Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/627b7923-e2c4-4ec0-a157-a61e484f88f7.roa
File:                     627b7923-e2c4-4ec0-a157-a61e484f88f7.roa (raw, json)
Hash identifier:          gtHgkp6DIzlajTZxytGx0SgFAw5gBM7870UjeVpNuZ4=
Subject key identifier:   55:55:BE:64:20:C4:AB:F0:E9:B7:56:4E:93:D7:D1:1E:49:39:51:77
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       4B3FED2B57C015F9D02683CA3F8D8834AC7720F8
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/627b7923-e2c4-4ec0-a157-a61e484f88f7.roa
Signing time:             Mon 28 Aug 2023 00:00:00 +0000
ROA not before:           Mon 28 Aug 2023 00:00:00 +0000
ROA not after:            Mon 02 Oct 2023 23:59:59 +0000
asID:                     16509
IP address blocks:        182.24.0.0/14 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 30 Aug 2023 05:03:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4b:3f:ed:2b:57:c0:15:f9:d0:26:83:ca:3f:8d:88:34:ac:77:20:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug 28 00:00:00 2023 GMT
            Not After : Oct  2 23:59:59 2023 GMT
        Subject: serialNumber=ffc61f00ab5aa5abab31c4f786d68a060eceb521797a679fdb6c3d9606bc69cf, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:02:80:37:16:fa:a3:c2:d9:74:56:c9:37:39:
                    79:83:0f:01:aa:f2:01:6c:4b:08:7b:f0:5e:99:dc:
                    3c:99:53:1b:b5:99:02:bf:ea:5c:dc:dd:8b:b7:6b:
                    66:40:b2:d6:95:c8:25:5a:ea:9a:c1:5f:c7:3d:a3:
                    18:e6:4e:08:9f:f8:51:0f:66:45:c4:f9:fd:22:65:
                    38:56:3d:cd:ed:99:05:32:7c:31:17:cd:b0:4e:da:
                    cd:8a:fd:45:6a:9a:1b:4e:50:ce:0f:f3:80:83:35:
                    48:26:af:9b:09:1a:bc:46:9e:e8:cb:39:95:0d:73:
                    94:8d:ba:28:6a:61:b9:d0:b3:c2:90:f7:29:25:56:
                    fb:75:37:36:7b:dd:f3:f8:c7:6c:2c:ca:d1:95:3d:
                    1f:a9:9f:1a:b5:c1:cd:d9:e5:3a:79:82:eb:3d:e6:
                    04:70:dc:d8:bb:d6:c6:21:ea:ae:b8:95:f3:d6:8f:
                    42:e0:b1:bc:54:46:00:03:a4:c4:cc:ea:c7:29:7d:
                    83:2c:e2:3c:75:b9:61:84:fd:a0:38:d4:2b:aa:dd:
                    ee:b8:2a:28:07:08:ce:35:c9:d3:47:23:f8:be:78:
                    51:a9:b3:b3:03:75:c4:37:b0:6f:97:29:08:e8:e2:
                    41:af:11:2c:20:e3:c5:dc:fa:8f:c4:49:12:62:a6:
                    15:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:55:BE:64:20:C4:AB:F0:E9:B7:56:4E:93:D7:D1:1E:49:39:51:77
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/627b7923-e2c4-4ec0-a157-a61e484f88f7.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  182.24.0.0/14

    Signature Algorithm: sha256WithRSAEncryption
         0f:29:36:b7:c4:e3:7b:0f:d7:f8:c8:d2:7e:61:43:01:e6:15:
         e0:2b:26:06:bd:c5:94:19:30:64:f8:35:6e:4c:82:87:d8:04:
         c2:ea:af:07:df:2e:6a:10:6f:c6:2a:7e:05:34:51:a9:35:75:
         58:c5:e6:bf:9e:9d:d2:cb:bd:11:52:8b:5a:be:6d:2e:02:8c:
         9f:50:d5:90:ca:01:ef:15:6a:53:53:44:32:e9:4d:37:9d:0d:
         52:ad:e3:77:ef:a2:86:e3:e9:eb:32:52:01:ee:40:50:8a:d8:
         4f:ea:aa:f8:e3:7a:93:c5:96:55:87:4f:a1:c6:d5:90:57:59:
         fc:0e:80:03:0d:8d:cf:2f:bf:d6:8e:1d:b9:40:8d:e2:40:b4:
         cb:78:25:d5:4a:eb:c6:e7:40:32:60:7c:92:f1:8e:fa:fe:98:
         8d:8b:98:90:c4:06:72:28:ba:4f:1d:72:aa:4e:29:1b:2d:0a:
         fa:fd:34:ab:0b:83:29:9c:ce:9d:21:19:d3:0e:93:29:1f:35:
         5e:dd:cd:91:34:81:72:05:aa:1e:f8:0b:3e:d0:f9:04:c0:f6:
         e7:3b:2c:29:91:20:a5:b4:fe:00:b6:01:b6:63:b6:2b:bf:3a:
         6d:37:e5:3a:55:69:4d:ba:a4:bf:24:4f:ae:b7:0d:80:06:83:
         61:d5:6f:a6
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUSz/tK1fAFfnQJoPKP42INKx3IPgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjMwODI4MDAwMDAwWhcNMjMxMDAyMjM1OTU5
WjB6MUkwRwYDVQQFE0BmZmM2MWYwMGFiNWFhNWFiYWIzMWM0Zjc4NmQ2OGEwNjBl
Y2ViNTIxNzk3YTY3OWZkYjZjM2Q5NjA2YmM2OWNmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC3AoA3Fvqjwtl0Vsk3OXmDDwGq8gFsSwh78F6Z3DyZUxu1
mQK/6lzc3Yu3a2ZAstaVyCVa6prBX8c9oxjmTgif+FEPZkXE+f0iZThWPc3tmQUy
fDEXzbBO2s2K/UVqmhtOUM4P84CDNUgmr5sJGrxGnujLOZUNc5SNuihqYbnQs8KQ
9yklVvt1NzZ73fP4x2wsytGVPR+pnxq1wc3Z5Tp5gus95gRw3Ni71sYh6q64lfPW
j0LgsbxURgADpMTM6scpfYMs4jx1uWGE/aA41Cuq3e64KigHCM41ydNHI/i+eFGp
s7MDdcQ3sG+XKQjo4kGvESwg48Xc+o/ESRJiphWdAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUVVW+ZCDEq/Dpt1ZOk9fRHkk5UXcwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzYyN2I3OTIzLWUyYzQtNGVjMC1hMTU3LWE2MWU0ODRmODhmNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwK2GDANBgkqhkiG9w0BAQsFAAOCAQEADyk2t8Tjew/X+MjSfmFDAeYV4Csm
Br3FlBkwZPg1bkyCh9gEwuqvB98uahBvxip+BTRRqTV1WMXmv56d0su9EVKLWr5t
LgKMn1DVkMoB7xVqU1NEMulNN50NUq3jd++ihuPp6zJSAe5AUIrYT+qq+ON6k8WW
VYdPocbVkFdZ/A6AAw2Nzy+/1o4duUCN4kC0y3gl1UrrxudAMmB8kvGO+v6YjYuY
kMQGcii6Tx1yqk4pGy0K+v00qwuDKZzOnSEZ0w6TKR81Xt3NkTSBcgWqHvgLPtD5
BMD25zssKZEgpbT+ALYBtmO2K786bTflOlVpTbqkvyRPrrcNgAaDYdVvpg==
-----END CERTIFICATE-----
Generated at Mon Aug 28 17:17:43 2023 by rpki-client on console-ams.rpki-client.org