Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/21bb0458-625d-4892-a4e1-e544b849201a.roa
File:                     21bb0458-625d-4892-a4e1-e544b849201a.roa (raw, json)
Hash identifier:          EjKC8499d+IhQ4//ZjUsJqOodqoLtlhtJ2LHtjFzzCQ=
Subject key identifier:   0B:25:3E:41:1A:19:87:E4:22:6C:A8:61:AC:D9:56:00:11:F6:FF:DC
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       1D1C86A27503309E60917701D41DFB4755B80876
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/21bb0458-625d-4892-a4e1-e544b849201a.roa
Signing time:             Fri 22 Sep 2023 00:00:00 +0000
ROA not before:           Fri 22 Sep 2023 00:00:00 +0000
ROA not after:            Fri 27 Oct 2023 23:59:59 +0000
asID:                     16509
IP address blocks:        63.249.128.0/17 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 24 Sep 2023 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1d:1c:86:a2:75:03:30:9e:60:91:77:01:d4:1d:fb:47:55:b8:08:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Sep 22 00:00:00 2023 GMT
            Not After : Oct 27 23:59:59 2023 GMT
        Subject: serialNumber=7d91c4f6e813c1dcb4c88be5bf88b614130442318b82cedbff07ffd351114122, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:41:e5:d1:67:33:4a:a1:50:f9:ea:e9:2d:cd:
                    50:ce:46:d8:6a:a2:35:19:8d:30:8f:d0:18:af:e7:
                    2d:94:6f:24:e6:3a:46:f5:68:ab:d0:cf:3a:e0:90:
                    bd:aa:ce:72:7d:2d:88:ed:76:13:41:4e:98:80:d0:
                    43:8b:f8:1b:79:9a:2e:cc:c4:6d:be:54:1d:c6:05:
                    7a:c2:0c:cf:d8:0f:c6:39:17:7b:51:92:81:7f:8a:
                    31:9f:56:83:eb:15:ba:8d:87:4c:c4:46:ea:cf:26:
                    80:66:80:24:39:0a:dc:8f:89:80:ce:b1:3b:0d:bc:
                    85:6f:36:98:c4:1f:27:b1:a8:36:38:2e:a6:5d:18:
                    8a:26:af:2d:56:31:5f:46:9c:6b:f9:16:d1:d5:be:
                    08:d2:ce:d1:6d:08:25:63:a6:43:6f:fe:76:b5:d9:
                    7e:0f:20:2a:8c:55:b7:ee:14:ec:4c:80:52:b4:24:
                    73:7c:37:6a:53:ef:ce:1f:7f:85:89:30:c8:1d:41:
                    15:9e:cb:92:a8:97:e5:b2:0a:fc:ee:f3:ff:63:a9:
                    84:e8:ac:e4:86:19:54:02:d8:eb:ef:85:6f:df:ea:
                    ff:81:2c:54:5d:a7:93:ee:48:75:cc:51:4f:78:8b:
                    5b:e4:89:4e:29:28:74:65:7f:22:e9:0b:27:a0:d5:
                    40:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:25:3E:41:1A:19:87:E4:22:6C:A8:61:AC:D9:56:00:11:F6:FF:DC
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/21bb0458-625d-4892-a4e1-e544b849201a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  63.249.128.0/17

    Signature Algorithm: sha256WithRSAEncryption
         5b:7e:a3:0c:e8:8c:4a:85:c0:4c:27:0f:a9:06:5e:37:1d:24:
         f8:9c:bf:d6:e6:8a:72:94:62:b5:73:00:43:a1:70:79:d0:34:
         f1:7d:f9:de:b2:f2:95:33:b4:cd:a5:3d:ba:be:2c:a9:7b:7c:
         ff:df:d4:f8:19:88:ed:01:18:c3:21:7d:cb:3a:be:2c:fe:3b:
         32:1f:21:c1:a5:68:85:ba:11:e6:e8:00:64:22:51:48:c3:ea:
         2d:1e:8e:b7:eb:fb:5a:5a:df:62:c9:d1:a6:7a:62:82:16:27:
         c8:ee:fe:d4:d7:54:ec:93:f0:e2:64:7a:5a:67:cb:4e:32:91:
         79:21:94:13:90:fe:0e:25:80:34:82:a2:1b:7b:75:23:ce:2b:
         6d:52:cf:5a:9d:82:f5:b5:60:2d:96:b2:57:97:a9:8e:80:10:
         63:38:df:fa:b9:30:ed:84:12:16:08:db:1c:d5:2e:57:91:9d:
         f7:28:bc:17:b4:f8:d5:ba:f0:21:10:69:73:fb:bc:b0:c0:0f:
         31:71:85:6c:cd:e4:5a:cc:33:3d:20:48:08:19:b5:27:57:94:
         ed:4e:1a:44:c6:c3:90:01:db:b0:6b:a2:a4:58:3b:06:ad:87:
         14:b3:39:37:bc:d5:c6:8e:ed:90:55:aa:1f:0d:12:51:61:78:
         eb:5f:fd:01
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUHRyGonUDMJ5gkXcB1B37R1W4CHYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjMwOTIyMDAwMDAwWhcNMjMxMDI3MjM1OTU5
WjB6MUkwRwYDVQQFE0A3ZDkxYzRmNmU4MTNjMWRjYjRjODhiZTViZjg4YjYxNDEz
MDQ0MjMxOGI4MmNlZGJmZjA3ZmZkMzUxMTE0MTIyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCpQeXRZzNKoVD56uktzVDORthqojUZjTCP0Biv5y2UbyTm
Okb1aKvQzzrgkL2qznJ9LYjtdhNBTpiA0EOL+Bt5mi7MxG2+VB3GBXrCDM/YD8Y5
F3tRkoF/ijGfVoPrFbqNh0zERurPJoBmgCQ5CtyPiYDOsTsNvIVvNpjEHyexqDY4
LqZdGIomry1WMV9GnGv5FtHVvgjSztFtCCVjpkNv/na12X4PICqMVbfuFOxMgFK0
JHN8N2pT784ff4WJMMgdQRWey5Kol+WyCvzu8/9jqYTorOSGGVQC2OvvhW/f6v+B
LFRdp5PuSHXMUU94i1vkiU4pKHRlfyLpCyeg1UC5AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUCyU+QRoZh+QibKhhrNlWABH2/9wwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzIxYmIwNDU4LTYyNWQtNDg5Mi1hNGUxLWU1NDRiODQ5MjAxYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAc/+YAwDQYJKoZIhvcNAQELBQADggEBAFt+owzojEqFwEwnD6kGXjcdJPic
v9bminKUYrVzAEOhcHnQNPF9+d6y8pUztM2lPbq+LKl7fP/f1PgZiO0BGMMhfcs6
viz+OzIfIcGlaIW6EeboAGQiUUjD6i0ejrfr+1pa32LJ0aZ6YoIWJ8ju/tTXVOyT
8OJkelpny04ykXkhlBOQ/g4lgDSCoht7dSPOK21Sz1qdgvW1YC2WsleXqY6AEGM4
3/q5MO2EEhYI2xzVLleRnfcovBe0+NW68CEQaXP7vLDADzFxhWzN5FrMMz0gSAgZ
tSdXlO1OGkTGw5AB27BroqRYOwathxSzOTe81caO7ZBVqh8NElFheOtf/QE=
-----END CERTIFICATE-----
Generated at Fri Sep 22 22:31:04 2023 by rpki-client on console-ams.rpki-client.org