Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a4227170-2265-45c8-950f-f4e81e32653b.roa
File:                     a4227170-2265-45c8-950f-f4e81e32653b.roa (raw, json)
Hash identifier:          HPBYslMyOX+TxvUGg4hFUmJK4C/QZVJn1YjEGvvtttw=
Subject key identifier:   7F:22:F4:90:42:05:E5:45:10:A4:6A:AA:FE:F6:69:8F:B9:B7:F6:56
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       5267C839256E82AB67ED8FB5F3EAC0FA62BAD8C3
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a4227170-2265-45c8-950f-f4e81e32653b.roa
Signing time:             Tue 19 Mar 2024 00:00:00 +0000
ROA not before:           Tue 19 Mar 2024 00:00:00 +0000
ROA not after:            Tue 23 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        96.0.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 30 Mar 2024 12:04:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            52:67:c8:39:25:6e:82:ab:67:ed:8f:b5:f3:ea:c0:fa:62:ba:d8:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 19 00:00:00 2024 GMT
            Not After : Apr 23 23:59:59 2024 GMT
        Subject: serialNumber=e60e3319cc0da07d9e5cd3f72d5683169361e4bd44984cbb5cffabc73af7efe2, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:13:56:ac:ce:a3:8f:2f:8e:d6:02:19:c4:60:
                    ba:15:e1:cf:27:8b:52:b6:ab:0c:f1:2f:a6:be:ac:
                    17:5f:5e:8e:e7:dc:90:51:13:38:65:f8:91:30:82:
                    d1:e5:2d:20:d7:e1:6a:38:36:86:ca:c0:0b:84:8e:
                    80:f9:39:9a:37:d7:c8:da:76:79:55:f5:11:07:00:
                    bb:9d:6b:01:3c:3b:69:65:19:bf:ff:47:4c:fc:1b:
                    02:7c:ab:92:82:15:4f:fe:5f:99:74:4c:b6:8c:66:
                    5b:f0:3e:fa:f5:b0:ad:82:e1:3a:fa:cb:d7:8a:c3:
                    71:6b:ec:8b:94:18:dc:c4:8d:71:a2:79:08:51:2c:
                    90:ef:c9:51:1f:cf:62:ec:b9:f0:19:9c:87:39:4b:
                    59:0f:4a:ed:bb:f4:83:89:bf:a3:1a:c7:da:ed:ed:
                    21:c8:0a:b8:aa:10:65:bc:be:10:cc:f6:75:a6:66:
                    3e:aa:70:16:69:24:12:2f:fd:2c:0a:48:78:ca:13:
                    91:4e:7c:18:01:f3:36:6b:ee:7a:58:a5:54:78:04:
                    b8:e6:5e:cf:46:5a:b5:8f:96:97:ca:66:97:f7:fd:
                    1a:a1:e0:13:47:56:e8:dd:e5:23:fe:8e:6a:c4:0b:
                    50:61:39:22:38:4f:b8:78:7e:71:4e:17:70:fe:a0:
                    7c:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:22:F4:90:42:05:E5:45:10:A4:6A:AA:FE:F6:69:8F:B9:B7:F6:56
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a4227170-2265-45c8-950f-f4e81e32653b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  96.0.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         c4:11:60:27:ad:d5:ca:0f:db:cc:c5:ed:19:54:41:25:c8:c8:
         ac:96:8c:5b:62:50:86:2b:1f:4d:e2:bd:3d:ad:ac:73:c5:15:
         a4:39:94:5e:be:d1:ae:f3:03:21:1a:f8:d4:b7:9a:56:c9:2e:
         fc:18:18:c9:1c:f7:85:d8:ca:25:72:05:24:72:50:82:97:28:
         5c:b5:c8:5a:13:9d:6e:59:bc:96:a9:eb:31:a7:29:11:01:82:
         34:70:c2:10:61:8e:c8:a8:9f:b9:10:52:9d:1a:0a:36:f6:90:
         03:1c:96:9c:7f:e0:49:46:2f:c0:f9:7c:48:f9:d4:02:0a:bf:
         28:6d:22:a3:2c:b2:f0:c6:60:05:c4:ce:6c:19:f1:c1:f4:30:
         a5:5d:1d:43:29:ed:31:f5:74:bc:a2:8e:f9:a2:ad:96:8f:28:
         67:72:b2:70:79:41:24:7a:0b:db:9b:50:4b:b9:99:1d:ee:12:
         93:00:87:e8:f9:7b:d8:0d:0d:4d:df:57:cf:91:c4:46:a9:30:
         23:bf:9a:85:09:a3:b4:d7:54:16:79:a7:6e:bc:45:c3:e5:cb:
         a2:f0:88:7b:43:46:50:47:3e:f2:06:16:40:e2:ff:1f:58:47:
         f6:8a:48:eb:26:d3:d3:da:4b:b9:87:84:56:45:fc:2d:08:a8:
         9e:ed:87:0a
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUUmfIOSVugqtn7Y+18+rA+mK62MMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE5MDAwMDAwWhcNMjQwNDIzMjM1OTU5
WjB6MUkwRwYDVQQFE0BlNjBlMzMxOWNjMGRhMDdkOWU1Y2QzZjcyZDU2ODMxNjkz
NjFlNGJkNDQ5ODRjYmI1Y2ZmYWJjNzNhZjdlZmUyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCvE1aszqOPL47WAhnEYLoV4c8ni1K2qwzxL6a+rBdfXo7n
3JBREzhl+JEwgtHlLSDX4Wo4NobKwAuEjoD5OZo318jadnlV9REHALudawE8O2ll
Gb//R0z8GwJ8q5KCFU/+X5l0TLaMZlvwPvr1sK2C4Tr6y9eKw3Fr7IuUGNzEjXGi
eQhRLJDvyVEfz2LsufAZnIc5S1kPSu279IOJv6Max9rt7SHICriqEGW8vhDM9nWm
Zj6qcBZpJBIv/SwKSHjKE5FOfBgB8zZr7npYpVR4BLjmXs9GWrWPlpfKZpf3/Rqh
4BNHVujd5SP+jmrEC1BhOSI4T7h4fnFOF3D+oHyxAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUfyL0kEIF5UUQpGqq/vZpj7m39lYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2E0MjI3MTcwLTIyNjUtNDVjOC05NTBmLWY0ZTgxZTMyNjUzYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwBgADANBgkqhkiG9w0BAQsFAAOCAQEAxBFgJ63Vyg/bzMXtGVRBJcjIrJaM
W2JQhisfTeK9Pa2sc8UVpDmUXr7RrvMDIRr41LeaVsku/BgYyRz3hdjKJXIFJHJQ
gpcoXLXIWhOdblm8lqnrMacpEQGCNHDCEGGOyKifuRBSnRoKNvaQAxyWnH/gSUYv
wPl8SPnUAgq/KG0ioyyy8MZgBcTObBnxwfQwpV0dQyntMfV0vKKO+aKtlo8oZ3Ky
cHlBJHoL25tQS7mZHe4SkwCH6Pl72A0NTd9Xz5HERqkwI7+ahQmjtNdUFnmnbrxF
w+XLovCIe0NGUEc+8gYWQOL/H1hH9opI6ybT09pLuYeEVkX8LQionu2HCg==
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:37:15 2024 by rpki-client on console-fra.rpki-client.org