Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/113d5556-8776-4980-8481-4392894f76ea.roa
File:                     113d5556-8776-4980-8481-4392894f76ea.roa (raw, json)
Hash identifier:          7DX0FF9ZlZW+4e5SqFh7PLjflrmLGM67JL+s0pMfDXU=
Subject key identifier:   FA:03:F6:4A:F4:76:B1:44:C6:82:D3:E3:BB:49:F4:B5:FC:ED:53:4B
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       552500D12F36AFE043AAEE9A66235C7AA5A9AFB8
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/113d5556-8776-4980-8481-4392894f76ea.roa
Signing time:             Fri 22 Sep 2023 00:00:00 +0000
ROA not before:           Fri 22 Sep 2023 00:00:00 +0000
ROA not after:            Fri 27 Oct 2023 23:59:59 +0000
asID:                     16509
IP address blocks:        16.94.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 24 Sep 2023 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            55:25:00:d1:2f:36:af:e0:43:aa:ee:9a:66:23:5c:7a:a5:a9:af:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Sep 22 00:00:00 2023 GMT
            Not After : Oct 27 23:59:59 2023 GMT
        Subject: serialNumber=0b8260b121497968f7c338092e76c6d4abad393a360e152639d9dc9742c8e90f, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:3e:bc:e0:88:aa:53:b7:e7:ea:ec:79:9e:38:
                    7b:b1:d4:e9:d8:fe:16:9c:7d:f7:e4:03:d1:8f:ce:
                    18:83:3a:6a:b4:04:d0:4e:8d:3a:70:87:6f:66:ed:
                    68:ca:51:33:ad:ee:6b:0c:c4:47:d2:36:23:4d:ad:
                    79:93:c0:93:dc:ba:22:ed:f2:41:d7:46:18:cf:32:
                    d9:b1:e7:c3:40:c5:46:18:bb:6a:02:79:e6:88:36:
                    32:93:05:0f:d6:a5:bd:89:0c:a6:3c:e0:96:78:55:
                    04:50:85:36:c6:fc:04:30:59:a8:1e:98:5a:48:f0:
                    02:7e:78:12:5e:90:1f:92:3f:d4:2b:80:e2:f4:43:
                    ed:fc:02:47:e7:d2:86:7b:e8:18:ef:19:1f:93:8c:
                    08:c0:5a:d8:63:1d:d8:13:60:1f:98:a0:31:4c:6a:
                    38:9c:e9:de:57:2f:cd:22:a5:de:e1:cd:06:f0:5b:
                    f0:58:20:de:e2:de:13:3d:b0:9a:03:d6:b4:87:87:
                    95:bd:39:e2:5a:30:93:6b:d6:c8:1d:dd:02:ba:53:
                    ac:6d:d7:97:0d:ed:22:b1:24:02:da:67:b4:4d:24:
                    34:c5:e2:5f:dd:ec:d3:06:3f:d1:9c:e4:77:2b:2a:
                    2f:21:42:71:c7:64:0c:bb:bb:b2:d1:46:3f:27:cd:
                    0a:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:03:F6:4A:F4:76:B1:44:C6:82:D3:E3:BB:49:F4:B5:FC:ED:53:4B
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/113d5556-8776-4980-8481-4392894f76ea.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.94.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         24:63:d5:38:61:7a:e9:93:eb:d4:98:3c:c9:f8:d1:3c:14:7e:
         3b:34:34:c0:ad:a9:cd:19:7b:82:65:f0:35:b4:1c:93:69:97:
         31:ed:b7:cf:e8:d1:67:39:13:06:fa:98:0e:59:94:3a:7d:dc:
         b7:dd:8e:65:2e:b8:0c:4c:3b:56:01:96:c4:cb:f3:2c:c7:69:
         be:3f:ea:70:08:a7:dd:16:26:68:42:9d:99:33:cd:00:eb:2b:
         3c:62:b9:2d:57:4b:5b:d5:9c:a4:e5:f2:22:95:09:fc:b8:ef:
         1b:39:41:de:fe:47:0d:7c:c3:8f:93:87:c3:aa:7d:66:6a:19:
         61:6b:d2:00:41:cf:49:78:ce:66:dc:28:57:29:b2:b0:79:c2:
         61:d9:22:de:dd:43:2b:63:e7:c2:c3:c3:fb:71:a5:42:90:cd:
         3d:6f:20:0c:84:c3:65:37:06:ed:49:30:b2:6c:1a:c3:49:d2:
         51:f1:e0:81:66:6b:05:61:e9:4c:ef:07:e7:e8:0d:14:02:3e:
         88:e8:5a:67:dc:76:df:15:d0:8c:e9:02:77:16:4c:fd:4e:bd:
         67:73:61:14:95:7b:32:02:2d:bd:c6:9e:7e:c1:41:fe:7e:74:
         3c:57:f1:38:a6:a5:44:82:ed:d7:b7:b4:5a:a7:f6:26:8a:cc:
         c2:69:1f:af
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUVSUA0S82r+BDqu6aZiNceqWpr7gwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjMwOTIyMDAwMDAwWhcNMjMxMDI3MjM1OTU5
WjB6MUkwRwYDVQQFE0AwYjgyNjBiMTIxNDk3OTY4ZjdjMzM4MDkyZTc2YzZkNGFi
YWQzOTNhMzYwZTE1MjYzOWQ5ZGM5NzQyYzhlOTBmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDHPrzgiKpTt+fq7HmeOHux1OnY/hacfffkA9GPzhiDOmq0
BNBOjTpwh29m7WjKUTOt7msMxEfSNiNNrXmTwJPcuiLt8kHXRhjPMtmx58NAxUYY
u2oCeeaINjKTBQ/Wpb2JDKY84JZ4VQRQhTbG/AQwWagemFpI8AJ+eBJekB+SP9Qr
gOL0Q+38Akfn0oZ76BjvGR+TjAjAWthjHdgTYB+YoDFMajic6d5XL80ipd7hzQbw
W/BYIN7i3hM9sJoD1rSHh5W9OeJaMJNr1sgd3QK6U6xt15cN7SKxJALaZ7RNJDTF
4l/d7NMGP9Gc5HcrKi8hQnHHZAy7u7LRRj8nzQq5AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU+gP2SvR2sUTGgtPju0n0tfztU0swHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzExM2Q1NTU2LTg3NzYtNDk4MC04NDgxLTQzOTI4OTRmNzZlYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQXjANBgkqhkiG9w0BAQsFAAOCAQEAJGPVOGF66ZPr1Jg8yfjRPBR+OzQ0
wK2pzRl7gmXwNbQck2mXMe23z+jRZzkTBvqYDlmUOn3ct92OZS64DEw7VgGWxMvz
LMdpvj/qcAin3RYmaEKdmTPNAOsrPGK5LVdLW9WcpOXyIpUJ/LjvGzlB3v5HDXzD
j5OHw6p9ZmoZYWvSAEHPSXjOZtwoVymysHnCYdki3t1DK2PnwsPD+3GlQpDNPW8g
DITDZTcG7Ukwsmwaw0nSUfHggWZrBWHpTO8H5+gNFAI+iOhaZ9x23xXQjOkCdxZM
/U69Z3NhFJV7MgItvcaefsFB/n50PFfxOKalRILt17e0Wqf2JorMwmkfrw==
-----END CERTIFICATE-----
Generated at Fri Sep 22 18:20:52 2023 by rpki-client on console-fra.rpki-client.org