Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/811fca13-b40a-4fb1-bc7c-6c599637fd2d.roa
File:                     811fca13-b40a-4fb1-bc7c-6c599637fd2d.roa (raw, json)
Hash identifier:          NhH1RSIOJEnSjaW3mQfGHGEb6YmqWxFFziExQKrDAjA=
Subject key identifier:   05:2F:7A:0E:1C:95:B9:DA:DC:5A:FD:EC:2C:D8:E8:42:B6:0D:54:9D
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       564DA7D105E4B11E44ED9FC00B98847F2BDB41A8
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/811fca13-b40a-4fb1-bc7c-6c599637fd2d.roa
Signing time:             Tue 19 Mar 2024 00:00:00 +0000
ROA not before:           Tue 19 Mar 2024 00:00:00 +0000
ROA not after:            Tue 23 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        16.92.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 30 Mar 2024 12:04:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            56:4d:a7:d1:05:e4:b1:1e:44:ed:9f:c0:0b:98:84:7f:2b:db:41:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 19 00:00:00 2024 GMT
            Not After : Apr 23 23:59:59 2024 GMT
        Subject: serialNumber=694f5fc953211ab639fabdf0dbe1d4eeeb117ac88f44c8349eb92f3d6882ebe8, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:ed:55:c4:8d:7e:cd:c0:f3:fe:51:63:c7:34:
                    8c:c7:8f:46:38:2a:19:cb:b7:ce:4c:d6:24:ef:31:
                    ee:70:6d:27:3c:ae:41:4b:ba:02:04:97:af:ee:71:
                    ee:ac:46:ac:4f:4b:1e:1c:66:a8:38:2b:7a:f7:46:
                    01:35:37:36:b4:fc:a4:21:2d:d9:5f:83:80:6d:e3:
                    63:2d:6b:fe:35:64:81:4d:5d:df:5e:89:e1:18:c1:
                    a1:67:ad:78:1f:02:50:9f:51:02:cb:6f:1c:a0:5e:
                    e5:3f:8d:95:78:28:b1:a0:fa:48:b7:53:dc:20:8a:
                    db:73:19:39:0c:ba:4c:ce:a0:14:08:06:aa:f6:e8:
                    05:78:be:67:ca:1f:a2:4f:b6:80:b7:c3:98:72:91:
                    e9:4b:35:b7:63:88:6a:74:ba:e0:af:ae:6e:c5:6a:
                    5b:53:9b:1e:eb:e8:40:07:77:c2:3c:b3:84:19:e7:
                    7f:3d:22:56:17:ef:6b:e7:b9:67:24:3f:d9:fb:a4:
                    94:7d:88:44:ea:b9:a2:b3:88:95:98:8d:7e:4d:86:
                    8e:0b:d6:f7:d5:7c:8d:87:91:db:87:3e:ec:1f:bf:
                    42:13:46:4f:23:61:f5:65:9f:df:7b:bc:a2:d4:24:
                    e3:c4:75:85:c7:b7:80:d4:eb:a8:61:5a:e5:2b:47:
                    9f:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:2F:7A:0E:1C:95:B9:DA:DC:5A:FD:EC:2C:D8:E8:42:B6:0D:54:9D
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/811fca13-b40a-4fb1-bc7c-6c599637fd2d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.92.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         28:3c:66:07:f9:ee:e0:e7:88:8b:82:c1:a8:6c:d0:0f:29:2d:
         ba:f7:ea:95:89:a1:15:13:b8:48:3c:10:eb:88:7e:93:84:4d:
         4f:31:8f:91:07:68:4c:f2:1d:f4:c8:e1:cb:e8:62:b8:27:83:
         cf:6a:46:92:6f:45:c4:19:eb:f9:c4:43:70:e7:8c:a2:fc:d1:
         7d:14:fa:a4:b1:99:ec:4a:5f:85:d3:34:cf:36:8e:b9:4d:e0:
         11:eb:66:3d:5a:61:b4:50:26:c5:e6:bf:62:22:b8:32:2d:21:
         63:b8:79:ed:0e:82:18:f3:bd:29:5c:26:87:c8:79:d3:26:4d:
         2a:06:4c:b4:21:91:2e:65:cf:03:23:88:7a:61:4d:75:23:a0:
         99:6b:06:16:ce:fa:b3:3f:f7:12:d7:ab:18:28:15:99:80:2b:
         59:30:cf:30:96:f6:74:32:f1:f9:20:2b:99:2f:f2:e1:45:fa:
         82:0e:81:0a:00:f5:bf:e3:47:ba:1e:81:a3:61:78:a4:7f:89:
         66:c7:fd:0f:a0:8c:71:3a:4f:4c:16:4a:28:1f:3b:7b:cb:b9:
         3c:7d:f0:ba:1b:82:c1:0c:30:6d:4e:49:4f:e4:88:18:cc:75:
         65:e2:70:d9:14:94:e1:8d:a1:4f:98:5e:3a:10:ee:21:81:57:
         e7:a8:93:98
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUVk2n0QXksR5E7Z/AC5iEfyvbQagwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE5MDAwMDAwWhcNMjQwNDIzMjM1OTU5
WjB6MUkwRwYDVQQFE0A2OTRmNWZjOTUzMjExYWI2MzlmYWJkZjBkYmUxZDRlZWVi
MTE3YWM4OGY0NGM4MzQ5ZWI5MmYzZDY4ODJlYmU4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC07VXEjX7NwPP+UWPHNIzHj0Y4KhnLt85M1iTvMe5wbSc8
rkFLugIEl6/uce6sRqxPSx4cZqg4K3r3RgE1Nza0/KQhLdlfg4Bt42Mta/41ZIFN
Xd9eieEYwaFnrXgfAlCfUQLLbxygXuU/jZV4KLGg+ki3U9wgittzGTkMukzOoBQI
Bqr26AV4vmfKH6JPtoC3w5hykelLNbdjiGp0uuCvrm7FaltTmx7r6EAHd8I8s4QZ
5389IlYX72vnuWckP9n7pJR9iETquaKziJWYjX5Nho4L1vfVfI2HkduHPuwfv0IT
Rk8jYfVln997vKLUJOPEdYXHt4DU66hhWuUrR58JAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUBS96DhyVudrcWv3sLNjoQrYNVJ0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzgxMWZjYTEzLWI0MGEtNGZiMS1iYzdjLTZjNTk5NjM3ZmQyZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQXDANBgkqhkiG9w0BAQsFAAOCAQEAKDxmB/nu4OeIi4LBqGzQDyktuvfq
lYmhFRO4SDwQ64h+k4RNTzGPkQdoTPId9Mjhy+hiuCeDz2pGkm9FxBnr+cRDcOeM
ovzRfRT6pLGZ7EpfhdM0zzaOuU3gEetmPVphtFAmxea/YiK4Mi0hY7h57Q6CGPO9
KVwmh8h50yZNKgZMtCGRLmXPAyOIemFNdSOgmWsGFs76sz/3EterGCgVmYArWTDP
MJb2dDLx+SArmS/y4UX6gg6BCgD1v+NHuh6Bo2F4pH+JZsf9D6CMcTpPTBZKKB87
e8u5PH3wuhuCwQwwbU5JT+SIGMx1ZeJw2RSU4Y2hT5heOhDuIYFX56iTmA==
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:37:06 2024 by rpki-client on console-fra.rpki-client.org