Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c014fde6-87dd-4b2e-9b45-d5a347e6c259.roa
File:                     c014fde6-87dd-4b2e-9b45-d5a347e6c259.roa (raw, json)
Hash identifier:          dSp5/i4wMZTNsA6hA4i7cZkEP4luiM8uXxj+ebTDAMM=
Subject key identifier:   5D:65:6E:F1:8D:12:72:A1:F4:FB:3B:6D:1C:C5:17:7C:8F:D2:06:AD
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       4BB3F880C2DA063F5D0ADA27414A4B6AA908775B
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c014fde6-87dd-4b2e-9b45-d5a347e6c259.roa
Signing time:             Tue 19 Mar 2024 00:00:00 +0000
ROA not before:           Tue 19 Mar 2024 00:00:00 +0000
ROA not after:            Tue 23 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        69.210.92.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 29 Mar 2024 12:02:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4b:b3:f8:80:c2:da:06:3f:5d:0a:da:27:41:4a:4b:6a:a9:08:77:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 19 00:00:00 2024 GMT
            Not After : Apr 23 23:59:59 2024 GMT
        Subject: serialNumber=564a9bb252be91aa03489fe31afdb3446d703926ee783774e535ad1a0cc9fc8c, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:da:4f:c8:1e:bd:65:ae:8c:04:aa:02:35:dd:
                    f2:5a:ea:38:21:77:64:a5:89:39:a5:a9:dc:59:9d:
                    37:05:d4:f0:01:cd:80:c0:73:f8:eb:82:55:94:2a:
                    db:c3:64:8c:fd:e9:e2:bc:8b:0d:ca:11:bf:0e:2a:
                    1c:d4:b3:61:78:50:57:cd:f5:c9:f9:03:da:17:29:
                    6f:4d:a1:3d:87:13:de:ad:eb:9f:ca:61:9c:6d:c4:
                    63:20:5f:99:fb:9f:e8:ac:df:52:63:a6:c5:44:41:
                    52:56:ff:ca:15:ac:8f:39:65:95:cc:2a:e2:9d:9f:
                    a9:36:c8:a6:32:08:ba:37:32:a8:c0:bf:58:e6:08:
                    ba:4b:6b:7a:c7:21:ee:b9:50:72:7b:a3:31:15:72:
                    e5:a7:92:b8:5c:8b:d8:c2:62:21:9a:a2:58:53:db:
                    f8:d7:a6:bd:85:07:af:33:e7:a5:33:e6:4a:93:de:
                    12:c3:e0:87:af:d1:a5:57:61:e1:59:20:03:a5:0e:
                    36:59:0b:03:55:e2:65:80:e3:d6:92:4d:87:7a:16:
                    61:b8:49:b1:62:ee:9f:49:f8:c1:3b:f2:da:80:23:
                    27:d0:95:b2:dd:5e:27:08:53:1a:f1:dd:1e:ec:9c:
                    51:44:28:c8:08:4f:aa:1e:83:a7:cd:dc:9b:e0:bd:
                    dd:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:65:6E:F1:8D:12:72:A1:F4:FB:3B:6D:1C:C5:17:7C:8F:D2:06:AD
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c014fde6-87dd-4b2e-9b45-d5a347e6c259.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  69.210.92.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1e:ae:57:d7:38:89:5a:41:b5:1c:34:e4:fe:a7:d9:75:c2:29:
         4f:29:e5:dc:c2:a6:16:29:1f:31:5a:a3:16:d9:05:34:16:99:
         53:cd:ed:2f:12:7c:49:ff:56:ed:32:b9:db:0c:08:8c:3a:a5:
         00:a3:05:67:d2:97:e1:74:7f:4c:67:4c:98:cf:5d:eb:1e:d4:
         6a:31:eb:8e:9f:8d:ee:ee:47:ae:8c:ae:b6:12:7f:59:89:4c:
         f1:9b:42:f7:14:f4:0c:39:9a:46:73:d3:60:68:41:67:f7:36:
         f8:fa:9c:a9:aa:48:3f:0b:75:bf:9f:91:a4:7e:0b:05:59:1d:
         1a:5c:1c:6d:2d:ca:cf:81:2f:d3:a5:20:db:6d:fb:5a:a1:b3:
         df:a8:c7:86:1f:3a:8d:f8:6b:5f:c2:92:64:dd:0a:8b:8b:a1:
         d5:f8:29:28:d9:19:e6:cc:76:bf:8b:77:50:e8:db:d8:87:94:
         0c:f8:ef:b2:31:a8:31:ae:1f:16:c3:90:0c:a0:24:f4:13:5d:
         e7:b0:c1:93:18:15:97:bb:ce:ae:7f:3e:8c:8a:79:07:15:a1:
         fb:37:f5:f3:eb:90:ba:e7:65:c3:60:e6:5a:78:62:5c:6f:86:
         bd:f2:95:36:53:4f:12:38:7a:9f:ed:4c:40:ed:cb:37:7c:63:
         93:e5:f1:48
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUS7P4gMLaBj9dCtonQUpLaqkId1swDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE5MDAwMDAwWhcNMjQwNDIzMjM1OTU5
WjB6MUkwRwYDVQQFE0A1NjRhOWJiMjUyYmU5MWFhMDM0ODlmZTMxYWZkYjM0NDZk
NzAzOTI2ZWU3ODM3NzRlNTM1YWQxYTBjYzlmYzhjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDg2k/IHr1lrowEqgI13fJa6jghd2SliTmlqdxZnTcF1PAB
zYDAc/jrglWUKtvDZIz96eK8iw3KEb8OKhzUs2F4UFfN9cn5A9oXKW9NoT2HE96t
65/KYZxtxGMgX5n7n+is31JjpsVEQVJW/8oVrI85ZZXMKuKdn6k2yKYyCLo3MqjA
v1jmCLpLa3rHIe65UHJ7ozEVcuWnkrhci9jCYiGaolhT2/jXpr2FB68z56Uz5kqT
3hLD4Iev0aVXYeFZIAOlDjZZCwNV4mWA49aSTYd6FmG4SbFi7p9J+ME78tqAIyfQ
lbLdXicIUxrx3R7snFFEKMgIT6oeg6fN3Jvgvd2VAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUXWVu8Y0ScqH0+zttHMUXfI/SBq0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2MwMTRmZGU2LTg3ZGQtNGIyZS05YjQ1LWQ1YTM0N2U2YzI1OS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABF0lwwDQYJKoZIhvcNAQELBQADggEBAB6uV9c4iVpBtRw05P6n2XXCKU8p
5dzCphYpHzFaoxbZBTQWmVPN7S8SfEn/Vu0yudsMCIw6pQCjBWfSl+F0f0xnTJjP
Xese1Gox646fje7uR66MrrYSf1mJTPGbQvcU9Aw5mkZz02BoQWf3Nvj6nKmqSD8L
db+fkaR+CwVZHRpcHG0tys+BL9OlINtt+1qhs9+ox4YfOo34a1/CkmTdCouLodX4
KSjZGebMdr+Ld1Do29iHlAz477IxqDGuHxbDkAygJPQTXeewwZMYFZe7zq5/PoyK
eQcVofs39fPrkLrnZcNg5lp4Ylxvhr3ylTZTTxI4ep/tTEDtyzd8Y5Pl8Ug=
-----END CERTIFICATE-----
Generated at Thu Mar 28 01:00:24 2024 by rpki-client on console-fra.rpki-client.org