Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b7a5a7c8-080f-4821-b0ca-fbdfcc05b292.roa
File:                     b7a5a7c8-080f-4821-b0ca-fbdfcc05b292.roa (raw, json)
Hash identifier:          JWNSHwuoYuaWfk+ttfaA+H+LxCKGX0Q0vn9V1hWHm8c=
Subject key identifier:   78:C8:3D:DE:55:1A:29:ED:51:F0:88:0E:45:F5:D0:78:94:38:B1:0F
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       6094C012CBF4A706A65F072E38E8958591327BAB
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b7a5a7c8-080f-4821-b0ca-fbdfcc05b292.roa
Signing time:             Mon 01 Jul 2024 00:00:00 +0000
ROA not before:           Mon 01 Jul 2024 00:00:00 +0000
ROA not after:            Mon 05 Aug 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        149.180.0.0/17 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 18 Jul 2024 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            60:94:c0:12:cb:f4:a7:06:a6:5f:07:2e:38:e8:95:85:91:32:7b:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul  1 00:00:00 2024 GMT
            Not After : Aug  5 23:59:59 2024 GMT
        Subject: serialNumber=9d053ac7c76f6d8d4ec0c3d993ea05fd1b43ed6b752abad83890042e5e485579, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:ef:f9:41:f1:05:36:46:33:76:2f:a6:6d:a8:
                    04:6e:28:42:83:7d:27:52:5f:6f:96:8a:1e:f4:74:
                    d7:17:2b:1f:8f:2f:f3:d9:2a:54:8e:7f:69:28:7c:
                    9d:b5:21:79:59:3d:f9:b9:ec:cc:d9:4b:d4:8c:31:
                    57:00:a6:36:1f:6d:c5:0b:d4:36:73:66:05:71:f8:
                    33:52:8f:14:8d:e0:f7:d4:c2:db:ed:96:19:0b:05:
                    07:8f:bb:23:54:ed:33:f9:1f:5d:e7:fd:33:68:de:
                    ae:83:7e:4a:8b:2d:80:14:c9:37:8a:44:b8:5d:1b:
                    be:84:41:05:be:6e:f1:1d:de:21:5a:11:dd:c6:cd:
                    f4:ea:2a:90:3c:33:3b:50:fc:6c:fe:94:8d:df:df:
                    61:26:3f:ff:97:3b:1c:a0:9c:4e:36:eb:53:9b:03:
                    52:15:84:ae:bd:55:ca:76:66:44:45:84:6d:ed:d8:
                    78:57:3e:86:b5:0d:88:39:35:64:3f:34:c3:e6:38:
                    0e:b0:a8:d7:9a:d1:4d:75:78:8d:02:10:d6:05:75:
                    c8:88:84:0e:77:37:f3:59:72:d9:c7:72:0b:17:10:
                    d6:80:f4:f8:48:ba:c0:28:b0:d0:eb:ac:13:5a:61:
                    ff:78:9b:f5:3b:0b:73:ec:a1:cb:48:d6:c0:6a:e8:
                    f3:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:C8:3D:DE:55:1A:29:ED:51:F0:88:0E:45:F5:D0:78:94:38:B1:0F
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b7a5a7c8-080f-4821-b0ca-fbdfcc05b292.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  149.180.0.0/17

    Signature Algorithm: sha256WithRSAEncryption
         13:25:f5:6b:24:e5:80:2f:6c:0c:a8:6a:95:f1:d0:84:4c:ca:
         5c:73:25:44:13:18:ac:65:1e:da:cb:43:db:bf:31:84:76:e3:
         e6:4a:3b:5c:11:02:63:00:0c:b6:17:ca:33:3a:81:c5:5c:55:
         98:6e:60:a2:96:3f:5e:c5:87:5a:4d:f3:a4:a1:70:95:3f:09:
         ff:f1:8b:4d:fe:71:f5:6f:91:f8:23:fb:97:0c:e8:74:a9:36:
         b6:03:16:e4:fb:04:b1:22:c5:6b:fe:dc:9a:22:25:d5:2e:d2:
         19:a8:0d:69:65:aa:72:8b:c2:ab:d5:43:1f:53:23:92:0a:77:
         48:99:70:b4:b8:a5:62:02:0b:a1:74:e7:9b:ff:82:df:81:35:
         6c:5b:54:27:f1:97:25:60:59:c4:86:d2:1b:e9:13:fa:ca:6c:
         65:3a:b9:41:62:ce:10:eb:0a:9d:3d:6e:f1:a8:39:13:ba:30:
         a8:10:22:99:5d:67:f3:d8:e2:5c:5b:6a:bf:d9:92:b7:81:e3:
         56:ba:b0:b0:74:8e:8f:37:68:96:eb:7c:28:55:5b:e1:e1:81:
         d6:94:12:9a:bd:3c:40:f6:b4:70:ea:12:db:8a:0d:54:06:2d:
         eb:66:6e:0f:ca:c9:ec:26:3c:22:08:69:c7:b0:b0:17:06:d5:
         b9:d7:3a:1c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUYJTAEsv0pwamXwcuOOiVhZEye6swDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwNzAxMDAwMDAwWhcNMjQwODA1MjM1OTU5
WjB6MUkwRwYDVQQFE0A5ZDA1M2FjN2M3NmY2ZDhkNGVjMGMzZDk5M2VhMDVmZDFi
NDNlZDZiNzUyYWJhZDgzODkwMDQyZTVlNDg1NTc5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCv7/lB8QU2RjN2L6ZtqARuKEKDfSdSX2+Wih70dNcXKx+P
L/PZKlSOf2kofJ21IXlZPfm57MzZS9SMMVcApjYfbcUL1DZzZgVx+DNSjxSN4PfU
wtvtlhkLBQePuyNU7TP5H13n/TNo3q6DfkqLLYAUyTeKRLhdG76EQQW+bvEd3iFa
Ed3GzfTqKpA8MztQ/Gz+lI3f32EmP/+XOxygnE4261ObA1IVhK69Vcp2ZkRFhG3t
2HhXPoa1DYg5NWQ/NMPmOA6wqNea0U11eI0CENYFdciIhA53N/NZctnHcgsXENaA
9PhIusAosNDrrBNaYf94m/U7C3PsoctI1sBq6POBAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUeMg93lUaKe1R8IgORfXQeJQ4sQ8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2I3YTVhN2M4LTA4MGYtNDgyMS1iMGNhLWZiZGZjYzA1YjI5Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAeVtAAwDQYJKoZIhvcNAQELBQADggEBABMl9Wsk5YAvbAyoapXx0IRMylxz
JUQTGKxlHtrLQ9u/MYR24+ZKO1wRAmMADLYXyjM6gcVcVZhuYKKWP17Fh1pN86Sh
cJU/Cf/xi03+cfVvkfgj+5cM6HSpNrYDFuT7BLEixWv+3JoiJdUu0hmoDWllqnKL
wqvVQx9TI5IKd0iZcLS4pWICC6F055v/gt+BNWxbVCfxlyVgWcSG0hvpE/rKbGU6
uUFizhDrCp09bvGoORO6MKgQIpldZ/PY4lxbar/ZkreB41a6sLB0jo83aJbrfChV
W+HhgdaUEpq9PED2tHDqEtuKDVQGLetmbg/KyewmPCIIacewsBcG1bnXOhw=
-----END CERTIFICATE-----
Generated at Wed Jul 17 03:16:45 2024 by rpki-client on console-ams.rpki-client.org