Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/59549cf5-0d12-4294-bde9-17545fc36227.roa
File:                     59549cf5-0d12-4294-bde9-17545fc36227.roa (raw, json)
Hash identifier:          jddBLmB0YfJ+carkQW/5/HNi7h6VSh2Hxzar1k2MgFU=
Subject key identifier:   7B:3D:BD:55:43:F2:06:D9:59:F0:37:20:11:B1:AD:EC:1B:3F:85:83
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       221A3154948CD94092C671AC779B9AB04E1B02C9
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/59549cf5-0d12-4294-bde9-17545fc36227.roa
Signing time:             Tue 19 Mar 2024 00:00:00 +0000
ROA not before:           Tue 19 Mar 2024 00:00:00 +0000
ROA not after:            Tue 23 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        56.66.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 29 Mar 2024 12:02:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            22:1a:31:54:94:8c:d9:40:92:c6:71:ac:77:9b:9a:b0:4e:1b:02:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 19 00:00:00 2024 GMT
            Not After : Apr 23 23:59:59 2024 GMT
        Subject: serialNumber=ad843671a3c060e873d25af52c51e2b8aa66d9edb68f899a3c20a69abc71c0b2, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:99:4a:c4:69:45:a6:93:95:bc:b6:83:b0:95:
                    dd:99:d3:c9:b5:e8:80:36:13:4b:8e:42:be:2a:f4:
                    c7:7b:89:ca:6b:f5:a3:ef:8f:0a:97:b5:50:a5:f9:
                    d6:33:8d:c0:66:4f:0b:d5:cf:c1:2c:1b:a4:a4:c3:
                    a2:d0:d4:dd:90:83:05:1b:cc:e9:dc:18:6a:42:26:
                    2d:bb:33:80:6b:d4:cb:4b:ad:1a:ce:b9:7d:d0:67:
                    61:05:01:dc:d7:b4:ed:85:d4:24:31:ad:c4:05:70:
                    2c:05:42:e0:65:63:96:8b:79:ed:4b:68:7b:15:91:
                    5e:06:99:d4:3f:d1:03:64:1e:af:cc:d8:60:8c:c3:
                    48:93:23:35:90:45:27:01:5f:81:ab:ae:4b:58:12:
                    db:da:3f:61:29:00:0b:5b:d9:bb:dc:56:a1:f7:ec:
                    05:be:50:55:f0:d1:ca:24:5b:b4:e9:34:f8:46:07:
                    65:67:c2:59:53:f0:2a:72:d4:e0:e5:05:48:06:1c:
                    11:32:a4:01:48:d8:7c:45:31:e1:0c:cf:0c:76:58:
                    5c:db:c7:6d:6f:90:75:b6:52:0f:fc:25:a6:78:73:
                    b3:4c:6c:b7:ac:e1:a9:f9:77:01:b7:8a:1d:7a:d9:
                    a6:18:33:7b:9f:85:88:33:da:c6:02:2b:06:52:40:
                    42:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:3D:BD:55:43:F2:06:D9:59:F0:37:20:11:B1:AD:EC:1B:3F:85:83
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/59549cf5-0d12-4294-bde9-17545fc36227.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.66.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         30:1b:a4:07:3e:64:7c:19:91:bf:09:0e:a5:7e:6a:38:ba:79:
         06:94:67:06:72:08:11:26:71:7f:84:59:76:ba:b2:07:8f:b9:
         2b:aa:0a:29:46:5c:cb:8a:ac:7c:9d:61:de:2e:e4:73:70:cb:
         e3:b6:89:72:4f:0c:e6:9d:d2:9d:69:d0:dc:94:91:9c:42:77:
         56:1a:e8:84:a3:b1:40:56:76:34:7f:35:6d:e9:94:04:e9:5f:
         24:5e:47:63:df:05:b0:27:d1:6a:7b:fa:0d:5d:e4:38:5c:a8:
         ff:97:15:bd:1c:ca:96:b9:47:6b:9b:56:b9:83:52:57:b8:2a:
         d6:5d:46:aa:d4:c6:16:db:6a:11:da:75:f7:dd:e2:7b:61:60:
         06:ff:a3:85:79:0d:6d:a8:e9:c4:25:d9:db:b8:b4:05:2e:41:
         d3:8a:ac:96:a5:7b:3b:70:24:5f:c8:5f:b7:81:e8:a7:ea:68:
         4e:05:f5:b4:da:db:ff:de:5c:ea:89:d4:13:27:87:ea:39:25:
         6f:11:15:6b:56:8a:77:64:d4:03:fe:e0:bc:9c:6d:99:ab:11:
         cb:87:4b:2d:56:d4:7b:70:42:8d:9d:bd:2a:88:14:da:02:79:
         8d:1d:f0:d0:02:8f:ca:15:80:10:5e:5d:c5:35:71:f2:97:b6:
         9a:82:13:64
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUIhoxVJSM2UCSxnGsd5uasE4bAskwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE5MDAwMDAwWhcNMjQwNDIzMjM1OTU5
WjB6MUkwRwYDVQQFE0BhZDg0MzY3MWEzYzA2MGU4NzNkMjVhZjUyYzUxZTJiOGFh
NjZkOWVkYjY4Zjg5OWEzYzIwYTY5YWJjNzFjMGIyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCumUrEaUWmk5W8toOwld2Z08m16IA2E0uOQr4q9Md7icpr
9aPvjwqXtVCl+dYzjcBmTwvVz8EsG6Skw6LQ1N2QgwUbzOncGGpCJi27M4Br1MtL
rRrOuX3QZ2EFAdzXtO2F1CQxrcQFcCwFQuBlY5aLee1LaHsVkV4GmdQ/0QNkHq/M
2GCMw0iTIzWQRScBX4GrrktYEtvaP2EpAAtb2bvcVqH37AW+UFXw0cokW7TpNPhG
B2VnwllT8Cpy1ODlBUgGHBEypAFI2HxFMeEMzwx2WFzbx21vkHW2Ug/8JaZ4c7NM
bLes4an5dwG3ih162aYYM3ufhYgz2sYCKwZSQEITAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUez29VUPyBtlZ8DcgEbGt7Bs/hYMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzU5NTQ5Y2Y1LTBkMTItNDI5NC1iZGU5LTE3NTQ1ZmMzNjIyNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4QjANBgkqhkiG9w0BAQsFAAOCAQEAMBukBz5kfBmRvwkOpX5qOLp5BpRn
BnIIESZxf4RZdrqyB4+5K6oKKUZcy4qsfJ1h3i7kc3DL47aJck8M5p3SnWnQ3JSR
nEJ3VhrohKOxQFZ2NH81bemUBOlfJF5HY98FsCfRanv6DV3kOFyo/5cVvRzKlrlH
a5tWuYNSV7gq1l1GqtTGFttqEdp1993ie2FgBv+jhXkNbajpxCXZ27i0BS5B04qs
lqV7O3AkX8hft4Hop+poTgX1tNrb/95c6onUEyeH6jklbxEVa1aKd2TUA/7gvJxt
masRy4dLLVbUe3BCjZ29KogU2gJ5jR3w0AKPyhWAEF5dxTVx8pe2moITZA==
-----END CERTIFICATE-----
Generated at Thu Mar 28 01:00:00 2024 by rpki-client on console-fra.rpki-client.org