Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/04ee03b7-12a6-41a9-a0ce-ab7e197d0ac3.roa
File:                     04ee03b7-12a6-41a9-a0ce-ab7e197d0ac3.roa (raw, json)
Hash identifier:          z15c3Alyi/saPDldBppXvOIL9fayNmTBSKhKVXD99JI=
Subject key identifier:   EF:A1:3E:36:BC:1E:BA:CE:20:53:97:9F:45:B7:21:3F:14:03:9A:0F
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       477540E686686B14559F5795B3EDFF1277FED89A
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/04ee03b7-12a6-41a9-a0ce-ab7e197d0ac3.roa
Signing time:             Fri 22 Sep 2023 00:00:00 +0000
ROA not before:           Fri 22 Sep 2023 00:00:00 +0000
ROA not after:            Fri 27 Oct 2023 23:59:59 +0000
asID:                     16509
IP address blocks:        209.54.160.0/19 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 23 Sep 2023 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            47:75:40:e6:86:68:6b:14:55:9f:57:95:b3:ed:ff:12:77:fe:d8:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Sep 22 00:00:00 2023 GMT
            Not After : Oct 27 23:59:59 2023 GMT
        Subject: serialNumber=4a153431a3b7f788b15517422e49d55ffa39f02294e4d38bfcc73e03ff40cac5, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:17:30:02:28:33:ad:0d:18:8b:39:f4:b7:65:
                    b1:f7:9a:11:d1:f9:bd:d3:5e:82:42:94:de:3b:6c:
                    0f:09:fc:f0:a8:ad:98:f3:56:b7:f6:33:1a:cd:90:
                    03:ec:ff:c2:10:42:ef:a0:6d:25:34:58:ce:66:ed:
                    da:9f:42:22:a1:cb:e1:66:34:8d:71:6d:33:b2:12:
                    ee:90:da:5c:69:4c:8d:e6:7d:09:da:2c:4b:96:e1:
                    13:2c:d5:ac:56:2c:a9:fe:98:12:f4:ee:81:f7:da:
                    61:41:f5:ba:c3:35:ce:c7:93:d4:42:fa:25:76:06:
                    47:70:a0:37:ef:30:6c:1a:f2:45:19:8e:e3:9e:bd:
                    3b:2b:33:0c:16:0b:cc:20:2c:84:61:76:72:08:2d:
                    fa:9e:0c:ed:c3:5b:b0:35:98:2c:ea:6f:19:a1:60:
                    a6:e7:8a:16:68:e8:2f:bd:41:70:26:ad:e2:a5:1b:
                    0e:a7:72:12:c8:b7:53:23:e9:77:48:91:98:4b:d0:
                    8e:b5:fe:31:88:28:d1:b7:20:3c:35:0d:62:a2:95:
                    14:19:14:d5:e0:1f:05:e4:03:60:c0:12:e6:c0:20:
                    f4:ef:6a:b6:0b:24:a2:2c:cb:e6:27:01:fe:32:dd:
                    14:e5:66:97:7d:f2:77:76:dc:48:89:7f:5a:fb:50:
                    e2:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:A1:3E:36:BC:1E:BA:CE:20:53:97:9F:45:B7:21:3F:14:03:9A:0F
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/04ee03b7-12a6-41a9-a0ce-ab7e197d0ac3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  209.54.160.0/19

    Signature Algorithm: sha256WithRSAEncryption
         94:20:19:d4:7d:12:70:7e:55:f9:da:cf:f7:a5:fe:bb:95:60:
         25:d5:d3:5a:b5:6e:5f:b3:bc:03:18:54:c0:de:a6:4b:7f:a3:
         b0:0a:51:bc:fe:fa:aa:37:5e:b0:c1:ff:b2:89:9c:c0:30:6d:
         36:c2:a3:93:56:98:fe:9e:d9:27:d4:16:54:9a:19:88:95:d2:
         f6:49:1d:d4:45:b8:3c:76:99:dd:f2:85:b3:47:7e:57:bf:74:
         6a:70:70:08:58:55:dc:61:88:56:e3:e0:95:b7:81:7f:ae:6d:
         e8:11:34:04:21:e0:d6:1e:82:aa:e2:c7:bb:ee:27:e6:51:22:
         a8:e8:c1:39:45:28:ac:53:ca:05:22:5c:1a:3b:95:60:a1:c2:
         0a:7e:e1:97:f0:a6:95:1d:8d:cc:d1:05:fb:07:d5:ec:c2:2f:
         f1:30:e6:ee:6c:53:4a:ca:b8:65:cf:a5:62:43:8e:31:5f:e4:
         41:0f:46:b0:94:e1:4d:8a:eb:66:20:3d:f3:3b:7f:09:83:4b:
         34:fb:d9:ee:7a:20:b0:8d:35:c8:be:48:e4:f6:20:29:aa:ce:
         60:a9:25:3b:6d:27:d8:dc:45:8c:e9:90:75:9d:c2:22:65:0b:
         3d:38:d5:83:2e:2b:ef:ae:4f:4d:71:db:84:17:60:97:e0:67:
         5e:da:2d:0a
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUR3VA5oZoaxRVn1eVs+3/Enf+2JowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjMwOTIyMDAwMDAwWhcNMjMxMDI3MjM1OTU5
WjB6MUkwRwYDVQQFE0A0YTE1MzQzMWEzYjdmNzg4YjE1NTE3NDIyZTQ5ZDU1ZmZh
MzlmMDIyOTRlNGQzOGJmY2M3M2UwM2ZmNDBjYWM1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCoFzACKDOtDRiLOfS3ZbH3mhHR+b3TXoJClN47bA8J/PCo
rZjzVrf2MxrNkAPs/8IQQu+gbSU0WM5m7dqfQiKhy+FmNI1xbTOyEu6Q2lxpTI3m
fQnaLEuW4RMs1axWLKn+mBL07oH32mFB9brDNc7Hk9RC+iV2BkdwoDfvMGwa8kUZ
juOevTsrMwwWC8wgLIRhdnIILfqeDO3DW7A1mCzqbxmhYKbnihZo6C+9QXAmreKl
Gw6nchLIt1Mj6XdIkZhL0I61/jGIKNG3IDw1DWKilRQZFNXgHwXkA2DAEubAIPTv
arYLJKIsy+YnAf4y3RTlZpd98nd23EiJf1r7UOJPAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU76E+Nrweus4gU5efRbchPxQDmg8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzA0ZWUwM2I3LTEyYTYtNDFhOS1hMGNlLWFiN2UxOTdkMGFjMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAXRNqAwDQYJKoZIhvcNAQELBQADggEBAJQgGdR9EnB+Vfnaz/el/ruVYCXV
01q1bl+zvAMYVMDepkt/o7AKUbz++qo3XrDB/7KJnMAwbTbCo5NWmP6e2SfUFlSa
GYiV0vZJHdRFuDx2md3yhbNHfle/dGpwcAhYVdxhiFbj4JW3gX+ubegRNAQh4NYe
gqrix7vuJ+ZRIqjowTlFKKxTygUiXBo7lWChwgp+4ZfwppUdjczRBfsH1ezCL/Ew
5u5sU0rKuGXPpWJDjjFf5EEPRrCU4U2K62YgPfM7fwmDSzT72e56ILCNNci+SOT2
ICmqzmCpJTttJ9jcRYzpkHWdwiJlCz041YMuK++uT01x24QXYJfgZ17aLQo=
-----END CERTIFICATE-----
Generated at Fri Sep 22 15:34:20 2023 by rpki-client on console-fra.rpki-client.org