:e2:ce:a8:bf:7e:0c:43:ae:
                    c5:84:6b:21:f2:e8:6b:36:1b:df:db:a1:4e:c8:20:
                    1e:32:70:d2:61:3c:e1:9d:e8:83:bd:78:8b:83:57:
                    86:fa:99:6b:50:32:35:d0:23:52:fb:6e:63:fa:28:
                    f9:bb:a4:86:f7:4f:2c:c6:04:8a:ae:be:cb:a3:7a:
                    0d:ec:4d:90:ec:22:42:a6:f8:5b:a7:8f:4c:a0:ee:
                    f3:1e:d4:6b:de:c4:cb:50:bb:2f:a9:98:bf:fd:3f:
                    85:11:4b:ff:6e:6b:5f:aa:5f:45:70:78:b3:03:da:
                    4c:52:2f:5c:54:60:a5:37:7b:1e:40:b7:e8:05:49:
                    46:e2:ac:a8:5b:21:63:8e:3b:2c:f5:67:a2:a8:0b:
                    80:07:7f:33:f2:ab:e2:6d:10:aa:4e:ca:f3:19:c1:
                    e3:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:80:0E:42:9A:68:DC:3F:45:A6:A3:E9:62:B4:66:05:C9:35:AD:5C
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/06bef077-f186-4620-b0e8-edae475c1fe6.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  96.0.131.0/24

    Signature Algorithm: sha256WithRSAEncryption
         70:c0:06:da:b5:ca:a4:00:5c:aa:94:79:9e:03:2b:1b:e9:e5:
         da:b8:57:c1:db:98:1f:6d:1c:d9:e9:96:75:06:a6:71:ba:34:
         f1:1f:9d:d2:84:15:d6:70:1f:6b:58:cb:bb:00:8f:57:68:78:
         a0:af:e0:db:b2:55:fb:9b:ab:26:e0:06:ae:f6:c9:4f:30:11:
         8d:40:56:27:07:94:44:e8:64:77:84:ed:61:7f:33:f0:33:ed:
         bb:70:24:1d:f0:d0:be:f9:7a:5d:a5:71:d2:17:85:34:3e:83:
         ae:a9:28:c6:6c:26:b4:07:f8:2a:66:11:a8:30:83:88:8f:5d:
         9f:11:5e:e5:15:1f:e7:f9:75:40:09:3a:6b:97:c4:43:74:7b:
         3a:50:c8:dc:4b:9a:fb:91:89:64:b0:52:a4:23:9e:64:2b:b6:
         61:16:3c:5a:5c:99:08:91:1a:b0:50:7c:08:c6:ab:de:d6:fb:
         a9:28:a5:85:ab:37:d1:cb:c3:eb:74:9a:08:c1:67:dd:d0:7e:
         3e:17:34:29:6d:bd:03:4e:e0:da:8e:07:f8:d1:0a:36:76:c2:
         b4:d7:01:43:a7:9b:f8:3f:90:ac:de:2a:3a:f6:45:29:46:c9:
         f2:84:af:08:fc:63:c3:06:2c:8a:42:51:56:b6:4d:1d:f5:5e:
         e5:9d:99:f2
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUdiu/CkIGcKMT/1eEVSUiQ8d9HJMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE5MDAwMDAwWhcNMjQwNDIzMjM1OTU5
WjB6MUkwRwYDVQQFE0A0OWZkNDQxNTJiZmNlZDNkY2EzMDY5ODUyYzNlNDRmOTc2
MmNjODc1ZjM3ZjliNTU3MzY1MTM2MjBmYWIwMjJhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCsOmqdgVJ1OnLAU8uZWcCQ1FSUWhMvMQnSHrzGqpB8fZh5
ZHjp/E3jFCHIWSdKcuHN8W1y/vx/xPvbM57mQ1srDD6HNjf6traMA1RqKVRuX5Rm
DTJE8qDRSzLhpCHto0Xizqi/fgxDrsWEayHy6Gs2G9/boU7IIB4ycNJhPOGd6IO9
eIuDV4b6mWtQMjXQI1L7bmP6KPm7pIb3TyzGBIquvsujeg3sTZDsIkKm+Funj0yg
7vMe1GvexMtQuy+pmL/9P4URS/9ua1+qX0VweLMD2kxSL1xUYKU3ex5At+gFSUbi
rKhbIWOOOyz1Z6KoC4AHfzPyq+JtEKpOyvMZwePRAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUQIAOQppo3D9FpqPpYrRmBck1rVwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzA2YmVmMDc3LWYxODYtNDYyMC1iMGU4LWVkYWU0NzVjMWZlNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABgAIMwDQYJKoZIhvcNAQELBQADggEBAHDABtq1yqQAXKqUeZ4DKxvp5dq4
V8HbmB9tHNnplnUGpnG6NPEfndKEFdZwH2tYy7sAj1doeKCv4NuyVfubqybgBq72
yU8wEY1AVicHlEToZHeE7WF/M/Az7btwJB3w0L75el2lcdIXhTQ+g66pKMZsJrQH
+CpmEagwg4iPXZ8RXuUVH+f5dUAJOmuXxEN0ezpQyNxLmvuRiWSwUqQjnmQrtmEW
PFpcmQiRGrBQfAjGq97W+6kopYWrN9HLw+t0mgjBZ93Qfj4XNCltvQNO4NqOB/jR
CjZ2wrTXAUOnm/g/kKzeKjr2RSlGyfKErwj8Y8MGLIpCUVa2TR31XuWdmfI=
-----END CERTIFICATE-----
Generated at Thu Mar 28 00:59:39 2024 by rpki-client on console-fra.rpki-client.org