Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/284c9a1b-7e4b-433f-b1f1-f4cebfb67dc5.roa
File:                     284c9a1b-7e4b-433f-b1f1-f4cebfb67dc5.roa (raw, json)
Hash identifier:          vrsPoDQ81NolMoNtS2obWy4K/+iFP/Rr5IbpZX0mBJg=
Subject key identifier:   E4:C6:1F:B7:A0:64:96:76:A1:18:29:A6:94:41:0D:73:DE:E9:C9:EF
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       6AFF2D255D6072FD8CCE9F88AADC381A654505B1
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/284c9a1b-7e4b-433f-b1f1-f4cebfb67dc5.roa
Signing time:             Tue 02 Jul 2024 00:00:00 +0000
ROA not before:           Tue 02 Jul 2024 00:00:00 +0000
ROA not after:            Tue 06 Aug 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        67.220.224.0/19 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 18 Jul 2024 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6a:ff:2d:25:5d:60:72:fd:8c:ce:9f:88:aa:dc:38:1a:65:45:05:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul  2 00:00:00 2024 GMT
            Not After : Aug  6 23:59:59 2024 GMT
        Subject: serialNumber=ed915f8b4979778777b0307b42d419aabd03589b51747bf77882d52ebaa2eb3b, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:1a:95:1b:c5:68:81:73:69:a6:ce:47:c1:9b:
                    a6:d4:d2:98:c5:ec:38:b7:d9:20:e9:4e:03:06:e1:
                    55:e3:86:d3:7e:07:39:10:aa:62:e9:06:7f:3d:ec:
                    b9:d9:dc:2c:61:a6:df:51:55:f0:13:ff:2e:ec:5c:
                    9e:ff:65:b0:19:5b:01:43:08:fe:0f:98:f3:52:7b:
                    5e:4e:b2:c8:21:11:17:ae:18:bb:4a:c1:5f:1e:d7:
                    63:ae:22:dc:3f:23:c0:be:fe:29:e3:18:42:98:64:
                    fd:51:83:90:07:7a:59:db:49:07:38:38:b1:b6:88:
                    1a:8a:33:7f:cc:35:c1:9e:ef:b4:2e:fc:e0:f5:a6:
                    5f:e4:e1:e9:93:75:fd:9d:9b:6a:e7:e1:40:d4:1b:
                    c3:32:f8:64:19:62:4b:7e:62:a3:7e:09:88:88:18:
                    9f:76:d0:7e:d6:ab:22:e3:a9:04:c5:fe:fd:95:a6:
                    58:18:91:2d:64:88:e5:d3:a1:a0:ef:91:2e:83:9f:
                    f9:e5:73:38:89:ff:33:f5:85:3d:5b:54:82:3b:f4:
                    71:28:66:41:fc:be:8c:a6:29:d2:ac:b9:f0:8c:4c:
                    ac:26:a5:65:76:60:6f:9b:27:7e:d2:cc:0d:6b:c2:
                    9f:d6:11:c4:bd:45:02:64:32:4a:0b:0e:00:3e:00:
                    f4:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:C6:1F:B7:A0:64:96:76:A1:18:29:A6:94:41:0D:73:DE:E9:C9:EF
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/284c9a1b-7e4b-433f-b1f1-f4cebfb67dc5.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  67.220.224.0/19

    Signature Algorithm: sha256WithRSAEncryption
         bd:14:66:24:17:b7:0b:5d:b3:27:04:c4:7a:35:e2:27:ca:d9:
         8a:7a:43:eb:b1:b9:a4:e2:ef:e2:fd:73:9a:f2:09:76:c3:db:
         22:2d:f2:f6:95:c7:78:07:3a:3a:05:8a:4b:2a:28:3a:53:cd:
         68:0a:ba:6e:2c:98:5a:b9:35:24:17:7b:cf:72:e9:be:33:7d:
         ea:bf:79:18:31:8c:dd:bd:7d:97:6b:75:1c:36:f4:e3:88:56:
         55:fb:7c:e5:c0:28:63:73:84:89:c2:7a:93:1c:92:e8:a9:cc:
         a8:9a:8b:57:78:2f:7a:7c:19:2d:5c:eb:3b:94:61:75:a5:61:
         fa:7f:0e:f9:26:c6:e8:70:f9:80:90:f7:b6:11:a9:e8:8f:0d:
         08:18:7a:ba:02:87:a5:81:b1:8b:6e:7b:ca:f9:a4:64:24:82:
         e4:bc:b2:6f:eb:15:8c:f1:15:53:c4:22:10:30:07:13:f9:10:
         ae:45:b9:db:a5:0b:e2:5e:03:c3:1e:c6:ab:11:79:90:7e:6d:
         81:06:07:e9:4b:4a:5b:4b:cd:4d:a5:79:78:5d:8e:89:47:39:
         61:cd:80:6c:f8:45:de:15:a7:d9:97:d0:5f:18:35:1e:ce:0e:
         20:51:11:a9:9f:2e:58:0c:14:05:7c:10:c1:58:12:38:1c:89:
         72:69:b8:69
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUav8tJV1gcv2Mzp+Iqtw4GmVFBbEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwNzAyMDAwMDAwWhcNMjQwODA2MjM1OTU5
WjB6MUkwRwYDVQQFE0BlZDkxNWY4YjQ5Nzk3Nzg3NzdiMDMwN2I0MmQ0MTlhYWJk
MDM1ODliNTE3NDdiZjc3ODgyZDUyZWJhYTJlYjNiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDZGpUbxWiBc2mmzkfBm6bU0pjF7Di32SDpTgMG4VXjhtN+
BzkQqmLpBn897LnZ3Cxhpt9RVfAT/y7sXJ7/ZbAZWwFDCP4PmPNSe15OssghEReu
GLtKwV8e12OuItw/I8C+/injGEKYZP1Rg5AHelnbSQc4OLG2iBqKM3/MNcGe77Qu
/OD1pl/k4emTdf2dm2rn4UDUG8My+GQZYkt+YqN+CYiIGJ920H7WqyLjqQTF/v2V
plgYkS1kiOXToaDvkS6Dn/nlcziJ/zP1hT1bVII79HEoZkH8voymKdKsufCMTKwm
pWV2YG+bJ37SzA1rwp/WEcS9RQJkMkoLDgA+APRHAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU5MYft6BklnahGCmmlEENc97pye8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzI4NGM5YTFiLTdlNGItNDMzZi1iMWYxLWY0Y2ViZmI2N2RjNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAVD3OAwDQYJKoZIhvcNAQELBQADggEBAL0UZiQXtwtdsycExHo14ifK2Yp6
Q+uxuaTi7+L9c5ryCXbD2yIt8vaVx3gHOjoFiksqKDpTzWgKum4smFq5NSQXe89y
6b4zfeq/eRgxjN29fZdrdRw29OOIVlX7fOXAKGNzhInCepMckuipzKiai1d4L3p8
GS1c6zuUYXWlYfp/Dvkmxuhw+YCQ97YRqeiPDQgYeroCh6WBsYtue8r5pGQkguS8
sm/rFYzxFVPEIhAwBxP5EK5FudulC+JeA8MexqsReZB+bYEGB+lLSltLzU2leXhd
jolHOWHNgGz4Rd4Vp9mX0F8YNR7ODiBREamfLlgMFAV8EMFYEjgciXJpuGk=
-----END CERTIFICATE-----
Generated at Wed Jul 17 03:16:28 2024 by rpki-client on console-ams.rpki-client.org