Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/35b59133-4d27-4b21-82bd-b29aea871580.roa
File:                     35b59133-4d27-4b21-82bd-b29aea871580.roa (raw, json)
Hash identifier:          uOuVViq/G3guThvVJcFRf58BwanQwiqyCMpnWWzkMQM=
Subject key identifier:   DA:4C:AC:98:00:56:98:07:15:63:DF:48:DD:65:3C:49:0B:F6:3C:11
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       66A85CAC2CFAD282EDD20124215B0DCAEAAFAA4A
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/35b59133-4d27-4b21-82bd-b29aea871580.roa
Signing time:             Fri 22 Sep 2023 00:00:00 +0000
ROA not before:           Fri 22 Sep 2023 00:00:00 +0000
ROA not after:            Fri 27 Oct 2023 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f60:6000::/40 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 24 Sep 2023 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            66:a8:5c:ac:2c:fa:d2:82:ed:d2:01:24:21:5b:0d:ca:ea:af:aa:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Sep 22 00:00:00 2023 GMT
            Not After : Oct 27 23:59:59 2023 GMT
        Subject: serialNumber=0c7aab0ee3708f21dabe1eebe9f8c29df0b66eb4a89a871cea4873e5762520eb, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:55:e5:45:d3:49:33:94:57:5c:b0:4f:1a:06:
                    cb:a7:06:60:66:e2:61:96:c7:5d:35:c5:94:b9:33:
                    b0:0c:68:a1:94:e6:b0:55:29:14:62:be:c6:47:0b:
                    11:39:5f:7a:b5:df:b9:e0:1d:2b:c9:5c:3b:69:90:
                    f5:31:37:66:43:18:d2:6d:28:86:ac:ca:d6:d5:2f:
                    00:04:ef:92:ce:98:96:45:3b:ca:e5:59:60:bd:9e:
                    31:c2:95:05:31:03:25:b1:19:21:a7:0f:3f:10:61:
                    47:99:de:3d:e7:e0:2d:13:05:ac:8a:7e:22:a2:8c:
                    26:6c:a4:ec:c8:80:df:ba:1a:dc:80:49:80:90:92:
                    cc:f8:c8:7e:8f:0f:dc:38:ef:39:ed:84:d0:66:1f:
                    f4:88:fc:a6:fd:0e:fa:17:a2:d9:3f:82:d0:c8:52:
                    4f:68:a3:98:07:0c:59:86:bb:b1:1e:0d:af:b6:1c:
                    37:28:78:2a:6f:90:65:db:cf:a6:24:f5:28:31:44:
                    e9:01:a0:27:96:6f:77:5a:30:08:46:b2:08:d8:10:
                    5b:85:b2:88:a3:45:d8:09:dd:0d:d8:65:b4:a3:67:
                    06:82:e6:96:f1:55:17:d5:9b:8b:ca:56:b0:71:0d:
                    b7:8c:de:0a:99:07:46:79:8b:32:c7:2f:7e:6e:2b:
                    bf:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:4C:AC:98:00:56:98:07:15:63:DF:48:DD:65:3C:49:0B:F6:3C:11
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/35b59133-4d27-4b21-82bd-b29aea871580.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f60:6000::/40

    Signature Algorithm: sha256WithRSAEncryption
         8d:a3:e8:50:eb:a6:16:5d:8b:2e:4f:c8:40:a1:e5:d8:a6:68:
         ee:30:82:bf:bd:6e:71:42:6c:83:23:82:7b:9b:e1:34:e6:a4:
         a3:ff:f4:aa:20:3b:07:16:7d:23:0d:8b:23:76:2f:ca:e4:1e:
         1f:64:c3:29:49:3d:80:0d:bf:95:c3:7a:b8:85:86:8d:c2:8b:
         a2:04:00:6a:87:ec:7e:66:fc:3e:08:56:de:07:9f:37:af:c1:
         c0:90:dc:df:31:8a:83:d0:d7:88:1f:44:07:aa:0e:ca:07:01:
         92:13:1c:68:ca:8f:e7:c2:62:74:ac:79:46:78:a6:15:e2:92:
         01:aa:0b:22:93:3f:eb:47:32:6b:e0:f3:8c:e6:9d:8d:cd:a4:
         f4:8d:5b:dd:a1:b6:11:52:99:4d:92:49:90:d0:b1:35:dd:e5:
         5c:42:d7:21:52:d1:83:bd:78:de:99:1e:ee:b3:15:97:1f:79:
         61:ca:33:ca:2f:c3:68:59:80:0e:e9:a8:f7:de:ee:aa:69:c0:
         f5:e9:62:80:f3:f6:bf:a4:85:56:ba:8d:62:3c:d9:e4:05:b6:
         67:94:34:4c:8c:d5:50:2b:02:05:d6:8b:92:99:86:da:d5:51:
         ca:bd:e0:a7:ea:ea:a7:17:9a:9e:3f:c6:1d:99:5d:37:c3:64:
         52:8f:64:86
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUZqhcrCz60oLt0gEkIVsNyuqvqkowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjMwOTIyMDAwMDAwWhcNMjMxMDI3MjM1OTU5
WjB6MUkwRwYDVQQFE0AwYzdhYWIwZWUzNzA4ZjIxZGFiZTFlZWJlOWY4YzI5ZGYw
YjY2ZWI0YTg5YTg3MWNlYTQ4NzNlNTc2MjUyMGViMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCqVeVF00kzlFdcsE8aBsunBmBm4mGWx101xZS5M7AMaKGU
5rBVKRRivsZHCxE5X3q137ngHSvJXDtpkPUxN2ZDGNJtKIasytbVLwAE75LOmJZF
O8rlWWC9njHClQUxAyWxGSGnDz8QYUeZ3j3n4C0TBayKfiKijCZspOzIgN+6GtyA
SYCQksz4yH6PD9w47znthNBmH/SI/Kb9DvoXotk/gtDIUk9oo5gHDFmGu7EeDa+2
HDcoeCpvkGXbz6Yk9SgxROkBoCeWb3daMAhGsgjYEFuFsoijRdgJ3Q3YZbSjZwaC
5pbxVRfVm4vKVrBxDbeM3gqZB0Z5izLHL35uK783AgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQU2kysmABWmAcVY99I3WU8SQv2PBEwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzM1YjU5MTMzLTRkMjctNGIyMS04MmJkLWIyOWFlYTg3MTU4MC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB9gYDANBgkqhkiG9w0BAQsFAAOCAQEAjaPoUOumFl2LLk/IQKHl2KZo
7jCCv71ucUJsgyOCe5vhNOako//0qiA7BxZ9Iw2LI3YvyuQeH2TDKUk9gA2/lcN6
uIWGjcKLogQAaofsfmb8PghW3gefN6/BwJDc3zGKg9DXiB9EB6oOygcBkhMcaMqP
58JidKx5RnimFeKSAaoLIpM/60cya+DzjOadjc2k9I1b3aG2EVKZTZJJkNCxNd3l
XELXIVLRg7143pke7rMVlx95Ycozyi/DaFmADumo997uqmnA9eligPP2v6SFVrqN
YjzZ5AW2Z5Q0TIzVUCsCBdaLkpmG2tVRyr3gp+rqpxeanj/GHZldN8NkUo9khg==
-----END CERTIFICATE-----
Generated at Fri Sep 22 18:20:52 2023 by rpki-client on console-fra.rpki-client.org