Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/aceae2b8-bb86-419b-a042-74b95a9ac220.roa
File:                     aceae2b8-bb86-419b-a042-74b95a9ac220.roa (raw, json)
Hash identifier:          NOh6aW8JnX/mt7eYc+fFSdscy0ViRbsC13cUYNghKu4=
Subject key identifier:   B7:FD:48:6A:D2:4E:A8:78:4D:41:47:9E:E0:8B:21:80:4B:B2:1A:ED
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       19F89FDE877DD8729686625F3CC2361DE55C8381
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/aceae2b8-bb86-419b-a042-74b95a9ac220.roa
Signing time:             Mon 18 Mar 2024 00:00:00 +0000
ROA not before:           Mon 18 Mar 2024 00:00:00 +0000
ROA not after:            Mon 22 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        130.186.128.0/17 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 30 Mar 2024 12:04:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            19:f8:9f:de:87:7d:d8:72:96:86:62:5f:3c:c2:36:1d:e5:5c:83:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 18 00:00:00 2024 GMT
            Not After : Apr 22 23:59:59 2024 GMT
        Subject: serialNumber=acf8f0b93119aac18edf1dc0edd33c70edb5beb2eb1d21070d56f63009370f2e, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:40:aa:42:b6:82:bf:4f:a4:06:29:66:9f:87:
                    c7:ac:60:10:8a:5d:7e:68:41:f3:3e:30:93:55:0a:
                    bc:d5:1c:93:f4:7c:d7:7a:8d:5d:e6:ab:77:22:08:
                    ac:ae:1b:d2:a7:bd:d4:66:79:a1:d8:81:89:84:6e:
                    77:ed:f7:46:50:ef:3a:f3:0d:a7:5f:b5:83:25:e6:
                    9e:d0:8c:8c:a0:5e:43:f2:ce:38:52:f4:b8:38:5a:
                    1c:e5:66:8f:83:4f:77:11:5a:56:ab:0a:e9:3f:cc:
                    19:ab:96:9c:ef:ab:d5:d5:cb:c6:c2:f9:73:6f:3e:
                    23:da:17:bd:2f:56:90:5a:42:b7:19:fd:26:7a:2c:
                    b5:e8:14:43:03:c1:74:a1:c2:af:76:b5:7f:fc:82:
                    24:55:be:d2:71:53:70:11:ef:c9:42:ac:1c:35:17:
                    90:7d:17:97:c9:b4:4f:08:4b:84:77:a6:54:29:bb:
                    f8:b2:28:6f:83:1e:06:01:03:a0:93:f5:5e:05:19:
                    80:d2:4b:30:0b:6d:a7:79:22:bb:5b:1a:cc:a1:6d:
                    7d:ee:d3:db:ef:6a:aa:f9:30:09:09:26:74:3c:53:
                    ec:aa:be:85:b4:fb:71:87:f9:b3:e3:1e:30:5a:b7:
                    d0:7c:d2:ef:71:44:58:c9:0c:70:9f:f7:94:71:30:
                    cb:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:FD:48:6A:D2:4E:A8:78:4D:41:47:9E:E0:8B:21:80:4B:B2:1A:ED
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/aceae2b8-bb86-419b-a042-74b95a9ac220.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  130.186.128.0/17

    Signature Algorithm: sha256WithRSAEncryption
         6b:b3:aa:1c:4d:f2:b3:c2:53:3b:a8:b3:b6:af:25:fc:1c:24:
         c1:53:eb:e3:14:a1:07:9e:df:ae:ed:7c:dc:8c:ca:88:75:d1:
         66:67:90:9f:95:07:70:82:67:bd:ec:9a:2a:69:19:20:5b:75:
         21:4f:f9:bb:bd:5e:a1:92:ca:7c:32:90:fd:39:20:c3:e8:9c:
         99:01:ab:4e:c6:35:ef:5b:61:d6:0b:7a:8f:64:f1:1a:cb:54:
         84:29:9e:28:2c:73:e1:2e:2a:9b:74:a5:b4:76:07:36:43:5c:
         5d:f6:3c:f2:c2:95:a7:12:6d:17:86:4f:7a:e1:e0:b6:72:f1:
         af:19:5a:8b:06:84:24:b8:1f:95:a7:90:bb:62:fc:9c:28:f5:
         69:75:0d:eb:8a:ab:fa:e4:56:b7:25:a2:9b:ae:3c:1a:38:ad:
         71:5e:3f:84:16:26:3d:d9:8d:cf:65:94:3e:56:13:bc:4b:2c:
         8a:24:30:bc:b7:33:78:29:f3:2f:76:a3:59:fe:8b:37:9c:26:
         1f:35:d0:e8:44:e2:a0:f1:a5:01:2a:0f:38:80:60:55:2f:40:
         a2:ac:a2:f9:60:cb:a8:c2:e4:3f:43:94:d0:e4:ef:65:46:35:
         a8:27:e1:ad:1f:cc:67:60:04:21:79:f8:a8:c9:b4:ea:e2:52:
         55:1b:ca:f9
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUGfif3od92HKWhmJfPMI2HeVcg4EwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE4MDAwMDAwWhcNMjQwNDIyMjM1OTU5
WjB6MUkwRwYDVQQFE0BhY2Y4ZjBiOTMxMTlhYWMxOGVkZjFkYzBlZGQzM2M3MGVk
YjViZWIyZWIxZDIxMDcwZDU2ZjYzMDA5MzcwZjJlMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC7QKpCtoK/T6QGKWafh8esYBCKXX5oQfM+MJNVCrzVHJP0
fNd6jV3mq3ciCKyuG9KnvdRmeaHYgYmEbnft90ZQ7zrzDadftYMl5p7QjIygXkPy
zjhS9Lg4WhzlZo+DT3cRWlarCuk/zBmrlpzvq9XVy8bC+XNvPiPaF70vVpBaQrcZ
/SZ6LLXoFEMDwXShwq92tX/8giRVvtJxU3AR78lCrBw1F5B9F5fJtE8IS4R3plQp
u/iyKG+DHgYBA6CT9V4FGYDSSzALbad5IrtbGsyhbX3u09vvaqr5MAkJJnQ8U+yq
voW0+3GH+bPjHjBat9B80u9xRFjJDHCf95RxMMuXAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUt/1IatJOqHhNQUee4IshgEuyGu0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2FjZWFlMmI4LWJiODYtNDE5Yi1hMDQyLTc0Yjk1YTlhYzIyMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAeCuoAwDQYJKoZIhvcNAQELBQADggEBAGuzqhxN8rPCUzuos7avJfwcJMFT
6+MUoQee367tfNyMyoh10WZnkJ+VB3CCZ73smippGSBbdSFP+bu9XqGSynwykP05
IMPonJkBq07GNe9bYdYLeo9k8RrLVIQpnigsc+EuKpt0pbR2BzZDXF32PPLClacS
bReGT3rh4LZy8a8ZWosGhCS4H5WnkLti/Jwo9Wl1DeuKq/rkVrclopuuPBo4rXFe
P4QWJj3Zjc9llD5WE7xLLIokMLy3M3gp8y92o1n+izecJh810OhE4qDxpQEqDziA
YFUvQKKsovlgy6jC5D9DlNDk72VGNagn4a0fzGdgBCF5+KjJtOriUlUbyvk=
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:17:29 2024 by rpki-client on console-ams.rpki-client.org