Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/94760639-2712-4f50-9362-9ff9626e6a44.roa
File:                     94760639-2712-4f50-9362-9ff9626e6a44.roa (raw, json)
Hash identifier:          l/f3CNuL6t8GfbjMVruL5YOYeyOJnqrzW8WTxbB7ZbY=
Subject key identifier:   38:E4:F0:03:BA:EB:1C:C0:B1:7B:EE:FE:C6:31:33:44:AC:B6:89:26
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       58604583DAFA4B652BE178FE854BC7F0D42DB751
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/94760639-2712-4f50-9362-9ff9626e6a44.roa
Signing time:             Mon 28 Aug 2023 00:00:00 +0000
ROA not before:           Mon 28 Aug 2023 00:00:00 +0000
ROA not after:            Mon 02 Oct 2023 23:59:59 +0000
asID:                     16509
IP address blocks:        107.152.128.0/17 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 30 Aug 2023 10:09:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            58:60:45:83:da:fa:4b:65:2b:e1:78:fe:85:4b:c7:f0:d4:2d:b7:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug 28 00:00:00 2023 GMT
            Not After : Oct  2 23:59:59 2023 GMT
        Subject: serialNumber=61f24028fec2c93887540e2aeb64d117c6be8b9bbc88cbbb8d9be66aa3e14bcd, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:9e:93:e8:96:09:6e:c4:e6:f9:a0:3e:a3:48:
                    4c:11:fc:03:43:f9:9c:94:4e:e8:58:52:5f:5c:a6:
                    8f:03:23:62:b1:12:02:17:f2:f0:ae:11:6a:21:ab:
                    82:b1:8a:24:11:f8:e8:d1:af:8c:44:00:d2:63:08:
                    fd:f1:79:fe:d2:6f:ef:b9:2a:26:fc:0a:a1:dc:9b:
                    d1:f7:c2:7e:37:d6:44:9f:ca:5c:70:3e:c8:d7:1f:
                    af:50:d4:cb:e3:a3:50:ef:44:50:a4:81:0a:a1:79:
                    a5:d0:33:58:d1:95:59:43:77:d4:0c:4f:76:b1:72:
                    73:c3:8d:42:36:4e:89:ee:30:32:37:f9:ba:1e:f1:
                    bb:70:a9:37:b2:bd:9d:4c:d9:ce:54:2f:15:cd:38:
                    a6:af:59:30:98:aa:64:ce:1a:11:4c:ae:7a:b0:3c:
                    37:f3:85:62:d7:e1:bb:56:21:f0:e9:02:ac:3c:d4:
                    37:05:9f:9a:12:a6:f7:cd:f5:bc:28:90:c6:e1:25:
                    3e:df:a8:07:27:f1:cd:c0:45:5a:9a:9d:4f:6a:46:
                    63:bc:56:cf:37:0a:95:f9:fa:ca:1a:7e:24:ca:fc:
                    2d:3c:6e:d6:c0:ef:c3:2c:0c:87:14:f9:6c:2a:94:
                    bb:5e:5e:44:52:8f:cb:27:fd:1d:67:1c:ff:b0:b3:
                    7c:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:E4:F0:03:BA:EB:1C:C0:B1:7B:EE:FE:C6:31:33:44:AC:B6:89:26
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/94760639-2712-4f50-9362-9ff9626e6a44.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  107.152.128.0/17

    Signature Algorithm: sha256WithRSAEncryption
         7b:f2:6e:1a:bf:8c:d6:d2:fe:16:4f:12:3a:e9:95:41:30:83:
         d3:4d:cb:73:e9:1d:c1:9e:c6:f2:bc:b2:55:d1:64:96:24:8c:
         86:e3:55:3e:c9:d0:ff:ca:b9:34:a6:36:d2:68:d3:85:3d:ee:
         b0:9d:2d:f5:21:8e:77:7d:2f:4c:1c:d1:21:34:b2:c5:0e:13:
         ec:d4:1e:95:77:1e:e0:cc:55:64:69:8c:8e:7e:a8:7e:b0:29:
         c6:91:59:18:4a:e5:20:1d:b9:c6:21:f4:41:27:4d:d7:30:51:
         24:69:13:ca:5e:d8:b0:d3:31:97:b3:7d:81:19:62:45:94:19:
         0e:50:06:c4:5c:c7:fb:c7:79:13:27:cb:d5:f8:5b:cf:28:ee:
         88:24:18:c4:d9:61:97:01:40:de:b1:22:97:fa:a8:fb:f6:2b:
         80:52:ff:9e:b7:41:58:73:31:6b:00:e9:9d:f7:75:94:e8:8e:
         50:6d:5f:37:f9:40:ae:05:7f:2a:45:d5:c4:89:ad:e5:90:26:
         7d:69:82:43:ee:d0:f0:5f:95:ba:f3:6c:e3:7d:5c:43:ba:4f:
         89:0f:aa:f1:c7:16:d2:50:5e:02:51:f9:0d:ce:1c:9a:80:42:
         5f:1d:41:ab:1c:09:cc:13:2d:4a:8a:e8:de:95:ac:b8:8a:70:
         24:94:96:9c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUWGBFg9r6S2Ur4Xj+hUvH8NQtt1EwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjMwODI4MDAwMDAwWhcNMjMxMDAyMjM1OTU5
WjB6MUkwRwYDVQQFE0A2MWYyNDAyOGZlYzJjOTM4ODc1NDBlMmFlYjY0ZDExN2M2
YmU4YjliYmM4OGNiYmI4ZDliZTY2YWEzZTE0YmNkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC8npPolgluxOb5oD6jSEwR/AND+ZyUTuhYUl9cpo8DI2Kx
EgIX8vCuEWohq4KxiiQR+OjRr4xEANJjCP3xef7Sb++5Kib8CqHcm9H3wn431kSf
ylxwPsjXH69Q1Mvjo1DvRFCkgQqheaXQM1jRlVlDd9QMT3axcnPDjUI2TonuMDI3
+boe8btwqTeyvZ1M2c5ULxXNOKavWTCYqmTOGhFMrnqwPDfzhWLX4btWIfDpAqw8
1DcFn5oSpvfN9bwokMbhJT7fqAcn8c3ARVqanU9qRmO8Vs83CpX5+soafiTK/C08
btbA78MsDIcU+WwqlLteXkRSj8sn/R1nHP+ws3xvAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUOOTwA7rrHMCxe+7+xjEzRKy2iSYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzk0NzYwNjM5LTI3MTItNGY1MC05MzYyLTlmZjk2MjZlNmE0NC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAdrmIAwDQYJKoZIhvcNAQELBQADggEBAHvybhq/jNbS/hZPEjrplUEwg9NN
y3PpHcGexvK8slXRZJYkjIbjVT7J0P/KuTSmNtJo04U97rCdLfUhjnd9L0wc0SE0
ssUOE+zUHpV3HuDMVWRpjI5+qH6wKcaRWRhK5SAducYh9EEnTdcwUSRpE8pe2LDT
MZezfYEZYkWUGQ5QBsRcx/vHeRMny9X4W88o7ogkGMTZYZcBQN6xIpf6qPv2K4BS
/563QVhzMWsA6Z33dZTojlBtXzf5QK4FfypF1cSJreWQJn1pgkPu0PBflbrzbON9
XEO6T4kPqvHHFtJQXgJR+Q3OHJqAQl8dQascCcwTLUqK6N6VrLiKcCSUlpw=
-----END CERTIFICATE-----
Generated at Mon Aug 28 22:22:34 2023 by rpki-client on console-fra.rpki-client.org