Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6fd734d0-d1b1-4ced-9a1d-bd41125f450a.roa
File:                     6fd734d0-d1b1-4ced-9a1d-bd41125f450a.roa (raw, json)
Hash identifier:          nkQO9kAOfdELoi0JSFyLPS4LS3Q5ImNh7V5JBe7H/cU=
Subject key identifier:   CD:DE:EF:C4:5A:C1:5F:29:20:EE:B1:D3:A9:2D:11:89:A7:D2:84:0E
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       20720A1E19DD3906674B472E26608A56CC8BFEA1
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6fd734d0-d1b1-4ced-9a1d-bd41125f450a.roa
Signing time:             Tue 19 Mar 2024 00:00:00 +0000
ROA not before:           Tue 19 Mar 2024 00:00:00 +0000
ROA not after:            Tue 23 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        64.252.74.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 30 Mar 2024 12:04:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            20:72:0a:1e:19:dd:39:06:67:4b:47:2e:26:60:8a:56:cc:8b:fe:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 19 00:00:00 2024 GMT
            Not After : Apr 23 23:59:59 2024 GMT
        Subject: serialNumber=b646323bb5221433637cd236217ca86a596653ff053e29dd4c6e21c1f381843f, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:5d:b3:2c:f8:b0:b1:f1:92:65:31:00:2a:42:
                    a1:36:b5:61:ce:ef:7d:c9:1b:3b:2d:85:c4:90:08:
                    50:1b:78:89:9b:2b:8b:e0:5e:3f:6f:81:a7:94:90:
                    88:71:d6:2d:51:22:42:e6:11:b7:18:3e:7b:55:70:
                    84:40:89:dd:9f:db:49:cd:15:62:1a:d2:e7:9a:70:
                    2f:e4:8b:47:a1:0f:3d:e0:6c:32:93:1e:cc:3f:8b:
                    5b:44:90:28:c7:86:0e:6e:21:8f:0f:52:dc:f7:d5:
                    ff:43:46:ab:e6:d6:77:37:b7:a1:ac:c9:b3:78:c5:
                    83:3b:26:9d:6f:ae:f4:8a:66:f2:a9:96:49:a2:bb:
                    14:5f:4e:42:f2:b0:73:3f:66:7c:a7:88:00:b0:94:
                    0e:94:a4:34:8f:14:6d:61:c1:ea:35:44:02:2f:d4:
                    a9:be:35:d3:fc:b6:68:4c:7a:8c:58:a9:f3:2a:b7:
                    f4:53:a0:0f:75:fd:cf:60:d6:a9:17:c0:b5:15:32:
                    fa:a3:a1:6c:74:1e:df:80:25:ef:ae:6c:3d:e4:c8:
                    07:50:77:bf:fe:ba:46:0a:48:10:1d:59:24:22:78:
                    6c:87:71:80:9d:e4:a0:9d:75:58:4e:ca:15:88:79:
                    af:d4:37:dc:e4:77:c2:f2:e1:e6:7a:92:a5:7f:1e:
                    91:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:DE:EF:C4:5A:C1:5F:29:20:EE:B1:D3:A9:2D:11:89:A7:D2:84:0E
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6fd734d0-d1b1-4ced-9a1d-bd41125f450a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  64.252.74.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4b:63:da:36:c6:7a:01:82:ba:0d:06:a7:9e:9a:ca:46:93:b8:
         69:0b:36:ea:76:89:93:f6:99:c0:b5:cb:fd:92:2f:33:a5:38:
         fa:5e:85:7c:01:88:6f:fe:92:44:ea:58:8c:8d:e6:9a:cf:8f:
         13:fd:bb:1c:12:89:e0:d2:7d:ab:4f:9b:9e:21:65:79:61:de:
         71:cd:f7:e2:61:8e:2e:8e:be:76:43:e4:37:1b:7d:3f:03:35:
         2d:32:b0:d3:9e:dc:bc:d4:98:55:b6:31:4e:07:d4:36:68:c9:
         e6:b2:a1:5a:db:73:6e:27:fe:b2:78:a8:2f:04:c2:7c:4f:c6:
         3a:96:bb:94:8e:13:08:44:b4:f0:56:76:47:5d:cf:61:6d:a5:
         5b:fa:b5:0a:75:f4:24:6c:d0:a6:78:c3:0c:a8:89:89:40:18:
         9f:cc:4e:c3:83:c5:ad:b5:bb:09:9e:5e:46:4d:6a:6f:fb:28:
         1d:27:ec:b3:da:b3:cf:06:9d:b7:f6:26:17:a4:32:e7:da:f9:
         30:dd:6a:25:c4:8d:df:63:34:7a:8b:53:6f:9c:61:01:49:44:
         e6:9b:cd:3a:49:e1:da:8a:fb:b6:00:6f:d5:9c:86:19:32:7e:
         03:bd:f9:86:46:48:c2:ef:43:7c:bd:33:65:4e:f2:3b:af:fd:
         25:3b:41:af
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUIHIKHhndOQZnS0cuJmCKVsyL/qEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE5MDAwMDAwWhcNMjQwNDIzMjM1OTU5
WjB6MUkwRwYDVQQFE0BiNjQ2MzIzYmI1MjIxNDMzNjM3Y2QyMzYyMTdjYTg2YTU5
NjY1M2ZmMDUzZTI5ZGQ0YzZlMjFjMWYzODE4NDNmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDAXbMs+LCx8ZJlMQAqQqE2tWHO733JGzsthcSQCFAbeImb
K4vgXj9vgaeUkIhx1i1RIkLmEbcYPntVcIRAid2f20nNFWIa0ueacC/ki0ehDz3g
bDKTHsw/i1tEkCjHhg5uIY8PUtz31f9DRqvm1nc3t6GsybN4xYM7Jp1vrvSKZvKp
lkmiuxRfTkLysHM/ZnyniACwlA6UpDSPFG1hweo1RAIv1Km+NdP8tmhMeoxYqfMq
t/RToA91/c9g1qkXwLUVMvqjoWx0Ht+AJe+ubD3kyAdQd7/+ukYKSBAdWSQieGyH
cYCd5KCddVhOyhWIea/UN9zkd8Ly4eZ6kqV/HpFRAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUzd7vxFrBXykg7rHTqS0RiafShA4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzZmZDczNGQwLWQxYjEtNGNlZC05YTFkLWJkNDExMjVmNDUwYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABA/EowDQYJKoZIhvcNAQELBQADggEBAEtj2jbGegGCug0Gp56aykaTuGkL
Nup2iZP2mcC1y/2SLzOlOPpehXwBiG/+kkTqWIyN5prPjxP9uxwSieDSfatPm54h
ZXlh3nHN9+Jhji6OvnZD5DcbfT8DNS0ysNOe3LzUmFW2MU4H1DZoyeayoVrbc24n
/rJ4qC8EwnxPxjqWu5SOEwhEtPBWdkddz2FtpVv6tQp19CRs0KZ4wwyoiYlAGJ/M
TsODxa21uwmeXkZNam/7KB0n7LPas88Gnbf2JhekMufa+TDdaiXEjd9jNHqLU2+c
YQFJROabzTpJ4dqK+7YAb9WchhkyfgO9+YZGSMLvQ3y9M2VO8juv/SU7Qa8=
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:37:02 2024 by rpki-client on console-fra.rpki-client.org