Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cd5e652f-3214-4729-89ae-173caf236888.roa
File:                     cd5e652f-3214-4729-89ae-173caf236888.roa (raw, json)
Hash identifier:          BA0aw6Dlw6ZLwQdZtVRsmCsgJtJvx7/ZF6ozOkwlUTw=
Subject key identifier:   3F:8B:76:26:16:A0:89:C5:C1:D6:04:82:63:1C:35:5D:10:32:B6:C2
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       5E85F1273CFAB8DB4955129722D1BF0C650FDCA2
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cd5e652f-3214-4729-89ae-173caf236888.roa
Signing time:             Tue 05 Nov 2024 00:00:00 +0000
ROA not before:           Tue 05 Nov 2024 00:00:00 +0000
ROA not after:            Tue 10 Dec 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        136.18.22.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 23 Nov 2024 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5e:85:f1:27:3c:fa:b8:db:49:55:12:97:22:d1:bf:0c:65:0f:dc:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov  5 00:00:00 2024 GMT
            Not After : Dec 10 23:59:59 2024 GMT
        Subject: serialNumber=a8720d8fa0a6f7ef0703f6cb9ea9147f8f926416e87aa5ea84768d5296099d5d, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:70:6e:19:d1:b6:ed:62:6c:29:8a:00:73:36:
                    f1:2f:16:31:65:2b:96:36:25:05:05:25:4f:4e:36:
                    44:95:10:ea:17:70:0c:6e:b2:21:f2:a6:ea:22:58:
                    77:7e:84:44:61:f1:94:32:7e:2b:9f:c9:32:ab:9d:
                    dd:3a:94:58:7a:7b:95:5e:92:49:09:4a:ce:d9:da:
                    26:3f:ed:9b:65:5a:38:f3:1e:91:a9:b1:33:ec:a6:
                    9c:f9:aa:97:71:13:1a:a5:84:2e:df:c7:43:fd:fb:
                    11:7c:c3:25:10:4f:37:4d:50:1b:c9:5a:20:f2:23:
                    f0:ef:ed:d6:93:b5:c9:7b:84:2b:04:a4:f6:62:ca:
                    28:e3:20:9b:91:c0:bf:6a:57:85:17:18:a2:d2:c1:
                    2b:ea:a5:a2:72:79:f8:4c:96:37:24:a9:d0:18:b0:
                    18:a4:74:6f:fa:8b:53:d8:4e:23:a3:8f:05:79:f1:
                    7b:9c:89:da:5c:7a:0a:e9:96:5f:b5:d3:5c:64:4f:
                    47:66:65:37:24:a5:e2:49:c4:55:4b:80:3d:fd:02:
                    14:55:06:9a:51:37:8c:75:49:30:71:d6:d7:ac:04:
                    60:93:19:29:c0:b2:3c:7f:3a:7b:f9:4f:76:f0:8b:
                    ef:7a:46:8c:14:03:aa:3a:21:33:3e:58:67:bd:8a:
                    64:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:8B:76:26:16:A0:89:C5:C1:D6:04:82:63:1C:35:5D:10:32:B6:C2
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cd5e652f-3214-4729-89ae-173caf236888.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  136.18.22.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5a:95:7e:ae:a4:ef:81:e5:dc:b6:d2:09:20:c2:22:06:bc:29:
         06:5f:f6:e0:f9:91:1b:ee:fc:69:f6:4c:e3:34:52:51:b7:b2:
         32:54:5b:01:b3:11:58:ab:0c:6e:4e:6a:45:8c:20:80:5c:0c:
         e2:2a:b2:1d:3e:4d:28:e4:62:48:b3:8b:8b:f0:9a:60:ce:db:
         3b:ad:2e:91:f8:51:05:1b:f7:76:d3:7a:34:24:73:aa:f8:73:
         ce:41:97:60:4b:e9:ac:6c:a9:8f:08:82:ff:28:18:c5:f5:49:
         b9:81:58:18:1f:7a:6d:cb:6d:24:17:c2:35:ce:e3:db:80:9c:
         11:20:c6:eb:ea:39:89:54:14:fc:33:04:30:23:ba:6b:1a:23:
         e7:29:6a:2e:54:99:8a:c7:39:93:1a:a9:c2:bb:49:32:14:da:
         95:22:3b:01:7e:f7:7a:51:2f:29:9b:6b:7a:61:8a:9f:50:e8:
         e9:52:e7:5e:6a:c9:d1:6a:9a:b0:2f:65:c6:45:1a:4c:77:03:
         18:30:48:75:a9:b4:24:25:d9:0b:27:f4:3c:af:1c:7d:dc:40:
         b2:6a:3c:58:59:76:6a:4e:7b:83:3e:c8:fa:ce:57:08:c0:5c:
         69:5e:5d:e3:f7:01:eb:fb:3b:92:9e:e6:4c:25:12:34:4e:2c:
         f8:bd:c3:e4
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUXoXxJzz6uNtJVRKXItG/DGUP3KIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMTA1MDAwMDAwWhcNMjQxMjEwMjM1OTU5
WjB6MUkwRwYDVQQFE0BhODcyMGQ4ZmEwYTZmN2VmMDcwM2Y2Y2I5ZWE5MTQ3Zjhm
OTI2NDE2ZTg3YWE1ZWE4NDc2OGQ1Mjk2MDk5ZDVkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCZcG4Z0bbtYmwpigBzNvEvFjFlK5Y2JQUFJU9ONkSVEOoX
cAxusiHypuoiWHd+hERh8ZQyfiufyTKrnd06lFh6e5VekkkJSs7Z2iY/7ZtlWjjz
HpGpsTPsppz5qpdxExqlhC7fx0P9+xF8wyUQTzdNUBvJWiDyI/Dv7daTtcl7hCsE
pPZiyijjIJuRwL9qV4UXGKLSwSvqpaJyefhMljckqdAYsBikdG/6i1PYTiOjjwV5
8Xucidpcegrpll+101xkT0dmZTckpeJJxFVLgD39AhRVBppRN4x1STBx1tesBGCT
GSnAsjx/Onv5T3bwi+96RowUA6o6ITM+WGe9imT9AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUP4t2JhagicXB1gSCYxw1XRAytsIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2NkNWU2NTJmLTMyMTQtNDcyOS04OWFlLTE3M2NhZjIzNjg4OC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBACIEhYwDQYJKoZIhvcNAQELBQADggEBAFqVfq6k74Hl3LbSCSDCIga8KQZf
9uD5kRvu/Gn2TOM0UlG3sjJUWwGzEVirDG5OakWMIIBcDOIqsh0+TSjkYkizi4vw
mmDO2zutLpH4UQUb93bTejQkc6r4c85Bl2BL6axsqY8Igv8oGMX1SbmBWBgfem3L
bSQXwjXO49uAnBEgxuvqOYlUFPwzBDAjumsaI+cpai5UmYrHOZMaqcK7STIU2pUi
OwF+93pRLymba3phip9Q6OlS515qydFqmrAvZcZFGkx3AxgwSHWptCQl2Qsn9Dyv
HH3cQLJqPFhZdmpOe4M+yPrOVwjAXGleXeP3Aev7O5Ke5kwlEjROLPi9w+Q=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:31 2024 by rpki-client on console-fra.rpki-client.org