Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c00ee110-9782-449a-a4e0-6b2a6ceffa21.roa
File:                     c00ee110-9782-449a-a4e0-6b2a6ceffa21.roa (raw, json)
Hash identifier:          xlKKQeH/G7L3g/zBmbjsb0jidW0jIPA6J4dOSNgFWoU=
Subject key identifier:   73:CE:09:E5:14:13:E2:61:C2:25:D5:25:3F:EF:50:46:95:2D:A6:F7
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       063DD3D80D6C9B5AC8740DDA70F9A10B699935E4
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c00ee110-9782-449a-a4e0-6b2a6ceffa21.roa
Signing time:             Wed 27 Nov 2024 00:00:00 +0000
ROA not before:           Wed 27 Nov 2024 00:00:00 +0000
ROA not after:            Wed 01 Jan 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        182.28.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 13 Dec 2024 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            06:3d:d3:d8:0d:6c:9b:5a:c8:74:0d:da:70:f9:a1:0b:69:99:35:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 27 00:00:00 2024 GMT
            Not After : Jan  1 23:59:59 2025 GMT
        Subject: serialNumber=01f451b4e77920af2ffc4e2a8499442113e64e0ea92d7f747e04b7ba48a55493, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:5a:b8:24:ad:26:97:9b:64:b7:d8:71:22:10:
                    ac:92:85:8b:90:d6:8e:e7:ca:d6:97:9e:02:2d:ab:
                    7d:de:e7:a8:5b:16:d7:cc:79:04:6e:5d:ec:53:66:
                    3c:54:aa:f3:0f:f9:38:6a:27:8c:c4:b7:b3:b6:6c:
                    a7:04:c7:9e:2c:02:06:2b:5b:f9:06:52:cc:45:09:
                    fe:f0:fd:12:48:1b:52:ee:a5:9d:7a:b3:ce:5c:70:
                    e1:8a:a8:3e:b4:9a:59:67:31:c5:84:95:49:d1:ac:
                    f8:15:cc:9e:d4:c3:b2:9c:b1:b1:f0:d7:44:2a:71:
                    99:f4:73:fd:bb:f5:de:80:2f:da:d1:59:42:b7:2a:
                    d4:18:83:c4:8f:eb:80:5d:00:1a:b0:2c:f3:a5:23:
                    3b:96:1d:3b:bb:05:23:ac:c8:86:d0:81:df:f7:f6:
                    d5:be:15:cc:46:b1:f4:73:95:d0:db:7a:5f:82:4f:
                    f4:46:a1:58:d3:24:f8:77:39:58:55:7c:2f:78:37:
                    84:71:64:7a:5b:46:4d:c8:4d:fe:09:42:1a:32:23:
                    1f:ff:d5:3b:be:a4:02:4e:72:af:44:4a:c8:16:a8:
                    31:bc:be:b3:03:38:16:b0:e3:99:4c:3d:6a:4e:7d:
                    96:51:43:01:a3:bd:3f:67:21:d8:ca:41:0f:25:70:
                    c5:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:CE:09:E5:14:13:E2:61:C2:25:D5:25:3F:EF:50:46:95:2D:A6:F7
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c00ee110-9782-449a-a4e0-6b2a6ceffa21.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  182.28.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         47:fc:b4:dd:84:d5:1f:b0:e7:84:c9:48:7e:8f:fa:75:a6:37:
         d9:8f:86:39:fa:ee:70:83:c3:f2:42:6d:da:67:29:d5:85:98:
         44:ae:cd:8c:cc:ad:73:4e:18:a6:86:45:13:0e:60:2b:45:34:
         e1:dd:4c:b3:c4:07:f9:b7:1d:5a:9f:fe:cb:6b:57:74:84:22:
         74:82:71:0b:b2:fd:87:8e:22:d6:31:76:a8:e7:3e:aa:f6:62:
         48:b3:0c:8e:85:1c:59:aa:00:03:24:93:6a:c0:87:13:37:a6:
         08:33:15:5e:e5:ba:e5:ad:f6:0e:4e:a3:3f:82:bd:a3:9f:ec:
         62:f7:18:78:c3:8b:fa:a9:e9:80:8f:a0:49:a5:82:51:c7:06:
         71:76:b3:5a:4f:06:e2:81:c2:9c:f1:76:ad:26:08:fd:0f:26:
         38:d7:d8:a1:86:44:e5:aa:14:fe:bf:67:2e:99:c3:a3:18:62:
         f4:c0:07:24:36:db:2c:3d:1d:5e:33:1b:d7:0a:7d:20:26:30:
         51:72:2d:a6:40:74:fd:65:1d:59:32:85:26:59:a2:6e:df:7c:
         75:18:38:40:fa:6d:66:34:1b:1f:81:90:6e:55:32:20:49:c4:
         5b:35:29:ea:18:06:fe:73:d1:af:a7:e4:83:d1:82:9b:3d:ba:
         dc:ad:51:dd
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUBj3T2A1sm1rIdA3acPmhC2mZNeQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMTI3MDAwMDAwWhcNMjUwMTAxMjM1OTU5
WjB6MUkwRwYDVQQFE0AwMWY0NTFiNGU3NzkyMGFmMmZmYzRlMmE4NDk5NDQyMTEz
ZTY0ZTBlYTkyZDdmNzQ3ZTA0YjdiYTQ4YTU1NDkzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDXWrgkrSaXm2S32HEiEKyShYuQ1o7nytaXngItq33e56hb
FtfMeQRuXexTZjxUqvMP+ThqJ4zEt7O2bKcEx54sAgYrW/kGUsxFCf7w/RJIG1Lu
pZ16s85ccOGKqD60mllnMcWElUnRrPgVzJ7Uw7KcsbHw10QqcZn0c/279d6AL9rR
WUK3KtQYg8SP64BdABqwLPOlIzuWHTu7BSOsyIbQgd/39tW+FcxGsfRzldDbel+C
T/RGoVjTJPh3OVhVfC94N4RxZHpbRk3ITf4JQhoyIx//1Tu+pAJOcq9ESsgWqDG8
vrMDOBaw45lMPWpOfZZRQwGjvT9nIdjKQQ8lcMVpAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUc84J5RQT4mHCJdUlP+9QRpUtpvcwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2MwMGVlMTEwLTk3ODItNDQ5YS1hNGUwLTZiMmE2Y2VmZmEyMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwC2HDANBgkqhkiG9w0BAQsFAAOCAQEAR/y03YTVH7DnhMlIfo/6daY32Y+G
OfrucIPD8kJt2mcp1YWYRK7NjMytc04YpoZFEw5gK0U04d1Ms8QH+bcdWp/+y2tX
dIQidIJxC7L9h44i1jF2qOc+qvZiSLMMjoUcWaoAAySTasCHEzemCDMVXuW65a32
Dk6jP4K9o5/sYvcYeMOL+qnpgI+gSaWCUccGcXazWk8G4oHCnPF2rSYI/Q8mONfY
oYZE5aoU/r9nLpnDoxhi9MAHJDbbLD0dXjMb1wp9ICYwUXItpkB0/WUdWTKFJlmi
bt98dRg4QPptZjQbH4GQblUyIEnEWzUp6hgG/nPRr6fkg9GCmz263K1R3Q==
-----END CERTIFICATE-----
Generated at Wed Dec 11 22:43:55 2024 by rpki-client on console-ams.rpki-client.org