Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/627b7923-e2c4-4ec0-a157-a61e484f88f7.roa
File:                     627b7923-e2c4-4ec0-a157-a61e484f88f7.roa (raw, json)
Hash identifier:          5UrmuvCNjJo3+/2IA4wCNCKyWyGrwnmQGrAA+0el5Go=
Subject key identifier:   E2:88:54:5B:0E:FA:3D:65:63:ED:F0:C0:ED:BC:46:F0:5D:3F:64:D8
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       6B43B5414B0DE73374DB783395924138E7EC5B0A
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/627b7923-e2c4-4ec0-a157-a61e484f88f7.roa
Signing time:             Tue 19 Mar 2024 00:00:00 +0000
ROA not before:           Tue 19 Mar 2024 00:00:00 +0000
ROA not after:            Tue 23 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        182.24.0.0/14 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 29 Mar 2024 12:02:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6b:43:b5:41:4b:0d:e7:33:74:db:78:33:95:92:41:38:e7:ec:5b:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 19 00:00:00 2024 GMT
            Not After : Apr 23 23:59:59 2024 GMT
        Subject: serialNumber=215148bb6ebb93d105f1de6540936ff523fa6483a1e19251fe66c86a2c078e58, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:cb:83:24:1f:8f:a6:01:19:2b:9a:6a:83:3e:
                    4d:ad:e4:ea:43:a3:af:2f:29:08:ac:de:26:2f:1e:
                    53:96:22:65:5e:89:6c:34:7d:b9:cd:02:24:04:51:
                    a2:d4:47:6f:64:f8:34:16:b6:6e:fa:22:88:f4:20:
                    cf:15:d6:62:bc:7b:6f:1b:89:cd:cd:40:38:b3:c2:
                    e4:9c:42:d3:d9:28:bc:f0:ba:10:84:35:89:fd:58:
                    fb:87:95:e3:37:59:3e:16:98:bb:99:16:13:2a:27:
                    e5:70:89:09:61:69:e0:dd:aa:7d:87:b3:d3:8d:2d:
                    a4:9e:e1:08:aa:b9:27:03:d1:c4:af:e4:99:6f:48:
                    bf:28:08:ab:99:ee:f9:2b:8e:4a:2d:5e:87:99:2c:
                    3b:77:38:a5:65:4a:ea:f2:f3:ff:96:35:32:3c:34:
                    82:66:7b:44:8f:69:c8:5b:49:10:ff:71:6b:2e:b2:
                    0f:bc:91:c7:91:74:57:16:f6:2f:25:a4:36:e2:59:
                    61:31:3b:81:ca:40:db:d7:11:0c:39:1c:2c:18:3e:
                    22:c7:4a:ab:f7:f7:c4:4b:92:30:86:74:93:1e:9f:
                    c0:db:86:1e:e1:ae:66:c5:c6:82:c6:de:f0:a2:13:
                    7e:ff:fb:fb:d3:c6:97:bb:27:c6:d4:26:89:e2:ab:
                    5a:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:88:54:5B:0E:FA:3D:65:63:ED:F0:C0:ED:BC:46:F0:5D:3F:64:D8
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/627b7923-e2c4-4ec0-a157-a61e484f88f7.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  182.24.0.0/14

    Signature Algorithm: sha256WithRSAEncryption
         55:d2:b7:e5:5e:3a:74:9a:73:51:a1:bf:40:12:d9:88:21:f3:
         4e:74:10:0a:b6:35:df:33:4b:c7:b4:73:10:c3:99:dc:16:48:
         9e:c4:80:99:d7:14:22:02:55:31:2d:9f:6b:1a:74:47:f5:5a:
         3b:70:c5:c7:ff:7d:d5:b3:60:06:ca:8f:5e:50:e0:bf:e8:bd:
         b0:ad:bb:19:d7:2f:e0:b1:25:4e:60:78:a9:87:4d:05:d0:aa:
         f2:89:8e:38:ab:7f:bc:0b:f4:53:af:08:bf:c1:67:5f:6f:5a:
         2f:96:79:ad:4a:16:fc:77:8d:31:56:7d:3f:a0:c2:0a:62:31:
         7a:76:ba:28:7e:59:46:a9:83:88:9d:73:d1:7a:81:59:e9:0e:
         24:cf:f6:15:1d:90:fb:2f:d5:14:c1:17:84:08:a6:f9:b9:a0:
         9f:0f:8c:9f:94:9c:97:e2:72:44:65:62:f3:5b:0b:d3:83:f0:
         fa:14:81:d4:34:4b:74:c1:2c:6a:13:3f:db:af:07:9d:f4:58:
         4a:e8:87:7b:47:af:74:09:a1:af:96:86:42:09:55:80:53:97:
         7b:aa:8b:5c:23:98:66:b8:21:60:07:df:a6:6b:8c:f3:07:c4:
         57:75:10:c9:b5:02:43:3d:ac:b4:36:d2:d2:35:8f:1b:35:1a:
         4b:d1:7e:43
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUa0O1QUsN5zN023gzlZJBOOfsWwowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE5MDAwMDAwWhcNMjQwNDIzMjM1OTU5
WjB6MUkwRwYDVQQFE0AyMTUxNDhiYjZlYmI5M2QxMDVmMWRlNjU0MDkzNmZmNTIz
ZmE2NDgzYTFlMTkyNTFmZTY2Yzg2YTJjMDc4ZTU4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCTy4MkH4+mARkrmmqDPk2t5OpDo68vKQis3iYvHlOWImVe
iWw0fbnNAiQEUaLUR29k+DQWtm76Ioj0IM8V1mK8e28bic3NQDizwuScQtPZKLzw
uhCENYn9WPuHleM3WT4WmLuZFhMqJ+VwiQlhaeDdqn2Hs9ONLaSe4QiquScD0cSv
5JlvSL8oCKuZ7vkrjkotXoeZLDt3OKVlSury8/+WNTI8NIJme0SPachbSRD/cWsu
sg+8kceRdFcW9i8lpDbiWWExO4HKQNvXEQw5HCwYPiLHSqv398RLkjCGdJMen8Db
hh7hrmbFxoLG3vCiE37/+/vTxpe7J8bUJoniq1pvAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU4ohUWw76PWVj7fDA7bxG8F0/ZNgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzYyN2I3OTIzLWUyYzQtNGVjMC1hMTU3LWE2MWU0ODRmODhmNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwK2GDANBgkqhkiG9w0BAQsFAAOCAQEAVdK35V46dJpzUaG/QBLZiCHzTnQQ
CrY13zNLx7RzEMOZ3BZInsSAmdcUIgJVMS2faxp0R/VaO3DFx/991bNgBsqPXlDg
v+i9sK27Gdcv4LElTmB4qYdNBdCq8omOOKt/vAv0U68Iv8FnX29aL5Z5rUoW/HeN
MVZ9P6DCCmIxena6KH5ZRqmDiJ1z0XqBWekOJM/2FR2Q+y/VFMEXhAim+bmgnw+M
n5Scl+JyRGVi81sL04Pw+hSB1DRLdMEsahM/268HnfRYSuiHe0evdAmhr5aGQglV
gFOXe6qLXCOYZrghYAffpmuM8wfEV3UQybUCQz2stDbS0jWPGzUaS9F+Qw==
-----END CERTIFICATE-----
Generated at Thu Mar 28 02:05:27 2024 by rpki-client on console-ams.rpki-client.org