Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f68b3dbc-221f-4842-8c66-1b57186b99bd.roa
File:                     f68b3dbc-221f-4842-8c66-1b57186b99bd.roa (raw, json)
Hash identifier:          5feTz92kfk1WoFXc3k5cQGzSD6/R0SHHH5LbhP92o/4=
Subject key identifier:   A6:4E:46:E5:21:83:E5:AE:9F:A4:A1:91:ED:8F:5D:BA:F1:C2:32:FE
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0AAE0ABADE4153A9F1E783D4C307502A4F9A2107
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f68b3dbc-221f-4842-8c66-1b57186b99bd.roa
Signing time:             Tue 09 Apr 2024 00:00:00 +0000
ROA not before:           Tue 09 Apr 2024 00:00:00 +0000
ROA not after:            Tue 14 May 2024 23:59:59 +0000
asID:                     14618
IP address blocks:        54.26.166.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 03 May 2024 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0a:ae:0a:ba:de:41:53:a9:f1:e7:83:d4:c3:07:50:2a:4f:9a:21:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Apr  9 00:00:00 2024 GMT
            Not After : May 14 23:59:59 2024 GMT
        Subject: serialNumber=df5564d70748dee4a12167e710c6b3f4ade2dc9d1ce003efe04f70b739f776ba, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:3a:a2:c1:2d:68:68:6a:e4:0c:a6:af:69:a9:
                    37:7e:22:39:44:f7:62:72:00:11:41:f3:35:fc:ea:
                    de:95:b1:12:94:35:9a:5b:4f:41:f8:68:3c:47:53:
                    d5:a7:72:25:fc:b9:ea:0d:87:b5:ba:92:15:41:24:
                    4f:0b:96:47:0a:51:be:c9:39:45:d1:8b:e3:9b:85:
                    0c:7d:2e:17:fe:13:d1:e6:24:6a:b7:63:5f:49:f4:
                    70:5c:7b:8d:fa:c7:b3:e0:ab:72:94:d0:e3:a5:55:
                    5a:6c:ff:9c:f7:45:4c:d9:f1:5f:b5:95:51:7f:88:
                    ba:29:3c:c5:4f:df:16:d1:ad:d7:89:37:46:63:7c:
                    b1:2b:38:95:19:07:ae:a9:6f:a7:48:27:bf:0b:f4:
                    82:58:45:32:99:d9:7b:7c:cb:84:0d:02:ef:67:d4:
                    c5:ef:c7:84:fc:cb:d4:4a:b0:40:32:42:46:7e:31:
                    bf:56:cb:ce:e2:f1:b0:a7:de:10:d4:26:57:ce:61:
                    53:1c:36:88:43:7b:a1:e9:2e:5c:47:8b:02:62:41:
                    f1:9d:32:1e:2e:d4:b5:ea:db:ed:9e:6e:0b:da:96:
                    93:92:cd:27:ed:b6:4f:e4:ec:53:9e:86:a5:b2:a1:
                    2a:a4:a1:4f:d9:cd:bf:3f:19:a1:6e:ba:86:e5:b3:
                    e6:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:4E:46:E5:21:83:E5:AE:9F:A4:A1:91:ED:8F:5D:BA:F1:C2:32:FE
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f68b3dbc-221f-4842-8c66-1b57186b99bd.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.26.166.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a6:e2:89:4f:cc:c5:e9:dd:73:53:b3:3d:a2:ce:84:a4:09:de:
         78:6d:30:f4:e5:ed:d4:54:71:cd:72:18:e7:97:b8:98:f7:5b:
         32:0b:b5:66:a2:94:2f:40:18:41:a1:8c:dc:2c:40:d6:24:cc:
         4e:e1:bc:21:33:a2:e1:73:e0:65:71:d8:45:8c:11:e3:6b:e8:
         8c:fc:78:fc:8a:5b:87:c9:3d:91:45:b0:48:1a:49:41:46:6c:
         63:48:cc:5a:a8:82:74:bd:f2:93:7f:4c:4c:ae:28:bc:06:f9:
         18:2e:d3:6f:5f:98:f4:ec:c0:fa:f6:8b:10:08:2d:16:98:51:
         53:17:64:0b:b6:3c:91:8e:22:85:02:61:c4:30:de:f0:9d:ea:
         a2:21:8f:75:86:44:21:b4:a9:1d:6e:f1:3f:8f:20:5e:15:0d:
         19:88:db:98:3d:94:10:b0:35:44:99:e1:33:9d:29:d7:de:77:
         8d:89:27:38:07:d8:9b:9e:3c:92:0c:51:04:cf:a1:8e:e3:97:
         87:6f:17:9f:a5:53:c7:a6:e3:e5:07:24:79:ab:d4:88:1e:5d:
         c5:2f:83:0d:3c:54:ac:c6:19:86:53:5b:68:d9:da:e1:db:58:
         d4:e9:1e:b0:8f:55:c9:fa:b7:54:43:9b:ba:7d:7a:d1:30:3b:
         b3:b8:ad:a3
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUCq4Kut5BU6nx54PUwwdQKk+aIQcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwNDA5MDAwMDAwWhcNMjQwNTE0MjM1OTU5
WjB6MUkwRwYDVQQFE0BkZjU1NjRkNzA3NDhkZWU0YTEyMTY3ZTcxMGM2YjNmNGFk
ZTJkYzlkMWNlMDAzZWZlMDRmNzBiNzM5Zjc3NmJhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC+OqLBLWhoauQMpq9pqTd+IjlE92JyABFB8zX86t6VsRKU
NZpbT0H4aDxHU9WnciX8ueoNh7W6khVBJE8LlkcKUb7JOUXRi+ObhQx9Lhf+E9Hm
JGq3Y19J9HBce436x7Pgq3KU0OOlVVps/5z3RUzZ8V+1lVF/iLopPMVP3xbRrdeJ
N0ZjfLErOJUZB66pb6dIJ78L9IJYRTKZ2Xt8y4QNAu9n1MXvx4T8y9RKsEAyQkZ+
Mb9Wy87i8bCn3hDUJlfOYVMcNohDe6HpLlxHiwJiQfGdMh4u1LXq2+2ebgvalpOS
zSfttk/k7FOehqWyoSqkoU/Zzb8/GaFuuobls+bTAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUpk5G5SGD5a6fpKGR7Y9duvHCMv4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2Y2OGIzZGJjLTIyMWYtNDg0Mi04YzY2LTFiNTcxODZiOTliZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAA2GqYwDQYJKoZIhvcNAQELBQADggEBAKbiiU/Mxendc1OzPaLOhKQJ3nht
MPTl7dRUcc1yGOeXuJj3WzILtWailC9AGEGhjNwsQNYkzE7hvCEzouFz4GVx2EWM
EeNr6Iz8ePyKW4fJPZFFsEgaSUFGbGNIzFqognS98pN/TEyuKLwG+Rgu029fmPTs
wPr2ixAILRaYUVMXZAu2PJGOIoUCYcQw3vCd6qIhj3WGRCG0qR1u8T+PIF4VDRmI
25g9lBCwNUSZ4TOdKdfed42JJzgH2JuePJIMUQTPoY7jl4dvF5+lU8em4+UHJHmr
1IgeXcUvgw08VKzGGYZTW2jZ2uHbWNTpHrCPVcn6t1RDm7p9etEwO7O4raM=
-----END CERTIFICATE-----