Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2fe3c39b-0a87-4a0b-ae5d-23815273a71e.roa
File:                     2fe3c39b-0a87-4a0b-ae5d-23815273a71e.roa (raw, json)
Hash identifier:          +3MmWjFhhY4H7Bb3Y6otzcOTVQL5n4y/JNk7FZWM2UU=
Subject key identifier:   FB:9D:7C:1A:46:8B:52:69:41:B8:C8:7E:E9:23:1E:EE:2D:60:52:68
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       09863711A35A524542EA13208C9D5371F6D9E31B
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2fe3c39b-0a87-4a0b-ae5d-23815273a71e.roa
Signing time:             Fri 08 Nov 2024 00:00:00 +0000
ROA not before:           Fri 08 Nov 2024 00:00:00 +0000
ROA not after:            Fri 13 Dec 2024 23:59:59 +0000
asID:                     8987
IP address blocks:        65.8.0.0/14 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 23 Nov 2024 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            09:86:37:11:a3:5a:52:45:42:ea:13:20:8c:9d:53:71:f6:d9:e3:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov  8 00:00:00 2024 GMT
            Not After : Dec 13 23:59:59 2024 GMT
        Subject: serialNumber=907615983ffcf95f1a9977578a3afd016ff21d2f9d32a9c196fba03216ac018d, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:80:08:f2:9e:fb:1e:49:33:9a:76:0e:81:57:
                    e2:c8:05:3a:e0:d5:7d:05:e2:4a:56:25:a5:72:fc:
                    94:eb:88:cb:9f:14:a2:4a:4f:d2:e7:59:03:09:ec:
                    34:7d:01:2b:4e:b6:59:95:89:11:30:34:75:ae:5d:
                    1d:b2:d3:2d:57:ee:8d:97:b6:0f:fa:09:16:51:51:
                    53:10:8d:ba:b1:de:c2:8f:cf:74:4e:61:52:d4:56:
                    be:78:ab:fd:f7:2e:c2:d0:a3:d4:5f:e4:98:43:91:
                    13:56:8b:e2:3e:06:40:c5:50:3b:7e:75:f6:1a:39:
                    d0:06:cd:ec:31:74:aa:96:26:62:03:fd:ed:b7:76:
                    e1:05:2c:b9:65:a1:6e:3b:12:a0:a9:16:4d:f7:11:
                    18:37:ca:39:33:2c:eb:cf:25:3d:a5:90:65:cf:fc:
                    9a:6e:7c:fc:55:e4:79:f9:08:6e:6f:3f:90:2f:c6:
                    0a:4d:f2:84:ff:3f:26:8a:f1:3a:d6:1a:e6:37:f9:
                    c3:e1:d5:04:cd:87:38:3d:d9:29:45:08:27:8a:91:
                    69:0a:85:28:01:96:f2:b4:13:de:b7:7d:b9:83:c0:
                    eb:60:be:33:21:23:56:40:e1:46:61:ff:2b:c6:51:
                    7a:66:ea:f7:8f:05:a1:9e:38:69:00:53:84:1c:ae:
                    44:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:9D:7C:1A:46:8B:52:69:41:B8:C8:7E:E9:23:1E:EE:2D:60:52:68
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2fe3c39b-0a87-4a0b-ae5d-23815273a71e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  65.8.0.0/14

    Signature Algorithm: sha256WithRSAEncryption
         8c:67:e4:fa:69:0d:5a:c2:fb:9a:b3:77:f0:5b:17:e1:56:c7:
         54:e2:ab:b2:eb:36:88:7a:fe:49:5d:ee:95:0a:6a:fa:96:36:
         00:14:ac:9e:78:75:93:25:33:30:18:18:91:e7:df:29:f7:a2:
         d0:40:33:34:4a:69:7b:57:e7:b2:fb:b9:0e:72:01:33:35:ac:
         b6:57:8e:b0:1a:ea:28:14:c3:ef:09:fe:34:ca:4f:19:dd:9b:
         17:1e:33:37:a9:58:89:2b:3f:38:54:7c:af:42:3d:24:a8:b1:
         22:31:36:98:f5:70:0d:44:31:38:5f:b3:15:f6:76:c6:40:65:
         20:fc:26:62:0d:26:cb:8a:2a:6f:62:76:a4:42:43:34:a8:08:
         b4:9c:00:8b:8c:07:1a:ec:52:ab:e8:21:8d:9a:c5:fc:31:cb:
         cc:38:8d:8e:d5:fc:d2:bd:09:98:8e:04:e2:36:62:eb:26:98:
         b1:f6:c0:75:3c:df:48:65:1f:7f:6c:43:48:59:d1:8f:75:8a:
         5d:0a:7c:43:c2:1c:91:a4:08:77:ef:25:9d:6a:27:2f:c0:30:
         b6:fd:e8:70:df:50:78:75:80:99:33:97:f1:d5:f3:65:7c:5e:
         11:6f:07:cb:10:c2:15:51:27:b4:b6:97:5a:ba:10:14:75:22:
         15:82:2e:a9
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUCYY3EaNaUkVC6hMgjJ1TcfbZ4xswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMTA4MDAwMDAwWhcNMjQxMjEzMjM1OTU5
WjB6MUkwRwYDVQQFE0A5MDc2MTU5ODNmZmNmOTVmMWE5OTc3NTc4YTNhZmQwMTZm
ZjIxZDJmOWQzMmE5YzE5NmZiYTAzMjE2YWMwMThkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDLgAjynvseSTOadg6BV+LIBTrg1X0F4kpWJaVy/JTriMuf
FKJKT9LnWQMJ7DR9AStOtlmViREwNHWuXR2y0y1X7o2Xtg/6CRZRUVMQjbqx3sKP
z3ROYVLUVr54q/33LsLQo9Rf5JhDkRNWi+I+BkDFUDt+dfYaOdAGzewxdKqWJmID
/e23duEFLLlloW47EqCpFk33ERg3yjkzLOvPJT2lkGXP/JpufPxV5Hn5CG5vP5Av
xgpN8oT/PyaK8TrWGuY3+cPh1QTNhzg92SlFCCeKkWkKhSgBlvK0E963fbmDwOtg
vjMhI1ZA4UZh/yvGUXpm6vePBaGeOGkAU4QcrkTbAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU+518GkaLUmlBuMh+6SMe7i1gUmgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzJmZTNjMzliLTBhODctNGEwYi1hZTVkLTIzODE1MjczYTcxZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwJBCDANBgkqhkiG9w0BAQsFAAOCAQEAjGfk+mkNWsL7mrN38FsX4VbHVOKr
sus2iHr+SV3ulQpq+pY2ABSsnnh1kyUzMBgYkeffKfei0EAzNEppe1fnsvu5DnIB
MzWstleOsBrqKBTD7wn+NMpPGd2bFx4zN6lYiSs/OFR8r0I9JKixIjE2mPVwDUQx
OF+zFfZ2xkBlIPwmYg0my4oqb2J2pEJDNKgItJwAi4wHGuxSq+ghjZrF/DHLzDiN
jtX80r0JmI4E4jZi6yaYsfbAdTzfSGUff2xDSFnRj3WKXQp8Q8IckaQId+8lnWon
L8Awtv3ocN9QeHWAmTOX8dXzZXxeEW8HyxDCFVEntLaXWroQFHUiFYIuqQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:02:27 2024 by rpki-client on console-ams.rpki-client.org