Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/79a3066d-ab33-44e5-b364-14423e757820.roa
File:                     79a3066d-ab33-44e5-b364-14423e757820.roa (raw, json)
Hash identifier:          AA9hbTe1s7Fe7UB0R41QuQTyZNosnDyXMnF5s98uLas=
Subject key identifier:   51:25:DE:DD:36:73:A5:A8:D3:EC:93:84:A4:91:A5:71:FF:15:2A:47
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       3B33FAC616DF96A3ED9262FDD783280DA12A1492
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/79a3066d-ab33-44e5-b364-14423e757820.roa
Signing time:             Fri 22 Sep 2023 00:00:00 +0000
ROA not before:           Fri 22 Sep 2023 00:00:00 +0000
ROA not after:            Fri 27 Oct 2023 23:59:59 +0000
asID:                     16509
IP address blocks:        99.77.245.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 24 Sep 2023 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3b:33:fa:c6:16:df:96:a3:ed:92:62:fd:d7:83:28:0d:a1:2a:14:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Sep 22 00:00:00 2023 GMT
            Not After : Oct 27 23:59:59 2023 GMT
        Subject: serialNumber=1f41e48af857b992a92b6ac409d13cfad1559e3c90bd37ced5dd8e232b7fa028, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:69:6c:2b:d2:fa:55:b2:67:37:02:fa:72:e6:
                    cd:13:24:cb:5f:0b:66:3a:98:e5:ef:4d:6d:0c:dd:
                    80:57:64:9e:bf:f1:3d:8a:45:5a:8a:a9:19:dd:75:
                    14:7b:51:f3:3c:37:6f:c9:6a:6a:0b:6d:c4:38:86:
                    72:d3:72:99:c8:96:9a:dc:d2:6e:e2:8e:e3:14:f5:
                    41:f1:28:1f:b9:cc:e8:6a:d5:3a:f1:7e:51:b6:ed:
                    75:be:72:3c:d9:2d:4d:bb:e6:74:b4:22:d3:1a:9a:
                    0c:85:4c:a8:42:82:68:80:78:67:f2:f9:5c:bb:8f:
                    b7:31:fe:2c:b3:f9:96:d0:a8:cf:43:97:8d:f9:90:
                    0a:61:16:5e:48:e1:0d:47:b3:3e:b7:dd:a5:ec:8c:
                    13:1e:fc:cf:5c:d8:61:67:76:c4:ac:aa:9c:39:39:
                    91:5b:bf:a7:5a:6d:36:e2:99:65:2f:8f:fc:a4:f5:
                    ac:84:8e:48:4f:89:51:7c:e2:b9:c3:08:69:ae:e9:
                    36:96:5f:a2:f8:73:0c:02:c7:68:fc:e9:08:9c:95:
                    33:b8:d9:94:b5:3d:2e:16:cb:7a:eb:1d:de:b2:13:
                    6e:bf:4c:f9:98:dd:86:47:59:00:d8:c7:8f:24:7b:
                    02:48:4d:d3:0b:b4:40:d8:7f:f3:4d:78:4a:ef:0c:
                    32:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:25:DE:DD:36:73:A5:A8:D3:EC:93:84:A4:91:A5:71:FF:15:2A:47
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/79a3066d-ab33-44e5-b364-14423e757820.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.77.245.0/24

    Signature Algorithm: sha256WithRSAEncryption
         99:69:99:12:e8:63:51:be:b1:c7:da:5a:f2:76:72:5c:77:f7:
         ca:83:b3:41:88:ee:4f:a0:95:1e:ce:e5:78:f3:76:aa:e6:d8:
         57:9e:40:0e:1e:5d:2c:48:4f:ed:e8:da:70:67:10:c8:3b:b9:
         40:3f:67:4e:ff:c0:20:a2:02:66:0d:4c:04:2f:93:62:19:3f:
         64:c2:53:62:0f:2e:7c:4d:66:36:98:56:99:23:2c:77:22:70:
         2e:1c:5e:18:6e:e5:ae:31:41:c9:20:86:47:6b:3f:32:87:67:
         18:ff:05:c8:d7:46:82:84:e0:0a:82:67:45:02:cc:6a:74:c0:
         98:19:42:dc:4f:c7:9b:8c:af:46:a9:3a:72:a0:fb:ff:7b:fe:
         49:06:ed:76:d6:3f:d6:22:90:ee:00:6b:b1:95:fc:ab:fc:d7:
         39:bb:f5:ba:d9:bb:fd:e0:3a:3b:dc:50:bf:dc:03:1a:81:79:
         22:e3:4e:97:23:32:bc:c1:92:14:10:a1:e4:84:1a:a3:c2:c9:
         7c:90:0a:1f:6a:8a:a0:7f:a3:c7:40:a2:9f:22:e3:c7:40:a0:
         25:0c:1b:90:43:57:40:6b:ca:22:34:f8:0a:4c:51:21:82:b1:
         37:4c:7b:0d:bd:a2:29:73:69:71:b0:21:da:53:af:40:66:b9:
         3f:bb:aa:7b
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUOzP6xhbflqPtkmL914MoDaEqFJIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjMwOTIyMDAwMDAwWhcNMjMxMDI3MjM1OTU5
WjB6MUkwRwYDVQQFE0AxZjQxZTQ4YWY4NTdiOTkyYTkyYjZhYzQwOWQxM2NmYWQx
NTU5ZTNjOTBiZDM3Y2VkNWRkOGUyMzJiN2ZhMDI4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDEaWwr0vpVsmc3Avpy5s0TJMtfC2Y6mOXvTW0M3YBXZJ6/
8T2KRVqKqRnddRR7UfM8N2/JamoLbcQ4hnLTcpnIlprc0m7ijuMU9UHxKB+5zOhq
1TrxflG27XW+cjzZLU275nS0ItMamgyFTKhCgmiAeGfy+Vy7j7cx/iyz+ZbQqM9D
l435kAphFl5I4Q1Hsz633aXsjBMe/M9c2GFndsSsqpw5OZFbv6dabTbimWUvj/yk
9ayEjkhPiVF84rnDCGmu6TaWX6L4cwwCx2j86QiclTO42ZS1PS4Wy3rrHd6yE26/
TPmY3YZHWQDYx48kewJITdMLtEDYf/NNeErvDDJ5AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUUSXe3TZzpajT7JOEpJGlcf8VKkcwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzc5YTMwNjZkLWFiMzMtNDRlNS1iMzY0LTE0NDIzZTc1NzgyMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABjTfUwDQYJKoZIhvcNAQELBQADggEBAJlpmRLoY1G+scfaWvJ2clx398qD
s0GI7k+glR7O5Xjzdqrm2FeeQA4eXSxIT+3o2nBnEMg7uUA/Z07/wCCiAmYNTAQv
k2IZP2TCU2IPLnxNZjaYVpkjLHcicC4cXhhu5a4xQckghkdrPzKHZxj/BcjXRoKE
4AqCZ0UCzGp0wJgZQtxPx5uMr0apOnKg+/97/kkG7XbWP9YikO4Aa7GV/Kv81zm7
9brZu/3gOjvcUL/cAxqBeSLjTpcjMrzBkhQQoeSEGqPCyXyQCh9qiqB/o8dAop8i
48dAoCUMG5BDV0BryiI0+ApMUSGCsTdMew29oilzaXGwIdpTr0BmuT+7qns=
-----END CERTIFICATE-----
Generated at Fri Sep 22 21:27:59 2023 by rpki-client on console-ams.rpki-client.org