Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4da773c1-1f36-470b-b271-919911668a55.roa
File:                     4da773c1-1f36-470b-b271-919911668a55.roa (raw, json)
Hash identifier:          w6pFA9JmZkmWP5O64Ib3qSapxw6GJ/jId2EarLwo9l4=
Subject key identifier:   3C:C0:CC:31:4A:45:92:10:2B:31:4B:CD:19:5E:2A:F9:65:F7:A9:3A
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       38C7C7B64F9791901B3A1E62B3EDCE4A58A3BDA9
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4da773c1-1f36-470b-b271-919911668a55.roa
Signing time:             Tue 19 Mar 2024 00:00:00 +0000
ROA not before:           Tue 19 Mar 2024 00:00:00 +0000
ROA not after:            Tue 23 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        99.151.144.0/21 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 29 Mar 2024 12:02:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            38:c7:c7:b6:4f:97:91:90:1b:3a:1e:62:b3:ed:ce:4a:58:a3:bd:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 19 00:00:00 2024 GMT
            Not After : Apr 23 23:59:59 2024 GMT
        Subject: serialNumber=d6a5dae35ac158e68c6269c0763a54e6218619d3493974c2b92e30c8020e0fd9, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:b9:d6:51:b6:90:f1:d9:41:84:18:a8:f7:dd:
                    38:a0:ef:a6:68:2f:78:fb:8a:a8:35:b3:e3:ba:a5:
                    a2:e7:b6:64:1c:3f:3f:09:c3:12:88:1f:50:32:60:
                    99:f6:9b:f0:75:6f:73:48:0e:6a:e2:e1:92:5e:8e:
                    da:56:61:16:b8:c5:f1:3e:7c:6d:9c:fd:9b:d7:24:
                    7b:d3:03:c9:f8:2f:0b:d0:a6:63:99:bf:17:47:3b:
                    02:3a:05:19:f9:b7:e4:cc:06:65:e9:7c:ab:b9:dd:
                    5a:bf:9d:e8:1e:0c:c3:23:79:4f:0c:dc:6c:62:84:
                    0a:ea:d0:2b:78:eb:aa:61:ef:a9:a9:d2:6d:4a:08:
                    c7:f1:82:b7:30:71:79:d9:10:60:ba:dd:ed:a9:de:
                    99:6e:63:83:65:5a:fa:ad:c7:a2:12:5b:60:7c:9f:
                    c1:72:7d:02:97:12:24:30:6a:dc:f5:e7:7f:14:01:
                    b9:f7:66:bd:13:2c:e3:04:f0:2b:88:84:e5:71:26:
                    e1:ce:b3:32:28:2b:f7:3e:6b:c9:a6:56:37:ee:aa:
                    17:87:a7:82:bb:49:27:8d:a6:b2:2f:95:dc:a2:06:
                    34:76:47:5c:17:3b:a7:8b:38:99:29:4c:20:99:47:
                    a4:9f:97:f4:14:ee:bc:18:0e:cc:ef:be:9d:ed:b4:
                    7f:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:C0:CC:31:4A:45:92:10:2B:31:4B:CD:19:5E:2A:F9:65:F7:A9:3A
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4da773c1-1f36-470b-b271-919911668a55.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.151.144.0/21

    Signature Algorithm: sha256WithRSAEncryption
         2e:85:5b:f7:f7:a0:65:00:ae:48:ed:d1:12:67:dc:46:57:d5:
         67:49:c3:d4:bf:75:d6:d0:3b:11:66:b2:5e:74:ae:7e:af:50:
         10:9c:ea:16:4e:30:6e:2b:dc:00:32:28:66:bf:2b:0e:a4:69:
         d1:6f:95:19:a0:1e:9e:aa:67:3f:87:d6:9c:a4:88:54:3f:4b:
         56:c7:bf:c7:42:d9:ab:be:c8:b1:d5:95:dc:13:58:20:c2:1b:
         15:63:9b:e8:79:bf:4d:50:54:5c:c8:ef:34:47:f1:a6:5b:81:
         bc:3f:f6:bb:f8:8d:12:3b:75:6c:da:7c:0d:40:fc:41:7b:ea:
         1c:59:87:1c:31:25:82:5e:19:53:75:17:fc:81:f7:6a:de:23:
         03:4b:fb:7b:9e:a5:17:97:07:79:a1:aa:a9:c0:e6:b9:f2:77:
         ec:3f:49:de:cf:e0:64:93:8f:e1:f9:29:18:aa:a3:d4:09:e8:
         16:3b:21:a6:c5:42:f2:a7:4d:e5:24:66:ce:ef:ba:8b:3f:57:
         fa:55:c0:bd:ce:a3:08:6a:25:ca:1a:33:dd:dd:31:59:e7:1f:
         b9:21:96:09:86:de:f9:9f:d4:17:ba:ab:e5:cd:db:e4:6a:9e:
         8f:57:a5:93:ff:31:a5:ec:c4:a5:ee:14:29:d3:73:f3:f9:27:
         18:b0:71:c9
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUOMfHtk+XkZAbOh5is+3OSlijvakwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE5MDAwMDAwWhcNMjQwNDIzMjM1OTU5
WjB6MUkwRwYDVQQFE0BkNmE1ZGFlMzVhYzE1OGU2OGM2MjY5YzA3NjNhNTRlNjIx
ODYxOWQzNDkzOTc0YzJiOTJlMzBjODAyMGUwZmQ5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDiudZRtpDx2UGEGKj33Tig76ZoL3j7iqg1s+O6paLntmQc
Pz8JwxKIH1AyYJn2m/B1b3NIDmri4ZJejtpWYRa4xfE+fG2c/ZvXJHvTA8n4LwvQ
pmOZvxdHOwI6BRn5t+TMBmXpfKu53Vq/negeDMMjeU8M3GxihArq0Ct466ph76mp
0m1KCMfxgrcwcXnZEGC63e2p3pluY4NlWvqtx6ISW2B8n8FyfQKXEiQwatz1538U
Abn3Zr0TLOME8CuIhOVxJuHOszIoK/c+a8mmVjfuqheHp4K7SSeNprIvldyiBjR2
R1wXO6eLOJkpTCCZR6Sfl/QU7rwYDszvvp3ttH9tAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUPMDMMUpFkhArMUvNGV4q+WX3qTowHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzRkYTc3M2MxLTFmMzYtNDcwYi1iMjcxLTkxOTkxMTY2OGE1NS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBANjl5AwDQYJKoZIhvcNAQELBQADggEBAC6FW/f3oGUArkjt0RJn3EZX1WdJ
w9S/ddbQOxFmsl50rn6vUBCc6hZOMG4r3AAyKGa/Kw6kadFvlRmgHp6qZz+H1pyk
iFQ/S1bHv8dC2au+yLHVldwTWCDCGxVjm+h5v01QVFzI7zRH8aZbgbw/9rv4jRI7
dWzafA1A/EF76hxZhxwxJYJeGVN1F/yB92reIwNL+3uepReXB3mhqqnA5rnyd+w/
Sd7P4GSTj+H5KRiqo9QJ6BY7IabFQvKnTeUkZs7vuos/V/pVwL3OowhqJcoaM93d
MVnnH7khlgmG3vmf1Be6q+XN2+Rqno9XpZP/MaXsxKXuFCnTc/P5Jxiwcck=
-----END CERTIFICATE-----
Generated at Thu Mar 28 00:59:57 2024 by rpki-client on console-fra.rpki-client.org