Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ba71b3f3-cdf6-4786-89eb-629b258ad834.roa
File:                     ba71b3f3-cdf6-4786-89eb-629b258ad834.roa (raw, json)
Hash identifier:          BaOFiZPuUL+/H9yMjBavAfCVRmAXofS2lx0eaZYsO3g=
Subject key identifier:   72:6F:02:D3:F7:A0:B2:BF:34:30:9D:3A:FB:12:00:A5:CD:D9:40:40
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       6B8BE55D6FAC78DC2F913FCDF6174F637778F02D
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ba71b3f3-cdf6-4786-89eb-629b258ad834.roa
Signing time:             Tue 19 Mar 2024 00:00:00 +0000
ROA not before:           Tue 19 Mar 2024 00:00:00 +0000
ROA not after:            Tue 23 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        141.242.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 29 Mar 2024 12:02:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6b:8b:e5:5d:6f:ac:78:dc:2f:91:3f:cd:f6:17:4f:63:77:78:f0:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 19 00:00:00 2024 GMT
            Not After : Apr 23 23:59:59 2024 GMT
        Subject: serialNumber=746b396cf52bdfcc5c37caec45224f4a9ed754d1ee9dc56c136d7ae915f7f68a, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:a7:d1:37:db:57:b3:bc:23:ab:18:d0:a6:14:
                    a7:c8:f7:d3:c7:e4:ad:73:a0:89:f1:f8:47:06:0b:
                    eb:83:7d:2e:83:1f:e7:07:61:7f:12:ff:5e:7a:e8:
                    72:76:82:c6:a1:e2:40:ef:5e:48:24:2d:b8:e1:47:
                    de:17:c4:22:0c:fe:08:c0:dd:ee:f9:e9:02:aa:fc:
                    8e:3a:c7:0a:47:ae:5a:bd:de:bc:06:9b:ad:7a:59:
                    41:de:e1:6b:8c:23:23:84:d6:54:05:e1:c1:9b:89:
                    4b:a3:07:e5:84:84:c1:5a:ee:07:4e:c5:f0:1d:12:
                    17:43:28:51:ab:4c:4e:2a:2b:42:36:fe:c9:e6:00:
                    3d:c4:27:88:29:a9:1e:b6:d9:02:b4:bb:b2:c1:30:
                    4d:02:c2:f2:4a:6e:a3:09:48:26:de:5e:d3:0f:39:
                    f0:43:ef:4b:11:0f:6b:c4:ab:03:69:26:46:13:5c:
                    bd:84:48:91:92:80:c9:99:2e:c3:86:de:ab:00:04:
                    ee:ab:ec:8b:8f:64:b8:27:ba:f5:28:6c:39:b8:a0:
                    0a:93:1a:44:92:e6:d4:48:82:01:8f:1a:8f:79:6b:
                    ff:72:2f:2f:c0:b0:cc:79:de:ed:cf:21:56:f6:2c:
                    fc:99:73:90:ce:23:b8:b3:18:a3:a6:a1:bb:22:59:
                    4b:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:6F:02:D3:F7:A0:B2:BF:34:30:9D:3A:FB:12:00:A5:CD:D9:40:40
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ba71b3f3-cdf6-4786-89eb-629b258ad834.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  141.242.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         d5:e0:50:22:45:9c:35:8f:a9:6b:42:5e:82:23:8b:7e:75:a8:
         03:ac:35:ca:7c:f3:90:88:bd:f4:e3:50:ab:c7:f6:cf:0d:2c:
         ca:97:a1:6a:77:55:ae:02:b0:88:01:5e:cd:2f:cd:8d:c2:a2:
         98:aa:e2:1e:8b:62:f4:d6:a6:b5:dd:c0:e5:3c:3d:3f:ee:f5:
         04:10:fd:8b:03:19:13:68:b4:a3:4a:65:be:09:22:df:f6:73:
         18:58:2c:06:d1:d2:16:de:50:f4:65:d7:54:c3:9c:b4:23:9a:
         25:c6:03:c3:e1:b1:58:de:53:95:29:91:4b:2c:13:0f:9c:2f:
         d7:43:79:38:84:1c:0c:80:7f:f6:96:31:db:39:78:f7:63:97:
         9c:48:9e:4e:66:28:9d:4c:5b:a5:0a:0e:f7:e5:eb:bb:29:19:
         f3:9d:b6:7b:85:19:cc:53:e2:ee:ef:99:8b:53:fc:36:e2:15:
         af:da:2e:9e:12:2e:41:24:b9:64:46:5f:58:ea:15:a3:49:e9:
         c1:7a:34:34:7b:bf:76:f6:eb:75:31:d2:7e:b7:48:f8:7e:db:
         55:9d:44:1b:fc:2e:d2:67:de:c7:bb:e1:41:32:56:e6:c1:7a:
         35:8c:0c:38:64:e7:1a:15:8c:c3:4c:53:17:42:30:57:66:14:
         26:6e:f6:9b
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUa4vlXW+seNwvkT/N9hdPY3d48C0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE5MDAwMDAwWhcNMjQwNDIzMjM1OTU5
WjB6MUkwRwYDVQQFE0A3NDZiMzk2Y2Y1MmJkZmNjNWMzN2NhZWM0NTIyNGY0YTll
ZDc1NGQxZWU5ZGM1NmMxMzZkN2FlOTE1ZjdmNjhhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCdp9E321ezvCOrGNCmFKfI99PH5K1zoInx+EcGC+uDfS6D
H+cHYX8S/1566HJ2gsah4kDvXkgkLbjhR94XxCIM/gjA3e756QKq/I46xwpHrlq9
3rwGm616WUHe4WuMIyOE1lQF4cGbiUujB+WEhMFa7gdOxfAdEhdDKFGrTE4qK0I2
/snmAD3EJ4gpqR622QK0u7LBME0CwvJKbqMJSCbeXtMPOfBD70sRD2vEqwNpJkYT
XL2ESJGSgMmZLsOG3qsABO6r7IuPZLgnuvUobDm4oAqTGkSS5tRIggGPGo95a/9y
Ly/AsMx53u3PIVb2LPyZc5DOI7izGKOmobsiWUuHAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUcm8C0/egsr80MJ06+xIApc3ZQEAwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2JhNzFiM2YzLWNkZjYtNDc4Ni04OWViLTYyOWIyNThhZDgzNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCN8jANBgkqhkiG9w0BAQsFAAOCAQEA1eBQIkWcNY+pa0JegiOLfnWoA6w1
ynzzkIi99ONQq8f2zw0sypehandVrgKwiAFezS/NjcKimKriHoti9Namtd3A5Tw9
P+71BBD9iwMZE2i0o0plvgki3/ZzGFgsBtHSFt5Q9GXXVMOctCOaJcYDw+GxWN5T
lSmRSywTD5wv10N5OIQcDIB/9pYx2zl492OXnEieTmYonUxbpQoO9+XruykZ8522
e4UZzFPi7u+Zi1P8NuIVr9ounhIuQSS5ZEZfWOoVo0npwXo0NHu/dvbrdTHSfrdI
+H7bVZ1EG/wu0mfex7vhQTJW5sF6NYwMOGTnGhWMw0xTF0IwV2YUJm72mw==
-----END CERTIFICATE-----
Generated at Thu Mar 28 02:05:45 2024 by rpki-client on console-ams.rpki-client.org