Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/92e3388a-3322-44eb-9d70-a9abc7a26fb3.roa
File:                     92e3388a-3322-44eb-9d70-a9abc7a26fb3.roa (raw, json)
Hash identifier:          ZYZdKr9ECYQ83QAvEL7SOMAOLrcp2+vy/CGYJmzBlNw=
Subject key identifier:   85:36:11:5A:2E:75:F0:86:63:4C:D9:43:D7:47:58:71:F4:DA:48:3E
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0C58325BECAC41E4E06EE4F7E6BDFD154C5D673C
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/92e3388a-3322-44eb-9d70-a9abc7a26fb3.roa
Signing time:             Tue 19 Mar 2024 00:00:00 +0000
ROA not before:           Tue 19 Mar 2024 00:00:00 +0000
ROA not after:            Tue 23 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        99.86.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 29 Mar 2024 12:02:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0c:58:32:5b:ec:ac:41:e4:e0:6e:e4:f7:e6:bd:fd:15:4c:5d:67:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 19 00:00:00 2024 GMT
            Not After : Apr 23 23:59:59 2024 GMT
        Subject: serialNumber=7619283e42715c7d84e1d9ce52d9481e501c1e6bf97adb47c4dff7350d2ddbd2, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:d1:ad:9d:a6:8d:41:52:4e:bf:0d:1d:9e:32:
                    d8:4c:09:08:fb:41:a1:f1:b0:a8:5d:9c:d2:c7:5a:
                    74:8d:83:7c:f7:8c:67:43:df:97:e5:d8:e2:70:92:
                    8a:76:90:07:29:79:7a:79:81:7c:e1:76:c8:d8:f2:
                    23:14:2b:26:6e:6b:dc:b3:31:24:f2:df:a1:79:03:
                    99:6d:10:73:7b:d4:2c:c3:13:1c:64:d6:8d:98:50:
                    de:15:d1:3d:81:82:9a:33:f7:9f:c0:2f:93:a6:e4:
                    7d:47:92:df:47:61:bd:98:9a:18:92:73:21:e5:ea:
                    59:ac:a6:aa:27:46:c2:77:39:f2:e0:d6:a8:74:cc:
                    30:0f:1d:ac:04:71:bf:36:33:e4:fa:a9:ff:12:0a:
                    31:46:e2:18:89:1b:4e:42:ed:1e:10:fa:3b:f1:10:
                    6b:13:3d:09:80:64:fe:25:87:6a:80:57:53:21:31:
                    c3:e1:30:09:80:02:20:bd:95:5e:ac:26:b9:7c:8c:
                    e7:d8:92:49:ee:4f:3d:ef:b4:55:87:53:17:e3:35:
                    8d:0c:4b:cb:e2:57:90:ff:b3:e8:b0:39:09:ca:92:
                    c7:a2:4c:d5:a2:ac:24:ee:75:fc:79:2e:81:d1:9f:
                    07:5d:03:f0:57:7b:20:e4:d4:16:20:f6:25:ec:f4:
                    0c:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:36:11:5A:2E:75:F0:86:63:4C:D9:43:D7:47:58:71:F4:DA:48:3E
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/92e3388a-3322-44eb-9d70-a9abc7a26fb3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.86.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         8f:b5:fa:a8:7b:57:d3:3a:08:db:8d:1e:1d:27:ab:5a:07:e9:
         bf:cb:46:18:ac:a6:4f:02:d6:98:06:58:d4:41:27:5e:c3:a7:
         3c:0b:10:d7:65:e4:95:c7:0a:ad:df:d3:ea:93:94:b0:77:a3:
         bf:14:16:10:78:63:05:47:8c:9e:a0:54:76:fe:c3:6e:fa:f0:
         6d:95:3f:10:eb:55:e0:33:e2:cc:dd:c4:2f:2e:eb:4d:47:bb:
         b8:94:6f:df:a9:47:17:cf:f1:e7:5f:cb:60:c8:f3:49:fa:64:
         97:55:fc:a4:01:7d:7d:18:19:be:8d:d1:d9:0e:74:f9:47:29:
         94:a0:8b:fb:1f:17:3b:fb:f5:97:10:46:6a:93:20:b7:af:84:
         87:86:e8:c6:df:a6:89:eb:f9:63:cc:72:99:ef:b1:36:cd:57:
         27:63:25:af:24:9d:0a:a4:8e:d0:22:47:a0:dd:31:ab:1f:2e:
         84:41:b8:13:34:eb:d7:16:65:b9:e5:08:cf:06:c3:70:30:24:
         d7:59:ec:c3:86:0a:98:5c:10:f4:49:8f:09:b1:bb:76:42:42:
         46:43:9f:87:86:8e:e7:79:ce:18:5c:47:29:cb:ff:87:07:61:
         a1:fb:a8:60:dd:e3:65:60:b3:e5:7c:93:bc:c0:0e:7d:78:41:
         12:e0:0f:9c
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUDFgyW+ysQeTgbuT35r39FUxdZzwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE5MDAwMDAwWhcNMjQwNDIzMjM1OTU5
WjB6MUkwRwYDVQQFE0A3NjE5MjgzZTQyNzE1YzdkODRlMWQ5Y2U1MmQ5NDgxZTUw
MWMxZTZiZjk3YWRiNDdjNGRmZjczNTBkMmRkYmQyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC90a2dpo1BUk6/DR2eMthMCQj7QaHxsKhdnNLHWnSNg3z3
jGdD35fl2OJwkop2kAcpeXp5gXzhdsjY8iMUKyZua9yzMSTy36F5A5ltEHN71CzD
Exxk1o2YUN4V0T2Bgpoz95/AL5Om5H1Hkt9HYb2YmhiScyHl6lmspqonRsJ3OfLg
1qh0zDAPHawEcb82M+T6qf8SCjFG4hiJG05C7R4Q+jvxEGsTPQmAZP4lh2qAV1Mh
McPhMAmAAiC9lV6sJrl8jOfYkknuTz3vtFWHUxfjNY0MS8viV5D/s+iwOQnKksei
TNWirCTudfx5LoHRnwddA/BXeyDk1BYg9iXs9Ax3AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUhTYRWi518IZjTNlD10dYcfTaSD4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzkyZTMzODhhLTMzMjItNDRlYi05ZDcwLWE5YWJjN2EyNmZiMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwBjVjANBgkqhkiG9w0BAQsFAAOCAQEAj7X6qHtX0zoI240eHSerWgfpv8tG
GKymTwLWmAZY1EEnXsOnPAsQ12XklccKrd/T6pOUsHejvxQWEHhjBUeMnqBUdv7D
bvrwbZU/EOtV4DPizN3ELy7rTUe7uJRv36lHF8/x51/LYMjzSfpkl1X8pAF9fRgZ
vo3R2Q50+UcplKCL+x8XO/v1lxBGapMgt6+Eh4boxt+miev5Y8xyme+xNs1XJ2Ml
rySdCqSO0CJHoN0xqx8uhEG4EzTr1xZlueUIzwbDcDAk11nsw4YKmFwQ9EmPCbG7
dkJCRkOfh4aO53nOGFxHKcv/hwdhofuoYN3jZWCz5XyTvMAOfXhBEuAPnA==
-----END CERTIFICATE-----
Generated at Thu Mar 28 02:05:37 2024 by rpki-client on console-ams.rpki-client.org