Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/376cea87-1261-43b0-8bdc-603805220984.roa
File:                     376cea87-1261-43b0-8bdc-603805220984.roa (raw, json)
Hash identifier:          E3/PMqzoCOTz/aotiWKjnJ221mm7bYnorBvhzo3mJqk=
Subject key identifier:   58:07:9E:A2:EE:83:73:06:BE:62:EC:C3:34:0F:BE:0D:70:9A:A1:E4
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       609C7E2F4B8A2C9CD5D4E8F410C8B2BA9059563C
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/376cea87-1261-43b0-8bdc-603805220984.roa
Signing time:             Fri 22 Sep 2023 00:00:00 +0000
ROA not before:           Fri 22 Sep 2023 00:00:00 +0000
ROA not after:            Fri 27 Oct 2023 23:59:59 +0000
asID:                     16509
IP address blocks:        166.117.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 24 Sep 2023 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            60:9c:7e:2f:4b:8a:2c:9c:d5:d4:e8:f4:10:c8:b2:ba:90:59:56:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Sep 22 00:00:00 2023 GMT
            Not After : Oct 27 23:59:59 2023 GMT
        Subject: serialNumber=a99d760f72fd182979fba35e124dafd99928493f6d4fd92a44be05bd5dadb5d9, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:c3:5a:db:2c:a6:1d:51:44:40:13:4f:5d:04:
                    b3:19:3c:73:f5:2a:68:36:e0:6d:9f:b3:09:ec:b4:
                    9c:d1:a1:7f:ec:2c:d7:e0:7f:c3:38:89:ab:29:13:
                    f4:23:7c:33:51:96:99:49:2d:c9:3b:7c:38:84:e8:
                    e3:71:0c:0c:6e:47:4e:65:ec:19:45:56:65:84:fa:
                    e4:a3:bd:44:95:9f:57:10:0f:50:ae:8b:bf:4b:e0:
                    72:1e:20:b0:d4:52:80:e3:b1:73:79:0c:26:7e:ab:
                    a7:4a:49:b6:bd:9e:d7:94:3e:73:f3:dd:98:7a:a1:
                    b7:cc:dd:16:73:fd:89:07:d6:dd:68:c2:56:63:73:
                    6f:7b:8a:2c:88:01:51:3d:ab:62:63:57:2d:9b:3f:
                    6a:c0:bb:0c:05:78:8a:dd:d1:3a:3f:02:54:fb:1f:
                    9e:7f:81:c6:18:94:8e:ac:d1:a3:c0:07:98:64:a9:
                    9a:27:6c:cc:d4:2d:fe:1f:e6:62:e2:a0:4d:74:af:
                    dd:de:6f:cc:16:11:9a:3a:bb:d2:f7:02:63:1f:ca:
                    8d:48:df:62:0f:d3:4f:4b:44:a6:00:b7:03:bc:22:
                    af:ea:f6:eb:df:57:7a:20:5a:ee:58:f0:d7:a5:b9:
                    05:50:d9:0f:4c:dc:4a:8e:eb:aa:f8:d4:af:3b:74:
                    ad:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:07:9E:A2:EE:83:73:06:BE:62:EC:C3:34:0F:BE:0D:70:9A:A1:E4
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/376cea87-1261-43b0-8bdc-603805220984.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  166.117.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         c9:4c:e2:03:58:53:dc:5c:56:73:77:65:29:22:4a:72:98:a5:
         25:d7:77:45:f8:2c:8e:76:e4:fb:a2:15:37:42:54:4a:0c:2e:
         ef:44:01:c3:ee:30:55:ab:f5:53:0b:5a:97:12:4f:64:6c:63:
         90:6b:bd:fc:92:b6:a4:02:b7:b7:bc:d1:65:54:9f:60:45:be:
         56:e0:0c:8a:b1:aa:67:c2:c3:e8:79:4a:81:b0:6a:e7:a5:c3:
         4f:0a:50:6a:d3:b7:e4:a8:b9:a6:e2:fd:54:c4:f2:82:27:51:
         42:1a:4e:45:07:5d:0f:09:e6:8d:35:7c:a5:4c:c6:46:d6:46:
         86:69:9e:fa:64:90:3b:3f:e4:31:24:5b:7f:44:e4:c1:d0:03:
         fd:e5:82:42:ab:90:e8:a3:ba:16:5a:50:82:b4:d1:c1:3e:2f:
         24:b5:8a:bc:c5:7a:fd:4d:a7:b2:01:24:95:3e:52:c3:73:63:
         70:d3:d5:a5:71:f6:cd:e4:ad:5f:f3:01:87:3a:60:07:f0:68:
         97:aa:ef:c4:ab:96:cc:e7:e9:c5:54:40:1f:20:55:9a:bc:bc:
         e4:20:6a:4e:a7:74:92:db:69:b4:f9:12:e6:23:c9:ed:58:57:
         94:d8:96:33:92:95:da:d6:c5:21:a7:3e:b4:99:05:55:cc:69:
         6a:c0:c8:fe
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUYJx+L0uKLJzV1Oj0EMiyupBZVjwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjMwOTIyMDAwMDAwWhcNMjMxMDI3MjM1OTU5
WjB6MUkwRwYDVQQFE0BhOTlkNzYwZjcyZmQxODI5NzlmYmEzNWUxMjRkYWZkOTk5
Mjg0OTNmNmQ0ZmQ5MmE0NGJlMDViZDVkYWRiNWQ5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDHw1rbLKYdUURAE09dBLMZPHP1Kmg24G2fswnstJzRoX/s
LNfgf8M4iaspE/QjfDNRlplJLck7fDiE6ONxDAxuR05l7BlFVmWE+uSjvUSVn1cQ
D1Cui79L4HIeILDUUoDjsXN5DCZ+q6dKSba9nteUPnPz3Zh6obfM3RZz/YkH1t1o
wlZjc297iiyIAVE9q2JjVy2bP2rAuwwFeIrd0To/AlT7H55/gcYYlI6s0aPAB5hk
qZonbMzULf4f5mLioE10r93eb8wWEZo6u9L3AmMfyo1I32IP009LRKYAtwO8Iq/q
9uvfV3ogWu5Y8NeluQVQ2Q9M3EqO66r41K87dK0jAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUWAeeou6Dcwa+YuzDNA++DXCaoeQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzM3NmNlYTg3LTEyNjEtNDNiMC04YmRjLTYwMzgwNTIyMDk4NC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCmdTANBgkqhkiG9w0BAQsFAAOCAQEAyUziA1hT3FxWc3dlKSJKcpilJdd3
Rfgsjnbk+6IVN0JUSgwu70QBw+4wVav1UwtalxJPZGxjkGu9/JK2pAK3t7zRZVSf
YEW+VuAMirGqZ8LD6HlKgbBq56XDTwpQatO35Ki5puL9VMTygidRQhpORQddDwnm
jTV8pUzGRtZGhmme+mSQOz/kMSRbf0TkwdAD/eWCQquQ6KO6FlpQgrTRwT4vJLWK
vMV6/U2nsgEklT5Sw3NjcNPVpXH2zeStX/MBhzpgB/Bol6rvxKuWzOfpxVRAHyBV
mry85CBqTqd0kttptPkS5iPJ7VhXlNiWM5KV2tbFIac+tJkFVcxpasDI/g==
-----END CERTIFICATE-----
Generated at Fri Sep 22 17:25:45 2023 by rpki-client on console-fra.rpki-client.org