Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/990a335e-9ae1-4df4-aa20-800ded31c4e3.roa
File:                     990a335e-9ae1-4df4-aa20-800ded31c4e3.roa (raw, json)
Hash identifier:          tXhFP36ms5IH+gazUH+KN9Shrcnv5gvb8iurH/euXHg=
Subject key identifier:   44:15:1B:A9:F7:C4:1E:61:B6:B7:73:6A:50:17:6E:A6:93:DF:D2:82
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0BCC78AC09AFD5DD61142EBB3A5B85A160465D3F
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/990a335e-9ae1-4df4-aa20-800ded31c4e3.roa
Signing time:             Tue 19 Mar 2024 00:00:00 +0000
ROA not before:           Tue 19 Mar 2024 00:00:00 +0000
ROA not after:            Tue 23 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        16.12.24.0/21 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 30 Mar 2024 12:04:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0b:cc:78:ac:09:af:d5:dd:61:14:2e:bb:3a:5b:85:a1:60:46:5d:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 19 00:00:00 2024 GMT
            Not After : Apr 23 23:59:59 2024 GMT
        Subject: serialNumber=5831f7691a6bd21500587f1f0add3a0642b31afb9aa98db5695503e81f245a58, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:e2:00:72:b4:1a:a8:f2:f3:60:9e:a4:59:e9:
                    1b:a8:51:03:1e:08:10:80:4e:e4:98:56:f7:7f:e5:
                    da:cc:20:ac:27:f2:9b:0b:80:08:6d:9a:00:1d:d3:
                    c3:1e:ed:4b:d1:40:9c:2e:cc:3a:33:e3:4e:7b:b8:
                    5e:23:1f:40:d8:55:68:3f:de:e8:5f:04:43:b5:3d:
                    57:ea:44:da:29:f2:4a:2d:8f:1e:cc:c5:82:3c:9e:
                    c6:89:e7:9c:40:1d:3d:42:9f:9b:87:33:06:20:cd:
                    45:d5:c0:e6:c5:2f:aa:dd:3f:d2:9d:0f:25:f7:79:
                    79:75:98:fd:72:5b:fd:60:ca:26:cb:e6:20:bb:76:
                    45:e5:e1:fc:c0:37:1b:dc:6d:e5:0a:57:82:f9:07:
                    9c:7b:33:78:84:26:4e:b8:f9:07:89:71:9b:62:b2:
                    a3:e6:66:58:00:f4:a1:d1:89:97:58:9d:14:56:c2:
                    52:54:06:74:5e:a4:d4:63:2a:62:6f:05:7b:4e:40:
                    f3:f9:f5:94:b0:15:a7:48:2d:94:32:a9:20:1c:c7:
                    c8:16:7f:c2:2b:ea:fe:34:60:ee:64:bf:9b:0c:01:
                    7c:33:47:49:94:27:c4:61:78:67:65:6c:82:06:d7:
                    e0:3b:ad:1e:12:3f:c9:cf:08:f7:08:1b:c4:57:db:
                    e2:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:15:1B:A9:F7:C4:1E:61:B6:B7:73:6A:50:17:6E:A6:93:DF:D2:82
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/990a335e-9ae1-4df4-aa20-800ded31c4e3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.12.24.0/21

    Signature Algorithm: sha256WithRSAEncryption
         4d:14:31:d7:bc:e4:40:4d:67:f2:4a:6a:23:c2:88:6f:7a:db:
         27:20:5d:84:9c:cc:2d:6f:62:73:b4:22:7b:7a:d1:d4:7a:23:
         e1:7c:ba:c2:7c:de:1c:45:28:91:10:73:9b:0b:c0:c6:6d:8e:
         18:38:ad:07:f0:f7:b8:71:e3:ce:49:81:e8:7b:6d:5b:35:30:
         79:ae:83:7d:6a:93:9f:14:5e:2b:a5:a5:ab:55:77:f2:4c:1e:
         e5:61:6e:af:a2:d5:12:fb:19:d0:37:d2:c7:a1:dc:32:5a:7f:
         89:da:84:05:85:87:a4:06:44:88:14:38:41:89:a4:7d:b3:6f:
         4b:94:bb:4d:36:6b:b4:ea:35:b9:0d:14:a2:f2:5d:18:98:c3:
         71:6e:95:0c:e4:aa:5e:8a:14:f2:f0:02:2e:0d:87:25:cc:27:
         b2:eb:69:f4:a4:a4:9e:04:ea:83:45:6d:8c:d9:87:9a:46:e9:
         60:4c:29:20:1b:f7:97:14:b2:bb:c6:f7:ad:33:25:d5:61:0a:
         d5:51:c8:5b:01:cc:59:89:e9:96:48:87:d3:ae:26:47:f7:32:
         a3:e4:f6:b7:c7:ad:02:2c:a2:39:f6:7b:16:ec:12:1c:76:de:
         3e:f6:ef:4e:67:94:82:8f:60:7c:c7:2d:66:37:8e:7d:a9:89:
         0f:ed:71:ce
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUC8x4rAmv1d1hFC67OluFoWBGXT8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE5MDAwMDAwWhcNMjQwNDIzMjM1OTU5
WjB6MUkwRwYDVQQFE0A1ODMxZjc2OTFhNmJkMjE1MDA1ODdmMWYwYWRkM2EwNjQy
YjMxYWZiOWFhOThkYjU2OTU1MDNlODFmMjQ1YTU4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC44gBytBqo8vNgnqRZ6RuoUQMeCBCATuSYVvd/5drMIKwn
8psLgAhtmgAd08Me7UvRQJwuzDoz4057uF4jH0DYVWg/3uhfBEO1PVfqRNop8kot
jx7MxYI8nsaJ55xAHT1Cn5uHMwYgzUXVwObFL6rdP9KdDyX3eXl1mP1yW/1gyibL
5iC7dkXl4fzANxvcbeUKV4L5B5x7M3iEJk64+QeJcZtisqPmZlgA9KHRiZdYnRRW
wlJUBnRepNRjKmJvBXtOQPP59ZSwFadILZQyqSAcx8gWf8Ir6v40YO5kv5sMAXwz
R0mUJ8RheGdlbIIG1+A7rR4SP8nPCPcIG8RX2+KjAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQURBUbqffEHmG2t3NqUBduppPf0oIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzk5MGEzMzVlLTlhZTEtNGRmNC1hYTIwLTgwMGRlZDMxYzRlMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAMQDBgwDQYJKoZIhvcNAQELBQADggEBAE0UMde85EBNZ/JKaiPCiG962ycg
XYSczC1vYnO0Int60dR6I+F8usJ83hxFKJEQc5sLwMZtjhg4rQfw97hx485Jgeh7
bVs1MHmug31qk58UXiulpatVd/JMHuVhbq+i1RL7GdA30seh3DJaf4nahAWFh6QG
RIgUOEGJpH2zb0uUu002a7TqNbkNFKLyXRiYw3FulQzkql6KFPLwAi4NhyXMJ7Lr
afSkpJ4E6oNFbYzZh5pG6WBMKSAb95cUsrvG960zJdVhCtVRyFsBzFmJ6ZZIh9Ou
Jkf3MqPk9rfHrQIsojn2exbsEhx23j72705nlIKPYHzHLWY3jn2piQ/tcc4=
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:37:12 2024 by rpki-client on console-fra.rpki-client.org