Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/195f43e5-9baf-4f50-bcbb-65039707f56b.roa
File:                     195f43e5-9baf-4f50-bcbb-65039707f56b.roa (raw, json)
Hash identifier:          9RhJKFahTVUgAWJBt2a15Cz6qTxNOFshlYBN9r2mAfM=
Subject key identifier:   A2:CC:1D:0A:77:13:8D:91:B3:21:15:84:44:8A:D1:FF:BF:AF:AC:CE
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       503A16462E68C09F70FF4AAB1AE724507B38DFAE
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/195f43e5-9baf-4f50-bcbb-65039707f56b.roa
Signing time:             Fri 22 Sep 2023 00:00:00 +0000
ROA not before:           Fri 22 Sep 2023 00:00:00 +0000
ROA not after:            Fri 27 Oct 2023 23:59:59 +0000
asID:                     16509
IP address blocks:        161.228.128.0/18 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 23 Sep 2023 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            50:3a:16:46:2e:68:c0:9f:70:ff:4a:ab:1a:e7:24:50:7b:38:df:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Sep 22 00:00:00 2023 GMT
            Not After : Oct 27 23:59:59 2023 GMT
        Subject: serialNumber=68f686645e8783532b3844a8a51369002017ced9bba316a65cade05e3297f0e5, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:38:e5:25:66:22:95:9d:d4:31:45:16:c7:fc:
                    d5:c5:34:04:49:c3:47:b0:6f:45:27:80:95:8d:d8:
                    1f:46:b3:2c:ac:76:a5:54:32:5e:3e:a1:d2:54:21:
                    b6:91:bb:31:50:22:bd:ef:7c:9c:a4:dd:98:b8:87:
                    38:68:8d:8a:64:f1:25:45:44:2f:45:6e:3e:bf:ad:
                    f6:39:35:ff:43:dc:0d:fa:a2:f5:de:4c:e0:49:af:
                    bc:4b:e5:78:5d:aa:95:d9:f4:53:b3:73:a0:aa:bd:
                    f8:9e:fc:3f:2d:44:31:bb:8e:8b:84:dd:81:7f:37:
                    c9:92:db:e6:f4:a4:df:05:3f:d3:31:a1:a5:32:3c:
                    a4:27:10:b0:6b:8e:a4:be:8a:5d:b0:13:d4:6f:d7:
                    5b:b8:ee:d2:c7:21:f7:9c:09:66:75:f1:45:55:da:
                    56:c3:34:da:ff:23:e7:9a:26:36:36:ca:70:bb:e7:
                    64:d1:b8:7f:c3:ed:41:1a:ce:7c:5a:43:a8:f9:6a:
                    94:50:b5:3f:84:18:fa:e5:7c:6d:60:a3:1f:04:0d:
                    d8:12:07:fb:f1:d8:0a:e3:e5:2f:f5:16:2a:42:1a:
                    78:c0:27:31:d1:6d:e3:8d:f9:f5:7f:aa:a7:cf:37:
                    d7:6e:fd:30:0b:b3:6f:54:2d:35:b1:b8:52:1f:7a:
                    57:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:CC:1D:0A:77:13:8D:91:B3:21:15:84:44:8A:D1:FF:BF:AF:AC:CE
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/195f43e5-9baf-4f50-bcbb-65039707f56b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  161.228.128.0/18

    Signature Algorithm: sha256WithRSAEncryption
         56:bd:e7:f3:9d:91:e8:4d:43:55:28:ba:51:eb:68:74:47:80:
         49:4c:70:d4:73:c4:b0:3c:56:6f:b5:5e:cc:b4:1e:90:b8:f1:
         2f:fa:bd:c1:73:a3:15:0f:cf:0d:6d:8d:5d:8e:55:01:10:a3:
         c9:bd:5d:d1:cc:f7:69:8b:eb:b6:18:b5:41:99:a1:95:9c:c7:
         fc:8a:3b:69:e6:d4:7f:12:fb:f9:98:08:18:2b:d5:77:15:1b:
         00:b4:7c:31:12:c7:cf:be:1e:64:a8:ae:02:6e:bd:bc:24:bf:
         04:c9:1d:ad:31:3c:87:f4:2a:bd:5a:31:bf:d2:00:cb:6a:86:
         36:c6:cf:c1:42:0e:4c:3f:d8:74:8f:3a:1e:1c:00:5e:25:96:
         eb:b7:1a:bd:85:e5:c5:7d:3a:25:2d:dc:c1:7b:c0:3f:01:fe:
         94:44:8e:ac:dc:31:06:92:8b:8f:a6:e8:09:96:ea:64:a0:4a:
         7a:c0:15:b1:20:4f:8f:bc:80:65:7f:c3:9b:51:44:72:57:52:
         38:b3:9c:06:2b:a6:65:9c:31:9d:96:11:af:4c:0e:ba:55:a5:
         a2:98:8a:1d:91:19:98:a5:55:0e:77:71:e4:d5:06:c9:34:f6:
         e1:74:94:09:af:b9:16:b9:60:d4:c4:97:42:7f:e3:0f:d4:a9:
         4c:42:82:23
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUUDoWRi5owJ9w/0qrGuckUHs4364wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjMwOTIyMDAwMDAwWhcNMjMxMDI3MjM1OTU5
WjB6MUkwRwYDVQQFE0A2OGY2ODY2NDVlODc4MzUzMmIzODQ0YThhNTEzNjkwMDIw
MTdjZWQ5YmJhMzE2YTY1Y2FkZTA1ZTMyOTdmMGU1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCcOOUlZiKVndQxRRbH/NXFNARJw0ewb0UngJWN2B9Gsyys
dqVUMl4+odJUIbaRuzFQIr3vfJyk3Zi4hzhojYpk8SVFRC9Fbj6/rfY5Nf9D3A36
ovXeTOBJr7xL5XhdqpXZ9FOzc6Cqvfie/D8tRDG7jouE3YF/N8mS2+b0pN8FP9Mx
oaUyPKQnELBrjqS+il2wE9Rv11u47tLHIfecCWZ18UVV2lbDNNr/I+eaJjY2ynC7
52TRuH/D7UEaznxaQ6j5apRQtT+EGPrlfG1gox8EDdgSB/vx2Arj5S/1FipCGnjA
JzHRbeON+fV/qqfPN9du/TALs29ULTWxuFIfelcpAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUoswdCncTjZGzIRWERIrR/7+vrM4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzE5NWY0M2U1LTliYWYtNGY1MC1iY2JiLTY1MDM5NzA3ZjU2Yi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAah5IAwDQYJKoZIhvcNAQELBQADggEBAFa95/OdkehNQ1UoulHraHRHgElM
cNRzxLA8Vm+1Xsy0HpC48S/6vcFzoxUPzw1tjV2OVQEQo8m9XdHM92mL67YYtUGZ
oZWcx/yKO2nm1H8S+/mYCBgr1XcVGwC0fDESx8++HmSorgJuvbwkvwTJHa0xPIf0
Kr1aMb/SAMtqhjbGz8FCDkw/2HSPOh4cAF4lluu3Gr2F5cV9OiUt3MF7wD8B/pRE
jqzcMQaSi4+m6AmW6mSgSnrAFbEgT4+8gGV/w5tRRHJXUjiznAYrpmWcMZ2WEa9M
DrpVpaKYih2RGZilVQ53ceTVBsk09uF0lAmvuRa5YNTEl0J/4w/UqUxCgiM=
-----END CERTIFICATE-----
Generated at Fri Sep 22 15:45:15 2023 by rpki-client on console-ams.rpki-client.org