Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ca936afe-73ab-400a-b6cc-2636c1dd0071.roa
File:                     ca936afe-73ab-400a-b6cc-2636c1dd0071.roa (raw, json)
Hash identifier:          QDF/wci3PuWqEYklhXM7zESwRfsAp2D+INamt9CQC2s=
Subject key identifier:   50:88:32:FD:D6:22:FA:BF:37:D7:CC:BC:58:F2:4E:72:20:B6:87:3A
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       7DE3A332EC1539B2ABF03D099F44550C2372E698
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ca936afe-73ab-400a-b6cc-2636c1dd0071.roa
Signing time:             Tue 19 Mar 2024 00:00:00 +0000
ROA not before:           Tue 19 Mar 2024 00:00:00 +0000
ROA not after:            Tue 23 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        69.210.72.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 30 Mar 2024 12:04:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7d:e3:a3:32:ec:15:39:b2:ab:f0:3d:09:9f:44:55:0c:23:72:e6:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 19 00:00:00 2024 GMT
            Not After : Apr 23 23:59:59 2024 GMT
        Subject: serialNumber=d3a3b29dcd974a2b99ba8361a928f5b9886275c8d41a3cc1212d70d4922e0a69, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:bd:93:ab:83:3a:91:6a:c6:4e:1c:ff:0c:76:
                    34:af:c0:c7:4c:1d:26:7b:c1:f8:12:83:c0:ac:e9:
                    9c:29:c3:13:15:bc:93:d0:cb:2c:dd:0d:32:1a:83:
                    09:bb:38:61:a4:4f:6c:54:01:ef:15:f4:09:12:18:
                    9d:71:fa:4b:b8:ce:8c:60:ee:44:75:28:9b:12:71:
                    51:42:0b:d0:0a:0e:a8:3a:50:ea:bb:1f:75:79:e9:
                    2c:ce:0a:25:09:fe:0b:b6:bf:6b:24:1c:bb:fa:10:
                    db:0a:6f:a7:8e:64:73:cf:5f:b9:94:d0:55:0a:5e:
                    e1:08:0c:0a:20:bd:a7:38:e8:06:2e:48:fb:43:5d:
                    f4:b7:8c:1d:e5:f5:a0:58:ae:da:b7:55:50:c3:24:
                    c1:3e:b1:17:38:17:73:26:7b:44:f6:74:f7:60:2a:
                    73:50:12:13:2e:e4:06:e7:c7:e2:0d:31:33:f7:c1:
                    b6:d1:67:c3:0c:d6:e7:02:fe:40:95:ed:8e:fa:bd:
                    03:ff:13:0c:8b:bf:7c:ca:f1:a3:90:25:e4:ee:6b:
                    01:af:59:df:e2:b0:5c:b0:ff:6a:ba:ea:8c:2e:2d:
                    f0:25:d5:df:8d:11:29:7f:87:d7:dd:b5:4a:0b:5b:
                    62:01:cf:1e:f9:32:56:aa:4c:13:50:17:c7:a7:48:
                    29:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:88:32:FD:D6:22:FA:BF:37:D7:CC:BC:58:F2:4E:72:20:B6:87:3A
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ca936afe-73ab-400a-b6cc-2636c1dd0071.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  69.210.72.0/22

    Signature Algorithm: sha256WithRSAEncryption
         41:2b:ea:43:d3:e3:61:43:73:52:5e:b6:d5:d8:c4:aa:fe:90:
         4a:df:57:c0:ef:bd:f9:5a:c7:28:12:1a:0f:bf:07:57:8f:50:
         6b:42:50:29:86:bb:43:a2:2d:f7:ae:ce:9d:b2:28:fd:65:3b:
         45:b0:eb:20:b5:b5:c6:3f:c3:66:1b:61:36:40:e2:4d:8e:93:
         17:23:fd:55:65:14:2d:60:f3:a3:c7:c9:b8:23:c4:e1:1f:d1:
         f4:91:12:d3:25:d0:10:63:9d:b9:84:be:e2:c5:a2:40:50:d4:
         bc:6d:0c:0d:17:24:a8:05:5b:6f:63:fd:05:0a:36:27:a9:00:
         fe:37:76:f5:41:5e:52:94:2b:2c:0f:5e:18:d8:17:fb:ee:88:
         3d:17:33:65:16:90:16:e6:8d:39:05:cc:40:de:51:25:00:d4:
         e9:ac:d9:a7:30:e3:ae:3c:47:1f:eb:f8:6b:9a:f3:59:b0:1a:
         46:84:72:62:0a:61:3e:cd:10:5c:cf:2a:80:6b:e7:ad:d5:a8:
         13:96:eb:a8:35:6e:e2:56:56:15:68:6b:74:e3:ea:6f:97:0f:
         16:40:1e:fd:4e:b5:c9:9e:ae:2c:58:19:86:89:af:b5:ca:5a:
         ac:29:8a:50:d8:65:e1:0e:e9:c9:e3:a9:5a:49:aa:a3:d4:7e:
         07:7c:12:be
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUfeOjMuwVObKr8D0Jn0RVDCNy5pgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE5MDAwMDAwWhcNMjQwNDIzMjM1OTU5
WjB6MUkwRwYDVQQFE0BkM2EzYjI5ZGNkOTc0YTJiOTliYTgzNjFhOTI4ZjViOTg4
NjI3NWM4ZDQxYTNjYzEyMTJkNzBkNDkyMmUwYTY5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC3vZOrgzqRasZOHP8MdjSvwMdMHSZ7wfgSg8Cs6ZwpwxMV
vJPQyyzdDTIagwm7OGGkT2xUAe8V9AkSGJ1x+ku4zoxg7kR1KJsScVFCC9AKDqg6
UOq7H3V56SzOCiUJ/gu2v2skHLv6ENsKb6eOZHPPX7mU0FUKXuEIDAogvac46AYu
SPtDXfS3jB3l9aBYrtq3VVDDJME+sRc4F3Mme0T2dPdgKnNQEhMu5Abnx+INMTP3
wbbRZ8MM1ucC/kCV7Y76vQP/EwyLv3zK8aOQJeTuawGvWd/isFyw/2q66owuLfAl
1d+NESl/h9fdtUoLW2IBzx75MlaqTBNQF8enSClJAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUUIgy/dYi+r8318y8WPJOciC2hzowHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2NhOTM2YWZlLTczYWItNDAwYS1iNmNjLTI2MzZjMWRkMDA3MS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAJF0kgwDQYJKoZIhvcNAQELBQADggEBAEEr6kPT42FDc1JettXYxKr+kErf
V8DvvflaxygSGg+/B1ePUGtCUCmGu0OiLfeuzp2yKP1lO0Ww6yC1tcY/w2YbYTZA
4k2Okxcj/VVlFC1g86PHybgjxOEf0fSREtMl0BBjnbmEvuLFokBQ1LxtDA0XJKgF
W29j/QUKNiepAP43dvVBXlKUKywPXhjYF/vuiD0XM2UWkBbmjTkFzEDeUSUA1Oms
2acw4648Rx/r+Gua81mwGkaEcmIKYT7NEFzPKoBr563VqBOW66g1buJWVhVoa3Tj
6m+XDxZAHv1OtcmerixYGYaJr7XKWqwpilDYZeEO6cnjqVpJqqPUfgd8Er4=
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:37:23 2024 by rpki-client on console-fra.rpki-client.org