Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5bb79540-5c2f-456f-ae30-7941028a46e4.roa
File:                     5bb79540-5c2f-456f-ae30-7941028a46e4.roa (raw, json)
Hash identifier:          /c0ghcFXDPCcNftsg3HYlXu0WX1LDT6AeSbJ1DkxBPE=
Subject key identifier:   06:22:B1:5F:2B:7F:01:66:F2:6B:64:10:D1:D8:E9:7D:51:B9:16:E6
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       2E44A7B2E1B7E7720C94EF0F6F795E8A8C3A9053
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5bb79540-5c2f-456f-ae30-7941028a46e4.roa
Signing time:             Mon 02 Dec 2024 00:00:00 +0000
ROA not before:           Mon 02 Dec 2024 00:00:00 +0000
ROA not after:            Mon 06 Jan 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        156.5.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 11 Dec 2024 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2e:44:a7:b2:e1:b7:e7:72:0c:94:ef:0f:6f:79:5e:8a:8c:3a:90:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec  2 00:00:00 2024 GMT
            Not After : Jan  6 23:59:59 2025 GMT
        Subject: serialNumber=90879c48048b35e5a94925f0253b1a479ff95e4edfd60b8ab9b81961b10c0d1b, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:7c:7a:dd:8d:2f:27:f1:f8:5d:11:fa:1b:ec:
                    2e:f2:4d:af:85:e1:6a:9a:f5:a1:ac:2c:cb:15:85:
                    28:ed:09:de:33:6c:4a:2c:f7:1c:79:4c:95:10:b4:
                    d2:e1:e4:e3:7d:b4:ad:0e:dc:b6:83:22:74:25:99:
                    ea:f2:0f:eb:fe:11:f7:74:23:a2:52:91:13:18:18:
                    46:b7:4c:26:bd:f7:e5:77:f1:d3:d4:9f:fa:1b:7b:
                    81:58:f3:29:65:4c:e1:a3:e9:09:0a:13:0b:96:7b:
                    67:3a:ae:7c:98:33:1a:44:55:4b:1d:93:a6:b7:ba:
                    51:9c:49:26:c8:38:04:6d:bb:ae:33:d7:56:ca:e9:
                    91:5e:23:d9:5a:5f:82:dd:50:89:1a:e4:64:f9:7d:
                    52:1b:14:ae:0b:ef:29:2e:9e:be:9f:f6:ce:73:f5:
                    9f:57:12:64:39:9d:71:76:07:e9:39:bf:57:1c:e3:
                    61:a8:a3:7a:8f:8f:44:72:96:c6:a4:1f:fc:ba:b6:
                    b7:e7:bd:58:b9:4c:e0:3a:98:e6:80:27:fa:e7:29:
                    29:13:e0:08:76:19:0f:a8:43:25:60:78:db:f9:71:
                    73:47:fb:4b:d6:86:17:93:7c:d2:86:a6:2f:66:3c:
                    47:82:d8:ad:31:df:8a:f9:c7:fb:48:03:a6:77:93:
                    11:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:22:B1:5F:2B:7F:01:66:F2:6B:64:10:D1:D8:E9:7D:51:B9:16:E6
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5bb79540-5c2f-456f-ae30-7941028a46e4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  156.5.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         b7:8b:14:d3:e2:1e:c7:b2:c0:96:b9:a5:96:e3:f7:ae:d6:99:
         c9:86:f5:6f:f7:13:2a:9c:c6:c7:ab:47:67:95:cf:d2:c7:7d:
         f0:46:a3:af:69:fa:6e:27:52:ce:64:6f:37:e6:c3:67:1f:65:
         18:11:24:eb:a5:30:ca:47:77:99:0a:cd:b1:61:a0:16:bc:e6:
         fa:05:a8:d7:23:37:d3:cf:13:98:4b:03:b9:7b:6a:3e:f8:f1:
         8d:61:f8:72:1f:e9:34:da:9f:01:71:cf:8d:e5:4f:f4:e8:67:
         13:28:87:8a:0f:10:6c:9c:e2:61:08:ad:36:c3:03:fe:74:fc:
         85:03:d8:ba:86:44:73:b0:cf:a8:78:f7:fe:1a:1d:3a:8e:a6:
         c9:6c:fc:0f:02:e7:cc:4b:c6:96:55:ba:a7:6c:47:10:a6:2e:
         3b:92:56:71:a8:88:4d:83:44:cd:e1:7d:87:da:d5:9a:30:24:
         e4:22:dc:26:8f:00:53:03:8f:99:a8:4e:45:63:a1:16:25:5f:
         68:49:a1:2b:1c:59:fe:98:9f:f5:4a:b7:17:01:63:80:1f:e2:
         df:57:ee:8b:d7:3f:54:5c:cd:6a:60:70:23:cd:e4:e3:f3:d5:
         21:13:a6:e6:81:cf:c0:9e:82:3d:ca:f1:ca:e1:be:8a:14:d2:
         d9:cb:2b:6c
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIULkSnsuG353IMlO8Pb3leiow6kFMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjAyMDAwMDAwWhcNMjUwMTA2MjM1OTU5
WjB6MUkwRwYDVQQFE0A5MDg3OWM0ODA0OGIzNWU1YTk0OTI1ZjAyNTNiMWE0Nzlm
Zjk1ZTRlZGZkNjBiOGFiOWI4MTk2MWIxMGMwZDFiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDHfHrdjS8n8fhdEfob7C7yTa+F4Wqa9aGsLMsVhSjtCd4z
bEos9xx5TJUQtNLh5ON9tK0O3LaDInQlmeryD+v+Efd0I6JSkRMYGEa3TCa99+V3
8dPUn/obe4FY8yllTOGj6QkKEwuWe2c6rnyYMxpEVUsdk6a3ulGcSSbIOARtu64z
11bK6ZFeI9laX4LdUIka5GT5fVIbFK4L7ykunr6f9s5z9Z9XEmQ5nXF2B+k5v1cc
42Goo3qPj0RylsakH/y6trfnvVi5TOA6mOaAJ/rnKSkT4Ah2GQ+oQyVgeNv5cXNH
+0vWhheTfNKGpi9mPEeC2K0x34r5x/tIA6Z3kxFvAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUBiKxXyt/AWbya2QQ0djpfVG5FuYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzViYjc5NTQwLTVjMmYtNDU2Zi1hZTMwLTc5NDEwMjhhNDZlNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCcBTANBgkqhkiG9w0BAQsFAAOCAQEAt4sU0+Iex7LAlrmlluP3rtaZyYb1
b/cTKpzGx6tHZ5XP0sd98Eajr2n6bidSzmRvN+bDZx9lGBEk66Uwykd3mQrNsWGg
Frzm+gWo1yM3088TmEsDuXtqPvjxjWH4ch/pNNqfAXHPjeVP9OhnEyiHig8QbJzi
YQitNsMD/nT8hQPYuoZEc7DPqHj3/hodOo6myWz8DwLnzEvGllW6p2xHEKYuO5JW
caiITYNEzeF9h9rVmjAk5CLcJo8AUwOPmahORWOhFiVfaEmhKxxZ/pif9Uq3FwFj
gB/i31fui9c/VFzNamBwI83k4/PVIROm5oHPwJ6CPcrxyuG+ihTS2csrbA==
-----END CERTIFICATE-----
Generated at Tue Dec 10 06:25:22 2024 by rpki-client on console-ams.rpki-client.org