Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8854f7ca-e0f6-48cc-9e77-8916afc163d5.roa
File:                     8854f7ca-e0f6-48cc-9e77-8916afc163d5.roa (raw, json)
Hash identifier:          /AcqYoAI8ruSGgFI6DkIgpOaE11bRfDKOdTRlORvorQ=
Subject key identifier:   CC:7E:76:C2:7D:B8:72:D8:E6:25:42:75:B7:20:11:29:5D:F4:BC:6F
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       391E5C87183784485D9221826B0A9FBBA221DAF0
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8854f7ca-e0f6-48cc-9e77-8916afc163d5.roa
Signing time:             Fri 22 Sep 2023 00:00:00 +0000
ROA not before:           Fri 22 Sep 2023 00:00:00 +0000
ROA not after:            Fri 27 Oct 2023 23:59:59 +0000
asID:                     16509
IP address blocks:        20.129.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 24 Sep 2023 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            39:1e:5c:87:18:37:84:48:5d:92:21:82:6b:0a:9f:bb:a2:21:da:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Sep 22 00:00:00 2023 GMT
            Not After : Oct 27 23:59:59 2023 GMT
        Subject: serialNumber=d519823452fb8e16666e5a7ac8a5c4245ab301a471fa9550362795424317351d, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:13:aa:ee:df:3a:cc:24:4e:1e:7f:69:29:86:
                    bd:23:dc:b0:3f:e4:7c:ed:a5:65:ad:6a:c5:85:82:
                    82:bd:aa:0f:fa:99:b8:42:cb:42:1f:1d:74:00:5b:
                    d5:e6:4a:56:76:20:96:45:11:b4:ce:43:6b:6f:8b:
                    e8:a8:a0:09:2a:85:06:71:32:60:17:cc:a2:98:c2:
                    d3:a8:29:ce:4b:6b:06:26:eb:91:25:50:b8:a5:82:
                    22:c4:c2:e9:42:16:45:b3:fe:9e:74:03:7e:c7:81:
                    46:ef:8a:88:fa:59:d9:55:1d:5c:fd:22:36:0d:36:
                    01:b7:0d:c8:0c:c6:db:8d:34:19:3d:51:32:0f:0e:
                    da:e5:88:11:6c:00:12:14:57:e4:8a:d8:fc:3d:40:
                    2f:49:c1:ff:3b:05:41:1b:a4:83:ed:8d:f8:b8:38:
                    f0:78:34:a6:f3:3b:ba:ef:48:07:00:ea:af:51:fa:
                    39:f1:fe:6e:8d:4e:67:2d:75:12:24:11:46:c8:be:
                    41:81:ea:18:a9:bc:cc:30:b9:78:d5:63:88:82:ae:
                    c7:e3:a7:6d:2f:c9:c7:f3:d2:06:5f:e8:2f:77:0e:
                    bc:52:d7:bc:10:1f:78:71:d4:66:56:d2:51:f4:d0:
                    b9:4a:f2:24:80:72:1c:1b:cd:48:22:4b:dd:c5:9d:
                    65:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:7E:76:C2:7D:B8:72:D8:E6:25:42:75:B7:20:11:29:5D:F4:BC:6F
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8854f7ca-e0f6-48cc-9e77-8916afc163d5.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  20.129.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         25:f6:64:17:be:24:22:da:15:1c:9f:c2:32:99:ed:10:6b:05:
         1c:82:fa:71:42:97:42:df:83:29:16:a1:36:15:e8:39:7f:99:
         8c:b3:85:56:35:71:3f:62:88:fd:d2:2f:5e:67:25:3e:fe:40:
         b7:fb:bc:98:42:ce:44:9b:34:7e:f3:aa:ba:30:63:35:4a:f8:
         43:89:cb:75:fe:84:bb:fb:da:37:85:06:2b:ec:a1:7e:06:cf:
         b4:80:9b:79:db:12:aa:c8:75:74:db:a2:25:ce:86:eb:8e:29:
         6e:a8:6e:63:2f:bb:d6:b2:36:b1:6d:53:8c:72:f8:b7:71:8e:
         44:b1:1d:96:01:88:a9:fe:45:68:33:40:d7:b0:6b:ca:1a:28:
         4b:ab:9b:66:7a:f1:43:5d:fa:2f:bd:d6:1c:68:57:57:37:de:
         52:d8:6e:91:bd:d0:f0:39:c7:c7:fc:0e:68:13:e9:ee:71:a6:
         22:6e:70:63:ca:31:53:6e:1f:70:3e:50:ba:7d:6a:9e:6d:fe:
         73:a6:8d:e3:4b:ea:e8:01:c3:6f:b9:f2:c2:bc:f6:e4:05:4a:
         e3:08:91:1e:de:89:ed:95:5c:68:e6:c7:29:ec:b6:c8:1f:9d:
         8c:07:a7:32:d0:61:67:95:44:5a:f5:dc:24:ed:25:db:3a:d0:
         e7:62:70:16
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUOR5chxg3hEhdkiGCawqfu6Ih2vAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjMwOTIyMDAwMDAwWhcNMjMxMDI3MjM1OTU5
WjB6MUkwRwYDVQQFE0BkNTE5ODIzNDUyZmI4ZTE2NjY2ZTVhN2FjOGE1YzQyNDVh
YjMwMWE0NzFmYTk1NTAzNjI3OTU0MjQzMTczNTFkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCuE6ru3zrMJE4ef2kphr0j3LA/5HztpWWtasWFgoK9qg/6
mbhCy0IfHXQAW9XmSlZ2IJZFEbTOQ2tvi+iooAkqhQZxMmAXzKKYwtOoKc5LawYm
65ElULilgiLEwulCFkWz/p50A37HgUbvioj6WdlVHVz9IjYNNgG3DcgMxtuNNBk9
UTIPDtrliBFsABIUV+SK2Pw9QC9Jwf87BUEbpIPtjfi4OPB4NKbzO7rvSAcA6q9R
+jnx/m6NTmctdRIkEUbIvkGB6hipvMwwuXjVY4iCrsfjp20vycfz0gZf6C93DrxS
17wQH3hx1GZW0lH00LlK8iSAchwbzUgiS93FnWW7AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUzH52wn24ctjmJUJ1tyARKV30vG8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzg4NTRmN2NhLWUwZjYtNDhjYy05ZTc3LTg5MTZhZmMxNjNkNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAUgTANBgkqhkiG9w0BAQsFAAOCAQEAJfZkF74kItoVHJ/CMpntEGsFHIL6
cUKXQt+DKRahNhXoOX+ZjLOFVjVxP2KI/dIvXmclPv5At/u8mELORJs0fvOqujBj
NUr4Q4nLdf6Eu/vaN4UGK+yhfgbPtICbedsSqsh1dNuiJc6G644pbqhuYy+71rI2
sW1TjHL4t3GORLEdlgGIqf5FaDNA17BryhooS6ubZnrxQ136L73WHGhXVzfeUthu
kb3Q8DnHx/wOaBPp7nGmIm5wY8oxU24fcD5Qun1qnm3+c6aN40vq6AHDb7nywrz2
5AVK4wiRHt6J7ZVcaObHKey2yB+djAenMtBhZ5VEWvXcJO0l2zrQ52JwFg==
-----END CERTIFICATE-----
Generated at Fri Sep 22 17:25:46 2023 by rpki-client on console-fra.rpki-client.org