Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/511398d8-4b16-401f-b4eb-862b98bc0a55.roa
File:                     511398d8-4b16-401f-b4eb-862b98bc0a55.roa (raw, json)
Hash identifier:          9cQMGojdhOMw46MaoyIxvvBc+dUVd8ip0SiSmubQ9oQ=
Subject key identifier:   75:3A:2C:1E:A2:D3:50:3D:61:7D:5D:B9:B0:76:12:F7:BA:83:C3:78
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0B836034DC741337F670B913BC169D43DA3F8195
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/511398d8-4b16-401f-b4eb-862b98bc0a55.roa
Signing time:             Mon 28 Aug 2023 00:00:00 +0000
ROA not before:           Mon 28 Aug 2023 00:00:00 +0000
ROA not after:            Mon 02 Oct 2023 23:59:59 +0000
asID:                     16509
IP address blocks:        16.58.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 30 Aug 2023 04:06:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0b:83:60:34:dc:74:13:37:f6:70:b9:13:bc:16:9d:43:da:3f:81:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug 28 00:00:00 2023 GMT
            Not After : Oct  2 23:59:59 2023 GMT
        Subject: serialNumber=bef50a8346d14ee6a224864219bd28b0c5564509cb2d2b6623f616020e1f00ed, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:54:6d:72:ea:6b:07:eb:46:f0:43:9f:78:0f:
                    60:a2:1f:b3:05:6e:b6:b9:ce:46:3c:16:b7:e7:8b:
                    43:d1:fd:de:0b:7d:a1:68:46:d4:b4:af:28:ad:56:
                    b3:96:4a:e7:23:16:89:69:b6:85:26:39:2e:b9:b9:
                    1f:f0:66:27:70:fd:c4:8a:72:58:ca:8a:28:80:1e:
                    b5:af:b6:32:89:a9:61:52:18:87:5b:c2:2d:62:49:
                    2e:84:b9:71:c4:6d:1e:2c:f2:65:98:98:f4:89:7a:
                    42:74:39:1e:52:c2:d4:8a:39:10:58:c0:e0:f6:8f:
                    24:3e:a7:4b:d9:11:b4:1b:25:62:12:56:82:29:d9:
                    ca:4c:69:f2:f5:1e:51:70:f7:2d:c1:15:ca:cb:c3:
                    7f:22:d0:30:28:76:93:59:96:91:4e:ce:4f:b0:99:
                    74:8e:e9:06:6d:86:2e:c5:e6:b8:e2:2a:22:fb:cd:
                    53:00:05:10:93:96:5b:f5:f8:e7:27:e2:ef:0f:02:
                    81:b7:05:ce:6d:7e:23:81:a1:61:01:bf:ba:f2:ba:
                    bf:5f:7e:6b:5d:f2:3b:97:44:08:24:5a:7f:2d:f3:
                    53:45:ac:63:7b:9b:1e:ff:20:f6:b7:9c:63:cf:42:
                    93:f8:70:f2:12:88:34:bf:5a:bd:46:f2:71:f7:f9:
                    a4:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:3A:2C:1E:A2:D3:50:3D:61:7D:5D:B9:B0:76:12:F7:BA:83:C3:78
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/511398d8-4b16-401f-b4eb-862b98bc0a55.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.58.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         ac:f4:1f:03:d4:ab:d4:c6:f7:07:c3:49:25:df:52:d2:80:d1:
         09:23:c1:db:22:01:45:da:f0:ce:6d:0e:7c:17:d9:19:de:f4:
         ef:f5:07:bb:d5:d9:b9:ff:aa:03:b9:40:5a:bc:33:fc:e2:a7:
         56:c9:96:6e:ff:bd:c8:92:50:42:62:bd:90:f7:4d:bb:07:39:
         69:70:f0:76:07:2c:db:66:8c:ba:b4:88:b6:5b:35:f1:f8:4b:
         21:25:90:08:a2:a0:59:71:ae:78:fa:65:d5:29:1e:27:08:5a:
         ae:e7:c3:fb:00:75:6a:61:28:11:e5:20:3c:2e:b4:73:55:25:
         53:92:e2:5e:a6:a6:a2:71:d5:c5:3d:7e:7f:82:63:f4:ef:17:
         36:bf:1f:9a:de:92:a7:41:94:ce:06:fc:57:32:1b:ea:92:37:
         1c:2e:70:a0:09:63:3a:22:d9:e3:fa:3b:5e:51:a2:e2:be:78:
         86:bd:23:35:52:b2:8f:34:53:7a:61:a4:56:80:56:67:e7:b2:
         44:20:1d:63:5d:52:d8:3f:31:2d:02:c7:c8:b2:e9:1d:e2:2d:
         5a:ed:79:97:fe:68:36:c2:b6:60:da:58:03:44:8a:3a:85:00:
         02:23:40:67:da:b7:dd:30:6f:bf:b3:10:9a:20:f5:3a:c4:df:
         5a:e5:e1:7a
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUC4NgNNx0Ezf2cLkTvBadQ9o/gZUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjMwODI4MDAwMDAwWhcNMjMxMDAyMjM1OTU5
WjB6MUkwRwYDVQQFE0BiZWY1MGE4MzQ2ZDE0ZWU2YTIyNDg2NDIxOWJkMjhiMGM1
NTY0NTA5Y2IyZDJiNjYyM2Y2MTYwMjBlMWYwMGVkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC1VG1y6msH60bwQ594D2CiH7MFbra5zkY8Frfni0PR/d4L
faFoRtS0ryitVrOWSucjFolptoUmOS65uR/wZidw/cSKcljKiiiAHrWvtjKJqWFS
GIdbwi1iSS6EuXHEbR4s8mWYmPSJekJ0OR5SwtSKORBYwOD2jyQ+p0vZEbQbJWIS
VoIp2cpMafL1HlFw9y3BFcrLw38i0DAodpNZlpFOzk+wmXSO6QZthi7F5rjiKiL7
zVMABRCTllv1+Ocn4u8PAoG3Bc5tfiOBoWEBv7ryur9ffmtd8juXRAgkWn8t81NF
rGN7mx7/IPa3nGPPQpP4cPISiDS/Wr1G8nH3+aQFAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUdTosHqLTUD1hfV25sHYS97qDw3gwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzUxMTM5OGQ4LTRiMTYtNDAxZi1iNGViLTg2MmI5OGJjMGE1NS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQOjANBgkqhkiG9w0BAQsFAAOCAQEArPQfA9Sr1Mb3B8NJJd9S0oDRCSPB
2yIBRdrwzm0OfBfZGd707/UHu9XZuf+qA7lAWrwz/OKnVsmWbv+9yJJQQmK9kPdN
uwc5aXDwdgcs22aMurSItls18fhLISWQCKKgWXGuePpl1SkeJwharufD+wB1amEo
EeUgPC60c1UlU5LiXqamonHVxT1+f4Jj9O8XNr8fmt6Sp0GUzgb8VzIb6pI3HC5w
oAljOiLZ4/o7XlGi4r54hr0jNVKyjzRTemGkVoBWZ+eyRCAdY11S2D8xLQLHyLLp
HeItWu15l/5oNsK2YNpYA0SKOoUAAiNAZ9q33TBvv7MQmiD1OsTfWuXheg==
-----END CERTIFICATE-----
Generated at Mon Aug 28 16:19:11 2023 by rpki-client on console-ams.rpki-client.org