Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ca936afe-73ab-400a-b6cc-2636c1dd0071.roa
File:                     ca936afe-73ab-400a-b6cc-2636c1dd0071.roa (raw, json)
Hash identifier:          SxqBBBxQ30UGb+6jhUcCThV2B0PL+HzHc2tnecja4oc=
Subject key identifier:   64:B4:3D:44:5D:11:13:D2:35:CD:AC:92:75:02:15:45:E7:56:72:E0
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       1DAB52D4B7581462EA944ED291DC27737CC80A43
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ca936afe-73ab-400a-b6cc-2636c1dd0071.roa
Signing time:             Tue 03 Dec 2024 00:00:00 +0000
ROA not before:           Tue 03 Dec 2024 00:00:00 +0000
ROA not after:            Tue 07 Jan 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        69.210.72.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 10 Dec 2024 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1d:ab:52:d4:b7:58:14:62:ea:94:4e:d2:91:dc:27:73:7c:c8:0a:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec  3 00:00:00 2024 GMT
            Not After : Jan  7 23:59:59 2025 GMT
        Subject: serialNumber=9c1c7fc80161c2620ce8835bd8a2590f0e40e22724616e61cd4dee0bc592c50c, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:7d:1f:b4:fd:48:8c:24:c9:3a:ae:a2:b6:4c:
                    ea:0b:5d:05:11:af:24:d8:13:f3:e0:c1:02:e4:4f:
                    10:ad:ee:d1:c8:f2:fb:2d:cc:99:da:97:3a:cf:54:
                    d8:95:89:c1:9b:4e:b1:0f:a4:10:d7:dd:9d:47:69:
                    6a:f0:a2:03:40:79:77:05:db:fe:b9:19:55:9f:fc:
                    8f:4c:42:e2:aa:78:d4:ea:99:8d:e7:ea:78:cb:b1:
                    9e:d9:68:9f:94:b9:0b:09:5d:43:52:99:c7:d7:73:
                    4b:92:5e:c6:d0:28:19:85:b9:4d:fb:5b:28:0c:a0:
                    d1:db:6f:01:85:9b:72:e9:7c:ad:b5:1f:d1:53:c3:
                    1a:94:eb:dd:f5:0b:6f:65:69:73:78:2e:d0:b1:a7:
                    8e:18:4d:00:9b:f9:a5:4f:fa:0b:d2:62:e3:9d:f3:
                    51:ea:56:f4:d6:15:fc:a6:54:ee:43:87:46:92:fa:
                    5c:83:f4:c7:87:dd:10:6c:66:90:c9:e7:16:97:3c:
                    ee:7b:d3:9f:cd:5e:24:7b:11:3c:5c:6a:1f:78:69:
                    01:60:4d:25:1b:16:be:71:35:13:20:37:bd:1e:b0:
                    fc:94:86:16:4e:4a:fe:58:5b:f3:68:7f:aa:3b:6c:
                    bc:bf:7f:fd:86:8b:4c:b6:9d:26:ff:02:bf:e3:32:
                    da:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:B4:3D:44:5D:11:13:D2:35:CD:AC:92:75:02:15:45:E7:56:72:E0
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ca936afe-73ab-400a-b6cc-2636c1dd0071.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  69.210.72.0/22

    Signature Algorithm: sha256WithRSAEncryption
         52:75:89:7d:45:cd:92:12:d4:c1:e0:f9:e6:0f:83:eb:c1:c6:
         ca:a8:fb:bd:f0:aa:d2:5a:f7:59:93:fe:12:1b:9c:3b:f5:6e:
         26:6d:1a:2e:0e:25:f6:76:a3:cb:e2:77:5b:bb:63:41:b2:16:
         2e:9d:2d:19:1f:e9:f9:75:7d:ef:9a:2a:5a:00:02:58:6b:98:
         27:9a:c5:5c:6d:fc:b1:ef:42:47:50:90:ac:c0:dc:d3:b6:1f:
         01:58:a6:48:94:83:40:f8:51:1c:f4:76:fa:f8:83:94:6c:51:
         f3:4b:77:2f:87:cc:bd:06:79:c8:2f:0a:cf:21:8c:34:99:4c:
         32:2e:ac:76:50:01:45:0b:37:e9:10:31:8d:7c:78:34:e9:58:
         dc:8c:c0:8f:e1:f3:97:71:62:f0:1b:1b:75:6c:0f:ea:98:fb:
         42:28:36:75:af:7e:c0:1f:ec:0c:95:5e:95:60:93:24:c7:57:
         c9:c5:27:54:b1:28:f5:7e:f0:9a:49:f1:e5:11:a9:d5:de:c8:
         8b:2c:30:1e:f4:df:93:01:b0:e1:b8:f8:b5:64:8e:d5:fa:c4:
         e9:31:aa:6f:1f:06:ff:d2:01:e6:30:93:44:b2:61:25:19:5f:
         a6:8e:7b:e5:f8:2b:61:c4:aa:66:83:31:1f:3d:ca:f2:45:10:
         c3:7c:07:d6
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUHatS1LdYFGLqlE7Skdwnc3zICkMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjAzMDAwMDAwWhcNMjUwMTA3MjM1OTU5
WjB6MUkwRwYDVQQFE0A5YzFjN2ZjODAxNjFjMjYyMGNlODgzNWJkOGEyNTkwZjBl
NDBlMjI3MjQ2MTZlNjFjZDRkZWUwYmM1OTJjNTBjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDcfR+0/UiMJMk6rqK2TOoLXQURryTYE/PgwQLkTxCt7tHI
8vstzJnalzrPVNiVicGbTrEPpBDX3Z1HaWrwogNAeXcF2/65GVWf/I9MQuKqeNTq
mY3n6njLsZ7ZaJ+UuQsJXUNSmcfXc0uSXsbQKBmFuU37WygMoNHbbwGFm3LpfK21
H9FTwxqU6931C29laXN4LtCxp44YTQCb+aVP+gvSYuOd81HqVvTWFfymVO5Dh0aS
+lyD9MeH3RBsZpDJ5xaXPO5705/NXiR7ETxcah94aQFgTSUbFr5xNRMgN70esPyU
hhZOSv5YW/Nof6o7bLy/f/2Gi0y2nSb/Ar/jMtp9AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUZLQ9RF0RE9I1zaySdQIVRedWcuAwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2NhOTM2YWZlLTczYWItNDAwYS1iNmNjLTI2MzZjMWRkMDA3MS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAJF0kgwDQYJKoZIhvcNAQELBQADggEBAFJ1iX1FzZIS1MHg+eYPg+vBxsqo
+73wqtJa91mT/hIbnDv1biZtGi4OJfZ2o8vid1u7Y0GyFi6dLRkf6fl1fe+aKloA
AlhrmCeaxVxt/LHvQkdQkKzA3NO2HwFYpkiUg0D4URz0dvr4g5RsUfNLdy+HzL0G
ecgvCs8hjDSZTDIurHZQAUULN+kQMY18eDTpWNyMwI/h85dxYvAbG3VsD+qY+0Io
NnWvfsAf7AyVXpVgkyTHV8nFJ1SxKPV+8JpJ8eURqdXeyIssMB7035MBsOG4+LVk
jtX6xOkxqm8fBv/SAeYwk0SyYSUZX6aOe+X4K2HEqmaDMR89yvJFEMN8B9Y=
-----END CERTIFICATE-----
Generated at Mon Dec 9 15:56:58 2024 by rpki-client on console-fra.rpki-client.org