Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6fcd84a1-3134-4005-9224-b48d476c9564.roa
File:                     6fcd84a1-3134-4005-9224-b48d476c9564.roa (raw, json)
Hash identifier:          lLPJ4W8N3MN62L6yf3H2MKzk8MIqaqPnW3DDb6ufMAc=
Subject key identifier:   12:67:8E:62:D0:EB:17:0D:E9:95:E1:9B:60:44:03:1D:60:FA:77:D7
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       17A42CAAB87E2B9619515015A2ADCE3A8A7B1E85
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6fcd84a1-3134-4005-9224-b48d476c9564.roa
Signing time:             Tue 19 Mar 2024 00:00:00 +0000
ROA not before:           Tue 19 Mar 2024 00:00:00 +0000
ROA not after:            Tue 23 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        64.252.113.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 29 Mar 2024 12:02:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            17:a4:2c:aa:b8:7e:2b:96:19:51:50:15:a2:ad:ce:3a:8a:7b:1e:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 19 00:00:00 2024 GMT
            Not After : Apr 23 23:59:59 2024 GMT
        Subject: serialNumber=5e34daec67c00d699ce531ff8b538a280107f1e351c1fa725c0c063b71b4f7bf, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:c0:3b:61:48:66:8b:7b:2a:e8:34:98:3e:82:
                    22:74:7a:6e:da:07:43:f6:5c:12:39:81:bf:2c:be:
                    7b:af:01:f8:ea:e7:53:03:11:90:1a:03:85:5d:d7:
                    d0:89:b5:78:63:ea:0a:ca:7f:f0:69:1b:32:92:fa:
                    29:f1:d9:35:b5:bc:96:06:66:04:c0:10:3b:9e:fc:
                    fc:ce:1a:25:ed:b6:e4:73:79:1d:1e:05:81:9f:46:
                    91:4d:2d:d1:50:47:dc:30:b4:b6:d8:a4:9a:7a:86:
                    b8:78:63:42:0f:64:82:b2:85:17:19:d5:24:38:48:
                    90:b5:73:11:7b:79:47:2f:ae:01:ea:96:ea:74:5c:
                    8c:ee:00:81:31:35:f7:9a:63:5f:07:34:33:07:a7:
                    b7:6d:2d:b1:00:6b:d1:a4:e7:7e:f4:6d:04:d1:62:
                    de:46:82:fd:aa:c2:0c:97:13:7d:70:47:84:5d:6e:
                    53:fa:c0:3d:ec:7a:f2:9e:65:e6:58:7c:de:39:6e:
                    47:ba:1d:ee:04:a8:5a:22:cb:d4:46:8b:23:ba:9b:
                    37:70:e0:8e:99:16:7b:94:47:d6:d5:7f:22:43:94:
                    3d:12:44:4b:d7:a4:ab:82:a2:96:8d:2e:6b:a6:7d:
                    cc:65:14:32:6a:3b:2b:68:bb:0f:f0:8f:ec:6e:a5:
                    0e:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:67:8E:62:D0:EB:17:0D:E9:95:E1:9B:60:44:03:1D:60:FA:77:D7
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6fcd84a1-3134-4005-9224-b48d476c9564.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  64.252.113.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c3:18:92:11:d1:90:2f:8e:f9:2e:d1:0f:2f:7d:f0:af:8c:3f:
         ef:55:15:1c:5c:c2:05:b1:07:1d:05:c0:6e:6c:0f:4a:ae:dd:
         38:d4:98:2f:d0:ec:a5:ee:f3:29:a0:5e:8e:18:48:ec:dd:1f:
         fc:e2:97:0e:5e:cb:7a:ce:44:82:b9:e7:4d:00:50:de:b1:fc:
         35:d6:46:25:72:5e:7e:5f:51:a6:6d:61:34:dd:65:23:7e:99:
         54:d3:93:ed:d4:d2:8d:d9:c5:71:3a:11:4c:40:1b:7d:4f:85:
         92:7a:c9:fc:51:af:80:1c:51:ab:44:92:62:03:44:15:53:f0:
         92:21:ad:1f:cc:cb:0a:e9:7a:02:38:5a:80:b5:b0:f7:6c:4b:
         9b:fe:f4:ab:fd:b4:63:f0:c6:e5:1e:32:a8:8b:99:15:c9:be:
         0d:12:39:62:5f:fe:2f:32:5a:00:73:19:ba:3c:a5:6b:33:ca:
         db:e5:89:68:ff:9e:bb:b2:72:ff:f3:fb:1f:ee:0f:b6:31:b7:
         fe:75:32:e9:02:f5:ba:50:c6:ab:44:40:17:92:4b:97:5d:4d:
         cf:e9:71:e1:83:ef:6e:ec:4c:38:66:50:c0:7b:31:d2:0a:a5:
         d1:3f:f6:f9:7f:01:b3:44:8e:89:8f:f7:db:92:67:dd:a1:60:
         35:00:10:fd
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUF6Qsqrh+K5YZUVAVoq3OOop7HoUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE5MDAwMDAwWhcNMjQwNDIzMjM1OTU5
WjB6MUkwRwYDVQQFE0A1ZTM0ZGFlYzY3YzAwZDY5OWNlNTMxZmY4YjUzOGEyODAx
MDdmMWUzNTFjMWZhNzI1YzBjMDYzYjcxYjRmN2JmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCcwDthSGaLeyroNJg+giJ0em7aB0P2XBI5gb8svnuvAfjq
51MDEZAaA4Vd19CJtXhj6grKf/BpGzKS+inx2TW1vJYGZgTAEDue/PzOGiXttuRz
eR0eBYGfRpFNLdFQR9wwtLbYpJp6hrh4Y0IPZIKyhRcZ1SQ4SJC1cxF7eUcvrgHq
lup0XIzuAIExNfeaY18HNDMHp7dtLbEAa9Gk5370bQTRYt5Ggv2qwgyXE31wR4Rd
blP6wD3sevKeZeZYfN45bke6He4EqFoiy9RGiyO6mzdw4I6ZFnuUR9bVfyJDlD0S
REvXpKuCopaNLmumfcxlFDJqOytouw/wj+xupQ5rAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUEmeOYtDrFw3pleGbYEQDHWD6d9cwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzZmY2Q4NGExLTMxMzQtNDAwNS05MjI0LWI0OGQ0NzZjOTU2NC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABA/HEwDQYJKoZIhvcNAQELBQADggEBAMMYkhHRkC+O+S7RDy998K+MP+9V
FRxcwgWxBx0FwG5sD0qu3TjUmC/Q7KXu8ymgXo4YSOzdH/zilw5ey3rORIK5500A
UN6x/DXWRiVyXn5fUaZtYTTdZSN+mVTTk+3U0o3ZxXE6EUxAG31PhZJ6yfxRr4Ac
UatEkmIDRBVT8JIhrR/MywrpegI4WoC1sPdsS5v+9Kv9tGPwxuUeMqiLmRXJvg0S
OWJf/i8yWgBzGbo8pWszytvliWj/nruycv/z+x/uD7Yxt/51MukC9bpQxqtEQBeS
S5ddTc/pceGD727sTDhmUMB7MdIKpdE/9vl/AbNEjomP99uSZ92hYDUAEP0=
-----END CERTIFICATE-----
Generated at Thu Mar 28 01:00:06 2024 by rpki-client on console-fra.rpki-client.org