Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/94a7c917-6869-4830-9bca-db6ddd98328b.roa
File:                     94a7c917-6869-4830-9bca-db6ddd98328b.roa (raw, json)
Hash identifier:          B6P9/DQILBV3VPr4afsQYULGIJ9rLm9N+2lF4Nttr6U=
Subject key identifier:   D8:6D:7F:F9:EC:23:40:02:B8:1F:F4:7B:55:7C:00:C3:E2:E8:EB:2D
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       7380FEDD4794DEB3E6014B802D5BA60C8337E045
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/94a7c917-6869-4830-9bca-db6ddd98328b.roa
Signing time:             Tue 19 Mar 2024 00:00:00 +0000
ROA not before:           Tue 19 Mar 2024 00:00:00 +0000
ROA not after:            Tue 23 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        56.110.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 29 Mar 2024 12:02:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            73:80:fe:dd:47:94:de:b3:e6:01:4b:80:2d:5b:a6:0c:83:37:e0:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 19 00:00:00 2024 GMT
            Not After : Apr 23 23:59:59 2024 GMT
        Subject: serialNumber=759fc49f4ceb3e80cce01a23004b59c578b26c66676de6485fa4ae4e0318c169, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:d9:01:17:61:9e:32:47:1c:2e:3e:02:36:b8:
                    f6:84:80:2b:62:e6:68:4a:0a:5c:4c:a7:51:20:48:
                    25:b6:55:84:13:a1:99:78:19:c2:77:61:a9:25:2f:
                    ac:f3:bc:6a:67:55:c6:d9:bb:c1:c5:e3:18:e1:de:
                    63:aa:79:38:0b:1b:d5:64:2e:aa:f2:e5:6c:19:4f:
                    ed:fc:a8:0c:8a:4d:04:8b:52:4c:c4:4d:01:c3:f5:
                    f2:ff:49:52:5d:3d:4d:0b:46:6a:e7:3b:07:5d:fa:
                    89:4a:a1:ac:11:3b:9c:7a:d6:db:80:34:12:4c:e7:
                    c4:31:ee:81:b8:c4:0e:7d:20:72:e6:e4:f3:6a:e9:
                    e5:a5:d7:4b:e9:72:dd:67:6e:8b:1d:de:21:47:88:
                    c8:0e:f9:3b:65:8c:7b:30:7e:bf:f1:4b:e6:e4:c5:
                    50:64:2b:f0:73:15:ed:ca:4c:26:6e:8d:88:d5:3b:
                    3e:a2:c6:f9:e8:cc:c4:43:61:e2:93:98:74:a7:dd:
                    98:bf:61:bb:69:d9:b9:c3:49:c9:b2:34:8e:78:4a:
                    b8:84:81:f1:42:d2:aa:57:2c:d6:c0:51:3e:23:14:
                    a7:e2:cc:6c:2a:72:be:51:fa:48:30:c0:a7:e1:64:
                    bf:05:44:e4:cf:34:eb:d1:48:c1:d0:a3:82:eb:0d:
                    4a:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:6D:7F:F9:EC:23:40:02:B8:1F:F4:7B:55:7C:00:C3:E2:E8:EB:2D
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/94a7c917-6869-4830-9bca-db6ddd98328b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.110.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         05:cb:ab:6e:ee:b2:9e:3c:80:a8:9a:23:fb:99:1b:f0:8d:35:
         2b:b0:28:8f:ca:b2:13:7d:b5:6b:2b:ef:7d:18:c5:e5:33:1c:
         a2:82:0d:2f:d2:80:80:2f:53:4a:d1:68:41:00:7c:60:3d:2c:
         36:6b:b3:1b:67:5d:96:de:62:ac:e0:94:92:64:76:a5:55:36:
         3a:3e:91:19:d4:46:94:6f:28:50:da:a3:17:28:e4:a2:4d:a6:
         74:c9:fe:e7:8c:2c:d7:2e:a6:01:ca:b4:ab:b0:16:64:8d:d5:
         8f:80:1d:58:86:38:bd:96:3f:1c:89:7a:ca:33:74:04:77:01:
         3e:9c:d0:39:2f:30:43:0d:a6:ec:70:98:57:18:d3:f0:36:05:
         10:36:8d:00:2a:30:32:b0:e4:78:62:bc:51:32:26:50:f9:1a:
         c0:2c:f8:39:07:70:43:98:40:2a:2e:af:08:8e:93:e9:e3:98:
         2b:e7:03:25:ca:14:43:a1:96:2e:42:9b:ee:ba:27:2c:5d:b9:
         89:a6:bc:f7:ad:b7:ad:66:09:07:37:ce:f8:74:2c:04:bd:f9:
         bd:58:5b:13:f0:84:ea:65:dc:d1:4c:a3:73:a5:54:34:db:0f:
         e1:af:b7:24:59:0a:c3:e8:26:6f:1a:d2:0b:a8:fb:4b:35:56:
         20:67:4d:34
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUc4D+3UeU3rPmAUuALVumDIM34EUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE5MDAwMDAwWhcNMjQwNDIzMjM1OTU5
WjB6MUkwRwYDVQQFE0A3NTlmYzQ5ZjRjZWIzZTgwY2NlMDFhMjMwMDRiNTljNTc4
YjI2YzY2Njc2ZGU2NDg1ZmE0YWU0ZTAzMThjMTY5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDG2QEXYZ4yRxwuPgI2uPaEgCti5mhKClxMp1EgSCW2VYQT
oZl4GcJ3YaklL6zzvGpnVcbZu8HF4xjh3mOqeTgLG9VkLqry5WwZT+38qAyKTQSL
UkzETQHD9fL/SVJdPU0LRmrnOwdd+olKoawRO5x61tuANBJM58Qx7oG4xA59IHLm
5PNq6eWl10vpct1nbosd3iFHiMgO+TtljHswfr/xS+bkxVBkK/BzFe3KTCZujYjV
Oz6ixvnozMRDYeKTmHSn3Zi/Ybtp2bnDScmyNI54SriEgfFC0qpXLNbAUT4jFKfi
zGwqcr5R+kgwwKfhZL8FROTPNOvRSMHQo4LrDUq9AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU2G1/+ewjQAK4H/R7VXwAw+Lo6y0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzk0YTdjOTE3LTY4NjktNDgzMC05YmNhLWRiNmRkZDk4MzI4Yi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4bjANBgkqhkiG9w0BAQsFAAOCAQEABcurbu6ynjyAqJoj+5kb8I01K7Ao
j8qyE321ayvvfRjF5TMcooINL9KAgC9TStFoQQB8YD0sNmuzG2ddlt5irOCUkmR2
pVU2Oj6RGdRGlG8oUNqjFyjkok2mdMn+54ws1y6mAcq0q7AWZI3Vj4AdWIY4vZY/
HIl6yjN0BHcBPpzQOS8wQw2m7HCYVxjT8DYFEDaNACowMrDkeGK8UTImUPkawCz4
OQdwQ5hAKi6vCI6T6eOYK+cDJcoUQ6GWLkKb7ronLF25iaa89623rWYJBzfO+HQs
BL35vVhbE/CE6mXc0Uyjc6VUNNsP4a+3JFkKw+gmbxrSC6j7SzVWIGdNNA==
-----END CERTIFICATE-----
Generated at Thu Mar 28 01:00:14 2024 by rpki-client on console-fra.rpki-client.org