Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/18be7a76-724b-4e6a-9d5a-ba51fd885a5e.roa
File:                     18be7a76-724b-4e6a-9d5a-ba51fd885a5e.roa (raw, json)
Hash identifier:          i0cMPd4dwRatibAdDuMMu2BOdWDq04X9AMdEJB2RvWo=
Subject key identifier:   5D:56:96:78:D2:FC:68:E4:B2:EE:8B:B1:B3:4F:4D:7F:05:A3:F0:B2
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       12C0D3A6965E4E6C7EDAC5233405E6E4C368C929
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/18be7a76-724b-4e6a-9d5a-ba51fd885a5e.roa
Signing time:             Mon 28 Aug 2023 00:00:00 +0000
ROA not before:           Mon 28 Aug 2023 00:00:00 +0000
ROA not after:            Mon 02 Oct 2023 23:59:59 +0000
asID:                     16509
IP address blocks:        136.18.32.0/20 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 30 Aug 2023 03:08:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            12:c0:d3:a6:96:5e:4e:6c:7e:da:c5:23:34:05:e6:e4:c3:68:c9:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug 28 00:00:00 2023 GMT
            Not After : Oct  2 23:59:59 2023 GMT
        Subject: serialNumber=d59341b0b1e2585216fc5e888554c2ee6b5197dd32e5bd7fac84d775f02d59fb, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:8c:36:6d:0b:ed:ba:de:1a:b2:b9:3c:9a:9a:
                    33:e7:82:45:a4:70:2f:7c:ee:02:03:53:7d:a0:93:
                    a9:0a:d6:29:d6:b4:42:2a:5a:5d:37:5a:3f:5c:6e:
                    4e:3e:21:0b:7e:bd:0d:cd:52:28:d8:81:44:7b:15:
                    5c:e6:6c:3a:d1:0e:72:82:d8:58:2d:9b:dc:ff:22:
                    7d:8a:66:89:8b:4c:ae:10:de:49:99:9f:e3:c7:c0:
                    b2:6f:42:cf:4f:f4:0a:8f:36:4d:75:9d:f7:30:28:
                    ed:6d:7a:e0:de:13:5a:7a:ba:72:ef:bd:b8:4b:87:
                    08:84:5b:7c:24:ce:3f:32:f0:8c:a9:0a:38:fd:29:
                    dd:83:fd:32:76:4e:b2:fb:96:5c:93:36:98:5d:32:
                    2f:0b:61:7d:9b:27:ec:8a:00:b9:a1:f9:ca:89:88:
                    e9:33:2d:bf:29:62:ba:94:33:70:c5:d4:e5:7e:18:
                    8c:e5:33:83:94:2e:c8:1b:1b:da:44:06:da:bc:88:
                    2a:8c:f1:f7:cb:55:32:16:ff:bc:a1:8a:aa:14:59:
                    14:24:03:1e:c7:64:5a:ec:92:50:b4:6e:51:5c:8f:
                    8b:3e:4d:bf:0d:cc:3f:23:e0:52:72:55:0a:89:0b:
                    68:98:b9:1a:17:97:a6:fa:d2:87:74:59:53:07:c1:
                    8d:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:56:96:78:D2:FC:68:E4:B2:EE:8B:B1:B3:4F:4D:7F:05:A3:F0:B2
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/18be7a76-724b-4e6a-9d5a-ba51fd885a5e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  136.18.32.0/20

    Signature Algorithm: sha256WithRSAEncryption
         44:9b:81:b0:90:1f:bc:69:39:60:f3:bf:43:ac:7d:b5:1b:0c:
         70:95:2c:88:0d:4a:41:03:81:f8:6b:42:6f:ce:b8:99:9e:1d:
         43:c4:12:f1:0e:54:95:11:17:bf:58:75:80:02:61:8e:35:a9:
         91:09:d4:21:7b:21:ce:b4:5b:ed:f0:c5:41:b5:ec:a5:f2:bb:
         a4:34:c0:cd:25:5f:6b:10:2b:05:12:fb:54:2d:1b:ea:00:3a:
         92:f9:33:b0:f4:b6:b8:14:4c:67:c8:ad:20:36:1f:26:5c:5b:
         28:6b:8f:ec:35:99:00:a2:75:df:f9:58:fa:3c:ef:03:95:11:
         6b:d4:60:97:9a:96:88:96:43:d1:b5:50:1a:71:d8:17:09:c1:
         4e:79:b2:68:bb:2c:5d:74:02:19:23:46:de:13:d3:fd:b6:93:
         15:19:22:03:3f:80:a1:86:f7:38:f8:95:b9:be:cb:5e:c8:04:
         4c:06:60:9c:c0:d6:85:fb:ef:47:a2:45:3e:cc:1a:28:79:c3:
         21:a0:00:2e:15:4a:78:73:7c:13:e8:53:6d:54:26:92:44:f3:
         85:9a:0d:2a:09:18:94:1a:5e:21:75:38:c8:39:b9:97:81:fe:
         15:f3:62:b2:53:e0:d8:1f:98:e7:fb:4d:0c:24:da:af:11:75:
         7e:41:d3:04
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUEsDTppZeTmx+2sUjNAXm5MNoySkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjMwODI4MDAwMDAwWhcNMjMxMDAyMjM1OTU5
WjB6MUkwRwYDVQQFE0BkNTkzNDFiMGIxZTI1ODUyMTZmYzVlODg4NTU0YzJlZTZi
NTE5N2RkMzJlNWJkN2ZhYzg0ZDc3NWYwMmQ1OWZiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDljDZtC+263hqyuTyamjPngkWkcC987gIDU32gk6kK1inW
tEIqWl03Wj9cbk4+IQt+vQ3NUijYgUR7FVzmbDrRDnKC2Fgtm9z/In2KZomLTK4Q
3kmZn+PHwLJvQs9P9AqPNk11nfcwKO1teuDeE1p6unLvvbhLhwiEW3wkzj8y8Iyp
Cjj9Kd2D/TJ2TrL7llyTNphdMi8LYX2bJ+yKALmh+cqJiOkzLb8pYrqUM3DF1OV+
GIzlM4OULsgbG9pEBtq8iCqM8ffLVTIW/7yhiqoUWRQkAx7HZFrsklC0blFcj4s+
Tb8NzD8j4FJyVQqJC2iYuRoXl6b60od0WVMHwY39AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUXVaWeNL8aOSy7ouxs09NfwWj8LIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzE4YmU3YTc2LTcyNGItNGU2YS05ZDVhLWJhNTFmZDg4NWE1ZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBASIEiAwDQYJKoZIhvcNAQELBQADggEBAESbgbCQH7xpOWDzv0OsfbUbDHCV
LIgNSkEDgfhrQm/OuJmeHUPEEvEOVJURF79YdYACYY41qZEJ1CF7Ic60W+3wxUG1
7KXyu6Q0wM0lX2sQKwUS+1QtG+oAOpL5M7D0trgUTGfIrSA2HyZcWyhrj+w1mQCi
dd/5WPo87wOVEWvUYJealoiWQ9G1UBpx2BcJwU55smi7LF10AhkjRt4T0/22kxUZ
IgM/gKGG9zj4lbm+y17IBEwGYJzA1oX770eiRT7MGih5wyGgAC4VSnhzfBPoU21U
JpJE84WaDSoJGJQaXiF1OMg5uZeB/hXzYrJT4NgfmOf7TQwk2q8RdX5B0wQ=
-----END CERTIFICATE-----
Generated at Mon Aug 28 15:21:31 2023 by rpki-client on console-fra.rpki-client.org