Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3de3c612-36d7-4d0e-8a61-dc9891466376.roa
File:                     3de3c612-36d7-4d0e-8a61-dc9891466376.roa (raw, json)
Hash identifier:          vijBDnHJqpLgFd5sEptEPV4jLzKmu7jZg7GaIvojULA=
Subject key identifier:   D1:CF:8D:24:B8:04:36:8A:61:E5:20:57:A1:BF:AB:6B:0D:66:00:66
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       7913E5C2B9FE52D79AACF3E82F49D8A1A8522DDD
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3de3c612-36d7-4d0e-8a61-dc9891466376.roa
Signing time:             Sat 23 Sep 2023 00:00:00 +0000
ROA not before:           Sat 23 Sep 2023 00:00:00 +0000
ROA not after:            Sat 28 Oct 2023 23:59:59 +0000
asID:                     16509
IP address blocks:        63.246.113.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 24 Sep 2023 12:11:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            79:13:e5:c2:b9:fe:52:d7:9a:ac:f3:e8:2f:49:d8:a1:a8:52:2d:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Sep 23 00:00:00 2023 GMT
            Not After : Oct 28 23:59:59 2023 GMT
        Subject: serialNumber=bb3d4b0abccb7103fbe5ed40a92ff35c202f064b43d2a030df8a63b742b32aa4, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:43:66:bb:65:69:2a:4b:96:aa:3c:92:b2:85:
                    38:f7:b9:35:5f:3b:7b:ce:c0:73:4d:3d:27:e9:d4:
                    fb:9b:1c:b5:0f:eb:fb:78:1d:6c:4a:8e:66:c8:be:
                    44:80:2e:f2:05:5b:40:80:c9:d1:52:d7:ab:b4:9f:
                    47:92:40:de:cd:6c:f6:46:86:bb:24:19:be:b2:72:
                    7e:6c:16:f0:46:d1:63:a6:76:a2:5e:1a:cd:c2:1f:
                    14:b9:46:de:1b:33:4b:49:83:a2:89:89:34:43:77:
                    ed:d5:57:dd:96:f9:5a:d4:b0:04:30:df:10:a6:e0:
                    f0:91:b9:b1:4a:a6:30:83:2b:a4:fa:29:06:8d:ef:
                    4e:a6:00:03:3a:8e:d8:7e:98:d1:91:e1:0c:43:9b:
                    3c:d5:3b:c5:81:fd:fc:98:2f:86:af:d0:12:2f:87:
                    f3:22:05:8c:25:e1:b7:26:7f:ff:50:49:24:14:69:
                    9b:f2:bf:f6:65:aa:4f:e8:2d:70:7d:4e:e8:50:ec:
                    cb:06:f8:b9:63:39:f2:8d:43:9a:bb:c1:0a:c0:f2:
                    9e:3e:7d:c4:48:26:4c:0b:fd:1f:23:bd:06:dd:86:
                    cf:74:18:86:ba:ed:cb:42:06:c7:0f:8b:7e:a1:4d:
                    26:e2:72:08:be:83:04:94:8d:36:7a:ce:8d:29:e0:
                    da:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:CF:8D:24:B8:04:36:8A:61:E5:20:57:A1:BF:AB:6B:0D:66:00:66
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3de3c612-36d7-4d0e-8a61-dc9891466376.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  63.246.113.0/24

    Signature Algorithm: sha256WithRSAEncryption
         75:25:06:7d:d0:b7:cb:b9:4a:d0:15:76:dd:f5:54:3a:c5:28:
         6a:62:e1:bb:5e:1a:21:56:e3:21:0b:f6:29:35:80:0c:26:71:
         a7:1d:d9:3e:29:51:a6:f0:15:e5:7f:68:ed:cb:e1:55:03:b8:
         0c:77:c0:46:02:00:cf:d5:c9:a6:f5:74:41:92:1f:30:66:13:
         b7:92:7d:84:a7:41:6e:f1:1a:18:a8:5a:da:69:8e:26:e7:a2:
         04:6d:ef:fa:22:71:17:0e:40:da:4c:78:bd:bf:aa:c3:58:9b:
         0a:4f:62:72:ab:b6:d3:56:ab:9b:62:39:2e:3d:82:ce:54:1b:
         16:57:ae:dd:3e:d3:28:1f:70:50:a7:77:0c:e9:17:84:d6:a3:
         15:9e:e3:55:01:5c:a9:f1:8d:60:d2:01:d6:df:0f:15:39:07:
         e7:ea:b2:dc:e9:02:b7:aa:d6:85:a4:71:8c:38:bf:bf:2c:cd:
         1c:d4:ea:48:20:76:4c:50:0d:e0:5f:ba:3a:13:77:01:0a:05:
         db:6f:30:6e:07:e3:48:dd:ee:05:a9:e7:0c:0c:92:01:29:d7:
         59:67:34:29:76:a9:67:5d:9c:31:45:99:8c:6f:68:ad:25:73:
         5e:83:d9:b6:45:a8:af:c6:25:e1:ca:0b:18:17:35:4e:23:d1:
         89:a9:b3:8e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUeRPlwrn+UtearPPoL0nYoahSLd0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjMwOTIzMDAwMDAwWhcNMjMxMDI4MjM1OTU5
WjB6MUkwRwYDVQQFE0BiYjNkNGIwYWJjY2I3MTAzZmJlNWVkNDBhOTJmZjM1YzIw
MmYwNjRiNDNkMmEwMzBkZjhhNjNiNzQyYjMyYWE0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCrQ2a7ZWkqS5aqPJKyhTj3uTVfO3vOwHNNPSfp1PubHLUP
6/t4HWxKjmbIvkSALvIFW0CAydFS16u0n0eSQN7NbPZGhrskGb6ycn5sFvBG0WOm
dqJeGs3CHxS5Rt4bM0tJg6KJiTRDd+3VV92W+VrUsAQw3xCm4PCRubFKpjCDK6T6
KQaN706mAAM6jth+mNGR4QxDmzzVO8WB/fyYL4av0BIvh/MiBYwl4bcmf/9QSSQU
aZvyv/Zlqk/oLXB9TuhQ7MsG+LljOfKNQ5q7wQrA8p4+fcRIJkwL/R8jvQbdhs90
GIa67ctCBscPi36hTSbicgi+gwSUjTZ6zo0p4NqPAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU0c+NJLgENoph5SBXob+raw1mAGYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzNkZTNjNjEyLTM2ZDctNGQwZS04YTYxLWRjOTg5MTQ2NjM3Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAA/9nEwDQYJKoZIhvcNAQELBQADggEBAHUlBn3Qt8u5StAVdt31VDrFKGpi
4bteGiFW4yEL9ik1gAwmcacd2T4pUabwFeV/aO3L4VUDuAx3wEYCAM/Vyab1dEGS
HzBmE7eSfYSnQW7xGhioWtppjibnogRt7/oicRcOQNpMeL2/qsNYmwpPYnKrttNW
q5tiOS49gs5UGxZXrt0+0ygfcFCndwzpF4TWoxWe41UBXKnxjWDSAdbfDxU5B+fq
stzpAreq1oWkcYw4v78szRzU6kggdkxQDeBfujoTdwEKBdtvMG4H40jd7gWp5wwM
kgEp11lnNCl2qWddnDFFmYxvaK0lc16D2bZFqK/GJeHKCxgXNU4j0Ymps44=
-----END CERTIFICATE-----
Generated at Sat Sep 23 00:38:44 2023 by rpki-client on console-ams.rpki-client.org