Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a656ff06-dd61-4a24-a01f-a8fcac8be378.roa
File:                     a656ff06-dd61-4a24-a01f-a8fcac8be378.roa (raw, json)
Hash identifier:          26gMdj+sJIcvOoH3hD68wjIKYWWP/COfTwiRGlx77GE=
Subject key identifier:   CA:F9:75:D0:F1:4C:BC:76:47:C5:8D:23:80:83:D8:15:AC:DF:93:79
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0690EFFC0C5BBE794E045BC7678C6C4CA11DAB30
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a656ff06-dd61-4a24-a01f-a8fcac8be378.roa
Signing time:             Tue 19 Mar 2024 00:00:00 +0000
ROA not before:           Tue 19 Mar 2024 00:00:00 +0000
ROA not after:            Tue 23 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        70.232.120.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 29 Mar 2024 12:02:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            06:90:ef:fc:0c:5b:be:79:4e:04:5b:c7:67:8c:6c:4c:a1:1d:ab:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 19 00:00:00 2024 GMT
            Not After : Apr 23 23:59:59 2024 GMT
        Subject: serialNumber=6a4b9ef485a7eeb97d4c77526d4b17a860f1992d747e93b8f5ee9024bf3ec3b9, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:79:a8:53:83:a3:68:6e:8b:3d:6b:e0:a0:1e:
                    14:a9:26:7c:a4:c8:c3:5c:3a:91:f3:ca:9f:21:be:
                    b9:10:9f:4b:d1:98:01:e0:5c:52:12:30:40:1a:e3:
                    53:96:3c:f1:16:bd:bd:63:f8:0a:23:0e:a3:16:68:
                    6a:d8:00:b5:3b:c7:46:b4:68:fa:18:77:11:0f:81:
                    62:72:21:c0:83:46:49:2e:12:50:5a:6a:50:30:78:
                    0d:ba:3c:5a:c6:20:0a:1c:5f:52:0f:ad:a7:e3:5f:
                    12:e0:70:61:80:46:ba:ab:ff:6f:7f:f4:8e:e9:7a:
                    74:93:a6:a4:37:2a:87:e3:20:f9:0b:b1:bc:c4:fa:
                    85:d0:66:71:95:af:74:1a:91:91:24:7a:47:fe:e4:
                    fc:59:f4:5c:cd:b7:f9:ff:5d:f6:93:9b:e1:93:ad:
                    2b:5e:5f:82:11:21:08:7d:c9:6f:43:8f:5b:3b:fa:
                    57:dc:e7:bf:80:da:7e:4c:72:70:1b:f3:e3:2a:11:
                    ec:53:79:30:31:58:13:a6:10:c5:30:13:21:86:fe:
                    7d:24:62:76:f8:17:52:a2:4b:9f:43:d5:cf:95:87:
                    62:4b:97:1b:e6:bd:8f:b5:5e:04:9e:96:b2:92:c9:
                    59:06:ed:29:72:52:3d:bc:b6:19:60:75:59:ca:56:
                    23:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:F9:75:D0:F1:4C:BC:76:47:C5:8D:23:80:83:D8:15:AC:DF:93:79
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a656ff06-dd61-4a24-a01f-a8fcac8be378.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  70.232.120.0/22

    Signature Algorithm: sha256WithRSAEncryption
         9c:a6:69:70:a3:f5:6a:2c:49:99:6c:75:b0:cc:d1:7f:5a:96:
         88:b6:c1:0f:fe:3c:0a:ac:8c:3b:bf:e9:5b:0c:dd:7e:4c:4c:
         97:3c:c4:19:5f:6c:a9:fd:42:40:cc:39:62:ea:50:49:d2:88:
         26:18:80:c7:4b:4c:51:8c:7c:0c:32:13:3b:2a:e9:21:28:cc:
         2a:66:ca:41:26:98:5b:ba:dc:c7:17:8c:4e:4a:d5:9c:71:bf:
         74:bf:f3:ce:8b:c6:cc:5b:6e:c0:25:b8:c5:be:89:fd:72:e8:
         06:3e:f5:f2:8d:4e:9f:fe:64:99:f4:11:0c:e7:05:ae:0d:1c:
         48:a8:76:4d:17:69:f5:66:65:4a:1f:9e:47:cc:03:4c:86:e7:
         3b:fa:a3:93:37:b8:b5:15:14:03:88:7f:47:55:f6:c2:a9:84:
         df:03:53:bd:7a:c5:5e:40:aa:0c:00:2d:ee:85:15:78:1e:66:
         33:d3:1d:19:9b:b5:bc:1b:ef:bf:77:cd:48:41:08:fc:e5:8c:
         96:7c:27:05:a6:fd:09:68:7c:28:70:22:3d:7b:e3:f0:08:1b:
         39:23:46:bb:c6:23:f6:0a:e5:31:c0:ac:54:d2:cf:99:52:44:
         bb:ac:5a:4f:a2:d8:8a:8c:8e:5e:25:2a:ab:11:62:c7:92:75:
         89:20:84:5b
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUBpDv/AxbvnlOBFvHZ4xsTKEdqzAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE5MDAwMDAwWhcNMjQwNDIzMjM1OTU5
WjB6MUkwRwYDVQQFE0A2YTRiOWVmNDg1YTdlZWI5N2Q0Yzc3NTI2ZDRiMTdhODYw
ZjE5OTJkNzQ3ZTkzYjhmNWVlOTAyNGJmM2VjM2I5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCreahTg6Nobos9a+CgHhSpJnykyMNcOpHzyp8hvrkQn0vR
mAHgXFISMEAa41OWPPEWvb1j+AojDqMWaGrYALU7x0a0aPoYdxEPgWJyIcCDRkku
ElBaalAweA26PFrGIAocX1IPrafjXxLgcGGARrqr/29/9I7penSTpqQ3KofjIPkL
sbzE+oXQZnGVr3QakZEkekf+5PxZ9FzNt/n/XfaTm+GTrSteX4IRIQh9yW9Dj1s7
+lfc57+A2n5McnAb8+MqEexTeTAxWBOmEMUwEyGG/n0kYnb4F1KiS59D1c+Vh2JL
lxvmvY+1XgSelrKSyVkG7SlyUj28thlgdVnKViPhAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUyvl10PFMvHZHxY0jgIPYFazfk3kwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2E2NTZmZjA2LWRkNjEtNGEyNC1hMDFmLWE4ZmNhYzhiZTM3OC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAJG6HgwDQYJKoZIhvcNAQELBQADggEBAJymaXCj9WosSZlsdbDM0X9aloi2
wQ/+PAqsjDu/6VsM3X5MTJc8xBlfbKn9QkDMOWLqUEnSiCYYgMdLTFGMfAwyEzsq
6SEozCpmykEmmFu63McXjE5K1Zxxv3S/886LxsxbbsAluMW+if1y6AY+9fKNTp/+
ZJn0EQznBa4NHEiodk0XafVmZUofnkfMA0yG5zv6o5M3uLUVFAOIf0dV9sKphN8D
U716xV5AqgwALe6FFXgeZjPTHRmbtbwb7793zUhBCPzljJZ8JwWm/QlofChwIj17
4/AIGzkjRrvGI/YK5THArFTSz5lSRLusWk+i2IqMjl4lKqsRYseSdYkghFs=
-----END CERTIFICATE-----
Generated at Thu Mar 28 01:00:18 2024 by rpki-client on console-fra.rpki-client.org