Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4e498b2c-1869-4d49-be54-f35a871a8566.roa
File:                     4e498b2c-1869-4d49-be54-f35a871a8566.roa (raw, json)
Hash identifier:          HJoKvxFEDcggcZK9+TJJPi6kZ4bp7LTU0R8TQAizJQY=
Subject key identifier:   3A:89:2E:C8:A5:E0:63:F8:F6:AB:30:7C:60:D1:63:E2:F6:19:D9:93
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       5597B04C56CE8CAF778D190D54151DD4A5657C60
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4e498b2c-1869-4d49-be54-f35a871a8566.roa
Signing time:             Mon 28 Aug 2023 00:00:00 +0000
ROA not before:           Mon 28 Aug 2023 00:00:00 +0000
ROA not after:            Mon 02 Oct 2023 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1ff2:6000::/40 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 30 Aug 2023 10:14:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            55:97:b0:4c:56:ce:8c:af:77:8d:19:0d:54:15:1d:d4:a5:65:7c:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug 28 00:00:00 2023 GMT
            Not After : Oct  2 23:59:59 2023 GMT
        Subject: serialNumber=e7fbc5497945a726d8e92e5ef62ef056749f4a4e4d262b45084ad1315284c841, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:a0:65:79:b8:58:e8:10:47:90:f5:ff:db:ed:
                    9f:e9:57:7b:45:35:5a:0b:73:cb:ef:3b:5a:74:10:
                    ce:14:77:c6:5b:d4:ce:76:7d:d4:b1:4f:da:ef:35:
                    93:25:b5:57:10:19:00:fb:0c:74:30:dc:be:86:e2:
                    f6:f7:36:fd:8e:a5:f0:84:6f:52:47:ba:27:a7:8f:
                    69:99:1f:9c:87:a6:c5:79:f5:cb:ea:7a:d5:ca:d1:
                    5c:68:ea:43:4e:5b:7c:45:62:9e:38:ff:9e:25:a2:
                    50:c3:57:5c:83:09:96:ff:54:a7:ef:97:6e:91:6f:
                    49:9b:85:f1:09:7f:8e:ab:81:a6:26:fb:14:fe:ab:
                    11:e0:28:bc:56:bf:83:8a:6a:44:ad:bd:6b:69:d7:
                    14:e0:28:e6:3c:1b:56:97:f7:7d:e6:d5:7b:15:99:
                    73:fe:87:4c:ed:7f:8c:0f:32:85:b7:83:2c:1f:31:
                    b5:45:65:5d:20:78:cb:6d:90:a7:8e:2c:bc:fd:18:
                    7a:bf:da:49:ea:73:64:57:e3:66:49:d2:8d:91:48:
                    4c:45:89:d7:88:b5:94:fc:b4:4b:45:dc:09:aa:f9:
                    bc:4f:dc:dd:88:a2:20:f7:1a:f0:1f:0c:be:86:1b:
                    7a:a5:fa:17:92:12:9c:81:a0:23:c2:0f:94:72:38:
                    93:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:89:2E:C8:A5:E0:63:F8:F6:AB:30:7C:60:D1:63:E2:F6:19:D9:93
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4e498b2c-1869-4d49-be54-f35a871a8566.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1ff2:6000::/40

    Signature Algorithm: sha256WithRSAEncryption
         a7:8c:69:4d:a8:74:20:80:2c:ba:5e:90:af:99:ac:95:33:5c:
         1e:11:6d:dc:97:17:90:f9:ec:76:55:1f:52:8a:35:f5:ce:6e:
         2f:74:b7:e5:ba:62:ad:f6:d5:ca:b6:ae:55:94:13:27:77:fa:
         26:1f:96:5d:33:4d:d1:4a:c3:12:0d:78:b1:de:37:5c:e0:5a:
         10:1d:e3:5b:a7:05:52:87:11:f7:31:3f:9e:4e:bc:ee:dd:45:
         2c:1c:e3:07:22:0a:21:ed:8a:e6:08:b1:50:0a:d0:ce:d8:b5:
         2f:ce:7d:d2:00:60:d4:bd:37:70:a5:eb:ea:78:d2:dc:c3:90:
         15:da:4d:76:39:8d:83:89:a1:33:b7:7a:ae:af:60:77:ab:59:
         61:1e:a8:ba:d0:ff:c5:72:7c:1e:af:64:57:83:95:c0:c5:7d:
         f6:28:bd:45:85:87:3f:18:4f:c1:c0:4d:ef:f3:b0:18:fe:6e:
         92:f6:65:5b:93:45:ef:35:61:c3:8e:11:02:b2:9a:10:d4:26:
         a6:d2:7b:20:45:fb:7b:f3:71:be:20:6c:32:28:e3:c0:ed:cb:
         4d:df:83:b9:85:50:41:4a:01:31:c2:29:6c:b7:13:82:2c:d3:
         21:11:1f:34:ca:e0:3b:71:99:12:d1:e3:82:ea:b5:6e:2b:7b:
         db:78:96:db
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUVZewTFbOjK93jRkNVBUd1KVlfGAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjMwODI4MDAwMDAwWhcNMjMxMDAyMjM1OTU5
WjB6MUkwRwYDVQQFE0BlN2ZiYzU0OTc5NDVhNzI2ZDhlOTJlNWVmNjJlZjA1Njc0
OWY0YTRlNGQyNjJiNDUwODRhZDEzMTUyODRjODQxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCfoGV5uFjoEEeQ9f/b7Z/pV3tFNVoLc8vvO1p0EM4Ud8Zb
1M52fdSxT9rvNZMltVcQGQD7DHQw3L6G4vb3Nv2OpfCEb1JHuienj2mZH5yHpsV5
9cvqetXK0Vxo6kNOW3xFYp44/54lolDDV1yDCZb/VKfvl26Rb0mbhfEJf46rgaYm
+xT+qxHgKLxWv4OKakStvWtp1xTgKOY8G1aX933m1XsVmXP+h0ztf4wPMoW3gywf
MbVFZV0geMttkKeOLLz9GHq/2knqc2RX42ZJ0o2RSExFideItZT8tEtF3Amq+bxP
3N2IoiD3GvAfDL6GG3ql+heSEpyBoCPCD5RyOJPlAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUOokuyKXgY/j2qzB8YNFj4vYZ2ZMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzRlNDk4YjJjLTE4NjktNGQ0OS1iZTU0LWYzNWE4NzFhODU2Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB/yYDANBgkqhkiG9w0BAQsFAAOCAQEAp4xpTah0IIAsul6Qr5mslTNc
HhFt3JcXkPnsdlUfUoo19c5uL3S35bpirfbVyrauVZQTJ3f6Jh+WXTNN0UrDEg14
sd43XOBaEB3jW6cFUocR9zE/nk687t1FLBzjByIKIe2K5gixUArQzti1L8590gBg
1L03cKXr6njS3MOQFdpNdjmNg4mhM7d6rq9gd6tZYR6outD/xXJ8Hq9kV4OVwMV9
9ii9RYWHPxhPwcBN7/OwGP5ukvZlW5NF7zVhw44RArKaENQmptJ7IEX7e/NxviBs
MijjwO3LTd+DuYVQQUoBMcIpbLcTgizTIREfNMrgO3GZEtHjguq1bit723iW2w==
-----END CERTIFICATE-----
Generated at Mon Aug 28 22:45:20 2023 by rpki-client on console-ams.rpki-client.org