Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/511398d8-4b16-401f-b4eb-862b98bc0a55.roa
File:                     511398d8-4b16-401f-b4eb-862b98bc0a55.roa (raw, json)
Hash identifier:          pWAN0HSUchKxqhmMaieLd5rI9ZoI9uiZxUxoN2msvsw=
Subject key identifier:   A3:0F:0F:C2:D2:71:F4:5C:A7:DB:F1:B4:3D:3C:B1:7D:79:5B:96:E0
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       14A3E7AC0E55EF3D0CC96953A4C099EB97408AF3
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/511398d8-4b16-401f-b4eb-862b98bc0a55.roa
Signing time:             Mon 07 Oct 2024 00:00:00 +0000
ROA not before:           Mon 07 Oct 2024 00:00:00 +0000
ROA not after:            Mon 11 Nov 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        16.58.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 11 Oct 2024 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            14:a3:e7:ac:0e:55:ef:3d:0c:c9:69:53:a4:c0:99:eb:97:40:8a:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  7 00:00:00 2024 GMT
            Not After : Nov 11 23:59:59 2024 GMT
        Subject: serialNumber=bf27b3d90af94f3ff6205f81d5296fda8a3ff35386688b09699250d609dbdf2d, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:50:a1:3b:61:bb:03:2d:8f:24:22:84:87:df:
                    fa:fc:24:da:b3:8b:ea:9a:89:b9:48:73:08:3b:60:
                    8f:24:04:bc:bb:8f:c1:04:96:f5:5d:4d:2f:e1:69:
                    0e:fd:6b:c5:ba:85:ab:11:c6:a8:83:f3:ee:af:3b:
                    93:5d:8e:4e:90:17:b3:d5:f0:ce:b5:ae:bf:4b:fe:
                    40:2b:87:90:2a:34:15:17:76:67:20:a8:f2:b3:06:
                    7d:5e:ac:2c:7d:d1:b7:0e:87:36:0a:e9:42:c9:90:
                    6d:ae:52:57:2a:f3:89:74:78:ef:f8:fb:14:0f:53:
                    40:78:6f:f2:fe:44:ba:f1:98:c5:4a:6e:7b:88:1b:
                    6d:44:9a:a1:c5:90:73:87:b4:eb:ea:a9:b5:66:d2:
                    df:21:32:e3:15:93:79:67:a2:fa:05:05:f7:62:ec:
                    d2:43:22:d1:fa:d3:8b:bf:bf:61:7c:6b:de:f3:ba:
                    42:ad:3b:10:38:ac:f6:4a:3c:fd:64:2c:9f:35:f3:
                    c2:98:ff:b9:f8:a9:e8:eb:4e:52:e7:82:ad:ca:67:
                    01:34:7c:6a:0e:02:e8:51:b5:94:ba:86:56:a9:09:
                    64:36:17:20:68:7e:d1:f6:f8:10:a9:3a:00:aa:c9:
                    dd:5b:75:2f:b2:3d:a4:47:69:a0:ea:ba:80:29:f9:
                    92:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:0F:0F:C2:D2:71:F4:5C:A7:DB:F1:B4:3D:3C:B1:7D:79:5B:96:E0
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/511398d8-4b16-401f-b4eb-862b98bc0a55.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.58.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         43:7e:34:3d:3d:09:4c:75:60:1a:8d:16:1e:1d:b7:87:ec:fc:
         95:8c:7c:c7:e0:ed:73:b4:32:bd:8f:d5:92:a5:2e:ec:c5:66:
         f1:41:c5:d2:f2:07:d5:8a:8d:06:7a:d2:11:31:9d:b5:6d:b6:
         48:4d:8a:0c:e6:a3:5f:f7:ae:cf:3f:e5:09:58:b0:e3:2f:ae:
         5b:c7:22:d7:b5:87:71:26:76:d4:f7:66:9f:68:f2:13:22:0c:
         46:d8:52:e0:c3:14:71:0b:bc:dc:ef:c5:70:cb:de:40:c3:8b:
         fb:fd:26:12:de:12:a0:f7:3d:84:b8:52:43:7e:1c:f4:55:43:
         72:67:7f:ea:48:a2:6c:a7:95:c1:00:97:e3:25:9b:9d:8f:11:
         3a:18:7b:90:cc:41:ce:cb:cc:3e:4e:47:04:7b:0c:8b:b0:13:
         3c:ce:a0:07:cd:21:bd:2c:2a:f1:20:a2:4a:5b:5a:70:fb:ea:
         f8:fa:82:26:0c:b3:19:b8:da:90:d9:1d:ac:f5:ef:e0:a8:53:
         da:b9:0c:42:02:ec:f6:af:15:22:58:0c:55:c0:52:5e:8d:b8:
         61:b3:b4:d0:b2:af:4f:eb:53:df:ce:e5:36:4d:2b:f7:9f:17:
         dd:d4:6d:b4:e2:68:95:1a:99:c0:c2:7a:fb:f8:91:ae:16:bc:
         83:c6:af:c2
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUFKPnrA5V7z0MyWlTpMCZ65dAivMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQxMDA3MDAwMDAwWhcNMjQxMTExMjM1OTU5
WjB6MUkwRwYDVQQFE0BiZjI3YjNkOTBhZjk0ZjNmZjYyMDVmODFkNTI5NmZkYThh
M2ZmMzUzODY2ODhiMDk2OTkyNTBkNjA5ZGJkZjJkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCGUKE7YbsDLY8kIoSH3/r8JNqzi+qaiblIcwg7YI8kBLy7
j8EElvVdTS/haQ79a8W6hasRxqiD8+6vO5Ndjk6QF7PV8M61rr9L/kArh5AqNBUX
dmcgqPKzBn1erCx90bcOhzYK6ULJkG2uUlcq84l0eO/4+xQPU0B4b/L+RLrxmMVK
bnuIG21EmqHFkHOHtOvqqbVm0t8hMuMVk3lnovoFBfdi7NJDItH604u/v2F8a97z
ukKtOxA4rPZKPP1kLJ8188KY/7n4qejrTlLngq3KZwE0fGoOAuhRtZS6hlapCWQ2
FyBoftH2+BCpOgCqyd1bdS+yPaRHaaDquoAp+ZK1AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUow8PwtJx9Fyn2/G0PTyxfXlbluAwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzUxMTM5OGQ4LTRiMTYtNDAxZi1iNGViLTg2MmI5OGJjMGE1NS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQOjANBgkqhkiG9w0BAQsFAAOCAQEAQ340PT0JTHVgGo0WHh23h+z8lYx8
x+Dtc7QyvY/VkqUu7MVm8UHF0vIH1YqNBnrSETGdtW22SE2KDOajX/euzz/lCViw
4y+uW8ci17WHcSZ21Pdmn2jyEyIMRthS4MMUcQu83O/FcMveQMOL+/0mEt4SoPc9
hLhSQ34c9FVDcmd/6kiibKeVwQCX4yWbnY8ROhh7kMxBzsvMPk5HBHsMi7ATPM6g
B80hvSwq8SCiSltacPvq+PqCJgyzGbjakNkdrPXv4KhT2rkMQgLs9q8VIlgMVcBS
Xo24YbO00LKvT+tT387lNk0r958X3dRttOJolRqZwMJ6+/iRrha8g8avwg==
-----END CERTIFICATE-----
Generated at Wed Oct 9 21:04:07 2024 by rpki-client on console-ams.rpki-client.org