Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9cd2582c-5441-4a94-a847-e0367f121957.roa
File:                     9cd2582c-5441-4a94-a847-e0367f121957.roa (raw, json)
Hash identifier:          bmCK0H/U+eGNOPFMWHcVtHEsalDeZsvbbUX1RjgyyT8=
Subject key identifier:   C5:01:71:69:FD:B2:25:9C:D7:EE:A9:89:53:C2:CC:64:92:ED:F9:F0
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       4C3E5ABA349AD4DF9FB525829B501C6058F36404
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9cd2582c-5441-4a94-a847-e0367f121957.roa
Signing time:             Fri 22 Sep 2023 00:00:00 +0000
ROA not before:           Fri 22 Sep 2023 00:00:00 +0000
ROA not after:            Fri 27 Oct 2023 23:59:59 +0000
asID:                     16509
IP address blocks:        71.141.0.0/18 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 24 Sep 2023 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4c:3e:5a:ba:34:9a:d4:df:9f:b5:25:82:9b:50:1c:60:58:f3:64:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Sep 22 00:00:00 2023 GMT
            Not After : Oct 27 23:59:59 2023 GMT
        Subject: serialNumber=07fbe58b9931f758d021f9c06ca38580a76a9b919fe2be5b708d937428c3f790, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:ca:21:31:df:ff:97:61:c7:11:c7:74:79:35:
                    54:10:89:6d:c6:01:f0:eb:f6:9d:9b:6b:d1:60:db:
                    6e:83:eb:f9:6a:f6:d1:03:c5:82:49:6f:c6:1a:59:
                    8c:60:70:7a:79:ff:d1:12:28:7c:b1:0d:8a:12:b4:
                    36:f8:e8:e2:f6:4c:0e:dc:1d:6e:66:cb:02:22:4f:
                    20:92:78:49:6c:d1:1a:ec:66:3f:01:f0:3f:da:9b:
                    93:f1:a0:3f:01:aa:ac:f8:ab:f2:c8:1d:fc:17:a2:
                    7a:d6:d4:f6:e4:c8:65:a8:17:21:50:bb:23:fe:48:
                    30:77:d7:af:88:72:e9:54:35:bc:33:4d:b8:1b:7a:
                    20:b2:92:a8:7d:06:59:35:20:8e:e0:18:75:44:94:
                    7d:aa:be:33:cb:23:72:e1:16:2a:30:c8:16:da:81:
                    2c:95:d7:46:fa:09:27:88:bd:7c:f6:de:3f:67:de:
                    db:91:0f:ec:24:92:9f:c1:75:22:3f:02:13:33:59:
                    60:ec:00:b8:d0:89:38:19:e3:e3:67:df:22:29:9e:
                    c9:63:49:72:61:1a:71:ff:f2:a4:77:e4:3b:b7:b1:
                    38:27:e7:a3:88:d9:63:64:dd:2d:b9:31:44:33:37:
                    02:cf:e2:1f:16:d1:54:cc:63:82:1f:5f:94:ac:eb:
                    73:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:01:71:69:FD:B2:25:9C:D7:EE:A9:89:53:C2:CC:64:92:ED:F9:F0
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9cd2582c-5441-4a94-a847-e0367f121957.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  71.141.0.0/18

    Signature Algorithm: sha256WithRSAEncryption
         51:69:db:3b:ee:78:af:57:70:c6:37:8b:c1:65:58:c0:f7:52:
         20:96:5e:6e:bc:99:6c:92:2c:5a:84:c0:f2:e5:00:44:41:5f:
         18:6d:0f:7f:3d:0b:4e:2c:3e:ee:de:56:e0:90:81:66:d4:15:
         bf:75:6e:00:f5:ce:ae:bc:4a:4c:2c:d6:22:aa:2d:15:c4:da:
         8e:ce:ed:51:a0:26:08:f3:e2:f2:e8:5e:5e:b3:80:cf:39:b6:
         35:bc:1b:fc:4b:92:2c:0d:d8:90:0f:15:6c:2c:6b:d2:72:89:
         b0:c9:b0:43:20:ce:30:de:6f:27:2c:de:21:d9:67:5b:12:89:
         87:10:d4:01:b5:4c:7b:f0:8f:e2:c1:f3:e1:a6:2e:da:bc:a6:
         09:93:b5:79:38:4d:09:81:b0:69:12:b1:b3:09:2f:6d:eb:7c:
         40:1f:2c:36:cc:55:6b:72:29:cd:ee:9c:6d:9c:fd:ab:61:9c:
         b5:24:5b:1f:79:19:04:90:db:9a:a9:69:8e:92:26:9a:e6:ec:
         24:c8:24:cd:65:ae:ec:d0:ad:86:68:0e:88:8f:40:80:9e:66:
         98:ce:46:f0:ec:43:7d:01:90:c3:f4:c2:58:0d:35:5f:68:e1:
         9b:f7:92:8d:3b:53:b0:31:25:4c:ba:c8:6e:19:49:5d:1d:8e:
         6f:eb:eb:2b
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUTD5aujSa1N+ftSWCm1AcYFjzZAQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjMwOTIyMDAwMDAwWhcNMjMxMDI3MjM1OTU5
WjB6MUkwRwYDVQQFE0AwN2ZiZTU4Yjk5MzFmNzU4ZDAyMWY5YzA2Y2EzODU4MGE3
NmE5YjkxOWZlMmJlNWI3MDhkOTM3NDI4YzNmNzkwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCsyiEx3/+XYccRx3R5NVQQiW3GAfDr9p2ba9Fg226D6/lq
9tEDxYJJb8YaWYxgcHp5/9ESKHyxDYoStDb46OL2TA7cHW5mywIiTyCSeEls0Rrs
Zj8B8D/am5PxoD8Bqqz4q/LIHfwXonrW1PbkyGWoFyFQuyP+SDB316+IculUNbwz
TbgbeiCykqh9Blk1II7gGHVElH2qvjPLI3LhFiowyBbagSyV10b6CSeIvXz23j9n
3tuRD+wkkp/BdSI/AhMzWWDsALjQiTgZ4+Nn3yIpnsljSXJhGnH/8qR35Du3sTgn
56OI2WNk3S25MUQzNwLP4h8W0VTMY4IfX5Ss63NNAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUxQFxaf2yJZzX7qmJU8LMZJLt+fAwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzljZDI1ODJjLTU0NDEtNGE5NC1hODQ3LWUwMzY3ZjEyMTk1Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAZHjQAwDQYJKoZIhvcNAQELBQADggEBAFFp2zvueK9XcMY3i8FlWMD3UiCW
Xm68mWySLFqEwPLlAERBXxhtD389C04sPu7eVuCQgWbUFb91bgD1zq68Skws1iKq
LRXE2o7O7VGgJgjz4vLoXl6zgM85tjW8G/xLkiwN2JAPFWwsa9JyibDJsEMgzjDe
bycs3iHZZ1sSiYcQ1AG1THvwj+LB8+GmLtq8pgmTtXk4TQmBsGkSsbMJL23rfEAf
LDbMVWtyKc3unG2c/athnLUkWx95GQSQ25qpaY6SJprm7CTIJM1lruzQrYZoDoiP
QICeZpjORvDsQ30BkMP0wlgNNV9o4Zv3ko07U7AxJUy6yG4ZSV0djm/r6ys=
-----END CERTIFICATE-----
Generated at Fri Sep 22 19:21:57 2023 by rpki-client on console-ams.rpki-client.org