Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/51da4dbc-78d8-46ad-8bd3-69eddb3a96eb.roa
File:                     51da4dbc-78d8-46ad-8bd3-69eddb3a96eb.roa (raw, json)
Hash identifier:          XXc/IhPDxuXX40og/S/cVng9XaC300T0nXVi9hiCPvc=
Subject key identifier:   09:BF:3A:BC:05:EE:E3:12:2B:29:E3:1F:B6:7B:5E:77:B7:8B:0A:72
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       4E3A74B34CF2FA89672E05CC86A4AA2A5CE51D97
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/51da4dbc-78d8-46ad-8bd3-69eddb3a96eb.roa
Signing time:             Mon 28 Aug 2023 00:00:00 +0000
ROA not before:           Mon 28 Aug 2023 00:00:00 +0000
ROA not after:            Mon 02 Oct 2023 23:59:59 +0000
asID:                     16509
IP address blocks:        99.77.248.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 30 Aug 2023 10:14:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4e:3a:74:b3:4c:f2:fa:89:67:2e:05:cc:86:a4:aa:2a:5c:e5:1d:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug 28 00:00:00 2023 GMT
            Not After : Oct  2 23:59:59 2023 GMT
        Subject: serialNumber=bf07dc1a2ebd07a89e281e892a0e7b01f8331f9c19880a7e96a3336df7b0c91b, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:e2:e7:47:3e:7c:9c:02:7f:fd:15:bd:c2:b5:
                    8b:ea:1e:4f:29:58:d2:dc:0c:02:85:12:c0:ef:ed:
                    36:92:3f:bf:58:33:fa:ce:26:37:67:33:55:65:76:
                    55:06:85:c2:94:4b:aa:7f:62:09:c2:69:ef:d0:10:
                    b3:bd:f4:7a:cd:70:5c:f9:21:46:f6:0f:ba:db:11:
                    18:5a:47:b0:75:87:83:6b:4f:b0:45:fb:0f:85:f3:
                    7d:b0:78:3a:d1:88:2f:53:8c:5e:93:2d:bb:2d:9a:
                    51:c1:f5:07:32:4b:85:fa:6a:86:ca:f8:50:76:bf:
                    62:6c:99:2e:c8:26:b8:aa:ff:cc:05:1e:b3:9d:03:
                    55:c0:c8:c7:2d:d6:47:09:9d:3d:f6:64:e3:e0:c5:
                    de:e9:75:30:3f:96:f3:cd:2c:80:cc:bd:a8:b6:eb:
                    65:cc:eb:c9:8a:a0:ef:43:9d:ad:71:41:c3:3a:cf:
                    89:97:28:48:57:27:f0:5c:49:b3:f5:fb:b5:f3:7a:
                    d0:7a:7e:59:e1:9d:5d:6e:8e:5f:2b:e7:cd:31:e6:
                    78:90:cd:07:fa:9d:cf:4a:5c:1e:83:d4:b1:81:1a:
                    92:df:c8:8b:21:58:dc:85:ff:2e:4a:78:3e:99:0f:
                    18:d6:e6:59:2d:2c:fd:c6:72:72:2f:7a:c7:74:ac:
                    22:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:BF:3A:BC:05:EE:E3:12:2B:29:E3:1F:B6:7B:5E:77:B7:8B:0A:72
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/51da4dbc-78d8-46ad-8bd3-69eddb3a96eb.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.77.248.0/24

    Signature Algorithm: sha256WithRSAEncryption
         23:7f:fc:a9:de:47:2a:8a:5d:4e:bf:84:72:10:d4:d3:63:62:
         fe:cd:b5:0f:30:41:88:9f:00:eb:4a:24:40:c0:ed:f0:bc:05:
         ba:81:f4:87:71:b0:72:b2:f6:62:68:73:1c:e2:4a:4d:8d:8a:
         ff:ff:08:20:16:11:81:fd:73:e6:36:56:61:b7:b8:92:ba:8d:
         48:63:0f:eb:58:2e:23:95:83:cb:7e:6a:80:87:7b:e7:6f:17:
         61:0d:af:e5:dc:66:3f:bd:44:2a:23:b2:31:2d:93:5c:cd:b2:
         29:d7:e5:7c:43:de:00:2f:5b:74:38:90:73:91:dc:be:4c:e0:
         38:d7:b2:09:cc:a6:61:df:9a:4d:50:c6:36:9a:8e:10:b1:1e:
         f6:6c:b1:2d:b9:a2:ca:51:d0:3f:3f:e0:d5:6f:d6:40:fa:09:
         46:01:12:85:f2:3e:d8:41:d0:52:85:9f:55:ba:63:3e:2d:8c:
         f4:93:f8:c6:0d:d3:5c:85:7b:79:38:f9:b6:4d:c6:02:dd:ce:
         52:02:3c:6a:20:88:f6:7b:d2:c6:9f:28:7b:96:3e:f2:03:7d:
         8f:a1:14:ab:63:1b:20:cc:c2:15:fe:81:28:a3:a5:e5:eb:47:
         72:2f:81:03:d8:84:6b:86:f9:20:4f:9e:35:5f:07:6c:07:d0:
         0f:c7:f3:1c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUTjp0s0zy+olnLgXMhqSqKlzlHZcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjMwODI4MDAwMDAwWhcNMjMxMDAyMjM1OTU5
WjB6MUkwRwYDVQQFE0BiZjA3ZGMxYTJlYmQwN2E4OWUyODFlODkyYTBlN2IwMWY4
MzMxZjljMTk4ODBhN2U5NmEzMzM2ZGY3YjBjOTFiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCr4udHPnycAn/9Fb3CtYvqHk8pWNLcDAKFEsDv7TaSP79Y
M/rOJjdnM1VldlUGhcKUS6p/YgnCae/QELO99HrNcFz5IUb2D7rbERhaR7B1h4Nr
T7BF+w+F832weDrRiC9TjF6TLbstmlHB9QcyS4X6aobK+FB2v2JsmS7IJriq/8wF
HrOdA1XAyMct1kcJnT32ZOPgxd7pdTA/lvPNLIDMvai262XM68mKoO9Dna1xQcM6
z4mXKEhXJ/BcSbP1+7XzetB6flnhnV1ujl8r580x5niQzQf6nc9KXB6D1LGBGpLf
yIshWNyF/y5KeD6ZDxjW5lktLP3GcnIvesd0rCLtAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUCb86vAXu4xIrKeMftnted7eLCnIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzUxZGE0ZGJjLTc4ZDgtNDZhZC04YmQzLTY5ZWRkYjNhOTZlYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABjTfgwDQYJKoZIhvcNAQELBQADggEBACN//KneRyqKXU6/hHIQ1NNjYv7N
tQ8wQYifAOtKJEDA7fC8BbqB9IdxsHKy9mJocxziSk2Niv//CCAWEYH9c+Y2VmG3
uJK6jUhjD+tYLiOVg8t+aoCHe+dvF2ENr+XcZj+9RCojsjEtk1zNsinX5XxD3gAv
W3Q4kHOR3L5M4DjXsgnMpmHfmk1QxjaajhCxHvZssS25ospR0D8/4NVv1kD6CUYB
EoXyPthB0FKFn1W6Yz4tjPST+MYN01yFe3k4+bZNxgLdzlICPGogiPZ70safKHuW
PvIDfY+hFKtjGyDMwhX+gSijpeXrR3IvgQPYhGuG+SBPnjVfB2wH0A/H8xw=
-----END CERTIFICATE-----
Generated at Mon Aug 28 22:45:20 2023 by rpki-client on console-ams.rpki-client.org