Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6e790948-9518-4339-b7cd-f658d299179b.roa
File:                     6e790948-9518-4339-b7cd-f658d299179b.roa (raw, json)
Hash identifier:          ey+1Vn0BR+yj5AwydQXHp1zkqexo9t9up8WFOe/krl0=
Subject key identifier:   4C:6A:97:D0:79:34:51:64:70:75:E6:7C:3C:35:20:9D:B3:4E:4B:47
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       3431D42272AD254FF0F6C554F3CE9167A4A1ABEF
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6e790948-9518-4339-b7cd-f658d299179b.roa
Signing time:             Fri 22 Sep 2023 00:00:00 +0000
ROA not before:           Fri 22 Sep 2023 00:00:00 +0000
ROA not after:            Fri 27 Oct 2023 23:59:59 +0000
asID:                     16509
IP address blocks:        16.136.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 23 Sep 2023 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            34:31:d4:22:72:ad:25:4f:f0:f6:c5:54:f3:ce:91:67:a4:a1:ab:ef
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Sep 22 00:00:00 2023 GMT
            Not After : Oct 27 23:59:59 2023 GMT
        Subject: serialNumber=843916c5e841594ab629dab5cb64febbaf16a3823b50fb6a7e544ff761b1ef05, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:df:64:41:f8:69:5f:65:7c:e7:56:b4:24:e1:
                    18:23:1c:cd:7f:95:f4:27:86:9e:3a:d0:be:2a:da:
                    50:bf:e6:89:66:36:0f:75:a0:da:03:f0:ff:59:11:
                    a5:6b:3a:93:e2:71:b4:10:4c:f4:f5:8d:40:ff:45:
                    f5:c2:d5:39:bf:c0:0a:54:4d:2b:7a:88:a0:13:3a:
                    19:22:7d:84:10:07:d1:4b:ba:a0:87:44:ba:4d:a9:
                    45:1f:52:27:79:24:b7:70:cd:03:92:23:cc:81:63:
                    36:c9:cd:aa:5d:23:a5:3b:5f:4b:11:72:87:1f:e3:
                    a9:e4:d4:a2:d5:93:1a:ee:3e:3e:62:b4:d1:1d:8c:
                    e6:33:d5:66:4a:ea:9c:dd:e1:be:17:ac:34:a3:05:
                    e5:59:3f:d3:3b:5c:08:2d:36:b4:f2:5c:fd:9e:21:
                    35:a4:a1:b7:da:10:11:64:c3:34:0e:8f:66:41:01:
                    e5:ac:9d:b5:75:14:cc:09:1f:f3:b4:af:d1:b0:ef:
                    16:0e:b2:8f:46:6c:62:d1:cb:ab:74:77:8d:d0:2a:
                    64:62:14:9d:91:f8:e8:93:fa:6e:8f:ef:bf:db:f7:
                    57:11:c2:9f:e8:e0:ff:ea:26:32:8b:a6:04:ef:a6:
                    94:87:ff:81:d2:70:1a:18:da:a6:4e:79:4c:65:dc:
                    82:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:6A:97:D0:79:34:51:64:70:75:E6:7C:3C:35:20:9D:B3:4E:4B:47
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/6e790948-9518-4339-b7cd-f658d299179b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.136.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         97:ab:ab:46:12:0b:da:a3:4f:8a:cf:73:4b:c2:9e:b6:af:12:
         4d:b0:83:22:11:30:e0:ca:b3:d0:98:cb:65:10:a0:31:37:fe:
         7b:c6:fb:5c:20:ce:7f:2a:36:2f:ba:a1:1f:a8:19:8e:04:c7:
         8e:48:90:0c:12:29:e6:7e:a3:59:80:60:d3:40:05:7b:e1:fe:
         0f:29:61:1a:d7:e8:a3:8e:11:b8:d6:88:f1:3d:cc:d7:b2:13:
         34:0a:6d:b5:d3:bf:8c:18:f9:b6:fb:8b:49:7a:68:1e:c6:63:
         e3:64:04:1a:d8:34:c8:5e:79:8f:ab:e9:7d:ba:58:a6:5c:91:
         73:15:fd:fc:97:8f:e0:bb:df:ac:fd:d8:72:01:13:32:bb:fb:
         4b:22:c9:3e:2f:8b:b1:23:cd:bb:0e:27:d4:16:c0:df:21:f5:
         41:7c:8b:41:f6:9c:c9:a6:66:35:80:eb:df:e1:20:71:5c:8b:
         3c:91:44:ff:e3:72:6c:e4:7e:29:ca:fd:9f:1c:d8:09:e1:03:
         f4:f9:e1:3f:eb:bb:4f:0d:26:c0:90:9a:52:94:88:f2:79:99:
         f4:f5:e8:f2:b5:c7:ca:16:70:89:b7:b2:57:33:92:23:62:96:
         f3:e2:8e:ff:8a:10:fd:52:b6:e3:8a:35:7f:90:cf:dc:f7:84:
         72:7b:72:99
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUNDHUInKtJU/w9sVU886RZ6Shq+8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjMwOTIyMDAwMDAwWhcNMjMxMDI3MjM1OTU5
WjB6MUkwRwYDVQQFE0A4NDM5MTZjNWU4NDE1OTRhYjYyOWRhYjVjYjY0ZmViYmFm
MTZhMzgyM2I1MGZiNmE3ZTU0NGZmNzYxYjFlZjA1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCq32RB+GlfZXznVrQk4RgjHM1/lfQnhp460L4q2lC/5olm
Ng91oNoD8P9ZEaVrOpPicbQQTPT1jUD/RfXC1Tm/wApUTSt6iKATOhkifYQQB9FL
uqCHRLpNqUUfUid5JLdwzQOSI8yBYzbJzapdI6U7X0sRcocf46nk1KLVkxruPj5i
tNEdjOYz1WZK6pzd4b4XrDSjBeVZP9M7XAgtNrTyXP2eITWkobfaEBFkwzQOj2ZB
AeWsnbV1FMwJH/O0r9Gw7xYOso9GbGLRy6t0d43QKmRiFJ2R+OiT+m6P77/b91cR
wp/o4P/qJjKLpgTvppSH/4HScBoY2qZOeUxl3IJjAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUTGqX0Hk0UWRwdeZ8PDUgnbNOS0cwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzZlNzkwOTQ4LTk1MTgtNDMzOS1iN2NkLWY2NThkMjk5MTc5Yi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQiDANBgkqhkiG9w0BAQsFAAOCAQEAl6urRhIL2qNPis9zS8Ketq8STbCD
IhEw4Mqz0JjLZRCgMTf+e8b7XCDOfyo2L7qhH6gZjgTHjkiQDBIp5n6jWYBg00AF
e+H+DylhGtfoo44RuNaI8T3M17ITNApttdO/jBj5tvuLSXpoHsZj42QEGtg0yF55
j6vpfbpYplyRcxX9/JeP4LvfrP3YcgETMrv7SyLJPi+LsSPNuw4n1BbA3yH1QXyL
QfacyaZmNYDr3+EgcVyLPJFE/+NybOR+Kcr9nxzYCeED9PnhP+u7Tw0mwJCaUpSI
8nmZ9PXo8rXHyhZwibeyVzOSI2KW8+KO/4oQ/VK244o1f5DP3PeEcntymQ==
-----END CERTIFICATE-----
Generated at Fri Sep 22 15:45:16 2023 by rpki-client on console-ams.rpki-client.org