Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0e4f8f5d-80e9-4f70-ac8b-a2b49ea81fee.roa
File:                     0e4f8f5d-80e9-4f70-ac8b-a2b49ea81fee.roa (raw, json)
Hash identifier:          UlXHxaOiXrBJGf+6Ynd4qcV0frFlp07qx1MP0aShOmg=
Subject key identifier:   7F:04:A2:EE:65:F7:D5:91:D3:2B:F9:E4:35:51:24:1A:8A:D6:AF:22
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0522AB0E97435FA45621C9D992A54C19E7D7F1E6
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0e4f8f5d-80e9-4f70-ac8b-a2b49ea81fee.roa
Signing time:             Tue 19 Mar 2024 00:00:00 +0000
ROA not before:           Tue 19 Mar 2024 00:00:00 +0000
ROA not after:            Tue 23 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f61:4000::/40 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 29 Mar 2024 12:02:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            05:22:ab:0e:97:43:5f:a4:56:21:c9:d9:92:a5:4c:19:e7:d7:f1:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 19 00:00:00 2024 GMT
            Not After : Apr 23 23:59:59 2024 GMT
        Subject: serialNumber=31b40fdd132d9669d7b2c59924fb70dd9643e9f15824d05fbcddb245f591e1be, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:81:29:e5:07:3e:e6:04:ac:01:65:01:7e:a5:
                    18:77:eb:15:aa:94:b4:8d:3d:e5:05:75:74:c2:57:
                    1c:18:c0:40:6d:cf:a6:98:2c:bb:65:86:87:87:e1:
                    41:00:58:9e:74:ff:2a:f5:37:ef:c6:62:5b:8f:d3:
                    95:31:9d:3e:7a:a6:8c:99:b4:a2:e6:9d:09:a3:60:
                    32:43:27:25:3b:d1:82:42:a0:b6:30:68:8a:ee:f5:
                    bf:35:63:f2:a6:7e:fe:6b:17:cd:83:0f:55:6e:c6:
                    49:fb:d5:b6:b5:22:03:47:9b:f4:19:11:75:92:3f:
                    b3:86:16:65:73:dd:ee:8b:23:e3:7c:7f:b5:68:6c:
                    82:85:63:bd:2f:a5:50:32:31:3d:93:91:78:44:57:
                    82:99:cc:00:fa:13:8d:61:35:fe:6c:30:26:9d:f8:
                    8c:69:d4:11:6f:e8:48:3d:a8:66:ef:ab:85:0b:98:
                    e2:5b:f8:78:15:ae:19:a9:56:66:54:b1:82:40:a8:
                    90:01:f1:8b:05:64:47:8c:33:50:a6:57:fb:ae:95:
                    fa:e5:88:18:f8:c7:87:b3:a3:f9:8c:4a:86:46:07:
                    9e:fe:5f:ae:23:40:b1:db:18:6a:d5:97:8d:e6:cf:
                    9b:04:7f:9d:d1:cf:80:a7:38:9f:7d:20:dd:b2:42:
                    47:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:04:A2:EE:65:F7:D5:91:D3:2B:F9:E4:35:51:24:1A:8A:D6:AF:22
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0e4f8f5d-80e9-4f70-ac8b-a2b49ea81fee.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f61:4000::/40

    Signature Algorithm: sha256WithRSAEncryption
         70:b5:59:ab:f1:2a:c7:e6:3e:1e:ae:46:96:7f:9c:0a:99:36:
         e9:e4:76:d6:5f:dc:6b:a9:2e:91:b7:33:62:e1:3c:29:16:79:
         2a:3c:c1:e2:ed:30:96:e5:1c:88:2d:47:c2:07:05:d7:c0:d2:
         a9:23:82:90:83:15:68:ce:46:78:9c:93:43:54:57:5a:69:1c:
         4a:8e:10:cd:a2:41:32:55:3f:bc:5a:04:f4:b8:e4:cb:9d:62:
         60:74:05:3d:1e:6b:6f:f8:c4:c5:1b:8c:58:9e:1e:72:d7:3c:
         79:70:63:35:b7:e9:c2:2a:2b:19:c6:67:15:be:9d:15:36:60:
         66:ff:e5:ff:7e:db:94:a2:74:3d:5d:6b:4c:10:52:fc:fa:6d:
         92:f4:ec:16:dd:76:f7:30:5e:67:c8:52:b2:05:ee:97:9d:1d:
         ea:65:fc:fa:30:c8:24:88:d2:8e:09:d7:c0:87:dc:b7:42:fb:
         c4:e2:b1:0e:ee:59:82:32:45:9f:b4:de:80:a2:46:d1:18:88:
         79:1a:79:b5:38:67:4f:33:5d:c3:f9:3a:02:35:72:1a:64:45:
         68:c7:30:c0:3c:d7:3e:d2:02:b6:48:94:5e:86:12:8a:9d:e0:
         f3:72:4a:0a:cd:50:c2:7b:67:18:ee:ff:0c:9b:f7:97:39:f9:
         7f:be:83:ab
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUBSKrDpdDX6RWIcnZkqVMGefX8eYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE5MDAwMDAwWhcNMjQwNDIzMjM1OTU5
WjB6MUkwRwYDVQQFE0AzMWI0MGZkZDEzMmQ5NjY5ZDdiMmM1OTkyNGZiNzBkZDk2
NDNlOWYxNTgyNGQwNWZiY2RkYjI0NWY1OTFlMWJlMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCrgSnlBz7mBKwBZQF+pRh36xWqlLSNPeUFdXTCVxwYwEBt
z6aYLLtlhoeH4UEAWJ50/yr1N+/GYluP05UxnT56poyZtKLmnQmjYDJDJyU70YJC
oLYwaIru9b81Y/Kmfv5rF82DD1Vuxkn71ba1IgNHm/QZEXWSP7OGFmVz3e6LI+N8
f7VobIKFY70vpVAyMT2TkXhEV4KZzAD6E41hNf5sMCad+Ixp1BFv6Eg9qGbvq4UL
mOJb+HgVrhmpVmZUsYJAqJAB8YsFZEeMM1CmV/uulfrliBj4x4ezo/mMSoZGB57+
X64jQLHbGGrVl43mz5sEf53Rz4CnOJ99IN2yQkfbAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUfwSi7mX31ZHTK/nkNVEkGorWryIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzBlNGY4ZjVkLTgwZTktNGY3MC1hYzhiLWEyYjQ5ZWE4MWZlZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB9hQDANBgkqhkiG9w0BAQsFAAOCAQEAcLVZq/Eqx+Y+Hq5Gln+cCpk2
6eR21l/ca6kukbczYuE8KRZ5KjzB4u0wluUciC1HwgcF18DSqSOCkIMVaM5GeJyT
Q1RXWmkcSo4QzaJBMlU/vFoE9Ljky51iYHQFPR5rb/jExRuMWJ4ectc8eXBjNbfp
wiorGcZnFb6dFTZgZv/l/37blKJ0PV1rTBBS/PptkvTsFt129zBeZ8hSsgXul50d
6mX8+jDIJIjSjgnXwIfct0L7xOKxDu5ZgjJFn7TegKJG0RiIeRp5tThnTzNdw/k6
AjVyGmRFaMcwwDzXPtICtkiUXoYSip3g83JKCs1QwntnGO7/DJv3lzn5f76Dqw==
-----END CERTIFICATE-----
Generated at Thu Mar 28 00:59:41 2024 by rpki-client on console-fra.rpki-client.org