Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/24f8a6f4-9cf8-4839-a98d-4a5fd83b3cb0.roa
File:                     24f8a6f4-9cf8-4839-a98d-4a5fd83b3cb0.roa (raw, json)
Hash identifier:          EXCGgkBjhl542ayOvHcAwjglDg9665BdPiCH1XrS218=
Subject key identifier:   F9:E7:63:0F:36:A8:F7:D6:12:5B:FC:67:8F:62:2E:B8:A4:CE:A9:FC
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       73634242882EB79B3B89495DBE5322A9FB67C923
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/24f8a6f4-9cf8-4839-a98d-4a5fd83b3cb0.roa
Signing time:             Tue 19 Mar 2024 00:00:00 +0000
ROA not before:           Tue 19 Mar 2024 00:00:00 +0000
ROA not after:            Tue 23 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        130.31.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 29 Mar 2024 12:02:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            73:63:42:42:88:2e:b7:9b:3b:89:49:5d:be:53:22:a9:fb:67:c9:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 19 00:00:00 2024 GMT
            Not After : Apr 23 23:59:59 2024 GMT
        Subject: serialNumber=772c45a8723637e86be676409860536f22b22f9e5a1b0cd6b223fe9863bc2f9b, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:2b:91:5e:78:df:d7:04:2f:41:9e:e7:46:db:
                    40:a1:40:ea:8b:ea:95:be:84:4c:0f:d3:4a:f4:0a:
                    7f:73:e6:71:7a:94:e0:54:a2:a5:65:c8:47:2b:bf:
                    69:a4:2b:59:12:c2:4a:3b:81:c2:37:2f:9c:2d:42:
                    08:5e:d0:c4:e6:7b:f2:05:c1:ab:26:53:8a:b6:d4:
                    10:ab:4a:ed:6b:af:dc:20:74:4a:e5:0d:7c:a7:4a:
                    70:c9:4a:6c:f8:0a:59:f9:71:4c:36:65:8a:d6:e2:
                    fa:7d:85:ab:e5:d9:c4:80:0b:3d:69:d5:d0:8f:98:
                    b1:bc:5f:59:80:1f:58:6c:34:33:07:ea:a8:e6:ae:
                    18:88:8c:40:7f:0f:94:54:1e:80:43:22:af:83:96:
                    4f:8f:9f:20:a8:d8:59:aa:40:04:52:48:fc:da:61:
                    6e:14:c3:cf:88:8c:bf:bf:f3:c5:e7:dd:ae:d4:4d:
                    13:9c:20:cd:ea:7f:a3:f5:b1:06:06:92:bc:be:e1:
                    fe:88:f6:be:33:e2:cc:06:bb:8d:f5:96:2c:f3:59:
                    ce:48:57:60:96:d0:2d:7a:fd:52:0c:8c:6a:6d:68:
                    d1:6a:42:ff:e0:c7:3a:62:ee:bf:6c:a9:8c:af:d0:
                    9a:7d:aa:3e:04:b1:c1:80:22:92:33:84:a7:8a:c8:
                    dd:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:E7:63:0F:36:A8:F7:D6:12:5B:FC:67:8F:62:2E:B8:A4:CE:A9:FC
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/24f8a6f4-9cf8-4839-a98d-4a5fd83b3cb0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  130.31.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         4b:9d:de:58:6a:68:46:03:e7:56:3a:76:53:81:56:37:d2:c1:
         02:44:29:f4:2e:3e:cc:a0:b0:a2:b5:45:43:30:91:14:fd:3d:
         55:bc:8c:f5:9f:f5:7d:57:49:08:fd:37:72:da:77:a4:7a:53:
         c9:ea:6c:b0:d8:45:ab:58:65:b5:1f:c3:b7:e6:71:64:a0:97:
         01:18:b3:4c:4c:05:4c:d1:e9:cf:8b:de:37:3c:90:3b:94:ea:
         5b:82:30:f1:f1:97:79:b4:1c:77:ee:02:c5:a5:fe:81:db:e3:
         a3:a9:45:34:42:f6:ce:e0:e8:db:bf:f2:f7:3d:61:1e:c1:73:
         6c:2d:eb:19:89:53:1c:d1:fc:91:81:88:63:83:f7:2a:9f:45:
         58:be:77:3a:09:10:af:d4:53:e4:3f:d0:e1:e3:5e:96:1e:b5:
         38:82:b2:c2:10:f1:23:b9:30:5d:3d:0d:59:15:40:c8:f4:70:
         24:61:1e:5e:f9:12:63:54:64:ca:cd:f4:2a:59:dd:f8:1d:18:
         aa:8b:65:91:f6:43:fc:46:80:dd:b2:2d:cf:44:b9:b2:dc:86:
         f1:1d:09:d3:d6:38:4f:23:11:8c:42:1a:75:89:47:d2:dd:01:
         45:0c:b8:0d:dd:8d:02:83:8c:f9:b1:7e:a9:6e:07:05:7b:0e:
         70:d9:e7:58
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUc2NCQogut5s7iUldvlMiqftnySMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE5MDAwMDAwWhcNMjQwNDIzMjM1OTU5
WjB6MUkwRwYDVQQFE0A3NzJjNDVhODcyMzYzN2U4NmJlNjc2NDA5ODYwNTM2ZjIy
YjIyZjllNWExYjBjZDZiMjIzZmU5ODYzYmMyZjliMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC4K5FeeN/XBC9BnudG20ChQOqL6pW+hEwP00r0Cn9z5nF6
lOBUoqVlyEcrv2mkK1kSwko7gcI3L5wtQghe0MTme/IFwasmU4q21BCrSu1rr9wg
dErlDXynSnDJSmz4Cln5cUw2ZYrW4vp9havl2cSACz1p1dCPmLG8X1mAH1hsNDMH
6qjmrhiIjEB/D5RUHoBDIq+Dlk+PnyCo2FmqQARSSPzaYW4Uw8+IjL+/88Xn3a7U
TROcIM3qf6P1sQYGkry+4f6I9r4z4swGu431lizzWc5IV2CW0C16/VIMjGptaNFq
Qv/gxzpi7r9sqYyv0Jp9qj4EscGAIpIzhKeKyN2zAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU+edjDzao99YSW/xnj2IuuKTOqfwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzI0ZjhhNmY0LTljZjgtNDgzOS1hOThkLTRhNWZkODNiM2NiMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCCHzANBgkqhkiG9w0BAQsFAAOCAQEAS53eWGpoRgPnVjp2U4FWN9LBAkQp
9C4+zKCworVFQzCRFP09VbyM9Z/1fVdJCP03ctp3pHpTyepssNhFq1hltR/Dt+Zx
ZKCXARizTEwFTNHpz4veNzyQO5TqW4Iw8fGXebQcd+4CxaX+gdvjo6lFNEL2zuDo
27/y9z1hHsFzbC3rGYlTHNH8kYGIY4P3Kp9FWL53OgkQr9RT5D/Q4eNelh61OIKy
whDxI7kwXT0NWRVAyPRwJGEeXvkSY1Rkys30Klnd+B0YqotlkfZD/EaA3bItz0S5
styG8R0J09Y4TyMRjEIadYlH0t0BRQy4Dd2NAoOM+bF+qW4HBXsOcNnnWA==
-----END CERTIFICATE-----
Generated at Thu Mar 28 02:05:14 2024 by rpki-client on console-ams.rpki-client.org