Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5c643c23-d471-4596-afde-39615bee9ec6.roa
File:                     5c643c23-d471-4596-afde-39615bee9ec6.roa (raw, json)
Hash identifier:          +xCqllN6Tq8COOC83GR2K6CKcgl847+miokUVrPk7mU=
Subject key identifier:   09:4E:55:0B:05:F8:AD:FC:3C:7F:3A:F8:9C:1B:E6:B5:BA:A7:C1:BB
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       466BE0D529F460F4A4A72C38FB349B76B6E7E338
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5c643c23-d471-4596-afde-39615bee9ec6.roa
Signing time:             Tue 19 Mar 2024 00:00:00 +0000
ROA not before:           Tue 19 Mar 2024 00:00:00 +0000
ROA not after:            Tue 23 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        96.0.136.0/21 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 30 Mar 2024 12:04:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            46:6b:e0:d5:29:f4:60:f4:a4:a7:2c:38:fb:34:9b:76:b6:e7:e3:38
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 19 00:00:00 2024 GMT
            Not After : Apr 23 23:59:59 2024 GMT
        Subject: serialNumber=773bf0d1c0d7e153550708a4f0fd43dae8ceab137feed8676eb435fd104a1505, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:b1:7e:69:9e:4e:06:b1:0d:1d:32:ef:70:a3:
                    0f:90:85:aa:59:95:af:21:1d:bb:11:27:e4:56:03:
                    fe:3f:b0:5d:d1:d4:3f:96:70:d6:04:2a:14:50:6f:
                    8b:96:7e:77:d0:6a:65:c9:4d:4f:74:62:7e:45:a9:
                    84:25:53:02:8a:0c:20:cc:05:2c:7f:06:fe:ac:7a:
                    c5:87:df:49:12:80:34:0a:b2:dc:a9:05:f5:b9:a4:
                    52:5b:10:65:ad:fc:09:53:72:ce:fd:7d:96:cb:87:
                    c3:30:5b:30:fa:da:bf:32:bf:b3:48:4a:6c:87:48:
                    34:41:20:74:cb:64:28:a6:9c:a1:9c:44:5a:6c:74:
                    c6:10:5f:bf:fe:83:c0:8d:56:2b:67:da:94:9a:9b:
                    bb:27:eb:5e:47:77:e4:76:bd:8d:d7:f5:d6:37:ae:
                    5d:4c:e4:91:33:0a:bf:49:3f:4e:8f:62:f7:10:8b:
                    d3:19:cf:0b:ba:7d:c0:c8:3d:98:01:cd:00:cb:ac:
                    85:10:33:a8:f9:e5:e4:31:4c:2f:87:e4:c7:f0:20:
                    d3:5c:af:99:0f:9e:3c:25:8c:bf:49:17:70:31:33:
                    3d:d1:d1:ea:3c:06:b9:16:fe:3c:e3:69:78:11:6d:
                    33:3f:55:a4:dc:54:d4:66:79:91:d2:ae:e4:13:c4:
                    e7:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:4E:55:0B:05:F8:AD:FC:3C:7F:3A:F8:9C:1B:E6:B5:BA:A7:C1:BB
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5c643c23-d471-4596-afde-39615bee9ec6.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  96.0.136.0/21

    Signature Algorithm: sha256WithRSAEncryption
         2b:25:a5:bf:92:a5:26:ac:d9:fe:ce:f0:b4:8b:d7:e0:41:0f:
         fe:b5:13:a1:ca:73:80:c5:ff:60:80:81:71:a2:b7:19:2f:ff:
         14:54:66:7b:50:fe:a5:45:a3:e3:4b:aa:90:08:13:0f:75:73:
         e3:e3:af:6e:16:33:d0:e5:a9:90:77:c3:10:3e:ed:d7:97:90:
         74:11:9f:e7:e3:27:30:59:ca:93:17:ac:c0:74:a0:c7:c2:ab:
         f8:23:3a:f4:86:44:bf:88:56:f7:45:54:92:bb:dd:59:9b:fe:
         31:b7:7d:cf:74:60:18:2a:be:01:ee:6a:47:70:9a:5e:0a:25:
         a3:96:f8:3e:74:89:ee:01:29:6b:20:1d:20:e4:68:3e:0a:5e:
         fb:33:fd:ad:a4:9e:f7:27:50:51:12:33:f9:18:22:f8:c1:37:
         61:b5:12:41:cf:ac:f4:13:97:4a:49:43:26:64:26:ec:80:0d:
         0a:9e:ec:81:34:be:14:7c:70:f9:0c:d8:44:fd:25:13:36:0f:
         01:de:81:b2:e5:71:fc:d8:32:50:5e:a8:5f:9d:be:e7:fc:bc:
         0c:88:42:3a:2d:c7:8c:9a:53:3e:41:54:92:84:d2:74:90:fc:
         63:dc:f5:d9:a0:31:f7:4b:0c:39:de:e3:ef:10:37:a5:3a:5a:
         1f:80:02:a7
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIURmvg1Sn0YPSkpyw4+zSbdrbn4zgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE5MDAwMDAwWhcNMjQwNDIzMjM1OTU5
WjB6MUkwRwYDVQQFE0A3NzNiZjBkMWMwZDdlMTUzNTUwNzA4YTRmMGZkNDNkYWU4
Y2VhYjEzN2ZlZWQ4Njc2ZWI0MzVmZDEwNGExNTA1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDusX5pnk4GsQ0dMu9wow+QhapZla8hHbsRJ+RWA/4/sF3R
1D+WcNYEKhRQb4uWfnfQamXJTU90Yn5FqYQlUwKKDCDMBSx/Bv6sesWH30kSgDQK
stypBfW5pFJbEGWt/AlTcs79fZbLh8MwWzD62r8yv7NISmyHSDRBIHTLZCimnKGc
RFpsdMYQX7/+g8CNVitn2pSam7sn615Hd+R2vY3X9dY3rl1M5JEzCr9JP06PYvcQ
i9MZzwu6fcDIPZgBzQDLrIUQM6j55eQxTC+H5MfwINNcr5kPnjwljL9JF3AxMz3R
0eo8BrkW/jzjaXgRbTM/VaTcVNRmeZHSruQTxOcnAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUCU5VCwX4rfw8fzr4nBvmtbqnwbswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzVjNjQzYzIzLWQ0NzEtNDU5Ni1hZmRlLTM5NjE1YmVlOWVjNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBANgAIgwDQYJKoZIhvcNAQELBQADggEBACslpb+SpSas2f7O8LSL1+BBD/61
E6HKc4DF/2CAgXGitxkv/xRUZntQ/qVFo+NLqpAIEw91c+Pjr24WM9DlqZB3wxA+
7deXkHQRn+fjJzBZypMXrMB0oMfCq/gjOvSGRL+IVvdFVJK73Vmb/jG3fc90YBgq
vgHuakdwml4KJaOW+D50ie4BKWsgHSDkaD4KXvsz/a2knvcnUFESM/kYIvjBN2G1
EkHPrPQTl0pJQyZkJuyADQqe7IE0vhR8cPkM2ET9JRM2DwHegbLlcfzYMlBeqF+d
vuf8vAyIQjotx4yaUz5BVJKE0nSQ/GPc9dmgMfdLDDne4+8QN6U6Wh+AAqc=
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:36:57 2024 by rpki-client on console-fra.rpki-client.org