Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9467035e-ac22-4ed7-bdeb-771152f3e853.roa
File:                     9467035e-ac22-4ed7-bdeb-771152f3e853.roa (raw, json)
Hash identifier:          DboFcainyH1dCvgKdjxejpZWYsO228yW3zZ0ENKdlP4=
Subject key identifier:   7D:1B:6B:87:23:8A:ED:F0:D0:99:37:54:C8:B3:84:8C:6C:85:AB:B5
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       56B3B1559A90282FA58CC5BB0016C271CBD4D9D4
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9467035e-ac22-4ed7-bdeb-771152f3e853.roa
Signing time:             Mon 18 Mar 2024 00:00:00 +0000
ROA not before:           Mon 18 Mar 2024 00:00:00 +0000
ROA not after:            Mon 22 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        170.68.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 30 Mar 2024 12:04:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            56:b3:b1:55:9a:90:28:2f:a5:8c:c5:bb:00:16:c2:71:cb:d4:d9:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 18 00:00:00 2024 GMT
            Not After : Apr 22 23:59:59 2024 GMT
        Subject: serialNumber=0fbe602bc52b2e483d9707b51c0ebdc8c12e4f13ef5885039b3655342c9871bc, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:d1:45:63:a2:1b:97:48:1e:2c:09:22:bf:5c:
                    37:7e:ae:32:5b:9d:32:66:99:b6:67:e5:05:1b:de:
                    f1:ce:22:33:5d:ab:4c:7f:26:80:67:db:e0:84:3d:
                    22:e1:5e:89:6d:41:ac:4d:d0:ed:41:f4:1a:00:ef:
                    d2:b0:1f:b6:f8:32:3b:47:5d:45:ce:77:6c:1b:34:
                    6b:27:fe:7e:6f:84:b1:47:2b:33:4b:cc:bf:4f:a6:
                    02:b8:1d:07:a0:03:46:85:4b:fd:cb:7b:fc:f3:91:
                    4e:67:91:23:30:e4:33:4c:7f:20:3f:63:eb:5c:40:
                    1b:90:61:e2:a5:8a:03:73:fd:81:7d:20:c7:5f:95:
                    99:5a:42:a0:07:04:10:7b:87:93:64:d4:8f:ce:58:
                    3c:bb:e5:0d:76:b6:f7:f2:47:6a:f0:31:ab:45:dc:
                    55:39:e8:31:7a:20:6c:31:3a:1c:16:d2:5f:40:2e:
                    59:d7:26:9f:95:f4:7a:71:64:7d:88:20:29:2c:04:
                    e0:fc:b9:41:a1:af:0b:1f:c6:d2:88:8d:37:79:5f:
                    28:7b:96:b5:a8:38:3f:21:65:c2:69:08:ca:60:2d:
                    16:4d:82:4b:95:56:10:72:d9:35:98:bb:59:2c:ff:
                    18:99:12:0a:28:5c:e9:0d:a6:86:1a:a3:cc:7a:fa:
                    1c:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:1B:6B:87:23:8A:ED:F0:D0:99:37:54:C8:B3:84:8C:6C:85:AB:B5
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9467035e-ac22-4ed7-bdeb-771152f3e853.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.68.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         13:06:a1:ee:f0:ec:0f:b6:a5:70:ed:0d:bb:2c:eb:63:4f:b3:
         79:d6:48:61:2b:26:bc:55:df:21:19:d7:a4:1b:a0:ef:0a:38:
         79:45:e5:01:a6:19:0a:da:e8:42:c1:29:fe:55:7f:80:5c:c8:
         f7:75:64:00:45:5d:f3:36:88:e0:e1:0f:89:7b:04:34:4e:7a:
         d8:52:33:0d:72:7b:11:24:6a:91:af:79:e6:55:1e:24:2a:f1:
         51:fa:5d:c8:83:3b:b4:ec:03:3f:77:7f:c2:21:9d:81:57:de:
         be:0b:f0:a2:70:2b:18:15:ec:7f:bd:4c:50:60:70:af:89:99:
         fa:c0:01:9c:53:8b:88:1a:80:7f:b7:6c:4e:6b:e3:e7:59:c1:
         23:14:18:c2:a9:cd:4d:27:76:91:3e:db:f3:0d:25:ed:bb:f3:
         0d:5c:da:83:ee:20:1a:89:30:f1:ad:c3:11:35:f8:79:42:aa:
         92:ce:52:d7:e8:67:e2:31:93:cf:12:af:8f:3c:e1:ab:01:b7:
         2e:e0:13:ab:55:e8:4d:eb:39:56:83:e9:d5:a5:a4:34:85:f4:
         6a:a2:16:ac:1f:ae:f5:f1:27:31:ed:ea:35:72:87:c5:ae:14:
         02:87:43:f7:f6:41:98:48:42:19:74:f8:b9:84:da:65:ce:4a:
         e4:ff:c4:fe
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUVrOxVZqQKC+ljMW7ABbCccvU2dQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE4MDAwMDAwWhcNMjQwNDIyMjM1OTU5
WjB6MUkwRwYDVQQFE0AwZmJlNjAyYmM1MmIyZTQ4M2Q5NzA3YjUxYzBlYmRjOGMx
MmU0ZjEzZWY1ODg1MDM5YjM2NTUzNDJjOTg3MWJjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCO0UVjohuXSB4sCSK/XDd+rjJbnTJmmbZn5QUb3vHOIjNd
q0x/JoBn2+CEPSLhXoltQaxN0O1B9BoA79KwH7b4MjtHXUXOd2wbNGsn/n5vhLFH
KzNLzL9PpgK4HQegA0aFS/3Le/zzkU5nkSMw5DNMfyA/Y+tcQBuQYeKligNz/YF9
IMdflZlaQqAHBBB7h5Nk1I/OWDy75Q12tvfyR2rwMatF3FU56DF6IGwxOhwW0l9A
LlnXJp+V9HpxZH2IICksBOD8uUGhrwsfxtKIjTd5Xyh7lrWoOD8hZcJpCMpgLRZN
gkuVVhBy2TWYu1ks/xiZEgooXOkNpoYao8x6+hyVAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUfRtrhyOK7fDQmTdUyLOEjGyFq7UwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzk0NjcwMzVlLWFjMjItNGVkNy1iZGViLTc3MTE1MmYzZTg1My5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCqRDANBgkqhkiG9w0BAQsFAAOCAQEAEwah7vDsD7alcO0NuyzrY0+zedZI
YSsmvFXfIRnXpBug7wo4eUXlAaYZCtroQsEp/lV/gFzI93VkAEVd8zaI4OEPiXsE
NE562FIzDXJ7ESRqka955lUeJCrxUfpdyIM7tOwDP3d/wiGdgVfevgvwonArGBXs
f71MUGBwr4mZ+sABnFOLiBqAf7dsTmvj51nBIxQYwqnNTSd2kT7b8w0l7bvzDVza
g+4gGokw8a3DETX4eUKqks5S1+hn4jGTzxKvjzzhqwG3LuATq1XoTes5VoPp1aWk
NIX0aqIWrB+u9fEnMe3qNXKHxa4UAodD9/ZBmEhCGXT4uYTaZc5K5P/E/g==
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:37:11 2024 by rpki-client on console-fra.rpki-client.org