Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/60fa1316-489c-4c2e-9ecb-e5a60a70777e.roa
File:                     60fa1316-489c-4c2e-9ecb-e5a60a70777e.roa (raw, json)
Hash identifier:          Qa+jEpj+HIUcJcpmY9Xr0fWq6lwd4G36OKq/dhTJSpU=
Subject key identifier:   E2:AB:E8:6B:FE:23:33:EF:54:EB:48:38:31:C6:70:7C:1B:53:2C:67
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       5CCD9DB9C6D398037B86FE6DE18EED58337E75C8
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/60fa1316-489c-4c2e-9ecb-e5a60a70777e.roa
Signing time:             Mon 28 Aug 2023 00:00:00 +0000
ROA not before:           Mon 28 Aug 2023 00:00:00 +0000
ROA not after:            Mon 02 Oct 2023 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1ffd:80a7::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 30 Aug 2023 11:16:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5c:cd:9d:b9:c6:d3:98:03:7b:86:fe:6d:e1:8e:ed:58:33:7e:75:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug 28 00:00:00 2023 GMT
            Not After : Oct  2 23:59:59 2023 GMT
        Subject: serialNumber=9ad7c0f3f78f2129a25c754cb8e7ab4996bf9c9a1f3448bac6f05f4205c909b7, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:91:ec:17:d3:8b:3b:c8:c6:28:e4:a3:c0:4e:
                    a6:fe:43:4d:47:1c:e8:55:47:cd:be:f1:14:a1:45:
                    16:5d:a7:2c:75:b3:8c:48:fc:5e:85:95:69:9b:5f:
                    31:3a:48:0c:4e:04:57:b3:c6:bd:dd:00:ec:4c:89:
                    e3:c6:d0:d3:8b:a6:3e:13:e8:d0:00:c1:c9:88:c7:
                    88:28:6c:98:f3:3b:09:ff:35:ed:06:10:c8:e7:d7:
                    8d:55:ba:a5:e5:fd:ea:c8:98:d1:d8:1a:9a:47:81:
                    ef:9b:54:7e:72:06:5d:27:4e:2d:8b:f3:52:85:46:
                    cb:ce:20:15:0d:b2:0e:65:9e:e1:e6:27:08:54:8a:
                    6c:32:89:53:d4:00:e7:b0:bc:8a:d3:cb:e1:04:1a:
                    cc:a0:39:fd:88:77:9b:23:f8:04:42:01:5a:83:97:
                    c9:bb:61:8f:14:35:61:e2:ce:3e:ae:eb:0a:d5:9b:
                    18:5b:dc:5f:fc:1c:5c:40:8d:18:35:70:b6:c1:8f:
                    fd:23:cd:0b:b3:79:da:35:52:35:65:1d:89:c9:ca:
                    98:27:43:8f:53:9c:b5:ed:ab:8c:d3:73:4d:84:37:
                    7b:77:a7:ef:6f:74:b0:11:9d:6b:4f:01:1e:c1:81:
                    78:20:ff:0d:89:b8:ac:ea:7e:8d:6d:a4:b1:98:7b:
                    25:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:AB:E8:6B:FE:23:33:EF:54:EB:48:38:31:C6:70:7C:1B:53:2C:67
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/60fa1316-489c-4c2e-9ecb-e5a60a70777e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1ffd:80a7::/48

    Signature Algorithm: sha256WithRSAEncryption
         d8:a8:1d:7f:74:23:70:af:13:55:c7:97:2c:38:ec:6b:0c:91:
         5d:09:21:fa:2a:b4:80:39:5d:50:9d:b4:0f:36:83:8e:3d:2d:
         5e:a0:a6:b6:bd:49:c7:82:3d:b8:cc:da:46:d7:28:34:43:2c:
         da:2b:a0:1d:1d:dc:63:c8:69:d7:ab:93:3e:5a:98:85:67:5d:
         ba:9c:af:98:3f:3a:89:a2:df:19:02:5d:d8:70:53:0d:13:c8:
         3a:e8:d3:c3:f0:10:64:13:dc:60:95:e7:34:16:4e:fd:4a:d4:
         a3:66:4c:c0:53:fe:b6:fa:0c:45:1c:04:e6:ce:7c:1f:63:9c:
         3c:a6:ce:a3:b8:b1:ad:22:75:e6:1b:52:58:cd:f7:7e:5f:c4:
         04:b8:81:62:ef:96:ea:8b:3b:d0:a0:02:07:e0:3d:c0:62:5c:
         93:e5:40:72:e8:23:94:e8:9a:c8:42:76:92:93:30:4e:d3:ec:
         c0:4e:29:1e:08:dc:cf:9f:e9:29:64:8b:27:76:c7:fc:51:78:
         06:01:be:9a:49:05:07:d3:09:34:ab:88:79:54:06:bf:c3:b4:
         a3:57:3c:03:dd:c5:3d:c2:cc:8a:1d:d7:e3:67:36:eb:6c:75:
         5e:29:6b:fb:7a:c4:20:20:db:40:5a:a8:f0:e9:37:cd:2d:29:
         82:02:17:6e
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUXM2ducbTmAN7hv5t4Y7tWDN+dcgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjMwODI4MDAwMDAwWhcNMjMxMDAyMjM1OTU5
WjB6MUkwRwYDVQQFE0A5YWQ3YzBmM2Y3OGYyMTI5YTI1Yzc1NGNiOGU3YWI0OTk2
YmY5YzlhMWYzNDQ4YmFjNmYwNWY0MjA1YzkwOWI3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDYkewX04s7yMYo5KPATqb+Q01HHOhVR82+8RShRRZdpyx1
s4xI/F6FlWmbXzE6SAxOBFezxr3dAOxMiePG0NOLpj4T6NAAwcmIx4gobJjzOwn/
Ne0GEMjn141VuqXl/erImNHYGppHge+bVH5yBl0nTi2L81KFRsvOIBUNsg5lnuHm
JwhUimwyiVPUAOewvIrTy+EEGsygOf2Id5sj+ARCAVqDl8m7YY8UNWHizj6u6wrV
mxhb3F/8HFxAjRg1cLbBj/0jzQuzedo1UjVlHYnJypgnQ49TnLXtq4zTc02EN3t3
p+9vdLARnWtPAR7BgXgg/w2JuKzqfo1tpLGYeyWrAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQU4qvoa/4jM+9U60g4McZwfBtTLGcwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzYwZmExMzE2LTQ4OWMtNGMyZS05ZWNiLWU1YTYwYTcwNzc3ZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB/9gKcwDQYJKoZIhvcNAQELBQADggEBANioHX90I3CvE1XHlyw47GsM
kV0JIfoqtIA5XVCdtA82g449LV6gpra9SceCPbjM2kbXKDRDLNoroB0d3GPIader
kz5amIVnXbqcr5g/Oomi3xkCXdhwUw0TyDro08PwEGQT3GCV5zQWTv1K1KNmTMBT
/rb6DEUcBObOfB9jnDymzqO4sa0ideYbUljN935fxAS4gWLvluqLO9CgAgfgPcBi
XJPlQHLoI5TomshCdpKTME7T7MBOKR4I3M+f6Slkiyd2x/xReAYBvppJBQfTCTSr
iHlUBr/DtKNXPAPdxT3CzIod1+NnNutsdV4pa/t6xCAg20BaqPDpN80tKYICF24=
-----END CERTIFICATE-----
Generated at Mon Aug 28 23:46:42 2023 by rpki-client on console-ams.rpki-client.org