Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/884f7e63-362d-4dca-bc12-6ac445a7ad1e.roa
File:                     884f7e63-362d-4dca-bc12-6ac445a7ad1e.roa (raw, json)
Hash identifier:          MRLAmBpmLx/nLjYM8K/+GHE8pg8OkOJaHB2etuu+LF0=
Subject key identifier:   19:C1:36:29:0A:98:A8:E1:BC:19:C9:C5:D9:EF:03:C9:D1:99:0A:72
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       7D47FBDE47E06CEEF85725581A83AC24713DCA0C
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/884f7e63-362d-4dca-bc12-6ac445a7ad1e.roa
Signing time:             Fri 26 Apr 2024 00:00:00 +0000
ROA not before:           Fri 26 Apr 2024 00:00:00 +0000
ROA not after:            Fri 31 May 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        13.128.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 04 May 2024 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7d:47:fb:de:47:e0:6c:ee:f8:57:25:58:1a:83:ac:24:71:3d:ca:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Apr 26 00:00:00 2024 GMT
            Not After : May 31 23:59:59 2024 GMT
        Subject: serialNumber=57797515b6f11b1d922b2194ec304912342e3048c4e9ddf81fea75207aed3f61, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:f1:ae:f2:0f:ee:8f:d5:41:83:f9:48:79:ce:
                    42:a9:68:ef:fa:f9:ae:f4:95:90:ba:7a:15:16:51:
                    82:d4:be:dd:9d:3b:b7:c6:73:a9:49:21:1e:83:16:
                    cc:7d:14:03:af:35:2b:65:25:94:99:19:c2:9d:14:
                    04:d1:50:e6:0a:ee:c1:13:19:13:6f:52:a0:c8:b7:
                    9d:2f:d7:6e:58:d4:a4:13:ba:5c:55:99:f0:42:e5:
                    e2:62:b3:d5:b1:ed:a0:de:0a:49:00:50:ea:be:01:
                    bc:b1:17:03:e5:de:50:79:c7:d7:3e:f7:b4:87:19:
                    ff:60:2d:18:aa:24:2e:89:6a:07:2c:ca:35:dc:32:
                    72:1f:e5:8c:a7:d5:80:48:68:d1:f0:b4:96:15:1f:
                    80:d0:c0:d9:e3:3e:2b:a7:72:71:4f:65:f9:cc:69:
                    bc:e0:66:58:1d:49:ea:67:9a:b7:7b:90:d2:07:b8:
                    d0:3a:b4:9c:9d:17:65:cb:78:20:fe:3a:ac:57:46:
                    81:3b:7e:cf:59:9f:53:42:b6:dc:b7:99:b9:c2:8a:
                    45:11:91:fc:39:c9:d2:8c:bd:91:c8:4b:c7:c5:3f:
                    48:17:68:fe:3a:00:5b:3c:4c:22:f7:6a:d7:e5:b1:
                    32:ba:ec:36:38:72:03:57:b7:94:ed:b0:38:4c:7e:
                    c3:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:C1:36:29:0A:98:A8:E1:BC:19:C9:C5:D9:EF:03:C9:D1:99:0A:72
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/884f7e63-362d-4dca-bc12-6ac445a7ad1e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  13.128.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         67:95:5e:1b:b3:4e:c8:00:c6:90:01:78:f7:12:53:e4:4f:83:
         43:a3:3c:c3:b9:c8:32:2c:00:0f:d5:2f:47:5c:1a:b6:b5:f5:
         93:3b:97:02:a1:f3:ca:40:c2:5e:72:dc:47:bd:bb:8f:f0:ab:
         10:02:88:95:92:9b:86:f1:ca:72:0c:49:a0:f2:bd:ac:31:00:
         12:a5:43:75:7d:6f:70:68:b0:3e:d8:9e:bf:46:bc:84:0f:f8:
         0e:76:1b:eb:8c:62:35:d3:5e:a0:26:3c:e4:6f:49:3b:d6:96:
         6e:53:ee:90:0d:6f:ef:c6:ea:c0:16:be:63:20:2d:b0:b3:48:
         8f:8b:d1:4e:87:3a:c6:c5:64:8b:96:14:b4:b3:bc:d4:6b:92:
         b4:84:ae:f3:5c:dd:36:23:7b:ef:b8:df:7d:97:10:01:88:f2:
         13:0f:ed:f3:2d:a3:31:eb:e8:5b:d6:fa:7e:a8:0e:71:1a:5e:
         58:4f:c8:71:37:1b:be:49:d0:94:d2:c9:c0:99:db:27:3a:b5:
         f0:27:30:6e:25:3d:1f:a2:ed:db:2b:3a:00:ec:87:9f:1e:7b:
         7b:e1:36:79:f3:38:a0:ab:66:09:87:29:37:6d:60:cb:84:e6:
         9e:57:00:14:85:8a:db:78:bb:ec:fc:c2:70:6b:5c:92:66:af:
         ae:b9:9a:94
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUfUf73kfgbO74VyVYGoOsJHE9ygwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwNDI2MDAwMDAwWhcNMjQwNTMxMjM1OTU5
WjB6MUkwRwYDVQQFE0A1Nzc5NzUxNWI2ZjExYjFkOTIyYjIxOTRlYzMwNDkxMjM0
MmUzMDQ4YzRlOWRkZjgxZmVhNzUyMDdhZWQzZjYxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDM8a7yD+6P1UGD+Uh5zkKpaO/6+a70lZC6ehUWUYLUvt2d
O7fGc6lJIR6DFsx9FAOvNStlJZSZGcKdFATRUOYK7sETGRNvUqDIt50v125Y1KQT
ulxVmfBC5eJis9Wx7aDeCkkAUOq+AbyxFwPl3lB5x9c+97SHGf9gLRiqJC6Jagcs
yjXcMnIf5Yyn1YBIaNHwtJYVH4DQwNnjPiuncnFPZfnMabzgZlgdSepnmrd7kNIH
uNA6tJydF2XLeCD+OqxXRoE7fs9Zn1NCtty3mbnCikURkfw5ydKMvZHIS8fFP0gX
aP46AFs8TCL3atflsTK67DY4cgNXt5TtsDhMfsOHAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUGcE2KQqYqOG8GcnF2e8DydGZCnIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzg4NGY3ZTYzLTM2MmQtNGRjYS1iYzEyLTZhYzQ0NWE3YWQxZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwANgDANBgkqhkiG9w0BAQsFAAOCAQEAZ5VeG7NOyADGkAF49xJT5E+DQ6M8
w7nIMiwAD9UvR1watrX1kzuXAqHzykDCXnLcR727j/CrEAKIlZKbhvHKcgxJoPK9
rDEAEqVDdX1vcGiwPtiev0a8hA/4DnYb64xiNdNeoCY85G9JO9aWblPukA1v78bq
wBa+YyAtsLNIj4vRToc6xsVki5YUtLO81GuStISu81zdNiN777jffZcQAYjyEw/t
8y2jMevoW9b6fqgOcRpeWE/IcTcbvknQlNLJwJnbJzq18CcwbiU9H6Lt2ys6AOyH
nx57e+E2efM4oKtmCYcpN21gy4TmnlcAFIWK23i77PzCcGtckmavrrmalA==
-----END CERTIFICATE-----