Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/655eb118-9f64-44b3-9207-2b6891960d1c.roa
File:                     655eb118-9f64-44b3-9207-2b6891960d1c.roa (raw, json)
Hash identifier:          gqxEbWeh42YA0KrNbKyMfuk/+3BrStDH++Bh970jhSw=
Subject key identifier:   A9:96:CC:C6:8B:D2:1B:1B:63:11:E2:72:43:01:78:A1:EB:8C:D9:F2
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       1F9C5B4802A865AFDFDDE48FE72BAC9EC6D19749
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/655eb118-9f64-44b3-9207-2b6891960d1c.roa
Signing time:             Tue 19 Mar 2024 00:00:00 +0000
ROA not before:           Tue 19 Mar 2024 00:00:00 +0000
ROA not after:            Tue 23 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        44.192.0.0/10 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 30 Mar 2024 12:04:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1f:9c:5b:48:02:a8:65:af:df:dd:e4:8f:e7:2b:ac:9e:c6:d1:97:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 19 00:00:00 2024 GMT
            Not After : Apr 23 23:59:59 2024 GMT
        Subject: serialNumber=44eb93dfa76c42b2c51d086ecad5b7157f40e269660fb638e91541ee092b7e4f, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:ae:db:fb:d9:a4:e0:28:62:a9:8d:3c:0d:41:
                    b7:13:b3:24:9e:45:6c:37:03:85:8d:80:57:6a:9d:
                    08:05:f4:3c:0e:d8:8a:f1:2c:b2:71:58:92:76:c8:
                    11:4c:07:53:42:00:b0:59:5c:e9:36:64:36:93:23:
                    c7:02:42:8b:aa:1d:e2:99:da:f6:ee:ed:0c:ef:53:
                    44:1e:7f:7f:52:f4:06:58:c8:9a:72:50:68:28:f4:
                    fa:25:1b:eb:d6:a7:86:b2:1a:0e:94:a9:18:fc:0b:
                    98:bb:42:03:a6:48:e7:8d:6f:b4:4d:51:11:89:65:
                    89:10:f3:33:e6:da:1e:43:8b:ba:24:68:a4:13:10:
                    a8:5a:75:72:44:69:a2:52:d9:bf:b7:3f:9e:ab:90:
                    63:3a:0a:20:b9:f3:ec:0b:5f:ca:de:9f:45:26:9b:
                    4f:b3:28:2c:b0:f2:cd:08:bc:43:13:68:bc:4d:89:
                    01:2e:80:c6:62:96:0c:e7:44:e4:a5:3a:2a:af:7a:
                    e5:3e:8d:f7:2b:c1:fa:25:ee:4c:97:af:1c:ae:be:
                    cd:a1:48:04:04:88:ab:3c:06:87:60:db:24:b8:c0:
                    b5:06:1e:9d:5e:94:8b:db:a1:0e:72:80:0c:3b:54:
                    ca:aa:c0:3c:51:e3:a3:e2:45:2c:6e:58:96:37:d7:
                    e9:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:96:CC:C6:8B:D2:1B:1B:63:11:E2:72:43:01:78:A1:EB:8C:D9:F2
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/655eb118-9f64-44b3-9207-2b6891960d1c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  44.192.0.0/10

    Signature Algorithm: sha256WithRSAEncryption
         be:63:f3:14:e6:56:f1:b5:3b:4e:08:0c:f4:9c:75:b2:cf:12:
         f4:3b:d8:bd:12:b7:a5:7d:da:8f:3f:84:e2:3f:1f:d5:bd:0c:
         39:10:26:bd:8d:fc:a6:21:47:8f:83:d0:1c:3a:03:00:c7:e5:
         7f:93:e2:62:44:70:81:fc:1f:63:84:c8:48:80:24:5e:85:83:
         e7:e9:20:9e:51:f9:82:ae:c8:0a:dc:16:04:df:53:ba:51:cd:
         61:b7:21:39:5c:b5:5a:59:c9:ea:24:07:92:26:9b:68:1f:14:
         08:3f:6f:d0:5a:ba:3d:29:d0:be:4e:6d:1b:4f:0d:79:00:14:
         89:17:96:28:59:fc:37:19:ca:f0:81:1e:6d:9e:5a:8f:64:15:
         da:9f:11:15:1c:4f:66:e0:cb:1e:1b:21:d8:5a:04:16:53:9a:
         ff:9c:bd:63:ab:a7:21:73:43:26:e8:ee:43:bb:50:4d:16:36:
         d4:82:1a:85:a6:49:cf:66:50:f1:df:91:f2:6a:c3:d8:40:6f:
         6d:64:25:33:96:e4:50:0a:d5:e7:52:48:6e:e0:15:31:ea:31:
         96:a0:8e:26:cc:b9:86:40:ee:cb:7d:8b:4f:43:0f:e2:22:8e:
         bd:7b:80:13:4c:32:ed:87:a7:4f:ba:f8:c5:30:09:94:4f:b5:
         9d:64:d1:3e
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUH5xbSAKoZa/f3eSP5yusnsbRl0kwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE5MDAwMDAwWhcNMjQwNDIzMjM1OTU5
WjB6MUkwRwYDVQQFE0A0NGViOTNkZmE3NmM0MmIyYzUxZDA4NmVjYWQ1YjcxNTdm
NDBlMjY5NjYwZmI2MzhlOTE1NDFlZTA5MmI3ZTRmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC4rtv72aTgKGKpjTwNQbcTsySeRWw3A4WNgFdqnQgF9DwO
2IrxLLJxWJJ2yBFMB1NCALBZXOk2ZDaTI8cCQouqHeKZ2vbu7QzvU0Qef39S9AZY
yJpyUGgo9PolG+vWp4ayGg6UqRj8C5i7QgOmSOeNb7RNURGJZYkQ8zPm2h5Di7ok
aKQTEKhadXJEaaJS2b+3P56rkGM6CiC58+wLX8ren0Umm0+zKCyw8s0IvEMTaLxN
iQEugMZilgznROSlOiqveuU+jfcrwfol7kyXrxyuvs2hSAQEiKs8Bodg2yS4wLUG
Hp1elIvboQ5ygAw7VMqqwDxR46PiRSxuWJY31+mPAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUqZbMxovSGxtjEeJyQwF4oeuM2fIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzY1NWViMTE4LTlmNjQtNDRiMy05MjA3LTJiNjg5MTk2MGQxYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwYswDANBgkqhkiG9w0BAQsFAAOCAQEAvmPzFOZW8bU7TggM9Jx1ss8S9DvY
vRK3pX3ajz+E4j8f1b0MORAmvY38piFHj4PQHDoDAMflf5PiYkRwgfwfY4TISIAk
XoWD5+kgnlH5gq7ICtwWBN9TulHNYbchOVy1WlnJ6iQHkiabaB8UCD9v0Fq6PSnQ
vk5tG08NeQAUiReWKFn8NxnK8IEebZ5aj2QV2p8RFRxPZuDLHhsh2FoEFlOa/5y9
Y6unIXNDJujuQ7tQTRY21IIahaZJz2ZQ8d+R8mrD2EBvbWQlM5bkUArV51JIbuAV
MeoxlqCOJsy5hkDuy32LT0MP4iKOvXuAE0wy7YenT7r4xTAJlE+1nWTRPg==
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:36:59 2024 by rpki-client on console-fra.rpki-client.org