Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3694a095-b131-421a-9330-fac2c9987478.roa
File:                     3694a095-b131-421a-9330-fac2c9987478.roa (raw, json)
Hash identifier:          tmZh7ikj2E039zWkxmFi9V/zqb6HWLtPyksp3gwNduE=
Subject key identifier:   F1:5A:D6:AE:9E:2B:A0:CA:B0:E4:C1:DA:20:2B:3F:D2:32:F5:5F:28
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       3AE8DB37A28448D38B640C7FC85A28E2AA384AA7
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3694a095-b131-421a-9330-fac2c9987478.roa
Signing time:             Sat 16 Mar 2024 00:00:00 +0000
ROA not before:           Sat 16 Mar 2024 00:00:00 +0000
ROA not after:            Sat 20 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        99.79.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 30 Mar 2024 12:04:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3a:e8:db:37:a2:84:48:d3:8b:64:0c:7f:c8:5a:28:e2:aa:38:4a:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 16 00:00:00 2024 GMT
            Not After : Apr 20 23:59:59 2024 GMT
        Subject: serialNumber=357fa27f6c282a4134a727c5f0e389c48da37b3e5db6f36061a3dc1ab47b1d22, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:23:d1:1c:23:ab:32:29:9d:f2:0f:44:2a:b3:
                    13:cb:f6:52:be:a8:64:24:1e:74:eb:28:64:59:dd:
                    7a:ae:b8:f8:d5:e8:cd:80:16:ff:4d:a8:ab:91:d4:
                    15:45:90:8d:18:93:d7:43:a9:44:62:01:af:33:77:
                    c0:46:78:a9:a8:ef:b6:36:2f:c5:00:60:ce:5f:5d:
                    3b:59:e1:b3:0d:6f:9f:47:89:18:09:51:12:a7:04:
                    8c:f0:bf:fc:06:c3:5f:52:aa:0f:ad:ff:f6:f6:a4:
                    9f:46:bc:ce:57:47:8f:de:ec:05:4a:d9:89:e9:dd:
                    e2:1f:5c:93:cc:6c:ea:01:49:7d:f3:65:1f:ac:35:
                    dd:66:d7:b3:f6:39:a0:62:2b:7d:b0:27:20:7a:f8:
                    cb:df:e7:90:97:d5:ef:8a:12:3a:ac:8e:4a:7e:68:
                    c4:c8:6e:21:5e:92:81:d8:d8:46:fe:27:b2:87:a1:
                    0f:10:61:df:34:f3:48:3c:94:47:ee:b6:19:6c:cf:
                    5b:95:84:41:00:f4:95:1b:6c:6f:8f:b4:c9:fb:b7:
                    3f:35:d3:a5:5d:5f:e9:4b:2a:a6:25:63:73:e2:65:
                    b9:37:4a:7e:d4:ee:d3:80:f6:ac:24:6c:6e:d3:17:
                    09:08:54:b7:d0:61:39:99:d8:9e:0b:f8:0f:16:9e:
                    44:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:5A:D6:AE:9E:2B:A0:CA:B0:E4:C1:DA:20:2B:3F:D2:32:F5:5F:28
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3694a095-b131-421a-9330-fac2c9987478.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.79.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         6c:cf:9f:6d:78:52:fc:bf:06:81:7c:01:52:2b:01:e6:1f:c1:
         ad:71:a5:26:ce:65:d9:5f:be:8f:61:e2:72:72:9d:b2:44:e8:
         ed:29:cc:af:34:a2:d9:11:c1:c4:95:f5:6d:54:c7:a4:a8:05:
         0c:2f:4f:08:ee:d3:69:d9:13:ed:25:10:80:d8:1c:76:4c:bc:
         bf:e5:86:1c:38:4b:d9:ba:37:2f:f0:90:db:c6:6c:4e:2e:3d:
         d8:55:d1:1f:0e:42:4b:0b:38:af:1e:2b:dd:d5:ba:b3:28:9d:
         35:5a:75:9d:c3:0e:6d:e7:d7:f7:95:ad:67:94:19:61:da:86:
         ca:27:6d:91:7b:ce:b1:cb:61:4c:ca:63:27:b2:47:db:b7:f2:
         11:cf:67:17:50:92:c1:1f:a2:91:ca:65:cb:0c:7e:96:5e:76:
         8c:c2:e1:89:a9:52:3e:53:0d:33:27:c0:79:27:56:38:cc:e6:
         03:2f:9a:8f:24:9b:93:4a:02:35:2f:43:95:96:ec:f4:72:48:
         4f:42:d7:4d:e3:e7:38:8c:5a:b9:63:a6:fb:8a:c7:77:e7:b7:
         c0:db:ba:2c:41:e0:73:a1:68:d7:d9:4a:fe:05:e9:39:e1:7c:
         5a:83:df:ba:76:1f:aa:c0:9a:73:6e:a7:16:99:e3:58:36:c1:
         45:cd:d1:fc
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUOujbN6KESNOLZAx/yFoo4qo4SqcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE2MDAwMDAwWhcNMjQwNDIwMjM1OTU5
WjB6MUkwRwYDVQQFE0AzNTdmYTI3ZjZjMjgyYTQxMzRhNzI3YzVmMGUzODljNDhk
YTM3YjNlNWRiNmYzNjA2MWEzZGMxYWI0N2IxZDIyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC+I9EcI6syKZ3yD0QqsxPL9lK+qGQkHnTrKGRZ3XquuPjV
6M2AFv9NqKuR1BVFkI0Yk9dDqURiAa8zd8BGeKmo77Y2L8UAYM5fXTtZ4bMNb59H
iRgJURKnBIzwv/wGw19Sqg+t//b2pJ9GvM5XR4/e7AVK2Ynp3eIfXJPMbOoBSX3z
ZR+sNd1m17P2OaBiK32wJyB6+Mvf55CX1e+KEjqsjkp+aMTIbiFekoHY2Eb+J7KH
oQ8QYd8080g8lEfuthlsz1uVhEEA9JUbbG+PtMn7tz8106VdX+lLKqYlY3PiZbk3
Sn7U7tOA9qwkbG7TFwkIVLfQYTmZ2J4L+A8WnkQ9AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU8VrWrp4roMqw5MHaICs/0jL1XygwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzM2OTRhMDk1LWIxMzEtNDIxYS05MzMwLWZhYzJjOTk4NzQ3OC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwBjTzANBgkqhkiG9w0BAQsFAAOCAQEAbM+fbXhS/L8GgXwBUisB5h/BrXGl
Js5l2V++j2HicnKdskTo7SnMrzSi2RHBxJX1bVTHpKgFDC9PCO7TadkT7SUQgNgc
dky8v+WGHDhL2bo3L/CQ28ZsTi492FXRHw5CSws4rx4r3dW6syidNVp1ncMObefX
95WtZ5QZYdqGyidtkXvOscthTMpjJ7JH27fyEc9nF1CSwR+ikcplywx+ll52jMLh
ialSPlMNMyfAeSdWOMzmAy+ajySbk0oCNS9DlZbs9HJIT0LXTePnOIxauWOm+4rH
d+e3wNu6LEHgc6Fo19lK/gXpOeF8WoPfunYfqsCac26nFpnjWDbBRc3R/A==
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:36:48 2024 by rpki-client on console-fra.rpki-client.org