Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/150858c5-94e2-419a-8f64-850bac378275.roa
File:                     150858c5-94e2-419a-8f64-850bac378275.roa (raw, json)
Hash identifier:          cXkqN2NOIy0eEvCDW27zaYQRA5Iu2AwkzWSGEFYyucc=
Subject key identifier:   38:F8:BE:A6:0D:E4:09:44:7E:61:33:50:D1:9E:C0:15:2E:C6:21:E5
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       3263347F32BF3852F07C74DFA77256D753D2388B
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/150858c5-94e2-419a-8f64-850bac378275.roa
Signing time:             Tue 19 Mar 2024 00:00:00 +0000
ROA not before:           Tue 19 Mar 2024 00:00:00 +0000
ROA not after:            Tue 23 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        99.82.169.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 29 Mar 2024 12:02:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            32:63:34:7f:32:bf:38:52:f0:7c:74:df:a7:72:56:d7:53:d2:38:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 19 00:00:00 2024 GMT
            Not After : Apr 23 23:59:59 2024 GMT
        Subject: serialNumber=a67bd1f55700f9737907124691d80ed5f24bc833e2a7a3e4956ba5fe1e2e1b66, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:d6:4a:61:02:0a:a8:6b:bf:e5:64:06:23:08:
                    70:ad:c5:b4:ef:b0:48:8d:66:f6:9b:f8:2d:42:27:
                    b6:30:aa:7b:75:b7:2a:65:a9:68:0c:c6:67:ce:e8:
                    13:31:af:b1:c3:bc:cd:44:6c:0b:89:c1:dd:31:d0:
                    e3:b6:29:aa:22:16:ed:48:5a:dc:6d:da:b8:c4:ce:
                    6f:c6:80:77:16:c2:a7:f2:6c:c0:8a:a2:77:92:31:
                    1d:94:35:6b:23:72:9a:1c:1a:3e:dc:71:99:bd:7c:
                    ff:a7:13:83:71:b0:38:c0:e7:80:18:55:42:d7:db:
                    73:b5:a4:ed:4e:cd:45:af:6f:76:e8:d5:57:d5:cc:
                    61:a4:e8:c8:49:9d:d9:29:0d:75:5d:2c:62:c3:55:
                    8e:2b:ed:77:3b:71:22:87:ac:0c:6a:92:b9:7f:c5:
                    53:a5:46:a7:b1:bc:87:40:fe:41:a5:f7:f5:a2:ef:
                    0f:71:a0:97:71:62:ae:4c:eb:84:90:a9:8a:e4:da:
                    38:5e:1a:44:31:1c:71:07:9f:bc:05:ff:ca:e1:b2:
                    fc:bb:47:f7:42:87:eb:f3:42:af:f2:79:2c:50:c1:
                    93:7a:9d:c9:17:30:71:3c:db:f9:4b:02:b3:d1:5a:
                    79:5f:f4:5c:2f:a9:d1:0f:ae:04:8f:46:01:53:6d:
                    8e:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:F8:BE:A6:0D:E4:09:44:7E:61:33:50:D1:9E:C0:15:2E:C6:21:E5
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/150858c5-94e2-419a-8f64-850bac378275.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.82.169.0/24

    Signature Algorithm: sha256WithRSAEncryption
         76:d6:58:86:68:f9:37:72:28:99:3e:01:61:4b:c1:fa:3a:f0:
         97:c3:ca:28:f5:2e:bc:71:c4:15:6f:a6:86:74:43:7f:51:f7:
         2e:58:fa:03:a2:20:f2:d9:5c:67:84:9e:0f:57:71:52:d8:76:
         12:ea:f3:20:b8:09:0d:85:ce:75:9f:11:c2:85:b3:b3:69:dc:
         a5:04:fb:89:dd:fd:47:b0:d1:d0:44:be:b9:94:7c:4a:54:23:
         ff:37:b1:a9:02:d8:a5:14:84:4b:fe:13:61:65:b2:67:a0:4d:
         68:ef:a5:8f:89:2f:a7:15:b9:0f:04:6f:b5:6f:9a:96:63:d2:
         44:45:ed:bf:6c:f5:8d:ca:6f:6a:2e:80:34:0d:d1:7c:23:b1:
         7b:4f:5f:b2:e1:7f:48:49:38:ab:8d:37:1d:e2:96:b2:1a:39:
         d3:f2:2c:f5:3e:aa:6f:70:97:ca:f1:bb:ec:dc:ce:b1:41:0b:
         0f:50:4e:31:a8:42:65:bd:e5:73:20:17:f1:25:a0:dc:0a:f3:
         65:ad:6c:86:0f:b9:c9:7a:a7:9c:4e:e0:45:e8:1c:59:fe:89:
         20:ec:59:5a:0c:11:26:50:4f:36:e5:4d:5f:26:4a:3e:86:bc:
         10:d6:14:6e:3d:2e:d4:0b:8c:4c:f2:52:ae:d8:d5:23:64:79:
         32:d0:a2:a8
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUMmM0fzK/OFLwfHTfp3JW11PSOIswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE5MDAwMDAwWhcNMjQwNDIzMjM1OTU5
WjB6MUkwRwYDVQQFE0BhNjdiZDFmNTU3MDBmOTczNzkwNzEyNDY5MWQ4MGVkNWYy
NGJjODMzZTJhN2EzZTQ5NTZiYTVmZTFlMmUxYjY2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC91kphAgqoa7/lZAYjCHCtxbTvsEiNZvab+C1CJ7Ywqnt1
typlqWgMxmfO6BMxr7HDvM1EbAuJwd0x0OO2KaoiFu1IWtxt2rjEzm/GgHcWwqfy
bMCKoneSMR2UNWsjcpocGj7ccZm9fP+nE4NxsDjA54AYVULX23O1pO1OzUWvb3bo
1VfVzGGk6MhJndkpDXVdLGLDVY4r7Xc7cSKHrAxqkrl/xVOlRqexvIdA/kGl9/Wi
7w9xoJdxYq5M64SQqYrk2jheGkQxHHEHn7wF/8rhsvy7R/dCh+vzQq/yeSxQwZN6
nckXMHE82/lLArPRWnlf9FwvqdEPrgSPRgFTbY5xAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUOPi+pg3kCUR+YTNQ0Z7AFS7GIeUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzE1MDg1OGM1LTk0ZTItNDE5YS04ZjY0LTg1MGJhYzM3ODI3NS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABjUqkwDQYJKoZIhvcNAQELBQADggEBAHbWWIZo+TdyKJk+AWFLwfo68JfD
yij1LrxxxBVvpoZ0Q39R9y5Y+gOiIPLZXGeEng9XcVLYdhLq8yC4CQ2FznWfEcKF
s7Np3KUE+4nd/Uew0dBEvrmUfEpUI/83sakC2KUUhEv+E2FlsmegTWjvpY+JL6cV
uQ8Eb7VvmpZj0kRF7b9s9Y3Kb2ougDQN0XwjsXtPX7Lhf0hJOKuNNx3ilrIaOdPy
LPU+qm9wl8rxu+zczrFBCw9QTjGoQmW95XMgF/EloNwK82WtbIYPucl6p5xO4EXo
HFn+iSDsWVoMESZQTzblTV8mSj6GvBDWFG49LtQLjEzyUq7Y1SNkeTLQoqg=
-----END CERTIFICATE-----
Generated at Thu Mar 28 02:05:09 2024 by rpki-client on console-ams.rpki-client.org