Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ed7c83b2-d3a7-4822-aa8f-bb0aec2196b9.roa
File:                     ed7c83b2-d3a7-4822-aa8f-bb0aec2196b9.roa (raw, json)
Hash identifier:          84LLonuo6T8EQ3ZDB2tvxlU0t4mMwOWDW0OFnW03Vww=
Subject key identifier:   1D:9F:9B:2A:A0:14:B4:D3:0D:35:15:9C:7E:6A:86:94:14:77:76:A5
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       70FCF9BFDE43947EADEC609F3BB4C03515DC1D79
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ed7c83b2-d3a7-4822-aa8f-bb0aec2196b9.roa
Signing time:             Mon 04 Nov 2024 00:00:00 +0000
ROA not before:           Mon 04 Nov 2024 00:00:00 +0000
ROA not after:            Mon 09 Dec 2024 23:59:59 +0000
asID:                     8987
IP address blocks:        71.145.128.0/18 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 23 Nov 2024 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            70:fc:f9:bf:de:43:94:7e:ad:ec:60:9f:3b:b4:c0:35:15:dc:1d:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov  4 00:00:00 2024 GMT
            Not After : Dec  9 23:59:59 2024 GMT
        Subject: serialNumber=473692e4bc4e6929a4527c7e9d0bc32c3df4f19edb3bf3fbfad7559ab3b6cf85, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:db:44:a4:29:72:b2:44:fc:df:a9:b0:27:8c:
                    75:62:2b:63:10:f2:41:12:e7:22:e1:3f:3e:5c:0f:
                    64:51:1d:4f:a0:09:3c:ff:2a:28:a9:ff:2b:ec:d4:
                    63:3b:6b:38:d3:c1:60:3b:60:71:58:cd:74:92:fb:
                    0d:0f:63:92:2d:4a:f5:e9:e6:a0:e5:ad:0b:a9:63:
                    79:3f:46:9a:29:4c:4b:7e:1f:b2:40:f8:a8:8d:e9:
                    84:ce:25:38:2d:6a:49:ff:42:8a:f0:6a:e1:b4:d2:
                    b1:db:19:42:03:00:c2:bd:c0:ae:f9:5d:a6:ad:b7:
                    55:1d:82:d6:ac:13:6b:08:5b:7d:19:a0:43:d5:83:
                    86:2e:7a:04:f8:3b:23:23:e3:49:c2:27:27:a0:d8:
                    d0:73:dd:8f:ae:9d:46:d0:9b:d7:e9:0a:5a:bc:52:
                    a3:2b:52:2e:2e:e1:36:aa:1f:05:52:f8:b4:44:fc:
                    8f:c8:ed:88:a4:b3:7e:26:92:00:66:84:ca:d2:0e:
                    a4:6c:4c:97:99:7d:b8:6a:f7:81:37:fb:aa:01:f4:
                    2b:86:27:b4:95:04:89:ed:76:41:17:22:65:9a:a8:
                    94:49:d4:f8:63:4e:74:14:de:ca:c8:f5:33:b1:f6:
                    ce:d6:b8:3a:74:77:96:80:6a:bd:a6:f3:58:50:35:
                    87:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:9F:9B:2A:A0:14:B4:D3:0D:35:15:9C:7E:6A:86:94:14:77:76:A5
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ed7c83b2-d3a7-4822-aa8f-bb0aec2196b9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  71.145.128.0/18

    Signature Algorithm: sha256WithRSAEncryption
         0c:3b:d9:85:fa:e2:cb:09:e0:8e:ed:af:18:89:a5:78:05:ed:
         04:bc:7e:ce:75:8d:fc:5e:2d:ec:61:0c:35:eb:38:88:ad:c4:
         8c:42:14:39:7a:4a:6f:42:3a:05:eb:dc:1a:c8:58:ae:95:f4:
         ec:63:7d:65:13:1a:a2:e0:56:61:7a:e6:35:25:2d:fc:b3:2f:
         0f:bb:db:ab:f4:90:66:ea:0c:00:cf:c2:7f:21:80:16:81:c8:
         1d:1f:3b:f9:5d:4d:cd:6b:87:5e:24:a6:40:08:03:5b:88:6a:
         61:92:67:0e:1a:a4:21:0e:1a:dd:d8:23:85:09:05:b1:6a:63:
         31:c3:3a:88:9a:00:f8:49:9c:20:72:00:ce:6d:84:c2:65:33:
         ed:ed:a6:e0:9e:fc:cb:bd:0f:26:15:7c:15:fb:a9:0c:f4:6a:
         86:50:29:4a:2a:65:80:fd:66:8c:27:59:fa:3b:51:54:30:0c:
         a7:74:3a:55:90:2d:3f:f0:53:88:2a:61:3f:7b:0b:7a:95:7a:
         b1:10:e1:f1:a7:68:f9:8a:3f:86:7f:45:0b:12:45:e5:fe:05:
         a9:92:58:a4:88:61:0e:02:73:74:70:dc:20:c8:42:3f:31:fe:
         a9:21:2e:de:af:19:8f:ce:25:5f:a5:9a:be:f3:f6:a7:77:e0:
         5a:fe:98:08
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUcPz5v95DlH6t7GCfO7TANRXcHXkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMTA0MDAwMDAwWhcNMjQxMjA5MjM1OTU5
WjB6MUkwRwYDVQQFE0A0NzM2OTJlNGJjNGU2OTI5YTQ1MjdjN2U5ZDBiYzMyYzNk
ZjRmMTllZGIzYmYzZmJmYWQ3NTU5YWIzYjZjZjg1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCq20SkKXKyRPzfqbAnjHViK2MQ8kES5yLhPz5cD2RRHU+g
CTz/Kiip/yvs1GM7azjTwWA7YHFYzXSS+w0PY5ItSvXp5qDlrQupY3k/RpopTEt+
H7JA+KiN6YTOJTgtakn/QorwauG00rHbGUIDAMK9wK75Xaatt1UdgtasE2sIW30Z
oEPVg4YuegT4OyMj40nCJyeg2NBz3Y+unUbQm9fpClq8UqMrUi4u4TaqHwVS+LRE
/I/I7Yiks34mkgBmhMrSDqRsTJeZfbhq94E3+6oB9CuGJ7SVBIntdkEXImWaqJRJ
1PhjTnQU3srI9TOx9s7WuDp0d5aAar2m81hQNYfxAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUHZ+bKqAUtNMNNRWcfmqGlBR3dqUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2VkN2M4M2IyLWQzYTctNDgyMi1hYThmLWJiMGFlYzIxOTZiOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAZHkYAwDQYJKoZIhvcNAQELBQADggEBAAw72YX64ssJ4I7trxiJpXgF7QS8
fs51jfxeLexhDDXrOIitxIxCFDl6Sm9COgXr3BrIWK6V9OxjfWUTGqLgVmF65jUl
LfyzLw+726v0kGbqDADPwn8hgBaByB0fO/ldTc1rh14kpkAIA1uIamGSZw4apCEO
Gt3YI4UJBbFqYzHDOoiaAPhJnCByAM5thMJlM+3tpuCe/Mu9DyYVfBX7qQz0aoZQ
KUoqZYD9ZownWfo7UVQwDKd0OlWQLT/wU4gqYT97C3qVerEQ4fGnaPmKP4Z/RQsS
ReX+BamSWKSIYQ4Cc3Rw3CDIQj8x/qkhLt6vGY/OJV+lmr7z9qd34Fr+mAg=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:23 2024 by rpki-client on console-ams.rpki-client.org