Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2306c6cb-725b-41c8-b687-97caee05d794.roa
File:                     2306c6cb-725b-41c8-b687-97caee05d794.roa (raw, json)
Hash identifier:          3ND7U3leR9M9Ajh6b674pq2shRb3j3T/WMjk5/TPgZU=
Subject key identifier:   B8:A2:EA:07:FB:04:7B:BC:43:2F:FF:B5:22:5F:94:4F:56:28:30:0E
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       2F613C5D889F1B050C7469AB7EB71898192F22B3
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2306c6cb-725b-41c8-b687-97caee05d794.roa
Signing time:             Tue 19 Mar 2024 00:00:00 +0000
ROA not before:           Tue 19 Mar 2024 00:00:00 +0000
ROA not after:            Tue 23 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        99.82.167.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 29 Mar 2024 12:02:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2f:61:3c:5d:88:9f:1b:05:0c:74:69:ab:7e:b7:18:98:19:2f:22:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 19 00:00:00 2024 GMT
            Not After : Apr 23 23:59:59 2024 GMT
        Subject: serialNumber=ca4f0b35ad167afe7cf66fecdbea30623171debaa53a5291c9f93d5b31fdaf74, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:9d:75:76:9d:74:01:10:5d:11:77:03:3c:f7:
                    9d:28:08:3f:0a:d0:ab:db:18:9e:3f:28:53:d2:c0:
                    f2:c6:c0:f7:de:3d:0c:af:92:de:d4:3d:bd:e4:c4:
                    3a:bc:b7:fb:49:56:0c:cd:21:fe:68:dc:bd:74:b8:
                    28:84:8f:6a:92:0f:88:f3:21:cd:89:46:dd:8c:82:
                    7a:de:9a:c1:b4:39:73:7c:62:7d:34:8b:2f:55:8c:
                    2e:7a:99:1b:05:c8:64:dd:68:8f:cd:e5:8a:9e:75:
                    ac:9b:b2:64:fd:bb:df:f2:e5:28:a3:f1:82:d5:df:
                    27:fe:4d:d9:9e:45:f7:2c:b7:2c:44:0b:62:d4:30:
                    2c:90:b3:d2:8a:d9:9b:1d:dc:e8:37:a0:98:5d:7d:
                    41:49:f3:9a:6f:00:2f:6b:28:43:0c:54:a6:ad:eb:
                    a3:37:0c:50:7d:81:dd:e5:e6:3a:67:70:5e:be:21:
                    70:64:08:80:8a:a7:44:8e:23:25:d4:6e:d7:af:4c:
                    2d:ee:bf:62:d2:74:22:f9:c6:b0:d9:a6:fa:73:97:
                    65:d0:17:d0:a0:5a:09:cf:9b:60:11:ea:5d:74:39:
                    15:7d:23:4a:01:f4:85:d1:94:fc:bf:70:f6:6a:20:
                    26:11:41:92:f5:8c:cd:98:f3:fc:fa:a1:cf:a0:d1:
                    73:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:A2:EA:07:FB:04:7B:BC:43:2F:FF:B5:22:5F:94:4F:56:28:30:0E
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2306c6cb-725b-41c8-b687-97caee05d794.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.82.167.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a5:35:27:17:b3:6f:96:ef:01:dd:d9:af:a6:18:bd:fa:b0:c4:
         30:9e:2c:ea:7a:ae:cf:13:1e:1d:aa:12:5a:f0:1e:3a:10:25:
         63:00:a9:5a:cc:31:40:f0:fd:99:f6:1b:1b:2c:bb:49:dd:87:
         ad:ff:86:eb:9b:ba:05:75:e8:c9:6d:ff:56:0d:09:6e:8c:a4:
         50:47:15:ea:9f:f9:1a:33:b9:9a:d8:e3:19:13:a1:96:ae:40:
         47:d9:9e:ce:2f:fe:45:46:b8:f8:56:70:8b:42:ff:6f:64:0e:
         cd:35:a1:bf:90:17:2f:15:c3:fb:98:f5:cf:ac:f4:31:d0:35:
         14:7c:86:37:6e:42:fe:06:df:bc:7f:ef:cf:43:0d:5d:c0:cd:
         29:f3:97:58:a8:97:f0:20:82:20:0c:d6:d7:43:f8:50:c5:1f:
         1c:73:11:8d:23:09:88:cc:62:19:f5:85:5e:b1:97:23:a4:b0:
         1b:4e:ad:5e:70:91:1a:88:65:19:57:40:e3:6f:3d:d8:aa:48:
         6c:c0:05:fc:5f:e4:a6:08:c9:38:cc:d0:19:ee:63:2d:d8:8c:
         a0:1d:2d:0c:6c:cb:65:01:59:d0:48:94:91:00:d9:61:5a:7e:
         15:65:47:41:8b:27:e8:c8:9e:dc:3e:94:b3:ef:de:58:12:8d:
         36:57:5a:75
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUL2E8XYifGwUMdGmrfrcYmBkvIrMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE5MDAwMDAwWhcNMjQwNDIzMjM1OTU5
WjB6MUkwRwYDVQQFE0BjYTRmMGIzNWFkMTY3YWZlN2NmNjZmZWNkYmVhMzA2MjMx
NzFkZWJhYTUzYTUyOTFjOWY5M2Q1YjMxZmRhZjc0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC4nXV2nXQBEF0RdwM8950oCD8K0KvbGJ4/KFPSwPLGwPfe
PQyvkt7UPb3kxDq8t/tJVgzNIf5o3L10uCiEj2qSD4jzIc2JRt2MgnremsG0OXN8
Yn00iy9VjC56mRsFyGTdaI/N5YqedaybsmT9u9/y5Sij8YLV3yf+TdmeRfcstyxE
C2LUMCyQs9KK2Zsd3Og3oJhdfUFJ85pvAC9rKEMMVKat66M3DFB9gd3l5jpncF6+
IXBkCICKp0SOIyXUbtevTC3uv2LSdCL5xrDZpvpzl2XQF9CgWgnPm2AR6l10ORV9
I0oB9IXRlPy/cPZqICYRQZL1jM2Y8/z6oc+g0XPdAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUuKLqB/sEe7xDL/+1Il+UT1YoMA4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzIzMDZjNmNiLTcyNWItNDFjOC1iNjg3LTk3Y2FlZTA1ZDc5NC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABjUqcwDQYJKoZIhvcNAQELBQADggEBAKU1Jxezb5bvAd3Zr6YYvfqwxDCe
LOp6rs8THh2qElrwHjoQJWMAqVrMMUDw/Zn2Gxssu0ndh63/huubugV16Mlt/1YN
CW6MpFBHFeqf+RozuZrY4xkToZauQEfZns4v/kVGuPhWcItC/29kDs01ob+QFy8V
w/uY9c+s9DHQNRR8hjduQv4G37x/789DDV3AzSnzl1iol/AggiAM1tdD+FDFHxxz
EY0jCYjMYhn1hV6xlyOksBtOrV5wkRqIZRlXQONvPdiqSGzABfxf5KYIyTjM0Bnu
Yy3YjKAdLQxsy2UBWdBIlJEA2WFafhVlR0GLJ+jIntw+lLPv3lgSjTZXWnU=
-----END CERTIFICATE-----
Generated at Thu Mar 28 00:59:46 2024 by rpki-client on console-fra.rpki-client.org