Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5a474b2e-a6fd-4298-b5df-ff9caa26f91c.roa
File:                     5a474b2e-a6fd-4298-b5df-ff9caa26f91c.roa (raw, json)
Hash identifier:          5NTMiLovg+qcclVX5Yj00HPwWlXx6wG496Ga94d3uGk=
Subject key identifier:   13:59:D3:6F:6C:58:79:99:B4:88:21:0B:BB:D4:51:78:11:25:E6:08
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       21C9E45E3C96E4386D8E3D196402F65F987702F4
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5a474b2e-a6fd-4298-b5df-ff9caa26f91c.roa
Signing time:             Fri 22 Sep 2023 00:00:00 +0000
ROA not before:           Fri 22 Sep 2023 00:00:00 +0000
ROA not after:            Fri 27 Oct 2023 23:59:59 +0000
asID:                     16509
IP address blocks:        56.52.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 24 Sep 2023 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            21:c9:e4:5e:3c:96:e4:38:6d:8e:3d:19:64:02:f6:5f:98:77:02:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Sep 22 00:00:00 2023 GMT
            Not After : Oct 27 23:59:59 2023 GMT
        Subject: serialNumber=25bbb79c6c5935798ad3db7fd73e679ef5b18f57775ad1be424d1c204a4e44ba, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:95:1e:bb:49:f8:cd:15:20:e0:d8:41:4d:a8:
                    84:7a:fa:9f:2c:58:f8:97:75:dd:31:95:33:60:1f:
                    07:c4:33:c1:13:13:94:ce:5f:45:97:31:03:88:52:
                    fb:70:7f:53:1e:8a:9d:7f:c6:f8:fa:48:e5:3d:5e:
                    28:9a:92:b4:15:d3:c4:eb:a6:a2:27:84:02:b5:e3:
                    1d:b5:c9:e7:80:82:9c:83:60:f6:a7:e3:24:b1:52:
                    37:3e:58:ca:f2:b0:ed:75:c3:63:bf:77:20:9b:79:
                    69:d2:6e:c9:62:c5:a1:52:7e:0c:66:2d:01:1c:de:
                    6a:05:36:a5:02:f5:b1:e0:34:99:8f:c9:07:c4:45:
                    a3:03:0f:58:1c:10:cc:d6:c6:ba:d8:b7:eb:f5:45:
                    c4:05:83:7c:21:45:6e:63:8e:a5:9b:da:fd:7a:61:
                    99:8d:39:7c:62:cf:d4:4b:0e:01:8c:91:99:54:4c:
                    cb:a8:d5:ee:69:79:75:6d:09:4d:d4:68:b7:2a:ce:
                    3a:a8:eb:94:bf:c0:79:23:1f:a4:17:23:d6:fc:9c:
                    dd:04:1d:cb:bc:36:b1:b7:9a:90:43:bf:b6:23:43:
                    c6:70:89:3c:71:4e:38:8c:31:98:47:6b:be:cf:de:
                    8a:36:6b:8a:f5:8e:61:8b:8a:06:f2:ff:0d:ae:dc:
                    e5:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:59:D3:6F:6C:58:79:99:B4:88:21:0B:BB:D4:51:78:11:25:E6:08
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5a474b2e-a6fd-4298-b5df-ff9caa26f91c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.52.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         b9:35:5b:15:50:17:69:5f:97:c9:ab:9c:d2:56:b8:23:17:9e:
         d3:09:d6:c4:9b:f4:eb:3b:85:4a:ac:4b:6b:de:58:74:cf:bb:
         d3:73:2c:27:dd:2c:e2:34:2f:3a:01:5a:11:42:c6:96:d9:35:
         fe:d2:b8:ba:24:8e:49:bd:1c:7c:04:71:f8:fd:74:ec:34:e9:
         21:00:cd:d7:23:60:a0:fb:36:8a:e1:28:f8:5e:8e:41:76:84:
         e4:20:5c:bb:74:ce:0c:4f:df:89:ad:ff:4b:0f:93:e6:43:50:
         73:4a:fe:7c:01:b3:0c:8b:ce:bf:fc:8c:67:80:bf:b1:99:b7:
         68:97:b2:8c:68:89:13:e3:5f:8a:1b:d8:a6:d9:95:a5:87:5c:
         d3:5d:d6:db:75:3a:39:83:22:6a:12:cd:e2:46:52:df:be:ca:
         18:24:2e:2f:d6:ba:3f:e5:81:f2:9f:94:97:1e:02:27:7a:e9:
         af:b8:43:70:a4:f7:ab:a7:95:96:f3:d6:55:e4:d6:d1:51:13:
         94:83:a6:64:85:6b:b9:f3:93:28:8d:b1:fe:91:b7:8a:68:1d:
         09:ed:e8:a7:11:72:d6:c4:67:87:de:d0:ea:25:f8:3d:93:6c:
         5a:c2:11:f2:36:7e:8b:42:0d:41:c4:0d:ee:5b:3a:d4:0d:be:
         20:2d:6c:9b
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUIcnkXjyW5Dhtjj0ZZAL2X5h3AvQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjMwOTIyMDAwMDAwWhcNMjMxMDI3MjM1OTU5
WjB6MUkwRwYDVQQFE0AyNWJiYjc5YzZjNTkzNTc5OGFkM2RiN2ZkNzNlNjc5ZWY1
YjE4ZjU3Nzc1YWQxYmU0MjRkMWMyMDRhNGU0NGJhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCqlR67SfjNFSDg2EFNqIR6+p8sWPiXdd0xlTNgHwfEM8ET
E5TOX0WXMQOIUvtwf1Meip1/xvj6SOU9XiiakrQV08TrpqInhAK14x21yeeAgpyD
YPan4ySxUjc+WMrysO11w2O/dyCbeWnSbslixaFSfgxmLQEc3moFNqUC9bHgNJmP
yQfERaMDD1gcEMzWxrrYt+v1RcQFg3whRW5jjqWb2v16YZmNOXxiz9RLDgGMkZlU
TMuo1e5peXVtCU3UaLcqzjqo65S/wHkjH6QXI9b8nN0EHcu8NrG3mpBDv7YjQ8Zw
iTxxTjiMMZhHa77P3oo2a4r1jmGLigby/w2u3OXFAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUE1nTb2xYeZm0iCELu9RReBEl5ggwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzVhNDc0YjJlLWE2ZmQtNDI5OC1iNWRmLWZmOWNhYTI2ZjkxYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4NDANBgkqhkiG9w0BAQsFAAOCAQEAuTVbFVAXaV+Xyauc0la4Ixee0wnW
xJv06zuFSqxLa95YdM+703MsJ90s4jQvOgFaEULGltk1/tK4uiSOSb0cfARx+P10
7DTpIQDN1yNgoPs2iuEo+F6OQXaE5CBcu3TODE/fia3/Sw+T5kNQc0r+fAGzDIvO
v/yMZ4C/sZm3aJeyjGiJE+NfihvYptmVpYdc013W23U6OYMiahLN4kZS377KGCQu
L9a6P+WB8p+Ulx4CJ3rpr7hDcKT3q6eVlvPWVeTW0VETlIOmZIVrufOTKI2x/pG3
imgdCe3opxFy1sRnh97Q6iX4PZNsWsIR8jZ+i0INQcQN7ls61A2+IC1smw==
-----END CERTIFICATE-----
Generated at Fri Sep 22 17:51:33 2023 by rpki-client on console-ams.rpki-client.org