Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7ef99212-35bd-4738-b84a-e75c421221ab.roa
File:                     7ef99212-35bd-4738-b84a-e75c421221ab.roa (raw, json)
Hash identifier:          GHXWTrx+mhY0Dqyk3iISqJMuIEW76B/345p+hkrDma8=
Subject key identifier:   87:5E:AE:C3:6F:70:1C:09:F1:40:C3:F8:B2:C1:68:38:B5:D2:E3:AD
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0F2A622A08E7E2F5F316ACFFCB7028A25DFDE1F6
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7ef99212-35bd-4738-b84a-e75c421221ab.roa
Signing time:             Mon 28 Aug 2023 00:00:00 +0000
ROA not before:           Mon 28 Aug 2023 00:00:00 +0000
ROA not after:            Mon 02 Oct 2023 23:59:59 +0000
asID:                     16509
IP address blocks:        71.145.128.0/18 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 30 Aug 2023 05:09:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0f:2a:62:2a:08:e7:e2:f5:f3:16:ac:ff:cb:70:28:a2:5d:fd:e1:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug 28 00:00:00 2023 GMT
            Not After : Oct  2 23:59:59 2023 GMT
        Subject: serialNumber=1c418aeb6a46fa2a9e8c9cf0b3cac57c8873f6985726f8b27789c847da8a0d40, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:34:5b:9e:e4:a1:9c:5c:bb:4f:76:b4:97:d2:
                    9a:20:93:83:0b:7d:ff:11:01:0f:d6:1f:3e:f1:6b:
                    a5:21:3b:54:c2:6f:91:8a:4e:62:f2:8e:a2:b1:65:
                    89:ba:57:ab:9c:92:b7:27:1f:4a:03:f8:df:c8:82:
                    16:5f:ea:fe:66:7b:b7:1e:e0:41:fe:ff:2e:58:63:
                    a6:1d:db:b8:e8:5c:36:b8:8c:da:f0:f8:2f:e7:2a:
                    1e:24:9e:6d:16:6b:00:85:7e:e9:1b:91:ab:99:03:
                    32:17:29:16:31:60:40:50:cf:90:ab:48:23:f5:8b:
                    fe:8d:2b:07:4c:e6:80:e1:91:3e:7c:48:65:5a:f7:
                    83:75:79:b7:2a:ce:cb:af:10:d8:2e:a9:28:20:e3:
                    4a:6d:3b:a0:ae:d0:de:46:c0:2f:6e:b9:f6:94:18:
                    61:25:33:aa:df:f1:a9:66:84:12:11:f9:2c:87:ef:
                    bc:68:ac:06:8c:1e:23:f8:96:4d:66:f7:ab:cc:15:
                    c4:9d:c8:3f:45:d6:19:9d:07:f3:d4:be:a0:f4:9f:
                    4b:b4:7c:f5:90:17:ac:02:3d:88:86:f7:83:cb:c9:
                    96:bc:e2:77:aa:2d:31:4a:d3:aa:10:fd:86:f2:2c:
                    2e:38:df:f0:b0:ae:9b:aa:a8:1a:1f:20:43:ca:f3:
                    b0:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:5E:AE:C3:6F:70:1C:09:F1:40:C3:F8:B2:C1:68:38:B5:D2:E3:AD
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7ef99212-35bd-4738-b84a-e75c421221ab.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  71.145.128.0/18

    Signature Algorithm: sha256WithRSAEncryption
         07:91:9a:e7:bc:58:e9:2a:48:16:23:78:86:5b:b1:79:09:a9:
         35:f3:8d:9a:cc:ad:0e:33:8c:40:68:66:8b:cc:7b:22:12:d8:
         80:13:f0:ca:43:3a:6d:62:a6:26:b7:c1:d6:75:7f:78:ce:07:
         08:ad:d9:cc:37:93:2e:82:7d:ca:ed:90:1e:8f:4c:24:39:63:
         c4:af:e3:6d:7e:e0:e7:3d:49:75:30:c8:6b:8e:c9:44:36:54:
         81:09:64:88:b3:7b:9f:5a:67:46:da:1d:db:dc:71:67:9b:da:
         cf:44:0d:5c:11:94:91:8b:11:84:86:1f:93:d1:12:03:ab:e0:
         d6:ed:1d:11:26:11:85:8d:df:ec:28:84:91:6a:76:69:e4:66:
         19:19:2a:57:86:17:e2:91:f9:26:8f:59:9a:a6:35:b3:10:b7:
         7d:2f:4a:83:39:88:33:18:cc:ce:2e:e4:51:01:77:0f:b3:f8:
         96:d4:9f:d6:3c:72:9a:ca:0a:98:5b:21:7a:4a:36:61:53:85:
         28:96:e8:f0:15:d7:42:85:a2:5f:b8:38:5c:9c:19:5e:0a:b1:
         3f:4c:6f:2d:1e:aa:d8:a5:47:a0:b5:7c:2c:b9:24:37:2e:24:
         ac:2a:97:93:07:84:cf:fc:dd:d0:98:b3:b4:90:15:7b:0e:5e:
         e9:b8:b9:4c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUDypiKgjn4vXzFqz/y3Aool394fYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjMwODI4MDAwMDAwWhcNMjMxMDAyMjM1OTU5
WjB6MUkwRwYDVQQFE0AxYzQxOGFlYjZhNDZmYTJhOWU4YzljZjBiM2NhYzU3Yzg4
NzNmNjk4NTcyNmY4YjI3Nzg5Yzg0N2RhOGEwZDQwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCeNFue5KGcXLtPdrSX0pogk4MLff8RAQ/WHz7xa6UhO1TC
b5GKTmLyjqKxZYm6V6uckrcnH0oD+N/IghZf6v5me7ce4EH+/y5YY6Yd27joXDa4
jNrw+C/nKh4knm0WawCFfukbkauZAzIXKRYxYEBQz5CrSCP1i/6NKwdM5oDhkT58
SGVa94N1ebcqzsuvENguqSgg40ptO6Cu0N5GwC9uufaUGGElM6rf8almhBIR+SyH
77xorAaMHiP4lk1m96vMFcSdyD9F1hmdB/PUvqD0n0u0fPWQF6wCPYiG94PLyZa8
4neqLTFK06oQ/YbyLC443/CwrpuqqBofIEPK87CHAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUh16uw29wHAnxQMP4ssFoOLXS460wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzdlZjk5MjEyLTM1YmQtNDczOC1iODRhLWU3NWM0MjEyMjFhYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAZHkYAwDQYJKoZIhvcNAQELBQADggEBAAeRmue8WOkqSBYjeIZbsXkJqTXz
jZrMrQ4zjEBoZovMeyIS2IAT8MpDOm1ipia3wdZ1f3jOBwit2cw3ky6CfcrtkB6P
TCQ5Y8Sv421+4Oc9SXUwyGuOyUQ2VIEJZIize59aZ0baHdvccWeb2s9EDVwRlJGL
EYSGH5PREgOr4NbtHREmEYWN3+wohJFqdmnkZhkZKleGF+KR+SaPWZqmNbMQt30v
SoM5iDMYzM4u5FEBdw+z+JbUn9Y8cprKCphbIXpKNmFThSiW6PAV10KFol+4OFyc
GV4KsT9Mby0eqtilR6C1fCy5JDcuJKwql5MHhM/83dCYs7SQFXsOXum4uUw=
-----END CERTIFICATE-----
Generated at Mon Aug 28 17:23:41 2023 by rpki-client on console-fra.rpki-client.org