Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/28cf4189-648d-467b-9ef1-b6e9fa5ba3dd.roa
File:                     28cf4189-648d-467b-9ef1-b6e9fa5ba3dd.roa (raw, json)
Hash identifier:          t0IUrjUAjLdWCiP9Epk8crEy3pdW4P001dQ9097AxzU=
Subject key identifier:   25:93:D0:27:FC:61:67:1C:9C:EE:B1:92:AC:E4:5F:B3:D8:8A:2B:65
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       1B135FBB2A107C406DFC4D510F58CDF6DABC3263
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/28cf4189-648d-467b-9ef1-b6e9fa5ba3dd.roa
Signing time:             Fri 22 Sep 2023 00:00:00 +0000
ROA not before:           Fri 22 Sep 2023 00:00:00 +0000
ROA not after:            Fri 27 Oct 2023 23:59:59 +0000
asID:                     16509
IP address blocks:        99.77.158.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 24 Sep 2023 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1b:13:5f:bb:2a:10:7c:40:6d:fc:4d:51:0f:58:cd:f6:da:bc:32:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Sep 22 00:00:00 2023 GMT
            Not After : Oct 27 23:59:59 2023 GMT
        Subject: serialNumber=adba08fe90cf4444e3bba982a44b5fe534fe18b948a9a4f787d4d79c807a2194, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:49:4a:1e:93:7d:24:90:9b:76:1b:44:f6:f8:
                    42:da:5e:42:8d:69:5c:fd:dd:fd:71:e0:f9:0d:aa:
                    dc:5d:ba:81:27:d6:1f:55:33:9d:26:4e:ac:92:f7:
                    e4:ae:48:cf:d8:23:a1:b9:a2:54:72:06:62:14:ac:
                    2b:89:21:18:22:09:5f:da:45:b6:22:3a:e4:63:7a:
                    62:68:ef:3a:74:c3:fd:ed:8a:87:a4:bc:ad:3e:13:
                    db:ac:ff:40:2f:0b:11:5a:a3:0b:32:4c:9e:f2:a1:
                    34:9f:2f:d5:92:9a:63:66:a3:65:92:dd:80:a3:6c:
                    ae:fc:cf:35:25:ad:44:cf:fc:d0:a6:5c:72:9f:a9:
                    ac:8c:d0:7b:72:67:a0:f4:9d:4d:66:8e:81:e2:c1:
                    12:15:77:01:54:bb:d3:df:8f:e5:10:5f:f9:b9:fe:
                    f4:58:e8:c2:39:86:0a:99:00:0b:ae:77:a9:01:e3:
                    e5:2a:10:4e:51:23:29:03:fb:a1:82:8f:e2:39:d3:
                    71:88:e4:d7:77:49:e6:a6:56:03:1f:14:ab:aa:0d:
                    8c:c5:6b:10:ec:aa:a7:f0:56:e0:c9:0f:a3:de:a8:
                    6c:aa:87:1f:2b:fd:dd:d1:d5:a4:5e:f8:03:b2:09:
                    d8:da:15:83:6f:08:ab:b3:36:b0:b9:23:28:22:77:
                    d6:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:93:D0:27:FC:61:67:1C:9C:EE:B1:92:AC:E4:5F:B3:D8:8A:2B:65
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/28cf4189-648d-467b-9ef1-b6e9fa5ba3dd.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.77.158.0/24

    Signature Algorithm: sha256WithRSAEncryption
         bd:dc:b9:94:33:14:33:57:39:9c:0e:47:f5:58:32:6b:1c:7e:
         db:14:31:69:1e:87:1a:b7:3d:d6:da:c6:ba:59:7a:7d:64:a4:
         bb:30:62:c6:83:06:a0:34:18:2b:67:df:7c:0f:6c:60:21:8e:
         06:9d:b1:c9:d2:6a:aa:3a:55:73:48:e0:69:b1:94:72:bc:01:
         6f:0a:6d:2e:a4:77:c3:18:82:a2:2a:67:cb:47:f0:d5:64:86:
         33:74:79:33:e5:ad:4c:c9:30:eb:b3:15:56:61:f0:28:fe:67:
         92:cd:58:34:5d:8b:dd:a8:66:e2:32:12:00:a5:5f:23:e3:ec:
         0e:ba:b6:59:25:42:18:ea:c7:6f:f3:ba:e8:f7:fe:48:de:b7:
         36:9c:c4:68:29:34:b3:06:ea:fb:dd:eb:8d:fc:47:6d:85:6a:
         32:1b:e1:07:92:73:ed:63:61:ea:4a:dc:d2:69:e3:c9:61:85:
         37:f1:f4:20:e8:bb:ae:40:1b:33:ba:3e:b7:1f:d4:f1:ff:fa:
         be:51:7c:8a:49:df:d4:f7:f6:ca:e0:b6:ef:08:77:65:a1:68:
         c9:b4:74:99:93:a2:62:c3:5a:79:86:45:06:37:05:29:24:71:
         12:18:cc:9d:2c:11:1a:b1:6c:7a:1e:99:d4:7d:65:b9:05:51:
         c1:43:44:9c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUGxNfuyoQfEBt/E1RD1jN9tq8MmMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjMwOTIyMDAwMDAwWhcNMjMxMDI3MjM1OTU5
WjB6MUkwRwYDVQQFE0BhZGJhMDhmZTkwY2Y0NDQ0ZTNiYmE5ODJhNDRiNWZlNTM0
ZmUxOGI5NDhhOWE0Zjc4N2Q0ZDc5YzgwN2EyMTk0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC1SUoek30kkJt2G0T2+ELaXkKNaVz93f1x4PkNqtxduoEn
1h9VM50mTqyS9+SuSM/YI6G5olRyBmIUrCuJIRgiCV/aRbYiOuRjemJo7zp0w/3t
ioekvK0+E9us/0AvCxFaowsyTJ7yoTSfL9WSmmNmo2WS3YCjbK78zzUlrUTP/NCm
XHKfqayM0HtyZ6D0nU1mjoHiwRIVdwFUu9Pfj+UQX/m5/vRY6MI5hgqZAAuud6kB
4+UqEE5RIykD+6GCj+I503GI5Nd3SeamVgMfFKuqDYzFaxDsqqfwVuDJD6PeqGyq
hx8r/d3R1aRe+AOyCdjaFYNvCKuzNrC5Iygid9ZRAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUJZPQJ/xhZxyc7rGSrORfs9iKK2UwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzI4Y2Y0MTg5LTY0OGQtNDY3Yi05ZWYxLWI2ZTlmYTViYTNkZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABjTZ4wDQYJKoZIhvcNAQELBQADggEBAL3cuZQzFDNXOZwOR/VYMmscftsU
MWkehxq3PdbaxrpZen1kpLswYsaDBqA0GCtn33wPbGAhjgadscnSaqo6VXNI4Gmx
lHK8AW8KbS6kd8MYgqIqZ8tH8NVkhjN0eTPlrUzJMOuzFVZh8Cj+Z5LNWDRdi92o
ZuIyEgClXyPj7A66tlklQhjqx2/zuuj3/kjetzacxGgpNLMG6vvd6438R22FajIb
4QeSc+1jYepK3NJp48lhhTfx9CDou65AGzO6Prcf1PH/+r5RfIpJ39T39srgtu8I
d2WhaMm0dJmTomLDWnmGRQY3BSkkcRIYzJ0sERqxbHoemdR9ZbkFUcFDRJw=
-----END CERTIFICATE-----
Generated at Fri Sep 22 17:21:13 2023 by rpki-client on console-ams.rpki-client.org