Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ebb72c28-6b68-446d-a885-7b9d4c0a2ec4.roa
File:                     ebb72c28-6b68-446d-a885-7b9d4c0a2ec4.roa (raw, json)
Hash identifier:          KqGiqYHTqEkCmkOkfA9K38v9zNpdoQFvZCjmvC9HhqI=
Subject key identifier:   71:D2:61:D8:40:11:FA:62:1E:41:7B:3F:46:0F:F6:62:F3:1A:4E:24
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0C42CB50911F6E01DC4E1833BCCD3D09640C945C
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ebb72c28-6b68-446d-a885-7b9d4c0a2ec4.roa
Signing time:             Tue 19 Mar 2024 00:00:00 +0000
ROA not before:           Tue 19 Mar 2024 00:00:00 +0000
ROA not after:            Tue 23 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        76.223.130.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 30 Mar 2024 12:04:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0c:42:cb:50:91:1f:6e:01:dc:4e:18:33:bc:cd:3d:09:64:0c:94:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 19 00:00:00 2024 GMT
            Not After : Apr 23 23:59:59 2024 GMT
        Subject: serialNumber=b74c859f782e5df40d5f0b1d6d8d5e814291547e9a63f9ec2837cc523729de87, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:d3:43:d5:d5:c5:2a:be:dd:29:bb:e6:48:1a:
                    9d:3e:ed:03:df:40:a9:08:a9:35:6c:3a:87:90:c1:
                    66:35:8b:97:30:77:2c:dc:5b:af:cb:af:af:df:e6:
                    cf:b5:c1:ff:08:60:dc:c7:5d:73:c4:74:4f:e3:f2:
                    da:69:6e:d3:26:f9:65:ae:84:cd:33:22:2c:a9:2b:
                    66:d3:a9:d2:c7:1a:83:f8:bc:df:ab:d9:fb:da:93:
                    7b:48:ef:ba:6d:50:4a:34:4f:4d:34:fc:63:cf:68:
                    8c:47:4c:e4:fb:79:c8:30:6f:e1:0b:0a:f2:2e:83:
                    3a:1b:8c:e9:7d:78:3b:48:14:e1:6f:98:a8:7e:02:
                    36:ae:c2:07:d2:0e:e1:ba:d9:83:f0:06:54:92:63:
                    4e:75:d0:d7:8b:52:d7:fb:7d:cb:6a:58:cb:63:c4:
                    8f:38:81:e6:3a:8b:20:90:1d:27:fc:0f:3e:d6:29:
                    44:91:03:4f:29:dc:a5:51:19:f4:a5:17:ed:29:ea:
                    b8:96:17:20:0a:eb:87:32:16:4d:79:b5:24:38:67:
                    71:c4:dc:5c:f4:0e:57:b9:42:3a:21:25:78:64:c8:
                    97:64:3f:9a:e7:96:fe:95:1c:51:32:73:4e:0a:2d:
                    b0:8a:60:f2:ed:83:25:27:0f:d6:4c:8e:ea:dd:92:
                    a2:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:D2:61:D8:40:11:FA:62:1E:41:7B:3F:46:0F:F6:62:F3:1A:4E:24
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ebb72c28-6b68-446d-a885-7b9d4c0a2ec4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  76.223.130.0/23

    Signature Algorithm: sha256WithRSAEncryption
         5e:ba:61:89:00:5f:c8:22:a5:a5:13:5c:2d:1b:9a:58:8d:47:
         a3:c4:aa:6e:16:f7:1f:04:7c:c1:9f:e2:54:b9:d7:4a:8c:17:
         f5:3f:56:2d:39:c0:17:8b:70:d4:72:03:f0:6a:fa:34:b6:ed:
         20:32:02:fd:99:d1:27:fc:de:ff:20:63:d8:65:12:b4:e9:87:
         8a:cf:56:d2:78:be:8c:5e:5e:6b:87:0f:94:d5:f3:77:b4:99:
         aa:67:85:08:e0:00:01:26:d9:14:86:f9:f4:dd:45:04:aa:08:
         6f:92:6d:5b:4a:33:96:c9:17:61:e6:1d:13:9a:79:0b:ef:5e:
         e8:53:ea:ff:31:35:1a:e6:6b:45:c2:23:6c:40:a0:ca:61:8e:
         46:ec:3d:da:c2:a4:1b:e4:98:82:5b:94:e0:d9:21:88:dc:92:
         e9:44:b4:a9:37:a6:ad:55:a3:8b:28:51:8b:d3:1d:93:c3:3d:
         23:28:f7:d7:49:51:a9:59:c7:f9:b6:71:09:44:cf:5c:8f:b0:
         ed:4a:13:38:98:9e:b7:2d:8e:52:9d:72:be:84:a8:78:55:83:
         6b:c3:8a:da:32:91:b5:be:24:c4:0f:d1:67:ce:fa:35:76:d5:
         2b:4b:48:95:a1:32:82:82:2c:85:85:6b:b5:86:34:df:a6:ca:
         0d:fd:6a:6a
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUDELLUJEfbgHcThgzvM09CWQMlFwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE5MDAwMDAwWhcNMjQwNDIzMjM1OTU5
WjB6MUkwRwYDVQQFE0BiNzRjODU5Zjc4MmU1ZGY0MGQ1ZjBiMWQ2ZDhkNWU4MTQy
OTE1NDdlOWE2M2Y5ZWMyODM3Y2M1MjM3MjlkZTg3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCd00PV1cUqvt0pu+ZIGp0+7QPfQKkIqTVsOoeQwWY1i5cw
dyzcW6/Lr6/f5s+1wf8IYNzHXXPEdE/j8tppbtMm+WWuhM0zIiypK2bTqdLHGoP4
vN+r2fvak3tI77ptUEo0T000/GPPaIxHTOT7ecgwb+ELCvIugzobjOl9eDtIFOFv
mKh+AjauwgfSDuG62YPwBlSSY0510NeLUtf7fctqWMtjxI84geY6iyCQHSf8Dz7W
KUSRA08p3KVRGfSlF+0p6riWFyAK64cyFk15tSQ4Z3HE3Fz0Dle5QjohJXhkyJdk
P5rnlv6VHFEyc04KLbCKYPLtgyUnD9ZMjurdkqKTAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUcdJh2EAR+mIeQXs/Rg/2YvMaTiQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2ViYjcyYzI4LTZiNjgtNDQ2ZC1hODg1LTdiOWQ0YzBhMmVjNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAFM34IwDQYJKoZIhvcNAQELBQADggEBAF66YYkAX8gipaUTXC0bmliNR6PE
qm4W9x8EfMGf4lS510qMF/U/Vi05wBeLcNRyA/Bq+jS27SAyAv2Z0Sf83v8gY9hl
ErTph4rPVtJ4voxeXmuHD5TV83e0mapnhQjgAAEm2RSG+fTdRQSqCG+SbVtKM5bJ
F2HmHROaeQvvXuhT6v8xNRrma0XCI2xAoMphjkbsPdrCpBvkmIJblODZIYjckulE
tKk3pq1Vo4soUYvTHZPDPSMo99dJUalZx/m2cQlEz1yPsO1KEziYnrctjlKdcr6E
qHhVg2vDitoykbW+JMQP0WfO+jV21StLSJWhMoKCLIWFa7WGNN+myg39amo=
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:17:42 2024 by rpki-client on console-ams.rpki-client.org