Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2c50577a-0584-4873-b250-87c171b5c8e2.roa
File:                     2c50577a-0584-4873-b250-87c171b5c8e2.roa (raw, json)
Hash identifier:          uAZ/Dkex8LDk9lif0PwMtOT/v2LrI876QSJIHcoOvqQ=
Subject key identifier:   C0:2C:00:ED:25:9E:D1:E6:3D:80:6D:57:70:65:8F:6E:57:76:BE:CD
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       38D8F5307F176A4571592C429D403A51AF38CD64
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2c50577a-0584-4873-b250-87c171b5c8e2.roa
Signing time:             Tue 29 Aug 2023 00:00:00 +0000
ROA not before:           Tue 29 Aug 2023 00:00:00 +0000
ROA not after:            Tue 03 Oct 2023 23:59:59 +0000
asID:                     16509
IP address blocks:        99.77.131.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 30 Aug 2023 12:12:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            38:d8:f5:30:7f:17:6a:45:71:59:2c:42:9d:40:3a:51:af:38:cd:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug 29 00:00:00 2023 GMT
            Not After : Oct  3 23:59:59 2023 GMT
        Subject: serialNumber=453feda1ba03a29c6e22a6b66f3c5d99ef1f241d8a3fa7e881ebf8af45086196, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:0b:4e:b9:7c:ed:06:4f:6b:19:46:36:2c:b4:
                    fc:55:1d:94:98:ac:da:07:ae:91:29:1e:f9:69:a4:
                    3d:54:a6:1a:7d:b7:fe:43:a4:84:4e:af:c6:5c:27:
                    ca:a9:0e:67:5d:0c:84:0e:8f:0e:32:29:f5:b2:3a:
                    ca:f5:d0:f2:68:c7:b7:7e:a1:92:ad:78:2e:08:94:
                    71:b4:9a:49:f0:8f:b6:63:ce:9d:e6:73:ac:0d:a2:
                    9b:55:60:01:db:1c:ee:7a:d7:17:af:57:2a:86:51:
                    7d:a1:29:42:c7:52:2c:e4:ef:55:2b:c0:b0:07:e2:
                    65:dc:c4:72:14:9a:53:44:ea:e2:f5:5e:19:48:fb:
                    8b:a9:35:e6:50:41:1a:19:5b:d3:1b:6a:69:c2:27:
                    99:50:76:fb:81:aa:1c:93:17:b1:5a:ae:15:4e:c8:
                    6e:c2:3b:54:a0:1f:90:1d:99:62:99:d3:7f:32:bf:
                    98:9b:66:08:6d:0b:10:dc:10:ee:f6:d5:74:69:53:
                    68:d9:73:72:5a:13:3a:8c:d1:a5:76:3c:ae:2f:41:
                    83:5b:ca:5c:f8:e6:8c:5c:a4:39:4f:0b:4a:b8:f2:
                    34:52:7a:fd:90:80:80:45:5a:d6:49:22:8b:55:1c:
                    4b:39:4c:c3:51:50:a5:de:cb:7c:82:3c:b5:86:a3:
                    7b:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:2C:00:ED:25:9E:D1:E6:3D:80:6D:57:70:65:8F:6E:57:76:BE:CD
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2c50577a-0584-4873-b250-87c171b5c8e2.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.77.131.0/24

    Signature Algorithm: sha256WithRSAEncryption
         23:79:92:b6:1a:75:4e:d7:c1:5e:38:56:44:16:88:4d:c6:89:
         ce:df:6d:1e:50:9c:c6:10:38:a8:20:74:c8:cf:71:f0:91:d7:
         fd:a2:69:d7:90:de:5d:16:a4:02:64:86:f1:64:ea:cb:d4:d3:
         8d:ba:3e:61:40:eb:e9:7a:8f:65:6f:80:e5:07:48:3b:74:87:
         90:6e:3f:82:62:33:89:8e:c2:7b:31:31:e5:97:aa:ca:4c:6d:
         84:00:7d:76:a2:7d:e4:cd:07:5f:e6:4e:ec:a7:b6:11:db:f0:
         1a:a8:08:f5:64:13:ed:88:f3:f3:cb:bc:5d:39:37:35:9f:f9:
         a2:c5:c7:48:64:4d:8b:58:48:0a:61:14:ac:72:f1:ad:bf:76:
         4b:f2:e7:df:c6:ac:33:5d:86:84:ff:b3:11:d2:28:1c:ed:a1:
         05:e8:5b:cd:88:70:93:a1:9a:cf:3b:7c:b9:ba:1a:28:5b:1c:
         be:5a:0e:b7:5d:1c:a4:1f:81:9f:d7:f5:47:09:6b:8b:a1:22:
         48:c1:8e:c9:47:8a:d1:38:e0:d9:4f:f1:fe:8c:88:8f:7a:a4:
         6c:54:d0:85:c3:47:6f:bb:d4:ec:59:44:1a:fb:32:8d:1e:86:
         e8:09:76:f1:e0:f9:2d:ef:ad:1c:ee:e5:2e:13:7e:15:84:76:
         8d:ba:27:8f
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUONj1MH8XakVxWSxCnUA6Ua84zWQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjMwODI5MDAwMDAwWhcNMjMxMDAzMjM1OTU5
WjB6MUkwRwYDVQQFE0A0NTNmZWRhMWJhMDNhMjljNmUyMmE2YjY2ZjNjNWQ5OWVm
MWYyNDFkOGEzZmE3ZTg4MWViZjhhZjQ1MDg2MTk2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCMC065fO0GT2sZRjYstPxVHZSYrNoHrpEpHvlppD1Uphp9
t/5DpIROr8ZcJ8qpDmddDIQOjw4yKfWyOsr10PJox7d+oZKteC4IlHG0mknwj7Zj
zp3mc6wNoptVYAHbHO561xevVyqGUX2hKULHUizk71UrwLAH4mXcxHIUmlNE6uL1
XhlI+4upNeZQQRoZW9MbamnCJ5lQdvuBqhyTF7FarhVOyG7CO1SgH5AdmWKZ038y
v5ibZghtCxDcEO721XRpU2jZc3JaEzqM0aV2PK4vQYNbylz45oxcpDlPC0q48jRS
ev2QgIBFWtZJIotVHEs5TMNRUKXey3yCPLWGo3tpAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUwCwA7SWe0eY9gG1XcGWPbld2vs0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzJjNTA1NzdhLTA1ODQtNDg3My1iMjUwLTg3YzE3MWI1YzhlMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABjTYMwDQYJKoZIhvcNAQELBQADggEBACN5krYadU7XwV44VkQWiE3Gic7f
bR5QnMYQOKggdMjPcfCR1/2iadeQ3l0WpAJkhvFk6svU0426PmFA6+l6j2VvgOUH
SDt0h5BuP4JiM4mOwnsxMeWXqspMbYQAfXaifeTNB1/mTuynthHb8BqoCPVkE+2I
8/PLvF05NzWf+aLFx0hkTYtYSAphFKxy8a2/dkvy59/GrDNdhoT/sxHSKBztoQXo
W82IcJOhms87fLm6GihbHL5aDrddHKQfgZ/X9UcJa4uhIkjBjslHitE44NlP8f6M
iI96pGxU0IXDR2+71OxZRBr7Mo0ehugJdvHg+S3vrRzu5S4TfhWEdo26J48=
-----END CERTIFICATE-----
Generated at Tue Aug 29 00:34:11 2023 by rpki-client on console-fra.rpki-client.org