Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/af7a28ad-c2f9-435e-a8ee-e84639d006cf.roa
File:                     af7a28ad-c2f9-435e-a8ee-e84639d006cf.roa (raw, json)
Hash identifier:          +Vv4bJPoISHBGlftyCZArZ2/WzOoN1FPijUEGI78tGg=
Subject key identifier:   22:F9:28:FA:D3:CA:F5:5F:32:97:E9:E8:39:53:C0:8F:40:0B:FA:50
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       36A231FFE3C1569E2E0A68A91B552E8F7E903D7E
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/af7a28ad-c2f9-435e-a8ee-e84639d006cf.roa
Signing time:             Mon 02 Dec 2024 00:00:00 +0000
ROA not before:           Mon 02 Dec 2024 00:00:00 +0000
ROA not after:            Mon 06 Jan 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        99.77.138.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 12 Dec 2024 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            36:a2:31:ff:e3:c1:56:9e:2e:0a:68:a9:1b:55:2e:8f:7e:90:3d:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec  2 00:00:00 2024 GMT
            Not After : Jan  6 23:59:59 2025 GMT
        Subject: serialNumber=6a391af8add3a6030011233eef76aef1e845e7579a0538a1091f26661da7b629, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:48:6d:0f:99:5c:5c:ee:72:1f:18:ce:26:f6:
                    5a:a2:fd:b9:aa:03:dc:70:22:fc:be:05:ab:b5:fa:
                    2f:66:a5:93:d3:97:c4:2c:e0:3d:d0:4c:71:74:c8:
                    a0:7d:29:c8:12:28:2c:b0:57:90:c9:1d:a0:7a:4f:
                    9b:d6:fc:fc:ed:c2:4d:41:87:38:03:52:30:aa:d6:
                    1a:b7:7e:93:c9:d2:e2:7a:1d:5f:65:8a:35:43:c7:
                    74:96:2d:5d:62:f0:51:75:07:15:b2:f6:f9:31:73:
                    31:d8:75:63:72:3a:35:5b:8f:1c:88:f8:ab:e0:51:
                    44:00:d8:17:45:dc:f4:8f:95:f0:26:0d:18:4e:da:
                    af:4b:50:06:ae:90:bd:17:18:2a:cc:b8:d4:a2:91:
                    1b:20:8a:d0:0a:4c:3b:28:1e:4c:9c:c6:ad:4a:81:
                    aa:13:00:63:25:43:0d:ee:04:9d:5b:e3:b1:dc:aa:
                    88:f2:75:2b:6f:9b:3e:ea:68:ab:f5:49:47:65:5c:
                    eb:0d:08:88:96:35:09:34:c6:63:c9:bb:b2:eb:19:
                    1f:ba:44:15:92:92:c8:20:2b:2c:10:c5:f2:35:9a:
                    de:72:06:f7:78:84:36:f8:5f:36:d9:3d:2c:2e:81:
                    0e:b2:0f:11:47:10:89:b9:7b:09:4e:17:a7:17:55:
                    d3:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:F9:28:FA:D3:CA:F5:5F:32:97:E9:E8:39:53:C0:8F:40:0B:FA:50
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/af7a28ad-c2f9-435e-a8ee-e84639d006cf.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.77.138.0/24

    Signature Algorithm: sha256WithRSAEncryption
         92:2b:33:79:63:54:da:f2:cb:96:6e:31:ea:5e:c3:d4:f1:44:
         12:4d:b0:f3:ba:41:ad:54:e8:f9:7b:55:de:6d:20:15:53:de:
         12:00:a4:9f:36:a3:4a:cd:43:02:e6:17:94:dd:c6:21:78:4c:
         79:3b:e6:ed:13:d3:84:33:51:2a:83:86:44:7f:47:62:80:9f:
         c7:5d:26:27:38:bb:b2:56:e3:e4:6d:57:0a:1d:77:46:47:1a:
         f2:87:23:d3:bc:42:95:14:64:3e:4d:72:f1:93:bf:37:3e:f8:
         7c:91:d2:70:3e:d9:6b:86:64:1a:52:2c:03:13:f7:a7:2c:07:
         8a:85:d0:27:07:87:d7:89:37:39:75:2d:2a:e9:0e:65:8f:88:
         5c:a1:23:ef:2c:e1:8b:c7:e8:79:91:d4:89:fe:00:de:56:1f:
         76:f7:9a:e8:0a:30:db:27:34:33:8d:b8:35:fa:81:5c:5d:4d:
         cd:6e:19:f5:c7:62:eb:7d:48:3c:29:42:ac:d1:28:e3:af:21:
         39:dc:25:19:6c:5f:dd:cc:4b:34:5e:bf:8c:32:a5:b2:30:08:
         6a:46:ce:e3:6a:94:50:0a:22:07:f8:68:63:43:c5:55:1c:46:
         1a:87:3a:8c:36:84:69:27:89:f5:89:4a:62:4a:09:1e:7e:86:
         b1:64:9c:07
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUNqIx/+PBVp4uCmipG1Uuj36QPX4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjAyMDAwMDAwWhcNMjUwMTA2MjM1OTU5
WjB6MUkwRwYDVQQFE0A2YTM5MWFmOGFkZDNhNjAzMDAxMTIzM2VlZjc2YWVmMWU4
NDVlNzU3OWEwNTM4YTEwOTFmMjY2NjFkYTdiNjI5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCpSG0PmVxc7nIfGM4m9lqi/bmqA9xwIvy+Bau1+i9mpZPT
l8Qs4D3QTHF0yKB9KcgSKCywV5DJHaB6T5vW/Pztwk1BhzgDUjCq1hq3fpPJ0uJ6
HV9lijVDx3SWLV1i8FF1BxWy9vkxczHYdWNyOjVbjxyI+KvgUUQA2BdF3PSPlfAm
DRhO2q9LUAaukL0XGCrMuNSikRsgitAKTDsoHkycxq1KgaoTAGMlQw3uBJ1b47Hc
qojydStvmz7qaKv1SUdlXOsNCIiWNQk0xmPJu7LrGR+6RBWSksggKywQxfI1mt5y
Bvd4hDb4XzbZPSwugQ6yDxFHEIm5ewlOF6cXVdN1AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUIvko+tPK9V8yl+noOVPAj0AL+lAwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2FmN2EyOGFkLWMyZjktNDM1ZS1hOGVlLWU4NDYzOWQwMDZjZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABjTYowDQYJKoZIhvcNAQELBQADggEBAJIrM3ljVNryy5ZuMepew9TxRBJN
sPO6Qa1U6Pl7Vd5tIBVT3hIApJ82o0rNQwLmF5TdxiF4THk75u0T04QzUSqDhkR/
R2KAn8ddJic4u7JW4+RtVwodd0ZHGvKHI9O8QpUUZD5NcvGTvzc++HyR0nA+2WuG
ZBpSLAMT96csB4qF0CcHh9eJNzl1LSrpDmWPiFyhI+8s4YvH6HmR1In+AN5WH3b3
mugKMNsnNDONuDX6gVxdTc1uGfXHYut9SDwpQqzRKOOvITncJRlsX93MSzRev4wy
pbIwCGpGzuNqlFAKIgf4aGNDxVUcRhqHOow2hGknifWJSmJKCR5+hrFknAc=
-----END CERTIFICATE-----
Generated at Wed Dec 11 00:54:49 2024 by rpki-client on console-ams.rpki-client.org