Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/65f36925-4ac2-4995-b3b2-b00a686181ce.roa
File:                     65f36925-4ac2-4995-b3b2-b00a686181ce.roa (raw, json)
Hash identifier:          1DHyxd551RW+NRsGVg51CijaHvmxBnF9rwUgke5c4A4=
Subject key identifier:   20:43:E2:F3:E5:AB:97:68:FB:80:AB:1F:28:5F:14:4D:3D:47:79:5B
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       4E93E93D6CC0F39E123B28110927F7E2788FFBEE
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/65f36925-4ac2-4995-b3b2-b00a686181ce.roa
Signing time:             Tue 19 Mar 2024 00:00:00 +0000
ROA not before:           Tue 19 Mar 2024 00:00:00 +0000
ROA not after:            Tue 23 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        99.78.200.0/21 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 30 Mar 2024 12:04:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4e:93:e9:3d:6c:c0:f3:9e:12:3b:28:11:09:27:f7:e2:78:8f:fb:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 19 00:00:00 2024 GMT
            Not After : Apr 23 23:59:59 2024 GMT
        Subject: serialNumber=4236e0ebea7eebf634d3cdcc6b4a7c80721348201535d554ba38abe0297fcab7, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:e1:16:c5:b5:cd:49:f3:1a:94:34:9c:61:ff:
                    ca:f5:f3:e0:a8:d4:19:e2:3e:26:a5:c4:f0:dc:62:
                    f0:9b:e6:e1:6b:39:4f:eb:ea:ed:58:2a:8c:25:79:
                    65:80:86:74:3f:c4:b5:9b:d6:21:ec:f5:a4:c9:5b:
                    4a:0b:38:40:8c:99:cf:75:b6:df:32:ac:71:68:ad:
                    3f:ef:62:a5:a2:2d:7f:82:a3:c7:b6:80:ca:ef:7f:
                    2c:1c:81:65:09:38:36:d4:7d:30:6b:10:d5:62:02:
                    d0:9d:7f:cc:d4:74:c5:79:1e:6f:c0:55:76:4e:3e:
                    77:94:91:d8:bd:ca:bb:8f:d3:5f:4f:ce:0e:ec:fe:
                    03:0f:29:c6:a4:ab:20:e7:d9:72:e8:71:fb:25:e9:
                    ca:15:e8:bd:72:87:ee:dc:a8:65:98:ca:0c:2d:49:
                    96:aa:69:3c:ea:cf:72:60:1b:9e:05:f3:7a:8c:17:
                    17:da:07:27:a0:67:c7:b3:43:8f:6d:ab:f9:45:c2:
                    a8:a1:77:c2:f2:80:a1:32:20:2a:64:48:f5:7e:58:
                    96:d5:a2:1b:04:c4:29:e7:be:51:51:8c:4d:a0:d9:
                    f0:b5:11:b1:35:d0:7e:b1:18:a3:a6:ab:99:53:a4:
                    02:92:35:a9:a8:40:8f:9f:ab:38:89:72:28:9a:e3:
                    de:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:43:E2:F3:E5:AB:97:68:FB:80:AB:1F:28:5F:14:4D:3D:47:79:5B
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/65f36925-4ac2-4995-b3b2-b00a686181ce.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.78.200.0/21

    Signature Algorithm: sha256WithRSAEncryption
         ce:aa:44:ad:20:fb:87:42:85:68:6f:a3:18:f2:61:c9:60:cf:
         d3:8c:32:06:b8:f5:6f:04:fc:98:00:f9:a0:66:01:9b:9e:bd:
         f7:e8:48:45:db:f2:91:99:58:a0:b8:4f:00:e2:d7:9d:fb:52:
         4b:22:0d:02:6e:0b:69:aa:8c:93:51:39:7a:f7:f9:c1:de:27:
         ba:a3:a4:fc:c7:30:f6:0d:5e:57:2f:63:fb:69:23:74:1c:f8:
         34:93:45:dc:ed:21:a5:a2:be:da:50:43:40:e0:54:71:ce:4e:
         19:c6:f0:7b:63:1c:ff:1f:eb:0a:27:1a:c3:98:d0:91:a6:65:
         84:9d:76:91:d6:3d:e0:75:a4:42:6a:37:20:06:8e:9d:61:14:
         3f:3b:59:ec:87:6b:71:8b:76:2c:7f:87:28:4e:03:fb:7c:81:
         d7:9c:77:6f:e9:8b:ce:ad:f7:23:94:63:f9:cf:60:fe:86:1f:
         88:75:8d:f6:59:2c:7a:7b:ba:be:03:d2:60:a3:12:42:67:1f:
         2e:3e:e1:55:64:5b:ea:61:9d:69:da:58:5a:4a:e8:ab:4b:22:
         f2:46:c6:fa:d9:80:f9:a9:57:fe:c5:e1:15:42:81:4b:4b:dc:
         e7:3b:18:55:42:1c:ae:99:3b:88:37:f7:3e:6f:4a:08:64:74:
         aa:90:b7:88
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUTpPpPWzA854SOygRCSf34niP++4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE5MDAwMDAwWhcNMjQwNDIzMjM1OTU5
WjB6MUkwRwYDVQQFE0A0MjM2ZTBlYmVhN2VlYmY2MzRkM2NkY2M2YjRhN2M4MDcy
MTM0ODIwMTUzNWQ1NTRiYTM4YWJlMDI5N2ZjYWI3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCT4RbFtc1J8xqUNJxh/8r18+Co1BniPialxPDcYvCb5uFr
OU/r6u1YKowleWWAhnQ/xLWb1iHs9aTJW0oLOECMmc91tt8yrHForT/vYqWiLX+C
o8e2gMrvfywcgWUJODbUfTBrENViAtCdf8zUdMV5Hm/AVXZOPneUkdi9yruP019P
zg7s/gMPKcakqyDn2XLocfsl6coV6L1yh+7cqGWYygwtSZaqaTzqz3JgG54F83qM
FxfaByegZ8ezQ49tq/lFwqihd8LygKEyICpkSPV+WJbVohsExCnnvlFRjE2g2fC1
EbE10H6xGKOmq5lTpAKSNamoQI+fqziJciia494xAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUIEPi8+Wrl2j7gKsfKF8UTT1HeVswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzY1ZjM2OTI1LTRhYzItNDk5NS1iM2IyLWIwMGE2ODYxODFjZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBANjTsgwDQYJKoZIhvcNAQELBQADggEBAM6qRK0g+4dChWhvoxjyYclgz9OM
Mga49W8E/JgA+aBmAZuevffoSEXb8pGZWKC4TwDi1537UksiDQJuC2mqjJNROXr3
+cHeJ7qjpPzHMPYNXlcvY/tpI3Qc+DSTRdztIaWivtpQQ0DgVHHOThnG8HtjHP8f
6wonGsOY0JGmZYSddpHWPeB1pEJqNyAGjp1hFD87WeyHa3GLdix/hyhOA/t8gdec
d2/pi86t9yOUY/nPYP6GH4h1jfZZLHp7ur4D0mCjEkJnHy4+4VVkW+phnWnaWFpK
6KtLIvJGxvrZgPmpV/7F4RVCgUtL3Oc7GFVCHK6ZO4g39z5vSghkdKqQt4g=
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:17:15 2024 by rpki-client on console-ams.rpki-client.org