Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1869b257-c1ca-4f4f-803c-f00cd973ab2e.roa
File:                     1869b257-c1ca-4f4f-803c-f00cd973ab2e.roa (raw, json)
Hash identifier:          Xbt812aHg9la0+iCNNgcUPMrBEXtoobX2vG8Vt2SoeM=
Subject key identifier:   4F:54:DC:E9:36:9C:33:03:D9:0D:31:A7:64:E0:C2:BB:B2:9F:BA:39
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       6A1ED2083EBBFAEF7088F7B54EE74009322606CE
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1869b257-c1ca-4f4f-803c-f00cd973ab2e.roa
Signing time:             Tue 12 Nov 2024 00:00:00 +0000
ROA not before:           Tue 12 Nov 2024 00:00:00 +0000
ROA not after:            Tue 17 Dec 2024 23:59:59 +0000
asID:                     14618
IP address blocks:        56.46.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 25 Nov 2024 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6a:1e:d2:08:3e:bb:fa:ef:70:88:f7:b5:4e:e7:40:09:32:26:06:ce
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 12 00:00:00 2024 GMT
            Not After : Dec 17 23:59:59 2024 GMT
        Subject: serialNumber=61167d033f985b2b9d263747d47ffde1e83f58fbbc1ddd4cc42a9fedcd9286da, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:1b:ba:56:e2:45:fd:4d:6c:bb:5d:fc:87:96:
                    bd:c0:f0:08:5a:1b:4c:32:e1:f7:6a:5d:4a:96:e5:
                    23:12:d2:97:95:60:0e:5d:2e:e9:d7:ea:af:77:a2:
                    cd:94:ff:a5:61:e3:9e:58:85:45:36:79:14:16:02:
                    1c:18:d0:b7:f1:f0:d4:6f:d2:a9:be:92:c5:54:81:
                    25:3f:25:c6:0b:cc:ec:f1:f4:77:34:17:8d:85:04:
                    51:64:d3:25:f9:a4:99:b2:bf:5e:90:21:93:b2:54:
                    0f:d2:7a:26:79:02:d8:f0:a8:f4:ba:8c:f3:c5:6b:
                    b6:a8:5a:41:c0:b2:63:36:82:3b:0d:ae:75:2b:1f:
                    2c:fb:50:7a:8e:32:c9:77:70:bc:9f:00:22:ec:6f:
                    56:a2:16:87:7e:d6:b6:30:73:af:9f:1d:aa:f8:b6:
                    d1:3c:b8:86:d9:20:93:92:3b:dc:ea:aa:a3:31:96:
                    e6:a8:52:b6:2b:c9:f1:26:28:f5:f9:66:56:6b:50:
                    ad:03:30:41:2e:f5:1f:95:04:46:6c:dc:65:7d:a1:
                    ef:cb:d9:19:48:fd:ee:c4:a9:8d:c5:43:2c:d6:2c:
                    5e:c2:1c:da:aa:c3:20:fc:ef:17:db:d0:9e:7b:fd:
                    a3:5a:47:d0:a5:41:f6:c7:60:98:da:fb:32:95:15:
                    3f:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:54:DC:E9:36:9C:33:03:D9:0D:31:A7:64:E0:C2:BB:B2:9F:BA:39
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1869b257-c1ca-4f4f-803c-f00cd973ab2e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.46.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         c9:c8:6c:87:a5:45:d5:ed:3e:11:d3:37:c1:88:df:ae:fe:43:
         7f:fb:e1:ff:f1:58:80:77:6e:49:62:ac:51:51:a6:f8:82:00:
         16:a9:b0:b0:2d:ff:7c:08:6d:fc:85:f6:71:72:4b:42:c1:7a:
         27:ba:a4:c1:a2:07:70:d4:50:43:28:79:13:11:da:6c:2b:bd:
         5c:c0:3c:fe:de:0b:a9:19:c8:b4:ca:95:fb:6b:e1:be:1b:f4:
         b9:c6:52:a5:30:e4:fa:3f:ce:04:77:50:f2:c6:93:a8:f9:2f:
         a3:3b:ef:f4:70:8e:b3:0a:86:87:fd:d6:fb:4d:ed:fd:94:48:
         c7:92:20:70:22:8b:08:7a:ca:f8:96:fe:a5:c0:2e:be:fb:7e:
         fc:56:b3:90:2b:f8:4b:3f:4a:9b:cf:ea:aa:2c:a6:68:fb:e0:
         ed:ad:83:8d:da:0f:2c:6b:05:73:f7:79:d5:b4:e3:08:4b:b7:
         64:7c:c8:27:33:a9:e6:03:87:5c:c4:29:28:71:54:67:f4:d0:
         c2:4f:db:b0:cb:2e:e4:ac:99:31:8c:36:46:e8:05:e1:23:86:
         b8:2b:77:72:5d:b6:bb:aa:08:3b:c6:3c:13:4f:cb:00:80:f4:
         f3:50:e4:e1:fb:f3:2b:04:06:1d:ad:58:90:dc:89:8e:b2:da:
         30:13:3c:da
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUah7SCD67+u9wiPe1TudACTImBs4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMTEyMDAwMDAwWhcNMjQxMjE3MjM1OTU5
WjB6MUkwRwYDVQQFE0A2MTE2N2QwMzNmOTg1YjJiOWQyNjM3NDdkNDdmZmRlMWU4
M2Y1OGZiYmMxZGRkNGNjNDJhOWZlZGNkOTI4NmRhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC3G7pW4kX9TWy7XfyHlr3A8AhaG0wy4fdqXUqW5SMS0peV
YA5dLunX6q93os2U/6Vh455YhUU2eRQWAhwY0Lfx8NRv0qm+ksVUgSU/JcYLzOzx
9Hc0F42FBFFk0yX5pJmyv16QIZOyVA/SeiZ5AtjwqPS6jPPFa7aoWkHAsmM2gjsN
rnUrHyz7UHqOMsl3cLyfACLsb1aiFod+1rYwc6+fHar4ttE8uIbZIJOSO9zqqqMx
luaoUrYryfEmKPX5ZlZrUK0DMEEu9R+VBEZs3GV9oe/L2RlI/e7EqY3FQyzWLF7C
HNqqwyD87xfb0J57/aNaR9ClQfbHYJja+zKVFT/tAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUT1Tc6TacMwPZDTGnZODCu7KfujkwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzE4NjliMjU3LWMxY2EtNGY0Zi04MDNjLWYwMGNkOTczYWIyZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4LjANBgkqhkiG9w0BAQsFAAOCAQEAychsh6VF1e0+EdM3wYjfrv5Df/vh
//FYgHduSWKsUVGm+IIAFqmwsC3/fAht/IX2cXJLQsF6J7qkwaIHcNRQQyh5ExHa
bCu9XMA8/t4LqRnItMqV+2vhvhv0ucZSpTDk+j/OBHdQ8saTqPkvozvv9HCOswqG
h/3W+03t/ZRIx5IgcCKLCHrK+Jb+pcAuvvt+/FazkCv4Sz9Km8/qqiymaPvg7a2D
jdoPLGsFc/d51bTjCEu3ZHzIJzOp5gOHXMQpKHFUZ/TQwk/bsMsu5KyZMYw2RugF
4SOGuCt3cl22u6oIO8Y8E0/LAID081Dk4fvzKwQGHa1YkNyJjrLaMBM82g==
-----END CERTIFICATE-----