Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5752ffaa-9565-4fe4-90d6-617594e92fe1.roa
File:                     5752ffaa-9565-4fe4-90d6-617594e92fe1.roa (raw, json)
Hash identifier:          /UVeVTAYxO3vSe0n53jrRr5xEyYvPIr72O26tXD2oSs=
Subject key identifier:   31:36:31:0B:E1:5A:DA:9C:A6:A4:CA:E0:B1:DE:58:82:2D:94:16:72
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       719CD876C0C7C0F19028E4539821447F2BA67DA2
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5752ffaa-9565-4fe4-90d6-617594e92fe1.roa
Signing time:             Sat 23 Sep 2023 00:00:00 +0000
ROA not before:           Sat 23 Sep 2023 00:00:00 +0000
ROA not after:            Sat 28 Oct 2023 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1ff8:c000::/40 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 24 Sep 2023 12:08:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            71:9c:d8:76:c0:c7:c0:f1:90:28:e4:53:98:21:44:7f:2b:a6:7d:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Sep 23 00:00:00 2023 GMT
            Not After : Oct 28 23:59:59 2023 GMT
        Subject: serialNumber=9514105b1d34f6c993e58a9d43a0d2080e47aca3a22beb833a02234810a6983b, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:12:8f:87:46:1c:7c:46:9b:73:ad:06:8f:3e:
                    62:1c:d0:d4:d5:09:af:3c:ea:a8:bc:e1:bb:89:df:
                    9b:26:b8:80:d4:48:a7:b3:a0:03:8d:81:f7:a5:21:
                    60:3d:b8:60:5c:fc:c2:f0:12:3c:26:ab:9a:d4:bd:
                    14:6a:5a:b6:fa:2b:64:73:af:dd:17:e5:a4:21:84:
                    80:16:0a:d7:8e:de:c7:c1:11:c4:ba:19:7c:83:50:
                    19:cd:df:1c:d5:92:d8:e2:96:80:34:b1:e2:e6:f7:
                    84:7f:d4:74:3f:d0:f8:6d:64:94:95:33:2b:c9:1c:
                    bf:cb:47:60:de:4c:bb:7d:7f:68:b0:cc:2e:d1:ea:
                    60:db:2b:c8:e4:0e:a4:f0:90:9d:4e:ef:ec:4f:ea:
                    32:fb:2c:53:fb:8f:21:2d:3d:ef:01:88:f4:3c:28:
                    af:3c:7e:82:ff:77:e9:d5:41:21:fb:77:4a:cb:5b:
                    0f:e8:10:d9:52:a2:d5:3d:ff:cb:12:1f:8d:aa:e2:
                    3b:c9:6e:2d:6d:b3:3b:f9:83:d1:3f:66:83:97:cd:
                    c3:6d:12:3d:88:bf:c5:1e:d7:96:5b:48:87:f4:02:
                    7c:2b:21:49:cf:bb:c7:0f:d4:5d:cf:a8:96:6d:2e:
                    5b:bd:78:fc:d9:ed:83:0d:7d:79:00:ff:ba:20:80:
                    c0:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:36:31:0B:E1:5A:DA:9C:A6:A4:CA:E0:B1:DE:58:82:2D:94:16:72
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5752ffaa-9565-4fe4-90d6-617594e92fe1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1ff8:c000::/40

    Signature Algorithm: sha256WithRSAEncryption
         c8:33:bf:97:dc:d8:53:f5:ed:ac:1c:5b:75:09:26:6b:05:4d:
         6e:ca:be:22:2f:1e:99:a4:9a:79:f9:e1:68:c9:1b:40:c4:af:
         08:73:bb:18:d5:52:a8:7b:e1:ac:90:da:7a:a0:4f:2c:c3:eb:
         bd:67:f6:19:4e:af:e2:12:a1:10:43:29:40:ac:9b:4d:d7:d1:
         b6:53:f2:a9:ee:c9:3a:c9:ea:4c:33:a0:52:d4:47:23:aa:60:
         b2:13:1c:5b:57:e5:b8:5b:b7:10:55:92:de:68:39:2d:75:f7:
         77:b3:c1:56:dc:17:79:3a:6f:b0:c0:3d:f2:04:7b:5e:e2:1d:
         c8:13:86:72:12:b1:3c:53:60:bf:57:ed:11:8c:96:c0:6c:5c:
         48:6d:5d:2f:d2:c1:8b:53:da:35:26:b4:f1:75:0b:e5:53:11:
         d5:c4:c4:19:7b:16:ef:eb:5d:e0:39:fc:ac:eb:42:70:1f:02:
         79:af:bc:72:33:ba:95:90:09:c2:1e:09:ac:1c:b9:84:cf:f9:
         03:b4:fb:8b:31:1b:fe:1c:4e:67:47:76:f1:69:e7:3f:f3:f8:
         58:a4:91:f5:cf:d4:de:b4:77:f4:63:f6:e3:3f:3f:70:3b:2b:
         14:3d:95:fc:1e:94:bf:18:87:16:c7:eb:9c:f5:d9:67:33:81:
         45:2f:b0:cd
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUcZzYdsDHwPGQKORTmCFEfyumfaIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjMwOTIzMDAwMDAwWhcNMjMxMDI4MjM1OTU5
WjB6MUkwRwYDVQQFE0A5NTE0MTA1YjFkMzRmNmM5OTNlNThhOWQ0M2EwZDIwODBl
NDdhY2EzYTIyYmViODMzYTAyMjM0ODEwYTY5ODNiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCgEo+HRhx8RptzrQaPPmIc0NTVCa886qi84buJ35smuIDU
SKezoAONgfelIWA9uGBc/MLwEjwmq5rUvRRqWrb6K2Rzr90X5aQhhIAWCteO3sfB
EcS6GXyDUBnN3xzVktjiloA0seLm94R/1HQ/0PhtZJSVMyvJHL/LR2DeTLt9f2iw
zC7R6mDbK8jkDqTwkJ1O7+xP6jL7LFP7jyEtPe8BiPQ8KK88foL/d+nVQSH7d0rL
Ww/oENlSotU9/8sSH42q4jvJbi1tszv5g9E/ZoOXzcNtEj2Iv8Ue15ZbSIf0Anwr
IUnPu8cP1F3PqJZtLlu9ePzZ7YMNfXkA/7oggMA/AgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUMTYxC+Fa2pympMrgsd5Ygi2UFnIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzU3NTJmZmFhLTk1NjUtNGZlNC05MGQ2LTYxNzU5NGU5MmZlMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB/4wDANBgkqhkiG9w0BAQsFAAOCAQEAyDO/l9zYU/XtrBxbdQkmawVN
bsq+Ii8emaSaefnhaMkbQMSvCHO7GNVSqHvhrJDaeqBPLMPrvWf2GU6v4hKhEEMp
QKybTdfRtlPyqe7JOsnqTDOgUtRHI6pgshMcW1fluFu3EFWS3mg5LXX3d7PBVtwX
eTpvsMA98gR7XuIdyBOGchKxPFNgv1ftEYyWwGxcSG1dL9LBi1PaNSa08XUL5VMR
1cTEGXsW7+td4Dn8rOtCcB8Cea+8cjO6lZAJwh4JrBy5hM/5A7T7izEb/hxOZ0d2
8WnnP/P4WKSR9c/U3rR39GP24z8/cDsrFD2V/B6UvxiHFsfrnPXZZzOBRS+wzQ==
-----END CERTIFICATE-----
Generated at Sat Sep 23 00:18:53 2023 by rpki-client on console-fra.rpki-client.org