Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f9f6b130-b872-44a5-81fd-7378d400647c.roa
File:                     f9f6b130-b872-44a5-81fd-7378d400647c.roa (raw, json)
Hash identifier:          g4VbCthb5xvV4SLQxEQrGOFthJVJQOhC7V7odUQeZO0=
Subject key identifier:   EA:37:60:BD:16:02:D0:3F:E5:87:76:65:07:E7:A6:F0:26:76:4C:0E
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       3F18F5C99A7BC07234A4F99F2F39F77995A02FB2
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f9f6b130-b872-44a5-81fd-7378d400647c.roa
Signing time:             Tue 19 Mar 2024 00:00:00 +0000
ROA not before:           Tue 19 Mar 2024 00:00:00 +0000
ROA not after:            Tue 23 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        136.2.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 29 Mar 2024 12:02:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3f:18:f5:c9:9a:7b:c0:72:34:a4:f9:9f:2f:39:f7:79:95:a0:2f:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 19 00:00:00 2024 GMT
            Not After : Apr 23 23:59:59 2024 GMT
        Subject: serialNumber=3038ba36a3a32071a3cf72e13a8f9abaadbbee351d3489f68af3dc94ec286a74, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:f8:f9:02:20:cf:b2:30:49:c3:c2:85:f8:91:
                    e8:8d:e0:b9:97:11:da:de:6d:85:32:21:72:5e:e7:
                    c6:43:c1:46:4c:de:a4:d7:c9:6f:c4:7f:a6:84:72:
                    a0:1b:fc:7c:f8:fd:ad:c4:45:6a:dc:c5:b0:f9:32:
                    a1:4a:33:05:8d:cb:da:45:ce:84:a1:94:b6:be:27:
                    6d:8c:ff:94:74:37:1f:e8:54:f8:02:9b:c9:39:ba:
                    dc:c2:8b:8b:51:fa:32:a8:a3:c0:fc:68:a2:37:b0:
                    cb:d8:4d:67:8c:5c:06:e2:64:df:a0:1f:39:3a:e9:
                    3b:bf:14:6a:2d:47:f4:d5:9d:2c:87:fe:5d:f5:d7:
                    2f:95:46:11:06:79:9d:c8:a6:23:53:ea:76:09:f1:
                    92:27:ee:19:42:a2:5f:36:76:09:39:39:3b:cc:50:
                    82:0a:b8:46:36:3f:24:8a:7d:57:97:b4:1d:57:95:
                    1d:1c:e4:fb:d1:2d:02:b6:db:d6:49:7d:fa:33:d3:
                    63:da:15:b2:08:6c:c0:54:a2:38:f8:be:52:a1:7d:
                    53:19:8a:35:bf:d8:e8:96:f1:6a:a0:cd:00:2d:fc:
                    01:16:ad:dc:7e:44:9c:cb:3b:6d:71:19:73:f6:10:
                    1f:f1:93:78:54:84:9b:49:d7:59:5b:63:02:07:3c:
                    e9:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:37:60:BD:16:02:D0:3F:E5:87:76:65:07:E7:A6:F0:26:76:4C:0E
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f9f6b130-b872-44a5-81fd-7378d400647c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  136.2.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         43:1c:69:5b:56:bf:25:f7:00:da:02:8a:9b:29:b2:da:e4:d1:
         d2:10:1a:aa:50:8d:28:1b:a4:7b:ec:fc:56:91:88:98:52:93:
         2f:42:4c:84:37:fd:37:71:2a:d1:0c:26:65:bf:7e:bf:68:09:
         f8:bf:b3:fb:0d:7e:21:41:13:c3:76:a7:57:83:81:e6:d9:7d:
         75:43:5e:2d:f3:dd:dc:6f:fb:72:8b:6f:fd:5d:6e:2d:55:31:
         1f:33:c0:91:3f:12:2b:cd:03:a7:8b:df:71:4c:d4:08:b6:3e:
         c6:77:f3:65:6b:1b:65:d9:88:d6:a1:b0:4f:db:25:80:de:de:
         00:c0:0d:57:14:e5:58:78:06:6c:8b:fc:54:79:c1:cc:66:b6:
         7a:cf:56:cc:ab:99:f5:f0:c4:5d:57:5b:0e:74:2c:88:72:2d:
         a3:5b:54:d4:93:de:a8:f8:35:b7:3f:87:70:b6:ab:20:0e:0a:
         ff:1b:f4:af:e3:14:ac:20:8d:0c:59:03:1e:ef:80:cd:57:e5:
         ac:ba:c3:6b:ba:b4:fb:c3:93:d5:7b:f5:fe:d3:80:f4:d9:22:
         11:24:10:ad:41:f3:55:11:46:4a:4c:d2:b2:6e:0b:d5:e3:b2:
         e9:9c:92:82:21:bc:38:f0:d8:a6:cb:c1:1b:75:84:38:7b:3b:
         48:fa:ed:87
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUPxj1yZp7wHI0pPmfLzn3eZWgL7IwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE5MDAwMDAwWhcNMjQwNDIzMjM1OTU5
WjB6MUkwRwYDVQQFE0AzMDM4YmEzNmEzYTMyMDcxYTNjZjcyZTEzYThmOWFiYWFk
YmJlZTM1MWQzNDg5ZjY4YWYzZGM5NGVjMjg2YTc0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDd+PkCIM+yMEnDwoX4keiN4LmXEdrebYUyIXJe58ZDwUZM
3qTXyW/Ef6aEcqAb/Hz4/a3ERWrcxbD5MqFKMwWNy9pFzoShlLa+J22M/5R0Nx/o
VPgCm8k5utzCi4tR+jKoo8D8aKI3sMvYTWeMXAbiZN+gHzk66Tu/FGotR/TVnSyH
/l311y+VRhEGeZ3IpiNT6nYJ8ZIn7hlCol82dgk5OTvMUIIKuEY2PySKfVeXtB1X
lR0c5PvRLQK229ZJffoz02PaFbIIbMBUojj4vlKhfVMZijW/2OiW8WqgzQAt/AEW
rdx+RJzLO21xGXP2EB/xk3hUhJtJ11lbYwIHPOmzAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU6jdgvRYC0D/lh3ZlB+em8CZ2TA4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2Y5ZjZiMTMwLWI4NzItNDRhNS04MWZkLTczNzhkNDAwNjQ3Yy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCIAjANBgkqhkiG9w0BAQsFAAOCAQEAQxxpW1a/JfcA2gKKmymy2uTR0hAa
qlCNKBuke+z8VpGImFKTL0JMhDf9N3Eq0QwmZb9+v2gJ+L+z+w1+IUETw3anV4OB
5tl9dUNeLfPd3G/7cotv/V1uLVUxHzPAkT8SK80Dp4vfcUzUCLY+xnfzZWsbZdmI
1qGwT9slgN7eAMANVxTlWHgGbIv8VHnBzGa2es9WzKuZ9fDEXVdbDnQsiHIto1tU
1JPeqPg1tz+HcLarIA4K/xv0r+MUrCCNDFkDHu+AzVflrLrDa7q0+8OT1Xv1/tOA
9NkiESQQrUHzVRFGSkzSsm4L1eOy6ZySgiG8OPDYpsvBG3WEOHs7SPrthw==
-----END CERTIFICATE-----
Generated at Thu Mar 28 01:00:37 2024 by rpki-client on console-fra.rpki-client.org