Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/090e2347-c6c8-448a-8e62-30b37f4ff1b0.roa
File:                     090e2347-c6c8-448a-8e62-30b37f4ff1b0.roa (raw, json)
Hash identifier:          n/J/d+LproupqAPfMzESDeuisZVKCRbDw6mOhuB7Q2M=
Subject key identifier:   B3:57:73:D4:27:A0:37:98:4F:F0:93:99:71:BA:22:BC:89:7C:D5:46
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0657DDC637C6E3C51A5F1D8B8034EE0D8BF1891F
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/090e2347-c6c8-448a-8e62-30b37f4ff1b0.roa
Signing time:             Mon 18 Mar 2024 00:00:00 +0000
ROA not before:           Mon 18 Mar 2024 00:00:00 +0000
ROA not after:            Mon 22 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        44.224.0.0/11 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 30 Mar 2024 12:04:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            06:57:dd:c6:37:c6:e3:c5:1a:5f:1d:8b:80:34:ee:0d:8b:f1:89:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 18 00:00:00 2024 GMT
            Not After : Apr 22 23:59:59 2024 GMT
        Subject: serialNumber=d35fd604de95f0f114684e63060e5e6d876d95b376fa3aded802cc8ab9cb5e98, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:50:5a:0b:c7:84:f8:a4:ee:a3:c2:1a:19:f8:
                    4d:7d:09:03:52:cb:88:36:fc:8f:cd:9d:f4:8f:01:
                    a1:b2:11:00:65:6c:46:bc:63:f4:04:88:3d:66:df:
                    d6:ea:04:e2:db:8e:ba:9c:ba:29:b4:85:3f:93:b5:
                    21:21:f4:2b:71:c8:43:25:96:97:6b:ba:6a:64:3b:
                    4d:0f:0d:a0:53:bc:39:f8:71:21:f1:cd:e2:3d:70:
                    82:76:75:47:3c:5e:73:60:df:b6:47:81:83:e3:3b:
                    1e:f3:f8:d9:37:ed:56:e4:01:96:78:58:25:f4:1a:
                    0b:05:f8:f5:6a:d0:19:17:c3:fd:4e:41:20:9a:19:
                    21:9e:be:53:d7:9e:21:ad:ed:53:bd:94:1e:1f:4e:
                    4f:c4:f9:24:1f:63:c9:af:41:03:f6:cc:9e:ea:fb:
                    84:9c:34:a6:b8:dd:31:f3:74:c8:9b:a3:f2:d9:97:
                    17:48:34:0b:92:60:c3:58:85:2e:f3:b9:4b:e0:d2:
                    f3:e1:55:a2:81:9e:c0:ca:63:bf:8a:ff:8c:dc:60:
                    05:91:e4:5b:ef:49:ba:95:53:7c:b0:4b:42:fc:9c:
                    ab:43:77:be:7a:b1:cf:fb:b3:34:3f:71:0e:56:15:
                    86:86:75:c3:17:f0:7d:c9:3c:89:15:33:a0:6b:20:
                    9e:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:57:73:D4:27:A0:37:98:4F:F0:93:99:71:BA:22:BC:89:7C:D5:46
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/090e2347-c6c8-448a-8e62-30b37f4ff1b0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  44.224.0.0/11

    Signature Algorithm: sha256WithRSAEncryption
         2f:f8:6f:cb:6c:6c:60:70:21:b3:54:7a:c3:98:bd:a5:0c:dd:
         1f:f6:bb:72:cb:b4:e7:21:b7:90:b0:08:f2:cc:df:12:6d:b8:
         b0:f6:ec:59:68:f7:b5:6b:aa:96:80:e3:1d:47:52:a9:b5:f9:
         c7:67:9f:cf:57:fb:9f:1b:5a:9d:fe:b7:41:07:1b:a0:08:cb:
         14:8c:95:cb:3d:91:9e:10:46:29:0c:4d:06:55:78:cc:f7:8d:
         fe:6d:15:7e:dc:1a:50:a3:2e:fe:d4:6f:c5:75:31:f1:b7:84:
         88:cd:2c:50:f2:31:1f:20:4b:44:2e:8f:8e:be:c1:cc:5f:11:
         2d:04:10:d2:95:26:e9:16:28:68:3c:08:fd:77:04:57:fc:2f:
         36:aa:c7:7a:33:a2:5c:ff:2c:9b:ad:3b:22:be:f9:43:fe:b0:
         ff:3c:f8:61:e1:80:6e:2f:8e:3d:d8:61:43:f8:1e:f2:a6:cb:
         f2:76:cc:eb:35:0a:33:04:1a:36:ea:e7:ce:dd:1c:34:a3:33:
         24:fc:3b:f2:75:32:69:75:bf:68:d6:54:5d:51:4a:f1:59:22:
         57:44:9c:b5:0b:b5:ad:3f:d2:37:f4:5e:bf:33:18:b3:f1:a8:
         81:c5:f1:78:4f:d5:62:e6:08:8a:93:69:48:c8:99:e3:f2:5f:
         c0:c7:43:22
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUBlfdxjfG48UaXx2LgDTuDYvxiR8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE4MDAwMDAwWhcNMjQwNDIyMjM1OTU5
WjB6MUkwRwYDVQQFE0BkMzVmZDYwNGRlOTVmMGYxMTQ2ODRlNjMwNjBlNWU2ZDg3
NmQ5NWIzNzZmYTNhZGVkODAyY2M4YWI5Y2I1ZTk4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCqUFoLx4T4pO6jwhoZ+E19CQNSy4g2/I/NnfSPAaGyEQBl
bEa8Y/QEiD1m39bqBOLbjrqcuim0hT+TtSEh9CtxyEMllpdrumpkO00PDaBTvDn4
cSHxzeI9cIJ2dUc8XnNg37ZHgYPjOx7z+Nk37VbkAZZ4WCX0GgsF+PVq0BkXw/1O
QSCaGSGevlPXniGt7VO9lB4fTk/E+SQfY8mvQQP2zJ7q+4ScNKa43THzdMibo/LZ
lxdINAuSYMNYhS7zuUvg0vPhVaKBnsDKY7+K/4zcYAWR5FvvSbqVU3ywS0L8nKtD
d756sc/7szQ/cQ5WFYaGdcMX8H3JPIkVM6BrIJ4nAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUs1dz1CegN5hP8JOZcboivIl81UYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzA5MGUyMzQ3LWM2YzgtNDQ4YS04ZTYyLTMwYjM3ZjRmZjFiMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwUs4DANBgkqhkiG9w0BAQsFAAOCAQEAL/hvy2xsYHAhs1R6w5i9pQzdH/a7
csu05yG3kLAI8szfEm24sPbsWWj3tWuqloDjHUdSqbX5x2efz1f7nxtanf63QQcb
oAjLFIyVyz2RnhBGKQxNBlV4zPeN/m0VftwaUKMu/tRvxXUx8beEiM0sUPIxHyBL
RC6Pjr7BzF8RLQQQ0pUm6RYoaDwI/XcEV/wvNqrHejOiXP8sm607Ir75Q/6w/zz4
YeGAbi+OPdhhQ/ge8qbL8nbM6zUKMwQaNurnzt0cNKMzJPw78nUyaXW/aNZUXVFK
8VkiV0SctQu1rT/SN/RevzMYs/GogcXxeE/VYuYIipNpSMiZ4/JfwMdDIg==
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:16:53 2024 by rpki-client on console-ams.rpki-client.org