Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6c01e197-1c70-4d30-8eb0-5e820800b804.roa
File:                     6c01e197-1c70-4d30-8eb0-5e820800b804.roa (raw, json)
Hash identifier:          XPUq/Ipt7QtyfkZlwspH3CIIHMQrAUsUxUZJyVCPCA8=
Subject key identifier:   DB:EB:17:4D:AC:EC:6A:D7:9F:81:48:BF:A0:4C:B8:BC:52:B8:0A:EE
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       6D983CB0DBC92B470072E92896F0E3596D7C0124
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6c01e197-1c70-4d30-8eb0-5e820800b804.roa
Signing time:             Tue 19 Mar 2024 00:00:00 +0000
ROA not before:           Tue 19 Mar 2024 00:00:00 +0000
ROA not after:            Tue 23 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f00:1000::/40 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 29 Mar 2024 12:02:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6d:98:3c:b0:db:c9:2b:47:00:72:e9:28:96:f0:e3:59:6d:7c:01:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 19 00:00:00 2024 GMT
            Not After : Apr 23 23:59:59 2024 GMT
        Subject: serialNumber=a788ad8d2ba52c7c90b8d71da38b9816deaec874f9a4fc734abd6936abe808b8, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:e2:2c:9c:1d:74:22:46:2d:23:7f:d1:b7:86:
                    da:ff:27:74:7d:f0:27:c0:89:9c:c4:5d:5b:ef:59:
                    96:76:d9:a2:c0:14:96:7e:e7:14:33:3f:b7:2c:2d:
                    62:09:c4:b2:95:f8:fe:53:d0:ea:33:78:55:75:09:
                    ce:44:29:78:d9:85:98:25:82:96:46:b2:8d:a2:a6:
                    4c:75:fc:1a:e6:9b:60:07:fc:50:f9:d1:1d:6a:df:
                    70:d0:2e:48:d6:bf:1d:02:b9:88:cb:15:22:da:31:
                    64:3b:96:45:00:73:d2:86:c5:65:42:8d:0b:8d:4f:
                    e2:27:b6:12:29:a3:1b:fa:a8:d6:14:47:db:f7:a1:
                    ae:03:37:b7:cd:86:37:44:16:c5:e6:3e:03:b9:6f:
                    09:2c:0d:55:15:7e:ee:eb:4f:5a:d7:be:9b:04:a9:
                    8d:74:b4:d8:cd:c3:50:d8:70:3d:39:3c:78:7e:55:
                    4a:2c:4d:99:3c:14:14:d0:46:d8:02:15:f2:3d:7b:
                    83:01:d7:cf:19:93:0f:e3:ed:56:22:54:e3:1b:fd:
                    cd:0e:37:c8:90:c4:1c:8b:bc:4c:47:28:7e:64:14:
                    be:db:cc:af:8f:8a:01:ca:2c:4a:d0:31:34:36:25:
                    80:19:f6:a6:92:e9:27:7c:f1:c2:b9:02:ef:a7:45:
                    eb:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:EB:17:4D:AC:EC:6A:D7:9F:81:48:BF:A0:4C:B8:BC:52:B8:0A:EE
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6c01e197-1c70-4d30-8eb0-5e820800b804.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f00:1000::/40

    Signature Algorithm: sha256WithRSAEncryption
         d8:7c:e0:5c:25:1c:32:f1:17:49:bb:ea:f3:f3:8d:50:14:77:
         fe:6e:07:4d:76:b2:65:6c:f8:4b:2f:91:16:bf:27:54:6e:98:
         10:6d:c6:4d:f6:26:92:61:1f:78:e9:b7:41:8a:fd:9c:70:a0:
         29:9a:95:d5:52:3d:1c:82:dd:98:cc:9a:df:0e:35:6a:be:e1:
         fb:c4:97:d8:70:59:30:11:2a:0f:29:5f:04:93:ea:7f:7d:25:
         e4:91:55:a2:48:e2:2e:e7:0a:4f:63:f8:2c:61:98:32:03:70:
         84:4a:10:d9:b5:a5:41:a2:88:75:aa:0c:30:63:b9:a0:9b:ae:
         3b:68:8d:93:bd:f7:65:1d:ac:ab:3b:2b:d5:83:a5:1f:db:7f:
         90:66:02:e5:04:ef:96:8b:d0:1b:10:52:4c:a4:f5:64:64:43:
         56:96:a6:9a:82:95:a9:52:cd:0b:c0:9b:82:b1:9d:a5:88:08:
         e2:b6:2e:7e:ea:28:39:84:ee:df:af:03:ed:7a:3d:7a:03:0e:
         9f:1e:0e:67:a7:9d:58:41:dd:9d:41:97:b4:ed:08:37:76:1a:
         52:5e:d8:16:58:4b:66:f4:0e:3e:58:71:60:a0:85:5c:4f:4f:
         3b:56:29:b8:9f:dc:40:04:d7:de:7c:db:50:76:e1:ce:0c:4d:
         ad:fb:99:fb
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUbZg8sNvJK0cAcukolvDjWW18ASQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE5MDAwMDAwWhcNMjQwNDIzMjM1OTU5
WjB6MUkwRwYDVQQFE0BhNzg4YWQ4ZDJiYTUyYzdjOTBiOGQ3MWRhMzhiOTgxNmRl
YWVjODc0ZjlhNGZjNzM0YWJkNjkzNmFiZTgwOGI4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC+4iycHXQiRi0jf9G3htr/J3R98CfAiZzEXVvvWZZ22aLA
FJZ+5xQzP7csLWIJxLKV+P5T0OozeFV1Cc5EKXjZhZglgpZGso2ipkx1/Brmm2AH
/FD50R1q33DQLkjWvx0CuYjLFSLaMWQ7lkUAc9KGxWVCjQuNT+InthIpoxv6qNYU
R9v3oa4DN7fNhjdEFsXmPgO5bwksDVUVfu7rT1rXvpsEqY10tNjNw1DYcD05PHh+
VUosTZk8FBTQRtgCFfI9e4MB188Zkw/j7VYiVOMb/c0ON8iQxByLvExHKH5kFL7b
zK+PigHKLErQMTQ2JYAZ9qaS6Sd88cK5Au+nRes/AgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQU2+sXTazsatefgUi/oEy4vFK4Cu4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzZjMDFlMTk3LTFjNzAtNGQzMC04ZWIwLTVlODIwODAwYjgwNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB8AEDANBgkqhkiG9w0BAQsFAAOCAQEA2HzgXCUcMvEXSbvq8/ONUBR3
/m4HTXayZWz4Sy+RFr8nVG6YEG3GTfYmkmEfeOm3QYr9nHCgKZqV1VI9HILdmMya
3w41ar7h+8SX2HBZMBEqDylfBJPqf30l5JFVokjiLucKT2P4LGGYMgNwhEoQ2bWl
QaKIdaoMMGO5oJuuO2iNk733ZR2sqzsr1YOlH9t/kGYC5QTvlovQGxBSTKT1ZGRD
VpammoKVqVLNC8CbgrGdpYgI4rYufuooOYTu368D7Xo9egMOnx4OZ6edWEHdnUGX
tO0IN3YaUl7YFlhLZvQOPlhxYKCFXE9PO1YpuJ/cQATX3nzbUHbhzgxNrfuZ+w==
-----END CERTIFICATE-----
Generated at Thu Mar 28 02:05:29 2024 by rpki-client on console-ams.rpki-client.org