Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/bced566b-6d8e-433e-b6b5-482ebdc3be99.roa
File:                     bced566b-6d8e-433e-b6b5-482ebdc3be99.roa (raw, json)
Hash identifier:          GrahvFMOOdgQwaEEg5ECPrU4OzkCn/udAcQMqeAA75o=
Subject key identifier:   3B:15:5B:2A:45:15:DA:D4:B5:3B:48:9D:BF:B3:52:9C:9E:13:45:23
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       4E0766AFA72BD501AAEF61F405CFE3C44A48F59F
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/bced566b-6d8e-433e-b6b5-482ebdc3be99.roa
Signing time:             Tue 02 Jul 2024 00:00:00 +0000
ROA not before:           Tue 02 Jul 2024 00:00:00 +0000
ROA not after:            Tue 06 Aug 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        99.78.156.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 18 Jul 2024 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4e:07:66:af:a7:2b:d5:01:aa:ef:61:f4:05:cf:e3:c4:4a:48:f5:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul  2 00:00:00 2024 GMT
            Not After : Aug  6 23:59:59 2024 GMT
        Subject: serialNumber=811f881b53e7514b30db88a137638a0650705cafe5403af638900491363c1a21, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:c7:f4:75:d4:f7:60:ac:b2:a5:7f:80:62:a1:
                    76:95:92:95:f6:f6:ef:0d:e8:ca:ca:f4:dd:de:e1:
                    13:20:8a:de:62:ce:ed:9e:32:2f:fd:97:59:f2:d9:
                    39:51:8a:0f:42:5f:a4:60:db:ac:cf:11:7c:3e:ce:
                    fe:53:6b:0e:9f:1f:8c:ae:4e:05:5c:1a:c5:06:a8:
                    7f:aa:8d:62:34:51:c0:66:03:bf:da:8b:3c:34:54:
                    3a:72:13:64:1d:f0:39:56:cd:7e:f2:c0:5b:de:90:
                    ae:62:55:e2:e7:57:a9:41:6b:d1:92:2e:e1:a0:de:
                    b7:fa:c4:70:58:3b:cd:bd:f8:26:0d:66:87:55:9b:
                    de:af:62:19:74:53:ab:e6:c2:3b:fd:4d:88:d9:51:
                    4b:76:37:2c:e4:5a:f1:24:36:b4:64:6b:b8:83:02:
                    68:c7:7f:fe:95:66:44:5c:9d:09:61:af:55:34:57:
                    2f:9c:5b:ed:35:55:90:dd:6a:69:0b:9e:60:34:e8:
                    8c:06:c4:fe:8d:d0:aa:74:38:1c:ab:01:4d:21:5b:
                    0b:96:23:9f:30:e7:dd:30:6d:29:23:c5:16:a6:4c:
                    87:16:f8:4a:3a:22:f2:ef:f0:e1:48:70:b2:e1:8b:
                    5f:03:3f:03:35:d3:ee:61:fb:47:6b:db:47:ea:f6:
                    04:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:15:5B:2A:45:15:DA:D4:B5:3B:48:9D:BF:B3:52:9C:9E:13:45:23
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/bced566b-6d8e-433e-b6b5-482ebdc3be99.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.78.156.0/22

    Signature Algorithm: sha256WithRSAEncryption
         b0:72:84:41:a6:2b:e2:26:44:1e:00:cf:ce:ad:ca:05:39:71:
         bc:5b:67:bd:b9:cf:c3:c7:a6:71:f0:a7:06:e8:1f:4e:59:41:
         de:97:d8:7e:0e:6c:cf:3b:75:9f:3a:0c:96:c4:75:6f:37:bf:
         3a:71:97:9f:3c:a7:51:9b:21:ad:8a:03:34:33:e5:ad:c9:8d:
         bf:81:ab:b2:35:5e:e0:ea:99:e5:9b:db:9d:26:4c:d9:b0:44:
         43:a5:2a:c1:ac:b4:5a:a1:5f:c8:75:89:d6:31:02:e1:fc:47:
         ef:ce:7f:29:60:76:a3:7c:2c:1b:99:fc:a0:f8:fb:64:37:f5:
         da:4e:7c:51:be:64:68:01:83:c3:d6:6f:54:f7:8f:f9:b2:f3:
         80:15:69:af:a9:22:af:28:71:ce:f8:55:c5:63:ee:51:0f:a5:
         99:ef:56:f5:dd:60:c6:6c:fe:14:40:ed:0d:7f:1b:81:7a:44:
         4d:84:05:61:c9:ec:5b:b6:0c:c7:0c:8d:c7:f7:21:2f:92:f1:
         57:2c:4c:6b:0d:a7:1c:3f:7c:71:3c:dd:14:1b:fd:9e:5e:c4:
         f4:29:06:bb:fe:74:16:11:da:2d:b6:d1:01:60:12:68:5f:7b:
         29:50:b4:5f:51:9c:e7:4c:2f:09:97:e5:f0:36:c8:5f:bc:9e:
         4c:9d:bc:d1
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUTgdmr6cr1QGq72H0Bc/jxEpI9Z8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwNzAyMDAwMDAwWhcNMjQwODA2MjM1OTU5
WjB6MUkwRwYDVQQFE0A4MTFmODgxYjUzZTc1MTRiMzBkYjg4YTEzNzYzOGEwNjUw
NzA1Y2FmZTU0MDNhZjYzODkwMDQ5MTM2M2MxYTIxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC4x/R11PdgrLKlf4BioXaVkpX29u8N6MrK9N3e4RMgit5i
zu2eMi/9l1ny2TlRig9CX6Rg26zPEXw+zv5Taw6fH4yuTgVcGsUGqH+qjWI0UcBm
A7/aizw0VDpyE2Qd8DlWzX7ywFvekK5iVeLnV6lBa9GSLuGg3rf6xHBYO829+CYN
ZodVm96vYhl0U6vmwjv9TYjZUUt2NyzkWvEkNrRka7iDAmjHf/6VZkRcnQlhr1U0
Vy+cW+01VZDdamkLnmA06IwGxP6N0Kp0OByrAU0hWwuWI58w590wbSkjxRamTIcW
+Eo6IvLv8OFIcLLhi18DPwM10+5h+0dr20fq9gTnAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUOxVbKkUV2tS1O0idv7NSnJ4TRSMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2JjZWQ1NjZiLTZkOGUtNDMzZS1iNmI1LTQ4MmViZGMzYmU5OS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAJjTpwwDQYJKoZIhvcNAQELBQADggEBALByhEGmK+ImRB4Az86tygU5cbxb
Z725z8PHpnHwpwboH05ZQd6X2H4ObM87dZ86DJbEdW83vzpxl588p1GbIa2KAzQz
5a3Jjb+Bq7I1XuDqmeWb250mTNmwREOlKsGstFqhX8h1idYxAuH8R+/OfylgdqN8
LBuZ/KD4+2Q39dpOfFG+ZGgBg8PWb1T3j/my84AVaa+pIq8occ74VcVj7lEPpZnv
VvXdYMZs/hRA7Q1/G4F6RE2EBWHJ7Fu2DMcMjcf3IS+S8VcsTGsNpxw/fHE83RQb
/Z5exPQpBrv+dBYR2i220QFgEmhfeylQtF9RnOdMLwmX5fA2yF+8nkydvNE=
-----END CERTIFICATE-----
Generated at Wed Jul 17 01:23:11 2024 by rpki-client on console-fra.rpki-client.org