Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0e4939d5-bdf6-4674-b927-d463fb918e11.roa
File:                     0e4939d5-bdf6-4674-b927-d463fb918e11.roa (raw, json)
Hash identifier:          X4U/WS6kbyEiuuP6xoro3K2rajr0o44J363EhRZkaiw=
Subject key identifier:   CE:F2:B3:65:C8:6B:4A:FE:B7:5A:CB:93:B6:3D:1F:9A:49:71:F6:36
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       478A7F77D3633FE9A2DCB646FD4454581DAFC683
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0e4939d5-bdf6-4674-b927-d463fb918e11.roa
Signing time:             Tue 19 Mar 2024 00:00:00 +0000
ROA not before:           Tue 19 Mar 2024 00:00:00 +0000
ROA not after:            Tue 23 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        162.85.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 30 Mar 2024 12:04:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            47:8a:7f:77:d3:63:3f:e9:a2:dc:b6:46:fd:44:54:58:1d:af:c6:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 19 00:00:00 2024 GMT
            Not After : Apr 23 23:59:59 2024 GMT
        Subject: serialNumber=1a606389d848e88caf2e8bc042944b67e97243bab7f887b3c772d395bea94644, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:23:51:af:ae:cc:f4:91:3e:f7:8d:db:82:52:
                    a8:e5:14:25:81:d4:46:3e:16:f4:47:5e:5f:60:f3:
                    b1:72:d2:f4:e9:80:b1:1b:1b:2b:3b:fa:0f:97:cb:
                    88:a8:dc:e5:d4:b1:c3:b7:ea:55:64:21:5b:7f:61:
                    6f:75:14:f6:7c:29:7a:d1:e5:9d:f7:bb:d3:0c:7f:
                    a5:ff:fb:2b:61:b1:2f:6c:d6:ab:62:93:6f:03:d0:
                    51:b5:38:3d:a8:a5:5b:bb:ea:93:b9:fc:ff:54:f8:
                    77:a9:1f:32:b2:00:69:37:4c:79:e2:48:c8:9b:3c:
                    aa:aa:e4:46:a6:05:12:18:d2:b8:ee:e0:13:4c:26:
                    ee:68:7d:ef:6d:a1:3a:ba:b2:ff:3c:9c:08:da:0d:
                    4b:7f:67:60:19:6c:19:eb:79:5e:0e:37:8d:ea:d7:
                    9c:bc:bc:5f:d0:16:2e:11:e3:2e:06:76:5e:b8:de:
                    e9:c2:5c:ce:cf:8e:60:f0:81:9e:18:14:02:d6:ce:
                    5b:53:1e:8f:65:9a:11:01:e8:b1:4d:ba:85:ac:24:
                    6e:19:2d:ee:8a:65:81:f5:6b:4b:f4:20:c9:ef:af:
                    76:7f:03:0d:7b:38:35:a1:12:af:4b:c8:25:76:26:
                    0f:b2:39:5a:c2:1f:a3:ae:f8:18:16:c0:85:f0:a0:
                    55:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:F2:B3:65:C8:6B:4A:FE:B7:5A:CB:93:B6:3D:1F:9A:49:71:F6:36
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0e4939d5-bdf6-4674-b927-d463fb918e11.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  162.85.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         54:6c:7e:3e:23:a1:60:7e:27:a1:c5:f0:d0:dd:34:38:87:fc:
         65:ba:f1:b5:cb:f0:e5:81:ad:ad:cc:8a:90:4b:74:6a:10:00:
         1f:26:91:27:79:28:0f:b9:3f:5a:8f:6e:79:cd:aa:bf:b6:c0:
         cd:fd:0a:f7:ef:f4:ca:9e:5a:1f:df:4f:2e:63:47:06:d8:50:
         ec:c2:64:5d:05:c0:40:be:ee:70:da:a6:81:af:4e:5b:f8:7d:
         9f:45:4b:4e:05:ba:21:d5:db:96:5f:20:82:71:2f:ef:39:01:
         76:e5:82:ef:14:1c:66:ff:70:be:22:40:60:dc:f2:0d:2f:ca:
         e0:e8:61:78:f8:56:a7:dc:c5:f7:58:56:8a:53:dd:4a:00:ab:
         f9:9c:67:df:54:fa:02:e3:4b:90:1d:34:c3:61:e0:af:eb:f5:
         bd:f1:ad:4e:18:3f:c2:a8:84:37:45:1c:f3:6c:d5:8a:65:ce:
         3f:ba:3f:f7:8a:7c:66:24:bd:ef:f1:a4:26:fe:44:0a:e5:3f:
         9c:6c:d0:5c:d5:d3:a4:90:0f:03:f5:2c:87:67:07:61:4c:ae:
         d9:9f:c7:31:f2:94:78:1b:c3:bf:ed:48:f8:59:51:35:23:04:
         1f:3c:a4:fe:7f:0e:62:f7:88:11:3b:c6:0f:1c:ef:d6:44:87:
         54:33:7c:11
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUR4p/d9NjP+mi3LZG/URUWB2vxoMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE5MDAwMDAwWhcNMjQwNDIzMjM1OTU5
WjB6MUkwRwYDVQQFE0AxYTYwNjM4OWQ4NDhlODhjYWYyZThiYzA0Mjk0NGI2N2U5
NzI0M2JhYjdmODg3YjNjNzcyZDM5NWJlYTk0NjQ0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC5I1Gvrsz0kT73jduCUqjlFCWB1EY+FvRHXl9g87Fy0vTp
gLEbGys7+g+Xy4io3OXUscO36lVkIVt/YW91FPZ8KXrR5Z33u9MMf6X/+ythsS9s
1qtik28D0FG1OD2opVu76pO5/P9U+HepHzKyAGk3THniSMibPKqq5EamBRIY0rju
4BNMJu5ofe9toTq6sv88nAjaDUt/Z2AZbBnreV4ON43q15y8vF/QFi4R4y4Gdl64
3unCXM7PjmDwgZ4YFALWzltTHo9lmhEB6LFNuoWsJG4ZLe6KZYH1a0v0IMnvr3Z/
Aw17ODWhEq9LyCV2Jg+yOVrCH6Ou+BgWwIXwoFX/AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUzvKzZchrSv63WsuTtj0fmklx9jYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzBlNDkzOWQ1LWJkZjYtNDY3NC1iOTI3LWQ0NjNmYjkxOGUxMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCiVTANBgkqhkiG9w0BAQsFAAOCAQEAVGx+PiOhYH4nocXw0N00OIf8Zbrx
tcvw5YGtrcyKkEt0ahAAHyaRJ3koD7k/Wo9uec2qv7bAzf0K9+/0yp5aH99PLmNH
BthQ7MJkXQXAQL7ucNqmga9OW/h9n0VLTgW6IdXbll8ggnEv7zkBduWC7xQcZv9w
viJAYNzyDS/K4OhhePhWp9zF91hWilPdSgCr+Zxn31T6AuNLkB00w2Hgr+v1vfGt
Thg/wqiEN0Uc82zVimXOP7o/94p8ZiS97/GkJv5ECuU/nGzQXNXTpJAPA/Ush2cH
YUyu2Z/HMfKUeBvDv+1I+FlRNSMEHzyk/n8OYveIETvGDxzv1kSHVDN8EQ==
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:36:35 2024 by rpki-client on console-fra.rpki-client.org