Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e535d71b-2137-46a9-a280-8877a2d7d47d.roa
File:                     e535d71b-2137-46a9-a280-8877a2d7d47d.roa (raw, json)
Hash identifier:          MpGxaFQ7NyduIy7Cif+oIiOymljHJWoTsJgmvHyX0So=
Subject key identifier:   76:D6:91:12:C6:E0:AC:3E:E3:D2:AA:94:32:B3:06:A2:94:77:A3:02
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       55AAC94616C65EC8398FCFB781D63CB654998972
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e535d71b-2137-46a9-a280-8877a2d7d47d.roa
Signing time:             Tue 19 Mar 2024 00:00:00 +0000
ROA not before:           Tue 19 Mar 2024 00:00:00 +0000
ROA not after:            Tue 23 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        151.148.40.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 30 Mar 2024 12:04:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            55:aa:c9:46:16:c6:5e:c8:39:8f:cf:b7:81:d6:3c:b6:54:99:89:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 19 00:00:00 2024 GMT
            Not After : Apr 23 23:59:59 2024 GMT
        Subject: serialNumber=a06f117f871e784c2aef2fcfabd15c2af375c6fec827eae63ac2dbf17711b83d, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:09:08:90:7e:93:17:3b:9d:11:e1:66:d7:af:
                    3a:13:d3:41:5f:92:a8:d3:34:79:e4:0d:f2:c7:74:
                    b7:7f:9d:a7:e8:ba:4f:81:9e:87:9a:f5:59:dc:05:
                    59:9a:ff:7a:6b:9e:42:2c:25:51:e7:7a:87:78:48:
                    f6:49:07:c6:55:43:42:99:8f:9e:de:99:6f:ed:c3:
                    ee:69:82:a2:b0:4f:6a:0d:cb:ad:85:27:c0:83:7f:
                    59:0f:a8:c3:de:9f:ed:6c:eb:04:11:5f:9a:13:9c:
                    7d:da:30:71:24:94:f3:9a:df:4d:97:dd:1b:4c:46:
                    46:ca:d5:b5:10:ef:93:e6:41:da:ce:44:46:83:5d:
                    7d:be:7b:86:8f:88:3d:47:11:35:b0:b2:72:8e:e2:
                    a7:ac:f5:2d:4c:3a:71:8c:5d:2a:3a:0f:8c:3d:fd:
                    c0:ad:d6:70:1b:c8:b7:6b:24:6b:49:f1:61:e3:bb:
                    9f:73:1a:dd:a8:e1:ce:78:b3:51:55:9d:a2:15:d1:
                    fc:f1:b5:e0:03:be:cb:60:e5:8b:fe:b7:d4:a0:cd:
                    10:e8:0a:e4:7b:13:75:af:fe:9a:a5:0c:e8:c7:3f:
                    94:21:3c:00:f7:2a:14:3e:67:a2:53:26:06:b9:b2:
                    14:34:7e:ed:58:30:5c:01:a7:fd:d8:75:ca:54:81:
                    f3:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:D6:91:12:C6:E0:AC:3E:E3:D2:AA:94:32:B3:06:A2:94:77:A3:02
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e535d71b-2137-46a9-a280-8877a2d7d47d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  151.148.40.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c0:7d:0f:8a:91:67:98:11:d3:4d:64:75:47:37:de:09:86:2f:
         3e:9e:cf:21:f0:8b:8e:43:0f:b9:6f:dd:9d:7e:4c:cc:21:9e:
         96:e5:6b:96:71:4a:ea:af:5c:56:3f:b1:cd:82:22:7e:93:8f:
         15:6e:d6:1f:d4:bc:2c:b5:51:54:da:55:c6:cc:1f:88:56:f2:
         02:03:9d:a6:3b:63:38:b6:9d:48:62:65:2a:59:0e:58:34:55:
         9a:7c:07:93:62:3c:9f:9f:0a:59:3b:ec:99:60:2a:78:d3:3b:
         c2:bd:97:3e:f0:54:81:3a:27:53:ec:54:49:26:31:7a:c1:2b:
         d7:21:e2:2c:e1:39:b4:ec:59:e2:f9:28:34:d1:62:9e:43:8f:
         fc:be:5a:25:23:30:29:5a:36:36:ce:e8:79:c6:95:2c:dd:f3:
         e7:62:da:34:f6:27:f5:bc:1e:9b:74:98:de:aa:a3:10:01:75:
         bd:0e:31:97:0a:34:31:72:10:da:16:c6:0c:58:c6:39:96:31:
         33:bb:76:7b:93:00:7a:5e:1b:a4:d5:2c:b4:80:86:55:95:30:
         8d:2f:06:04:87:3a:dc:7d:32:88:c5:62:8c:0c:ca:ac:2e:ac:
         37:69:b3:eb:c8:33:f0:50:59:1a:e2:40:e9:61:28:53:ff:aa:
         1a:03:57:c8
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUVarJRhbGXsg5j8+3gdY8tlSZiXIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE5MDAwMDAwWhcNMjQwNDIzMjM1OTU5
WjB6MUkwRwYDVQQFE0BhMDZmMTE3Zjg3MWU3ODRjMmFlZjJmY2ZhYmQxNWMyYWYz
NzVjNmZlYzgyN2VhZTYzYWMyZGJmMTc3MTFiODNkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDaCQiQfpMXO50R4WbXrzoT00FfkqjTNHnkDfLHdLd/nafo
uk+Bnoea9VncBVma/3prnkIsJVHneod4SPZJB8ZVQ0KZj57emW/tw+5pgqKwT2oN
y62FJ8CDf1kPqMPen+1s6wQRX5oTnH3aMHEklPOa302X3RtMRkbK1bUQ75PmQdrO
REaDXX2+e4aPiD1HETWwsnKO4qes9S1MOnGMXSo6D4w9/cCt1nAbyLdrJGtJ8WHj
u59zGt2o4c54s1FVnaIV0fzxteADvstg5Yv+t9SgzRDoCuR7E3Wv/pqlDOjHP5Qh
PAD3KhQ+Z6JTJga5shQ0fu1YMFwBp/3YdcpUgfOTAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUdtaREsbgrD7j0qqUMrMGopR3owIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2U1MzVkNzFiLTIxMzctNDZhOS1hMjgwLTg4NzdhMmQ3ZDQ3ZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBACXlCgwDQYJKoZIhvcNAQELBQADggEBAMB9D4qRZ5gR001kdUc33gmGLz6e
zyHwi45DD7lv3Z1+TMwhnpbla5ZxSuqvXFY/sc2CIn6TjxVu1h/UvCy1UVTaVcbM
H4hW8gIDnaY7Yzi2nUhiZSpZDlg0VZp8B5NiPJ+fClk77JlgKnjTO8K9lz7wVIE6
J1PsVEkmMXrBK9ch4izhObTsWeL5KDTRYp5Dj/y+WiUjMClaNjbO6HnGlSzd8+di
2jT2J/W8Hpt0mN6qoxABdb0OMZcKNDFyENoWxgxYxjmWMTO7dnuTAHpeG6TVLLSA
hlWVMI0vBgSHOtx9MojFYowMyqwurDdps+vIM/BQWRriQOlhKFP/qhoDV8g=
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:17:41 2024 by rpki-client on console-ams.rpki-client.org