Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/31d1b808-e86d-4470-94d3-43f282680e9f.roa
File:                     31d1b808-e86d-4470-94d3-43f282680e9f.roa (raw, json)
Hash identifier:          5mRdepcXbB0Z0tfHIjWKmNtnWoZeUJeDe2PHwFyMKN4=
Subject key identifier:   FB:8E:E7:C3:4D:ED:38:5D:7B:E2:34:02:22:45:14:F5:2B:D2:6C:F2
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       141A9FF172D24D0B507657DCEE35485345A3B356
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/31d1b808-e86d-4470-94d3-43f282680e9f.roa
Signing time:             Sat 16 Mar 2024 00:00:00 +0000
ROA not before:           Sat 16 Mar 2024 00:00:00 +0000
ROA not after:            Sat 20 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        134.127.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 30 Mar 2024 12:04:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            14:1a:9f:f1:72:d2:4d:0b:50:76:57:dc:ee:35:48:53:45:a3:b3:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 16 00:00:00 2024 GMT
            Not After : Apr 20 23:59:59 2024 GMT
        Subject: serialNumber=92cbb785798630b8b6674e1348201513ced3c4b887c51bd6e755ba7be95b4771, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:0c:a7:60:d9:96:d0:b1:9c:11:6c:0d:24:30:
                    89:4d:a4:91:db:66:a7:8c:f1:88:24:14:fd:20:6b:
                    55:76:44:21:a2:14:91:eb:18:51:9e:bb:62:07:25:
                    bc:e4:df:50:4d:81:a9:7b:c4:7c:f2:73:c8:3c:7a:
                    fd:b3:e1:91:fd:72:b2:9e:45:8f:0f:cc:db:d8:c7:
                    3c:2f:4d:13:f5:f4:b5:2f:1f:55:7c:ba:2b:6a:3a:
                    34:ec:01:be:f7:88:2d:fe:50:24:42:0b:9e:e0:13:
                    2a:4e:fe:3f:50:58:9e:a2:e7:1d:a3:e2:38:9f:d7:
                    8f:a0:24:39:1f:c7:83:7f:cb:52:bb:2d:aa:4c:71:
                    2c:36:fc:fc:bf:50:4a:69:eb:8a:cd:12:1f:41:23:
                    2d:51:75:f1:d0:ad:2c:b1:43:6e:ad:06:b4:9f:9c:
                    ec:4c:24:b7:67:24:89:4a:4b:b6:3f:56:e0:1f:cd:
                    3c:8e:f3:38:4b:3e:1c:92:d3:77:8a:11:85:d5:5c:
                    36:d9:1f:5c:61:c5:2f:67:cf:7c:88:2d:f0:1f:7b:
                    b7:be:0c:1b:2d:0a:28:0a:d1:54:97:9c:b3:4d:01:
                    0d:6f:82:8c:46:d3:96:8c:24:fd:62:0e:b7:23:07:
                    8a:8d:46:23:72:6b:51:28:80:81:02:50:10:99:68:
                    1f:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:8E:E7:C3:4D:ED:38:5D:7B:E2:34:02:22:45:14:F5:2B:D2:6C:F2
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/31d1b808-e86d-4470-94d3-43f282680e9f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  134.127.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         c4:72:e7:1f:4a:00:83:b4:47:95:ac:f9:28:56:3d:9f:6c:4c:
         ba:2d:b7:17:41:84:fe:d5:69:26:3f:b9:a4:90:0b:06:f1:81:
         99:4c:e8:1d:e6:64:99:17:82:af:e0:ff:b5:d9:1e:c0:7c:39:
         e0:20:fe:d3:08:b4:ea:f0:b6:3d:ae:78:b7:5c:0c:e8:13:00:
         26:ce:d4:3a:00:7e:40:45:a3:cd:c8:9e:60:3c:9d:7c:ad:f3:
         72:dc:f0:c4:1e:52:92:30:c0:6c:3a:ed:d2:26:6c:8c:77:52:
         73:39:86:bc:8e:b3:f2:5a:b0:11:9a:89:b6:64:eb:a7:f0:6b:
         06:f6:2d:1c:aa:57:2c:c9:0c:9d:38:e5:3f:d8:31:ca:a8:bd:
         f1:a0:4b:de:70:ec:93:86:94:ae:ce:b8:01:cf:97:10:40:fc:
         01:2a:8a:3f:13:00:f8:f8:6c:79:89:aa:17:71:dd:59:26:9d:
         ab:4a:64:10:65:25:23:e4:5a:83:44:b8:ec:b5:2e:5f:ab:9f:
         4d:37:83:03:00:2a:b7:d1:cf:24:dd:35:f8:95:25:d3:12:6a:
         db:8e:f7:d3:34:45:cc:2b:8c:6b:dc:e0:63:ff:e6:b8:2d:0f:
         fe:f0:64:7b:7e:dc:ef:b5:3d:16:eb:31:54:80:c7:53:ee:8c:
         7b:27:ab:99
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUFBqf8XLSTQtQdlfc7jVIU0Wjs1YwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE2MDAwMDAwWhcNMjQwNDIwMjM1OTU5
WjB6MUkwRwYDVQQFE0A5MmNiYjc4NTc5ODYzMGI4YjY2NzRlMTM0ODIwMTUxM2Nl
ZDNjNGI4ODdjNTFiZDZlNzU1YmE3YmU5NWI0NzcxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCTDKdg2ZbQsZwRbA0kMIlNpJHbZqeM8YgkFP0ga1V2RCGi
FJHrGFGeu2IHJbzk31BNgal7xHzyc8g8ev2z4ZH9crKeRY8PzNvYxzwvTRP19LUv
H1V8uitqOjTsAb73iC3+UCRCC57gEypO/j9QWJ6i5x2j4jif14+gJDkfx4N/y1K7
LapMcSw2/Py/UEpp64rNEh9BIy1RdfHQrSyxQ26tBrSfnOxMJLdnJIlKS7Y/VuAf
zTyO8zhLPhyS03eKEYXVXDbZH1xhxS9nz3yILfAfe7e+DBstCigK0VSXnLNNAQ1v
goxG05aMJP1iDrcjB4qNRiNya1EogIECUBCZaB/BAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU+47nw03tOF174jQCIkUU9SvSbPIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzMxZDFiODA4LWU4NmQtNDQ3MC05NGQzLTQzZjI4MjY4MGU5Zi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCGfzANBgkqhkiG9w0BAQsFAAOCAQEAxHLnH0oAg7RHlaz5KFY9n2xMui23
F0GE/tVpJj+5pJALBvGBmUzoHeZkmReCr+D/tdkewHw54CD+0wi06vC2Pa54t1wM
6BMAJs7UOgB+QEWjzcieYDydfK3zctzwxB5SkjDAbDrt0iZsjHdSczmGvI6z8lqw
EZqJtmTrp/BrBvYtHKpXLMkMnTjlP9gxyqi98aBL3nDsk4aUrs64Ac+XEED8ASqK
PxMA+PhseYmqF3HdWSadq0pkEGUlI+Rag0S47LUuX6ufTTeDAwAqt9HPJN01+JUl
0xJq24730zRFzCuMa9zgY//muC0P/vBke37c77U9FusxVIDHU+6MeyermQ==
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:17:02 2024 by rpki-client on console-ams.rpki-client.org