Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3cf5f416-8b16-485d-b4ee-307762770eef.roa
File:                     3cf5f416-8b16-485d-b4ee-307762770eef.roa (raw, json)
Hash identifier:          iyYgOFRgypBgNQey28lDdmAETfMWLghD5Fvv6xceQh0=
Subject key identifier:   3A:B1:D0:89:73:48:F1:40:D4:25:0F:F5:23:72:56:F7:1A:FD:AE:5F
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       6E5EEC8901C8465843901FA8E0D53827EA568E3F
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3cf5f416-8b16-485d-b4ee-307762770eef.roa
Signing time:             Fri 22 Sep 2023 00:00:00 +0000
ROA not before:           Fri 22 Sep 2023 00:00:00 +0000
ROA not after:            Fri 27 Oct 2023 23:59:59 +0000
asID:                     16509
IP address blocks:        99.156.192.0/18 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 24 Sep 2023 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6e:5e:ec:89:01:c8:46:58:43:90:1f:a8:e0:d5:38:27:ea:56:8e:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Sep 22 00:00:00 2023 GMT
            Not After : Oct 27 23:59:59 2023 GMT
        Subject: serialNumber=ebada6fc3836228aba23f07f835830ddda3d6fe14ce309e876c7ae17b9d8f08e, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:43:4a:71:d9:88:b5:5e:91:f0:dc:00:3b:03:
                    c9:4a:ea:9a:a4:83:09:5f:51:c5:3a:f1:ef:48:24:
                    a0:96:ed:df:a3:e5:f1:75:c9:e0:9d:87:d9:22:34:
                    dc:33:a8:34:ec:db:9f:8d:ff:67:87:f8:c6:94:d8:
                    a0:8b:91:8a:ce:9e:4b:a3:b8:12:be:5a:b1:a9:2b:
                    61:a2:ae:fe:fb:f7:1f:ef:d1:21:7f:97:e8:2c:6f:
                    23:86:c9:19:6f:91:61:1d:d3:40:97:19:5f:27:c7:
                    6d:6b:e8:da:6e:41:ed:30:ae:de:f0:82:34:c8:85:
                    24:a3:8c:64:b2:d3:a4:e8:5f:5a:20:f7:46:99:60:
                    2e:16:9e:95:f8:69:e2:fe:34:50:96:25:0c:40:54:
                    1d:e9:2b:f6:a1:75:1a:63:3a:e9:37:83:87:82:08:
                    ce:7e:c6:ce:4c:a6:97:ef:74:94:f7:8c:5a:7a:7c:
                    36:15:5f:5e:f3:44:92:2e:74:21:a1:b5:7e:67:ef:
                    1e:fa:e7:fd:08:fe:b2:b0:90:75:17:92:57:35:04:
                    0f:82:6c:84:3b:8b:0f:b7:52:ee:ac:d6:61:65:79:
                    80:8e:2b:15:e5:34:c8:c2:fa:7a:09:b5:aa:43:13:
                    ff:9d:b3:51:e2:4d:c4:e7:83:5a:ef:ca:1f:35:c9:
                    cc:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:B1:D0:89:73:48:F1:40:D4:25:0F:F5:23:72:56:F7:1A:FD:AE:5F
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3cf5f416-8b16-485d-b4ee-307762770eef.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.156.192.0/18

    Signature Algorithm: sha256WithRSAEncryption
         2a:f4:2d:ec:7e:38:0b:72:32:99:d5:f4:4b:c9:f6:66:9d:de:
         00:a0:7b:67:d2:10:dd:8d:36:de:c0:7a:41:84:fc:ff:bf:1d:
         c7:91:03:6f:da:f2:4e:a0:b6:7b:a8:f7:84:d5:f1:a8:88:8b:
         4f:b1:39:15:b7:9e:c3:80:5e:8e:59:cd:b1:09:73:b4:9e:a4:
         a6:7e:4b:30:59:8a:94:34:c2:cd:09:51:f1:ee:34:e2:11:8f:
         0a:8d:b5:11:5d:5d:98:04:84:94:ae:9f:df:b2:78:bf:5e:f5:
         91:ce:cb:c9:e4:88:bc:13:8d:ee:f7:5b:89:fc:6c:a9:2b:8a:
         49:d7:97:6c:27:ef:41:ea:81:d7:a3:69:f9:b9:aa:ba:e0:40:
         b5:aa:6d:53:03:9c:63:1c:83:b8:46:98:47:6e:10:1c:3f:be:
         64:48:10:e9:f8:65:2a:0b:23:1c:e1:3a:be:08:c4:45:88:e6:
         a1:f4:07:58:08:cc:fc:a8:26:cc:7b:b3:cc:d6:32:34:90:bd:
         34:aa:b2:31:08:8a:2a:f5:3a:1e:fa:71:67:2d:dd:4d:45:aa:
         9f:4d:44:46:2d:cd:a7:f0:8d:70:39:29:41:c2:1e:37:cf:8d:
         f3:48:a1:67:72:8c:e7:9e:fd:b0:13:91:78:d6:06:27:5c:67:
         51:a7:1f:12
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUbl7siQHIRlhDkB+o4NU4J+pWjj8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjMwOTIyMDAwMDAwWhcNMjMxMDI3MjM1OTU5
WjB6MUkwRwYDVQQFE0BlYmFkYTZmYzM4MzYyMjhhYmEyM2YwN2Y4MzU4MzBkZGRh
M2Q2ZmUxNGNlMzA5ZTg3NmM3YWUxN2I5ZDhmMDhlMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCjQ0px2Yi1XpHw3AA7A8lK6pqkgwlfUcU68e9IJKCW7d+j
5fF1yeCdh9kiNNwzqDTs25+N/2eH+MaU2KCLkYrOnkujuBK+WrGpK2Girv779x/v
0SF/l+gsbyOGyRlvkWEd00CXGV8nx21r6NpuQe0wrt7wgjTIhSSjjGSy06ToX1og
90aZYC4WnpX4aeL+NFCWJQxAVB3pK/ahdRpjOuk3g4eCCM5+xs5MppfvdJT3jFp6
fDYVX17zRJIudCGhtX5n7x765/0I/rKwkHUXklc1BA+CbIQ7iw+3Uu6s1mFleYCO
KxXlNMjC+noJtapDE/+ds1HiTcTng1rvyh81ycx1AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUOrHQiXNI8UDUJQ/1I3JW9xr9rl8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzNjZjVmNDE2LThiMTYtNDg1ZC1iNGVlLTMwNzc2Mjc3MGVlZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAZjnMAwDQYJKoZIhvcNAQELBQADggEBACr0Lex+OAtyMpnV9EvJ9mad3gCg
e2fSEN2NNt7AekGE/P+/HceRA2/a8k6gtnuo94TV8aiIi0+xORW3nsOAXo5ZzbEJ
c7SepKZ+SzBZipQ0ws0JUfHuNOIRjwqNtRFdXZgEhJSun9+yeL9e9ZHOy8nkiLwT
je73W4n8bKkriknXl2wn70Hqgdejafm5qrrgQLWqbVMDnGMcg7hGmEduEBw/vmRI
EOn4ZSoLIxzhOr4IxEWI5qH0B1gIzPyoJsx7s8zWMjSQvTSqsjEIiir1Oh76cWct
3U1Fqp9NREYtzafwjXA5KUHCHjfPjfNIoWdyjOee/bATkXjWBidcZ1GnHxI=
-----END CERTIFICATE-----
Generated at Fri Sep 22 18:47:35 2023 by rpki-client on console-fra.rpki-client.org