Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f9f6b130-b872-44a5-81fd-7378d400647c.roa
File:                     f9f6b130-b872-44a5-81fd-7378d400647c.roa (raw, json)
Hash identifier:          YUArqlX5Y+zvWwFIC+we3u03rOMBcXP9/pDh4kZ8PIY=
Subject key identifier:   A7:2D:59:9B:6D:C0:F5:09:46:6C:3B:5A:94:FC:37:7B:55:94:98:C3
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       7972DDAD0FCA5DB61CD8D2BFA319842005EB082A
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f9f6b130-b872-44a5-81fd-7378d400647c.roa
Signing time:             Mon 02 Dec 2024 00:00:00 +0000
ROA not before:           Mon 02 Dec 2024 00:00:00 +0000
ROA not after:            Mon 06 Jan 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        136.2.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 12 Dec 2024 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            79:72:dd:ad:0f:ca:5d:b6:1c:d8:d2:bf:a3:19:84:20:05:eb:08:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Dec  2 00:00:00 2024 GMT
            Not After : Jan  6 23:59:59 2025 GMT
        Subject: serialNumber=350fa69c44c43945900ceb351b64cdc794cbf4db60712468d058b4327b34dd5d, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:61:52:9a:16:bf:6e:dc:c2:10:53:09:3b:86:
                    53:a4:7d:3b:97:77:e2:6d:f5:1f:25:e3:29:23:e2:
                    17:5d:57:32:ca:21:ac:b6:25:1b:ea:91:56:6b:76:
                    09:79:bb:73:06:1d:98:bf:41:b4:82:b7:4a:61:c0:
                    68:3c:8c:02:14:e0:ed:b4:74:6e:6c:56:c3:22:12:
                    90:e9:6c:18:73:20:41:63:b0:7a:71:3e:69:fa:bf:
                    14:42:11:d5:e7:65:02:21:aa:0f:37:20:ac:40:21:
                    13:2f:3e:e4:1a:ea:38:ea:a6:85:54:71:14:3c:f0:
                    9e:cb:cb:6a:31:95:b5:e2:82:8c:70:a0:b5:fd:9a:
                    1d:da:50:42:c8:55:d7:d7:5d:5f:61:1e:e3:1e:55:
                    75:ad:c2:8b:ee:41:a0:81:1b:b4:5d:b6:b8:a0:61:
                    79:a5:ff:e4:d1:d1:8e:32:01:f3:f6:e9:8f:0c:0e:
                    1a:f3:05:cc:d2:3c:fe:8e:da:77:31:2b:27:01:29:
                    07:4e:0e:06:a4:e2:84:55:6a:e3:0c:13:3a:27:ce:
                    c2:69:c7:3e:3a:74:42:32:f3:6b:89:3c:8a:4c:dc:
                    49:79:f0:76:88:74:67:62:d0:00:f7:a2:a2:34:4a:
                    7a:1c:39:5b:f4:a5:9a:6c:4a:bf:b2:ca:11:30:f8:
                    73:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:2D:59:9B:6D:C0:F5:09:46:6C:3B:5A:94:FC:37:7B:55:94:98:C3
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f9f6b130-b872-44a5-81fd-7378d400647c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  136.2.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         7e:01:3f:7d:a6:7a:6d:a4:d3:44:17:ba:2a:9d:cb:7f:5e:7b:
         fa:78:a0:f7:3e:03:74:02:00:d6:68:ea:8a:5b:36:11:18:12:
         b9:6a:84:a7:45:ee:e6:1b:d9:82:93:17:bf:d4:52:b6:72:7f:
         2d:cf:42:70:71:f7:d4:01:ee:51:4c:32:e5:c5:33:12:9c:1f:
         03:85:fa:18:d4:c7:6d:1a:d1:b9:2c:f5:42:9b:43:5c:f4:64:
         84:63:a1:c9:95:12:5d:25:a5:fd:77:70:bd:e6:25:fa:c0:af:
         75:f5:64:bd:31:c0:99:69:2f:9c:0d:fb:f6:7f:ff:1c:36:ee:
         b2:22:51:e8:7f:cd:0b:fc:7e:8d:2d:89:35:f7:a1:b3:c1:ce:
         65:6c:44:6a:fb:e0:7f:7f:7b:11:7b:5c:0b:f6:a4:fb:d9:bd:
         ac:12:1b:9d:01:8b:fe:8d:52:86:49:14:13:f2:9b:01:02:e4:
         56:ac:86:fd:22:c0:a9:42:e7:35:ec:ae:3d:49:f9:77:b9:53:
         f2:7a:27:a6:18:08:21:c0:d8:28:09:2a:41:96:28:2e:3f:b4:
         ae:76:fb:3d:a0:d5:30:26:4e:d6:6f:fc:3b:26:ef:7e:35:47:
         44:6a:1a:6d:55:d9:da:de:20:a6:e5:0b:b8:9f:d7:5b:22:de:
         8a:b2:be:a1
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUeXLdrQ/KXbYc2NK/oxmEIAXrCCowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMjAyMDAwMDAwWhcNMjUwMTA2MjM1OTU5
WjB6MUkwRwYDVQQFE0AzNTBmYTY5YzQ0YzQzOTQ1OTAwY2ViMzUxYjY0Y2RjNzk0
Y2JmNGRiNjA3MTI0NjhkMDU4YjQzMjdiMzRkZDVkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDHYVKaFr9u3MIQUwk7hlOkfTuXd+Jt9R8l4ykj4hddVzLK
Iay2JRvqkVZrdgl5u3MGHZi/QbSCt0phwGg8jAIU4O20dG5sVsMiEpDpbBhzIEFj
sHpxPmn6vxRCEdXnZQIhqg83IKxAIRMvPuQa6jjqpoVUcRQ88J7Ly2oxlbXigoxw
oLX9mh3aUELIVdfXXV9hHuMeVXWtwovuQaCBG7RdtrigYXml/+TR0Y4yAfP26Y8M
DhrzBczSPP6O2ncxKycBKQdODgak4oRVauMMEzonzsJpxz46dEIy82uJPIpM3El5
8HaIdGdi0AD3oqI0SnocOVv0pZpsSr+yyhEw+HN7AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUpy1Zm23A9QlGbDtalPw3e1WUmMMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2Y5ZjZiMTMwLWI4NzItNDRhNS04MWZkLTczNzhkNDAwNjQ3Yy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCIAjANBgkqhkiG9w0BAQsFAAOCAQEAfgE/faZ6baTTRBe6Kp3Lf157+nig
9z4DdAIA1mjqils2ERgSuWqEp0Xu5hvZgpMXv9RStnJ/Lc9CcHH31AHuUUwy5cUz
EpwfA4X6GNTHbRrRuSz1QptDXPRkhGOhyZUSXSWl/XdwveYl+sCvdfVkvTHAmWkv
nA379n//HDbusiJR6H/NC/x+jS2JNfehs8HOZWxEavvgf397EXtcC/ak+9m9rBIb
nQGL/o1ShkkUE/KbAQLkVqyG/SLAqULnNeyuPUn5d7lT8nonphgIIcDYKAkqQZYo
Lj+0rnb7PaDVMCZO1m/8OybvfjVHRGoabVXZ2t4gpuULuJ/XWyLeirK+oQ==
-----END CERTIFICATE-----
Generated at Wed Dec 11 00:45:07 2024 by rpki-client on console-fra.rpki-client.org