Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0c291b4f-86c8-4a6c-9072-9ef46069d3a8.roa
File:                     0c291b4f-86c8-4a6c-9072-9ef46069d3a8.roa (raw, json)
Hash identifier:          GZGd/oISDnCWOkkpiIGclKC7T5NzBsPuYCwAZwFTBb0=
Subject key identifier:   5D:E9:C7:C9:CE:4C:44:39:8E:E6:46:1B:9F:34:FB:16:52:B2:6C:1A
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       5107736DA13BDAA2518373751A621DA33F959836
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0c291b4f-86c8-4a6c-9072-9ef46069d3a8.roa
Signing time:             Fri 22 Sep 2023 00:00:00 +0000
ROA not before:           Fri 22 Sep 2023 00:00:00 +0000
ROA not after:            Fri 27 Oct 2023 23:59:59 +0000
asID:                     16509
IP address blocks:        64.252.73.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 24 Sep 2023 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            51:07:73:6d:a1:3b:da:a2:51:83:73:75:1a:62:1d:a3:3f:95:98:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Sep 22 00:00:00 2023 GMT
            Not After : Oct 27 23:59:59 2023 GMT
        Subject: serialNumber=c9a9d86ed280411bba9d1a71124c98275b41d7ef0b1d233d8a39ee08ec644a56, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:e9:d3:b2:19:4b:82:ed:a3:bd:eb:2b:ce:8c:
                    a5:08:33:0f:8b:bd:8d:98:83:e5:06:6c:8b:00:1d:
                    c6:82:ad:28:82:48:7f:72:c2:60:98:33:8d:3e:8f:
                    94:3a:44:a6:4f:20:4b:32:91:76:5f:99:bc:e4:73:
                    2d:7d:06:62:ac:bc:c8:9a:d3:57:95:52:b7:c6:55:
                    2b:51:95:f2:ad:36:b3:6d:28:57:f7:d0:1f:3d:3b:
                    97:69:8c:ba:c4:76:d6:69:12:00:66:3a:64:a6:75:
                    52:4e:02:77:b2:2d:b9:b4:3c:05:f2:da:05:15:9e:
                    f8:cc:b6:ee:0f:76:a0:59:a7:9b:c7:06:06:ef:af:
                    e4:94:24:01:22:87:44:e8:f5:2b:8e:11:bf:5a:b9:
                    bf:f8:1f:de:80:09:1b:28:79:bf:b0:fa:7e:2a:70:
                    91:47:40:de:d6:65:4b:55:f9:ab:77:99:a0:ae:88:
                    8c:13:52:7b:5c:62:5d:f2:b6:9a:c5:b8:17:1d:59:
                    0d:0f:78:1b:ac:26:e7:35:57:98:98:e7:92:02:b8:
                    a5:53:38:a5:46:21:25:97:4e:8e:d2:65:bd:97:28:
                    b2:0e:75:d4:53:bf:02:14:71:62:5b:a7:f7:c1:1f:
                    95:bc:3b:fb:d3:b0:33:cb:e0:15:48:05:76:a6:4c:
                    7c:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:E9:C7:C9:CE:4C:44:39:8E:E6:46:1B:9F:34:FB:16:52:B2:6C:1A
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0c291b4f-86c8-4a6c-9072-9ef46069d3a8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  64.252.73.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9e:22:ad:94:1d:94:a8:9e:ca:ff:ad:9a:fb:18:3d:a9:46:8d:
         57:ae:bb:21:7b:bb:d2:ef:ca:87:ee:3d:ae:f4:42:47:97:1c:
         b3:14:f1:e0:d9:3a:9d:e1:fd:4b:1e:4c:c1:10:90:0a:f5:12:
         7d:3e:4c:0d:7e:84:ec:9a:56:44:23:3e:45:eb:19:e2:10:70:
         b4:be:f8:71:24:1f:a0:97:16:d5:68:81:c1:0e:c8:e8:d3:f6:
         27:73:71:5e:bb:b1:02:45:e6:83:41:d2:d5:cc:9e:28:d7:22:
         b0:61:98:14:d2:e7:bd:a2:de:fa:80:88:82:10:8a:f2:ba:f3:
         b9:cf:5d:06:b5:36:33:e8:91:a1:56:f3:e2:ae:bd:c7:2c:41:
         ea:fb:96:20:8d:94:25:e8:70:a4:bd:9d:4b:c5:27:b7:36:c2:
         6c:1a:b5:59:68:81:86:61:03:db:6f:de:92:ec:55:85:6e:e5:
         64:49:05:b3:d1:ed:69:ee:ac:66:02:68:a2:f5:d4:f9:c9:09:
         85:09:49:64:58:97:2c:27:80:6b:bf:0a:74:2e:59:09:c2:6e:
         3a:57:a6:e8:a0:d3:74:e2:e9:e5:b1:be:07:ac:10:c2:44:4b:
         b8:81:36:f4:05:a0:3e:b2:b3:af:5a:ea:0f:33:e6:2d:cd:91:
         19:c3:a6:58
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUUQdzbaE72qJRg3N1GmIdoz+VmDYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjMwOTIyMDAwMDAwWhcNMjMxMDI3MjM1OTU5
WjB6MUkwRwYDVQQFE0BjOWE5ZDg2ZWQyODA0MTFiYmE5ZDFhNzExMjRjOTgyNzVi
NDFkN2VmMGIxZDIzM2Q4YTM5ZWUwOGVjNjQ0YTU2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC66dOyGUuC7aO96yvOjKUIMw+LvY2Yg+UGbIsAHcaCrSiC
SH9ywmCYM40+j5Q6RKZPIEsykXZfmbzkcy19BmKsvMia01eVUrfGVStRlfKtNrNt
KFf30B89O5dpjLrEdtZpEgBmOmSmdVJOAneyLbm0PAXy2gUVnvjMtu4PdqBZp5vH
Bgbvr+SUJAEih0To9SuOEb9aub/4H96ACRsoeb+w+n4qcJFHQN7WZUtV+at3maCu
iIwTUntcYl3ytprFuBcdWQ0PeBusJuc1V5iY55ICuKVTOKVGISWXTo7SZb2XKLIO
ddRTvwIUcWJbp/fBH5W8O/vTsDPL4BVIBXamTHwTAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUXenHyc5MRDmO5kYbnzT7FlKybBowHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzBjMjkxYjRmLTg2YzgtNGE2Yy05MDcyLTllZjQ2MDY5ZDNhOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABA/EkwDQYJKoZIhvcNAQELBQADggEBAJ4irZQdlKieyv+tmvsYPalGjVeu
uyF7u9LvyofuPa70QkeXHLMU8eDZOp3h/UseTMEQkAr1En0+TA1+hOyaVkQjPkXr
GeIQcLS++HEkH6CXFtVogcEOyOjT9idzcV67sQJF5oNB0tXMnijXIrBhmBTS572i
3vqAiIIQivK687nPXQa1NjPokaFW8+KuvccsQer7liCNlCXocKS9nUvFJ7c2wmwa
tVlogYZhA9tv3pLsVYVu5WRJBbPR7WnurGYCaKL11PnJCYUJSWRYlywngGu/CnQu
WQnCbjpXpuig03Ti6eWxvgesEMJES7iBNvQFoD6ys69a6g8z5i3NkRnDplg=
-----END CERTIFICATE-----
Generated at Fri Sep 22 22:26:58 2023 by rpki-client on console-fra.rpki-client.org