Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/85de87b1-afc8-4537-b67d-7b26be4a293c.roa
File:                     85de87b1-afc8-4537-b67d-7b26be4a293c.roa (raw, json)
Hash identifier:          OmnbiAioJ4hlmVpFdk5eKNlebU8LuU8XmFkYlSrRQKE=
Subject key identifier:   61:8B:4B:89:7F:ED:3A:0A:02:DC:00:CF:26:D3:A7:83:D8:D4:F6:CF
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       31E1B38EEC8249D4B906AFFACA37103D7C1C0C23
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/85de87b1-afc8-4537-b67d-7b26be4a293c.roa
Signing time:             Tue 19 Mar 2024 00:00:00 +0000
ROA not before:           Tue 19 Mar 2024 00:00:00 +0000
ROA not after:            Tue 23 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        99.77.157.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 30 Mar 2024 12:04:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            31:e1:b3:8e:ec:82:49:d4:b9:06:af:fa:ca:37:10:3d:7c:1c:0c:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 19 00:00:00 2024 GMT
            Not After : Apr 23 23:59:59 2024 GMT
        Subject: serialNumber=5831bd89350d5016d8da8f7f9d1fa3541cf87bef19b19e8893120f0e0860ea27, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:38:fa:28:ac:46:bd:d3:de:07:39:6e:b7:2b:
                    47:db:c3:bc:ef:e4:f6:bb:1c:f1:84:01:fe:06:10:
                    c9:95:54:b6:09:43:e6:e0:03:f4:f4:b2:55:09:d0:
                    5f:39:76:c1:e4:e7:26:c6:bf:1f:ed:9d:a8:a3:58:
                    5a:90:31:c6:4a:f1:af:92:4e:8b:be:a2:f6:d8:72:
                    7d:28:c5:23:e9:9a:8d:c6:01:6e:6c:f1:b6:52:e0:
                    1b:74:c1:a6:e6:de:9d:4c:9c:c3:3c:40:e7:0e:62:
                    f6:6a:4a:ba:33:9f:73:81:3c:72:af:43:82:21:d2:
                    ae:f6:a5:54:6f:16:24:01:33:c5:aa:e6:34:6b:24:
                    5c:19:1c:50:40:94:9a:20:6b:a6:8d:c9:16:39:cd:
                    c0:a7:67:0b:16:9e:e6:aa:20:20:d2:5c:ff:1a:d1:
                    43:6a:c8:7f:3f:41:5d:4d:5f:dd:74:a2:be:ad:97:
                    7c:11:60:95:d5:c6:69:83:f6:81:8e:cf:1b:f3:f6:
                    44:4a:a8:f0:13:3a:4d:ea:95:68:dd:85:71:2e:55:
                    1e:78:e0:b2:50:88:f4:52:3f:8a:3c:ae:8a:9e:bc:
                    3c:62:28:95:84:3c:92:9d:66:cd:85:24:5b:b7:a9:
                    a1:3d:ab:f9:9f:94:c0:0e:8d:49:e6:8d:d5:44:4c:
                    dd:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:8B:4B:89:7F:ED:3A:0A:02:DC:00:CF:26:D3:A7:83:D8:D4:F6:CF
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/85de87b1-afc8-4537-b67d-7b26be4a293c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.77.157.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4f:60:db:a0:a4:d8:d2:45:dd:96:1a:be:88:70:5f:19:8c:7e:
         ab:7f:1a:81:ea:00:8f:e9:cc:cb:16:fd:8a:61:5d:7c:68:fd:
         ad:0d:fc:d3:17:90:48:f7:7d:d1:75:fa:c7:c8:67:a1:7c:67:
         2a:01:d0:c9:ff:96:85:a4:69:68:32:99:42:c7:7b:f2:98:47:
         8d:28:00:04:05:90:fc:84:1e:f9:10:32:67:63:bf:f4:69:92:
         af:dd:8f:87:f6:7b:c2:a9:32:1a:c0:d8:d4:ef:12:b1:82:94:
         09:f3:93:5b:f9:2f:5b:78:17:99:7d:9f:77:21:85:7c:7e:06:
         fd:98:d1:f8:b1:31:87:94:e6:6b:a6:b2:af:57:1f:56:17:4c:
         11:07:cb:e2:b0:40:93:10:51:4e:ec:03:fa:d9:0c:b1:44:01:
         95:c2:6a:6b:97:e3:98:2b:63:5c:8e:ba:a6:fa:ca:18:02:d4:
         69:cb:6b:cd:88:a8:b3:23:fe:ff:42:dc:c6:66:d9:fb:74:ed:
         58:68:bd:53:31:8f:38:c7:39:0f:52:8b:f2:77:78:0c:1d:60:
         3e:d3:bd:8d:04:ca:03:b5:94:93:1d:8a:1a:cb:a1:f3:dd:cf:
         5b:c0:0f:4c:52:01:78:0a:d3:77:43:95:9b:7e:10:84:bb:09:
         d4:b1:5b:04
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUMeGzjuyCSdS5Bq/6yjcQPXwcDCMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE5MDAwMDAwWhcNMjQwNDIzMjM1OTU5
WjB6MUkwRwYDVQQFE0A1ODMxYmQ4OTM1MGQ1MDE2ZDhkYThmN2Y5ZDFmYTM1NDFj
Zjg3YmVmMTliMTllODg5MzEyMGYwZTA4NjBlYTI3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDdOPoorEa9094HOW63K0fbw7zv5Pa7HPGEAf4GEMmVVLYJ
Q+bgA/T0slUJ0F85dsHk5ybGvx/tnaijWFqQMcZK8a+STou+ovbYcn0oxSPpmo3G
AW5s8bZS4Bt0wabm3p1MnMM8QOcOYvZqSrozn3OBPHKvQ4Ih0q72pVRvFiQBM8Wq
5jRrJFwZHFBAlJoga6aNyRY5zcCnZwsWnuaqICDSXP8a0UNqyH8/QV1NX910or6t
l3wRYJXVxmmD9oGOzxvz9kRKqPATOk3qlWjdhXEuVR544LJQiPRSP4o8roqevDxi
KJWEPJKdZs2FJFu3qaE9q/mflMAOjUnmjdVETN2BAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUYYtLiX/tOgoC3ADPJtOng9jU9s8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzg1ZGU4N2IxLWFmYzgtNDUzNy1iNjdkLTdiMjZiZTRhMjkzYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABjTZ0wDQYJKoZIhvcNAQELBQADggEBAE9g26Ck2NJF3ZYavohwXxmMfqt/
GoHqAI/pzMsW/YphXXxo/a0N/NMXkEj3fdF1+sfIZ6F8ZyoB0Mn/loWkaWgymULH
e/KYR40oAAQFkPyEHvkQMmdjv/Rpkq/dj4f2e8KpMhrA2NTvErGClAnzk1v5L1t4
F5l9n3chhXx+Bv2Y0fixMYeU5mumsq9XH1YXTBEHy+KwQJMQUU7sA/rZDLFEAZXC
amuX45grY1yOuqb6yhgC1GnLa82IqLMj/v9C3MZm2ft07VhovVMxjzjHOQ9Si/J3
eAwdYD7TvY0EygO1lJMdihrLofPdz1vAD0xSAXgK03dDlZt+EIS7CdSxWwQ=
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:37:07 2024 by rpki-client on console-fra.rpki-client.org