Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/eb227c97-7acf-42a8-a0c3-658e0db984fd.roa
File:                     eb227c97-7acf-42a8-a0c3-658e0db984fd.roa (raw, json)
Hash identifier:          o5VlfO3ylnMvfHHJHMux1YsakvpHdnxfcXlmbIQgckw=
Subject key identifier:   B0:FC:5E:87:0B:79:2E:7C:A0:70:47:66:78:AB:21:F6:47:AF:52:3E
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0FC6D77253DC60FF80D17AD977DC8C54381983C2
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/eb227c97-7acf-42a8-a0c3-658e0db984fd.roa
Signing time:             Tue 03 Dec 2024 00:00:00 +0000
ROA not before:           Tue 03 Dec 2024 00:00:00 +0000
ROA not after:            Tue 07 Jan 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        96.0.8.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 11 Dec 2024 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0f:c6:d7:72:53:dc:60:ff:80:d1:7a:d9:77:dc:8c:54:38:19:83:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec  3 00:00:00 2024 GMT
            Not After : Jan  7 23:59:59 2025 GMT
        Subject: serialNumber=deebc1bdcf8b6f1737a889217a3a23acdb806760a6749c4d3caed97486f80598, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:5b:73:1f:81:52:45:74:2e:7a:53:73:ea:55:
                    65:a6:51:64:91:7a:80:06:8c:16:51:2c:ff:2d:4d:
                    3f:5c:c9:6e:79:d4:d1:ca:0c:3b:1f:ef:df:00:2f:
                    5d:ba:0b:8d:5d:30:90:48:df:cc:9f:75:80:ee:1c:
                    09:27:e6:0e:ee:95:58:e4:7c:06:b1:5e:1f:34:aa:
                    79:3a:5f:ac:8f:5d:66:c2:f1:4c:40:ee:a8:b1:df:
                    60:a0:2e:72:f2:76:fd:f4:b6:33:4a:60:e0:8d:6b:
                    03:e0:58:21:3e:be:ff:4a:4e:90:43:d9:75:e9:aa:
                    8c:cf:da:75:cf:c2:41:c4:7b:53:07:27:30:c2:a8:
                    17:7d:02:68:fd:91:1a:6b:3c:dc:96:6f:ed:86:05:
                    2b:2d:ef:f5:b1:17:3b:44:2f:29:eb:12:bb:a3:e4:
                    f9:c2:b6:84:98:65:af:5d:9c:f1:0e:7a:d5:10:e9:
                    19:45:cf:aa:83:b6:40:f5:18:5e:ec:38:c3:83:14:
                    45:db:ad:ae:33:00:93:c0:5b:89:da:3f:55:78:ef:
                    8c:d6:da:fd:31:e8:b9:ac:7d:af:f9:c8:7a:2d:e8:
                    83:1f:01:b6:c0:f7:05:af:91:57:50:b5:0c:f4:f7:
                    6d:c9:89:18:aa:cf:98:6e:a9:4b:67:f8:17:50:92:
                    6e:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:FC:5E:87:0B:79:2E:7C:A0:70:47:66:78:AB:21:F6:47:AF:52:3E
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/eb227c97-7acf-42a8-a0c3-658e0db984fd.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  96.0.8.0/22

    Signature Algorithm: sha256WithRSAEncryption
         21:ee:34:9c:96:d0:ee:ce:90:ad:60:34:3e:b0:24:f4:86:51:
         0d:fe:e1:9b:3f:72:d3:95:b9:66:2f:95:f0:e2:f5:b8:ce:57:
         84:72:3a:6e:a7:8e:5d:02:1d:75:c4:2a:76:bb:e0:e2:3e:d2:
         ce:8d:b5:cd:a4:28:a2:b3:2c:f0:69:f0:df:6d:8e:2d:5f:d1:
         d2:00:8b:e6:59:ee:74:03:6e:55:d2:cf:05:d9:be:ce:d3:57:
         b7:14:f8:9c:53:4f:b0:32:02:c9:35:b2:e0:ca:73:39:53:31:
         73:0e:1f:02:d9:ba:27:84:7a:ea:49:f9:f5:cb:6b:5e:47:1a:
         76:18:97:a6:63:0f:ed:80:3d:10:83:b7:9a:ae:e4:58:b3:04:
         6b:b5:cf:5a:73:91:16:2a:8c:35:96:a9:a7:60:be:7a:67:d3:
         2a:19:a8:3c:d0:da:88:27:e8:3f:cf:ca:f2:73:9e:cc:2c:5a:
         57:6e:e9:a8:a0:d7:47:e5:cf:aa:97:ae:17:7d:42:3e:07:48:
         a0:04:0d:c0:05:43:46:19:9a:d0:c2:17:b4:34:68:03:9c:12:
         e6:f9:a2:7a:f9:d8:c2:4e:cb:e0:98:57:ea:9b:52:01:b6:4a:
         8d:d3:e1:4f:55:db:6c:eb:71:8c:d0:e0:1d:c0:38:76:b6:5e:
         88:35:71:3e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUD8bXclPcYP+A0XrZd9yMVDgZg8IwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjAzMDAwMDAwWhcNMjUwMTA3MjM1OTU5
WjB6MUkwRwYDVQQFE0BkZWViYzFiZGNmOGI2ZjE3MzdhODg5MjE3YTNhMjNhY2Ri
ODA2NzYwYTY3NDljNGQzY2FlZDk3NDg2ZjgwNTk4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCdW3MfgVJFdC56U3PqVWWmUWSReoAGjBZRLP8tTT9cyW55
1NHKDDsf798AL126C41dMJBI38yfdYDuHAkn5g7ulVjkfAaxXh80qnk6X6yPXWbC
8UxA7qix32CgLnLydv30tjNKYOCNawPgWCE+vv9KTpBD2XXpqozP2nXPwkHEe1MH
JzDCqBd9Amj9kRprPNyWb+2GBSst7/WxFztELynrEruj5PnCtoSYZa9dnPEOetUQ
6RlFz6qDtkD1GF7sOMODFEXbra4zAJPAW4naP1V474zW2v0x6Lmsfa/5yHot6IMf
AbbA9wWvkVdQtQz0923JiRiqz5huqUtn+BdQkm5LAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUsPxehwt5LnygcEdmeKsh9kevUj4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2ViMjI3Yzk3LTdhY2YtNDJhOC1hMGMzLTY1OGUwZGI5ODRmZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAJgAAgwDQYJKoZIhvcNAQELBQADggEBACHuNJyW0O7OkK1gND6wJPSGUQ3+
4Zs/ctOVuWYvlfDi9bjOV4RyOm6njl0CHXXEKna74OI+0s6Ntc2kKKKzLPBp8N9t
ji1f0dIAi+ZZ7nQDblXSzwXZvs7TV7cU+JxTT7AyAsk1suDKczlTMXMOHwLZuieE
eupJ+fXLa15HGnYYl6ZjD+2APRCDt5qu5FizBGu1z1pzkRYqjDWWqadgvnpn0yoZ
qDzQ2ogn6D/PyvJznswsWldu6aig10flz6qXrhd9Qj4HSKAEDcAFQ0YZmtDCF7Q0
aAOcEub5onr52MJOy+CYV+qbUgG2So3T4U9V22zrcYzQ4B3AOHa2Xog1cT4=
-----END CERTIFICATE-----
Generated at Tue Dec 10 06:26:29 2024 by rpki-client on console-ams.rpki-client.org