Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ebc459d9-bfe6-43d5-8056-2b8b78ad45ad.roa
File:                     ebc459d9-bfe6-43d5-8056-2b8b78ad45ad.roa (raw, json)
Hash identifier:          LpmSWqpPg2jM/kh/NCapHsfURXGoP+5kcCTQ+h1Qlnc=
Subject key identifier:   BB:BE:B2:AB:3E:DD:4D:9B:4E:7E:65:9F:6B:DE:95:11:17:73:E9:6A
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       7419FFBBC95545DA392086B4B2BBB4C80E418D9B
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ebc459d9-bfe6-43d5-8056-2b8b78ad45ad.roa
Signing time:             Tue 05 Nov 2024 00:00:00 +0000
ROA not before:           Tue 05 Nov 2024 00:00:00 +0000
ROA not after:            Tue 10 Dec 2024 23:59:59 +0000
asID:                     14618
IP address blocks:        156.4.0.0/15 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 23 Nov 2024 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            74:19:ff:bb:c9:55:45:da:39:20:86:b4:b2:bb:b4:c8:0e:41:8d:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov  5 00:00:00 2024 GMT
            Not After : Dec 10 23:59:59 2024 GMT
        Subject: serialNumber=e66ee704b9aa217279d14c63fc35328228c97339fbf088666b2e4d323e3f65db, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:37:c3:90:98:b2:0b:ea:fb:42:c9:32:47:af:
                    b7:53:c9:f1:1b:09:6d:1c:a6:5e:c8:8d:8b:90:17:
                    be:5f:14:14:ae:02:1b:0a:8f:b9:e7:41:70:ce:d9:
                    c2:36:e1:28:c3:76:e9:07:4b:b7:0e:34:72:58:a2:
                    b6:79:9d:9c:06:8e:16:6b:45:f1:2a:c3:af:c3:41:
                    e4:8a:9b:79:be:90:a5:47:ea:44:5b:c2:76:93:fe:
                    be:81:78:70:12:7f:91:40:21:9d:ad:1f:f4:d8:e9:
                    36:bf:42:6d:91:be:c7:c3:e6:11:8b:c6:d7:c3:5c:
                    a3:17:f8:c9:4c:2c:ce:7e:69:6c:cb:32:ef:97:cf:
                    84:d9:fd:24:30:b0:b5:c5:19:0d:97:a1:d6:44:d5:
                    9b:62:5b:ee:d1:a0:ad:3c:d3:11:7b:79:5a:78:71:
                    87:35:de:cb:ff:88:36:81:99:9d:91:d1:06:41:21:
                    40:f3:97:6b:a7:36:4d:98:9b:be:31:5f:62:df:5a:
                    2b:11:f4:b1:78:f5:4e:c6:d3:de:ac:7c:33:5f:22:
                    21:76:02:4e:3d:4f:b0:c6:1a:89:1d:1c:a6:a3:18:
                    04:e0:9d:fd:ce:72:05:79:14:f9:bb:b7:50:db:b3:
                    9f:dc:12:36:68:c8:e7:df:53:0d:63:94:a4:75:e4:
                    d5:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:BE:B2:AB:3E:DD:4D:9B:4E:7E:65:9F:6B:DE:95:11:17:73:E9:6A
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ebc459d9-bfe6-43d5-8056-2b8b78ad45ad.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  156.4.0.0/15

    Signature Algorithm: sha256WithRSAEncryption
         b2:95:c9:0d:e4:c9:d7:bc:3d:4a:40:01:93:8f:2b:f6:fa:a9:
         be:58:a1:ff:e4:f9:3d:9a:4b:17:27:4f:32:1b:5f:b1:4c:af:
         1d:5c:f3:05:06:4b:af:a0:6e:37:92:ce:eb:96:7d:b0:9a:9f:
         d2:c5:b9:b3:bf:22:71:94:a1:15:ae:0f:99:ef:5f:18:9d:b0:
         58:09:37:2b:24:3a:1b:11:5a:8d:a8:01:0f:d6:92:83:a9:f4:
         55:c5:e4:30:10:df:d6:3b:8e:cf:62:70:59:c9:1b:d5:60:ec:
         6b:f8:d9:3c:13:61:54:c8:dc:13:0d:7f:7c:d7:ad:83:2a:b6:
         3e:fc:32:da:ab:1a:f6:5a:a1:01:c9:9d:ca:a1:ff:04:b8:24:
         2d:8c:df:40:d3:ad:e1:58:1c:c9:9d:08:f2:db:e1:3f:a8:03:
         9e:49:60:a6:88:61:9b:2e:73:e8:7a:fe:34:dd:84:c4:ca:b1:
         7d:58:23:3d:77:df:37:f8:de:3c:7a:f4:6a:58:ef:ca:e9:32:
         3e:f7:bc:88:b8:a1:b6:1f:61:e5:b8:61:2a:99:d4:03:e0:e8:
         0e:65:a5:cb:14:f3:c0:58:89:88:4d:ea:19:58:b8:6f:2e:68:
         59:64:19:dd:37:37:44:e5:83:e1:5a:2c:19:67:59:41:5e:75:
         3c:3e:1d:97
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUdBn/u8lVRdo5IIa0sru0yA5BjZswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMTA1MDAwMDAwWhcNMjQxMjEwMjM1OTU5
WjB6MUkwRwYDVQQFE0BlNjZlZTcwNGI5YWEyMTcyNzlkMTRjNjNmYzM1MzI4MjI4
Yzk3MzM5ZmJmMDg4NjY2YjJlNGQzMjNlM2Y2NWRiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDCN8OQmLIL6vtCyTJHr7dTyfEbCW0cpl7IjYuQF75fFBSu
AhsKj7nnQXDO2cI24SjDdukHS7cONHJYorZ5nZwGjhZrRfEqw6/DQeSKm3m+kKVH
6kRbwnaT/r6BeHASf5FAIZ2tH/TY6Ta/Qm2RvsfD5hGLxtfDXKMX+MlMLM5+aWzL
Mu+Xz4TZ/SQwsLXFGQ2XodZE1ZtiW+7RoK080xF7eVp4cYc13sv/iDaBmZ2R0QZB
IUDzl2unNk2Ym74xX2LfWisR9LF49U7G096sfDNfIiF2Ak49T7DGGokdHKajGATg
nf3OcgV5FPm7t1Dbs5/cEjZoyOffUw1jlKR15NWpAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUu76yqz7dTZtOfmWfa96VERdz6WowHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2ViYzQ1OWQ5LWJmZTYtNDNkNS04MDU2LTJiOGI3OGFkNDVhZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwGcBDANBgkqhkiG9w0BAQsFAAOCAQEAspXJDeTJ17w9SkABk48r9vqpvlih
/+T5PZpLFydPMhtfsUyvHVzzBQZLr6BuN5LO65Z9sJqf0sW5s78icZShFa4Pme9f
GJ2wWAk3KyQ6GxFajagBD9aSg6n0VcXkMBDf1juOz2JwWckb1WDsa/jZPBNhVMjc
Ew1/fNetgyq2Pvwy2qsa9lqhAcmdyqH/BLgkLYzfQNOt4VgcyZ0I8tvhP6gDnklg
pohhmy5z6Hr+NN2ExMqxfVgjPXffN/jePHr0aljvyukyPve8iLihth9h5bhhKpnU
A+DoDmWlyxTzwFiJiE3qGVi4by5oWWQZ3Tc3ROWD4VosGWdZQV51PD4dlw==
-----END CERTIFICATE-----