Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7608b2e8-d5f7-4bd0-a175-c70a32e97950.roa
File:                     7608b2e8-d5f7-4bd0-a175-c70a32e97950.roa (raw, json)
Hash identifier:          advuMk7t1dzNBC70Fv/0LEpRjJOhmoJBIE6LTfVrVVM=
Subject key identifier:   6A:8F:2C:C0:24:1A:5D:81:0C:E1:3C:B2:6E:7D:19:A4:BB:A8:59:B7
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       2650E2495AD53DEA2C16658C193D5F8602680FBF
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7608b2e8-d5f7-4bd0-a175-c70a32e97950.roa
Signing time:             Tue 19 Mar 2024 00:00:00 +0000
ROA not before:           Tue 19 Mar 2024 00:00:00 +0000
ROA not after:            Tue 23 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        70.224.192.0/18 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 30 Mar 2024 12:04:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            26:50:e2:49:5a:d5:3d:ea:2c:16:65:8c:19:3d:5f:86:02:68:0f:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 19 00:00:00 2024 GMT
            Not After : Apr 23 23:59:59 2024 GMT
        Subject: serialNumber=25ddf894614630c121071290d7305d5e35e53626c3ada334fee67669c038154b, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:90:43:a4:0e:57:20:e8:e9:e0:76:f3:ef:bc:
                    f1:d9:92:9f:f3:b0:d6:f7:7d:4d:20:bc:86:b0:89:
                    1f:5d:64:37:d3:d5:a7:20:4e:ae:41:45:e5:50:12:
                    2f:5b:b0:8d:3e:d7:ef:bb:8a:3d:7e:fe:f4:35:db:
                    eb:1e:70:3c:b4:b5:bf:7e:65:cb:62:a4:92:81:1c:
                    c1:3a:ee:27:8a:e3:7b:36:55:f4:34:f7:a1:ff:6d:
                    90:39:ba:fb:d6:8b:59:aa:1a:87:73:22:60:4b:3a:
                    71:5b:a1:d9:81:d0:82:7b:80:53:ce:2a:24:10:03:
                    d1:aa:0b:fc:3f:ee:1d:55:a4:0b:88:b1:0a:21:e5:
                    ae:59:e2:8f:ee:5d:24:90:a0:73:c8:51:dd:f3:1f:
                    de:42:09:37:96:b1:96:94:76:e3:e3:79:5e:61:ff:
                    9f:6c:01:d6:fb:cd:64:08:af:0b:ac:94:68:19:16:
                    09:cd:c5:ad:2b:46:64:89:d7:e7:f9:41:a1:47:db:
                    80:4a:67:da:cf:50:f6:24:f0:da:c9:1c:0a:bc:b0:
                    26:ed:76:96:1f:0f:1a:cd:1a:cd:9f:a6:47:3c:eb:
                    a0:ce:da:6c:a1:3c:ab:d8:c8:a6:88:c3:34:6f:73:
                    82:91:2a:97:53:1a:67:06:63:05:95:b8:21:9c:ed:
                    41:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:8F:2C:C0:24:1A:5D:81:0C:E1:3C:B2:6E:7D:19:A4:BB:A8:59:B7
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7608b2e8-d5f7-4bd0-a175-c70a32e97950.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  70.224.192.0/18

    Signature Algorithm: sha256WithRSAEncryption
         20:eb:31:8f:89:32:31:34:3a:0f:b6:a2:19:9c:bd:50:ae:68:
         f6:f5:9d:25:87:32:e5:57:58:eb:37:c4:63:b0:16:54:94:02:
         8b:ca:78:08:83:09:05:c1:f0:66:57:18:32:06:11:06:03:b3:
         a3:d0:68:1b:74:2a:b2:6a:82:31:aa:9a:2c:64:46:f4:d6:d2:
         ee:95:eb:69:39:e7:93:3c:69:78:b9:00:8f:10:c9:b8:fe:17:
         39:9a:e6:25:cc:a2:0a:1e:51:c3:da:b6:80:23:2e:74:01:18:
         d3:6c:9d:6a:44:5c:e5:0e:af:bb:52:c7:19:d4:ef:c1:55:11:
         d9:a3:0d:19:7c:29:dc:d0:18:97:65:19:e0:49:b9:98:76:25:
         11:99:06:01:c1:cc:bc:78:ca:80:82:f0:ab:36:09:77:ed:83:
         fc:d8:67:c3:01:72:1c:d8:ae:ed:85:41:d7:26:bf:f7:3b:dd:
         e4:b3:3c:30:7a:9a:15:0d:a8:91:75:aa:b8:63:75:42:9d:0c:
         e8:fe:f7:71:2e:b3:06:5c:e0:87:8f:59:02:68:63:20:60:b2:
         34:eb:11:17:eb:97:79:bd:4a:85:26:97:2d:f4:cc:89:bb:8d:
         5d:6a:91:fe:0f:15:f1:33:73:50:4f:47:09:eb:f4:9b:cc:46:
         53:9b:b0:69
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUJlDiSVrVPeosFmWMGT1fhgJoD78wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE5MDAwMDAwWhcNMjQwNDIzMjM1OTU5
WjB6MUkwRwYDVQQFE0AyNWRkZjg5NDYxNDYzMGMxMjEwNzEyOTBkNzMwNWQ1ZTM1
ZTUzNjI2YzNhZGEzMzRmZWU2NzY2OWMwMzgxNTRiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDjkEOkDlcg6OngdvPvvPHZkp/zsNb3fU0gvIawiR9dZDfT
1acgTq5BReVQEi9bsI0+1++7ij1+/vQ12+secDy0tb9+ZctipJKBHME67ieK43s2
VfQ096H/bZA5uvvWi1mqGodzImBLOnFbodmB0IJ7gFPOKiQQA9GqC/w/7h1VpAuI
sQoh5a5Z4o/uXSSQoHPIUd3zH95CCTeWsZaUduPjeV5h/59sAdb7zWQIrwuslGgZ
FgnNxa0rRmSJ1+f5QaFH24BKZ9rPUPYk8NrJHAq8sCbtdpYfDxrNGs2fpkc866DO
2myhPKvYyKaIwzRvc4KRKpdTGmcGYwWVuCGc7UFzAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUao8swCQaXYEM4Tyybn0ZpLuoWbcwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzc2MDhiMmU4LWQ1ZjctNGJkMC1hMTc1LWM3MGEzMmU5Nzk1MC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAZG4MAwDQYJKoZIhvcNAQELBQADggEBACDrMY+JMjE0Og+2ohmcvVCuaPb1
nSWHMuVXWOs3xGOwFlSUAovKeAiDCQXB8GZXGDIGEQYDs6PQaBt0KrJqgjGqmixk
RvTW0u6V62k555M8aXi5AI8Qybj+Fzma5iXMogoeUcPatoAjLnQBGNNsnWpEXOUO
r7tSxxnU78FVEdmjDRl8KdzQGJdlGeBJuZh2JRGZBgHBzLx4yoCC8Ks2CXftg/zY
Z8MBchzYru2FQdcmv/c73eSzPDB6mhUNqJF1qrhjdUKdDOj+93EuswZc4IePWQJo
YyBgsjTrERfrl3m9SoUmly30zIm7jV1qkf4PFfEzc1BPRwnr9JvMRlObsGk=
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:37:03 2024 by rpki-client on console-fra.rpki-client.org