Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9af038d2-354c-4182-aff5-39365e11033e.roa
File:                     9af038d2-354c-4182-aff5-39365e11033e.roa (raw, json)
Hash identifier:          tIqO/CGO5Z2RSlzWK3GNscePFi1V0+Ekk1oapMzZiDI=
Subject key identifier:   5D:03:27:5D:4C:00:9A:D1:A4:21:5D:99:1E:25:B2:35:34:DD:33:9B
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       170D520EAAF3C25C752F915E2A81890389B15AF7
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9af038d2-354c-4182-aff5-39365e11033e.roa
Signing time:             Tue 19 Mar 2024 00:00:00 +0000
ROA not before:           Tue 19 Mar 2024 00:00:00 +0000
ROA not after:            Tue 23 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        152.227.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 30 Mar 2024 12:04:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            17:0d:52:0e:aa:f3:c2:5c:75:2f:91:5e:2a:81:89:03:89:b1:5a:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 19 00:00:00 2024 GMT
            Not After : Apr 23 23:59:59 2024 GMT
        Subject: serialNumber=ef9791c924548eae621be368cfc06d1f28ae15a8ccf6000971199b4decef21e4, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:3c:e8:1c:28:dc:e4:af:92:91:b0:82:9f:6c:
                    6f:db:77:ca:29:3a:5b:48:31:89:95:49:35:68:26:
                    6c:31:53:21:f0:02:cc:13:a8:39:be:be:39:d7:f2:
                    77:bf:18:c9:18:2c:39:7f:2d:5e:6f:36:5f:86:f7:
                    61:38:58:d3:ec:43:d5:98:3f:64:2f:9b:98:6d:34:
                    82:76:f1:d7:ba:0e:23:14:75:07:ce:de:f6:d7:8b:
                    5d:4d:bb:80:66:09:5f:61:5f:c2:e8:65:a9:73:df:
                    58:32:39:f1:1c:0f:1e:40:91:53:5a:77:e9:df:56:
                    40:47:18:ea:46:3f:4b:eb:65:30:d3:5c:42:fb:e6:
                    4f:8e:11:7c:f2:6a:cc:e9:5b:b9:1b:6c:f0:fb:5c:
                    38:55:e3:81:9a:e2:fc:eb:88:be:6d:3e:e8:b9:a8:
                    4f:99:9c:02:e3:0c:1f:e7:bd:5f:f9:ef:f4:c4:a3:
                    c2:50:dd:25:b4:e9:bb:1d:57:6b:ac:fa:2b:e8:82:
                    e2:29:54:f2:3a:50:1d:5e:2e:34:7e:f0:7e:05:77:
                    bc:60:21:df:78:df:5c:ed:73:cf:0c:9a:fd:d2:f1:
                    de:dd:6c:8b:16:3e:6b:c1:bc:b6:45:26:9a:e4:94:
                    6a:7e:d2:bb:d4:fb:96:12:9b:3e:c5:fb:4f:26:0a:
                    60:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:03:27:5D:4C:00:9A:D1:A4:21:5D:99:1E:25:B2:35:34:DD:33:9B
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9af038d2-354c-4182-aff5-39365e11033e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  152.227.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         8d:d9:a0:68:4b:6b:59:4a:ff:c7:49:8b:da:d0:66:59:ed:75:
         09:c5:6c:5c:1f:3c:55:a2:ff:c3:ba:f0:a1:51:fc:53:5e:7f:
         68:38:8a:c9:9d:15:2f:ab:88:5b:05:50:af:87:cb:b2:df:be:
         c2:71:b2:b2:77:95:e8:23:28:b5:dd:ec:92:b6:b6:8b:d1:15:
         82:cd:9a:bf:8b:86:34:bf:57:d3:ee:2c:48:e6:63:6f:67:9b:
         47:68:22:1b:5b:86:08:04:7f:f7:e1:7b:52:f8:f9:40:df:6d:
         87:df:52:e0:6c:5b:cb:12:7c:a7:4e:2c:f4:e5:57:a4:5d:47:
         06:4f:fb:99:bc:1d:0f:d7:6e:c5:78:3e:ff:da:d0:bf:dc:8e:
         7b:9d:a8:05:5f:63:db:03:41:a2:49:c9:1b:78:7a:45:b8:f7:
         7c:d3:05:1d:d7:c3:8c:15:0a:d3:7e:ff:1c:eb:57:bd:90:07:
         36:b1:fd:37:09:e5:36:5a:66:1f:35:e7:87:18:f4:e8:b5:09:
         04:4a:a1:d7:1b:9f:a6:5c:e5:73:a4:37:87:25:65:98:c7:a6:
         b0:2f:a5:2b:e0:f1:f7:24:89:da:94:0f:43:f5:82:55:40:75:
         93:18:be:b6:50:64:53:ed:b1:5f:1f:e1:4f:79:bc:0d:36:7a:
         13:c4:b6:eb
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUFw1SDqrzwlx1L5FeKoGJA4mxWvcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE5MDAwMDAwWhcNMjQwNDIzMjM1OTU5
WjB6MUkwRwYDVQQFE0BlZjk3OTFjOTI0NTQ4ZWFlNjIxYmUzNjhjZmMwNmQxZjI4
YWUxNWE4Y2NmNjAwMDk3MTE5OWI0ZGVjZWYyMWU0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDkPOgcKNzkr5KRsIKfbG/bd8opOltIMYmVSTVoJmwxUyHw
AswTqDm+vjnX8ne/GMkYLDl/LV5vNl+G92E4WNPsQ9WYP2Qvm5htNIJ28de6DiMU
dQfO3vbXi11Nu4BmCV9hX8LoZalz31gyOfEcDx5AkVNad+nfVkBHGOpGP0vrZTDT
XEL75k+OEXzyaszpW7kbbPD7XDhV44Ga4vzriL5tPui5qE+ZnALjDB/nvV/57/TE
o8JQ3SW06bsdV2us+ivoguIpVPI6UB1eLjR+8H4Fd7xgId9431ztc88Mmv3S8d7d
bIsWPmvBvLZFJprklGp+0rvU+5YSmz7F+08mCmAbAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUXQMnXUwAmtGkIV2ZHiWyNTTdM5swHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzlhZjAzOGQyLTM1NGMtNDE4Mi1hZmY1LTM5MzY1ZTExMDMzZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCY4zANBgkqhkiG9w0BAQsFAAOCAQEAjdmgaEtrWUr/x0mL2tBmWe11CcVs
XB88VaL/w7rwoVH8U15/aDiKyZ0VL6uIWwVQr4fLst++wnGysneV6CMotd3skra2
i9EVgs2av4uGNL9X0+4sSOZjb2ebR2giG1uGCAR/9+F7Uvj5QN9th99S4GxbyxJ8
p04s9OVXpF1HBk/7mbwdD9duxXg+/9rQv9yOe52oBV9j2wNBoknJG3h6Rbj3fNMF
HdfDjBUK037/HOtXvZAHNrH9NwnlNlpmHzXnhxj06LUJBEqh1xufplzlc6Q3hyVl
mMemsC+lK+Dx9ySJ2pQPQ/WCVUB1kxi+tlBkU+2xXx/hT3m8DTZ6E8S26w==
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:37:13 2024 by rpki-client on console-fra.rpki-client.org