Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a537444f-9491-4144-a93b-138617032fc0.roa
File:                     a537444f-9491-4144-a93b-138617032fc0.roa (raw, json)
Hash identifier:          1adLEhEPA88dmIv+kMoUcdwv9PYha0/d8Q/G7D/kdQc=
Subject key identifier:   7E:F3:63:67:10:EC:A8:64:14:1D:CC:82:E5:57:39:40:66:A0:D0:76
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       27F0FC3903DA0EC5D1AB77AFEB2B530FDD815578
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a537444f-9491-4144-a93b-138617032fc0.roa
Signing time:             Fri 22 Sep 2023 00:00:00 +0000
ROA not before:           Fri 22 Sep 2023 00:00:00 +0000
ROA not after:            Fri 27 Oct 2023 23:59:59 +0000
asID:                     16509
IP address blocks:        64.252.106.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 24 Sep 2023 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            27:f0:fc:39:03:da:0e:c5:d1:ab:77:af:eb:2b:53:0f:dd:81:55:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Sep 22 00:00:00 2023 GMT
            Not After : Oct 27 23:59:59 2023 GMT
        Subject: serialNumber=0983f01ac2b5a2dc04278f3a7f485cd1329b2b2bc195f5f457e5d38d348b7d59, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:de:62:2f:dc:32:a2:8b:d4:82:92:c7:be:cf:
                    f6:29:b1:42:2d:fb:ae:d0:ea:d2:c0:f3:17:8b:03:
                    f6:86:41:36:e2:56:50:33:c8:3d:39:00:73:3e:11:
                    43:2b:3d:fa:5a:7b:d1:bb:5c:81:d3:0f:81:c1:a7:
                    c2:cc:e8:08:cb:23:42:82:74:3c:46:34:6f:f7:28:
                    51:cb:86:b0:c9:bb:c6:a6:87:06:ce:e1:7c:32:e4:
                    bb:3c:27:c1:64:4d:92:1c:af:fa:8a:7c:45:43:39:
                    f7:90:d5:bb:f9:c5:a2:b8:55:65:09:c4:f4:4c:1d:
                    aa:34:a5:fc:5f:43:3e:61:e2:46:98:13:9a:69:6b:
                    73:c6:7a:ea:00:9d:2e:b9:f1:b2:c4:f2:c2:98:da:
                    fd:a4:0d:0d:08:de:b8:0a:df:c0:fc:64:dd:17:ef:
                    45:fe:a9:19:40:f5:ce:cf:ea:06:b2:9a:a8:c5:80:
                    a6:3f:76:e9:8b:a4:53:2f:ae:66:b0:a5:c0:4d:af:
                    38:fb:07:57:59:25:86:5c:a6:a7:73:c7:9f:37:6a:
                    89:a0:29:80:f0:de:01:93:08:21:85:30:c1:b7:c8:
                    aa:f3:93:a8:03:03:b3:5b:04:d8:7b:64:0f:a2:9d:
                    68:d2:92:7d:87:88:61:4a:e2:ce:80:35:f1:c3:02:
                    cf:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:F3:63:67:10:EC:A8:64:14:1D:CC:82:E5:57:39:40:66:A0:D0:76
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a537444f-9491-4144-a93b-138617032fc0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  64.252.106.0/24

    Signature Algorithm: sha256WithRSAEncryption
         22:4a:1c:b7:12:9f:55:f7:7c:9b:bd:d2:0c:f6:14:42:20:4e:
         73:00:d8:39:e2:07:d3:17:93:d7:91:ef:6b:4e:87:87:3d:04:
         33:d8:4e:97:f8:7c:9c:92:11:fe:1b:8c:ad:69:e9:38:d7:93:
         30:80:f3:6f:89:0c:8d:ce:df:5e:5c:11:ed:02:0a:d0:4a:fa:
         38:4a:bf:9f:64:b1:a3:3f:4d:ad:52:0b:d4:a2:7b:b8:08:1a:
         da:dd:12:26:86:c3:52:d8:7a:1c:c4:fa:53:5e:fd:74:57:eb:
         f0:05:32:1c:ce:82:31:60:32:99:b7:ed:8b:d8:2b:56:a5:39:
         f6:57:9f:02:a2:3d:e8:7b:8f:3c:6e:58:6b:2f:e0:c1:e1:ff:
         ee:dc:4f:00:b8:97:16:5e:1d:79:f5:6e:d9:31:78:56:4f:bc:
         ad:61:68:74:0a:09:ba:3b:2b:e7:ec:7a:41:1c:10:72:a4:14:
         43:aa:27:b6:33:b1:93:39:36:d1:cb:11:56:a3:0b:9e:69:5a:
         aa:14:38:51:c4:70:02:3e:7a:a4:91:85:f0:21:43:fa:78:74:
         12:24:da:1e:d2:76:45:f6:ab:d0:c0:57:4c:77:6e:6f:05:8b:
         8d:fe:88:58:61:2e:49:12:be:c7:10:8a:85:f4:15:7b:c0:bb:
         ad:06:94:34
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUJ/D8OQPaDsXRq3ev6ytTD92BVXgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjMwOTIyMDAwMDAwWhcNMjMxMDI3MjM1OTU5
WjB6MUkwRwYDVQQFE0AwOTgzZjAxYWMyYjVhMmRjMDQyNzhmM2E3ZjQ4NWNkMTMy
OWIyYjJiYzE5NWY1ZjQ1N2U1ZDM4ZDM0OGI3ZDU5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDL3mIv3DKii9SCkse+z/YpsUIt+67Q6tLA8xeLA/aGQTbi
VlAzyD05AHM+EUMrPfpae9G7XIHTD4HBp8LM6AjLI0KCdDxGNG/3KFHLhrDJu8am
hwbO4Xwy5Ls8J8FkTZIcr/qKfEVDOfeQ1bv5xaK4VWUJxPRMHao0pfxfQz5h4kaY
E5ppa3PGeuoAnS658bLE8sKY2v2kDQ0I3rgK38D8ZN0X70X+qRlA9c7P6gaymqjF
gKY/dumLpFMvrmawpcBNrzj7B1dZJYZcpqdzx583aomgKYDw3gGTCCGFMMG3yKrz
k6gDA7NbBNh7ZA+inWjSkn2HiGFK4s6ANfHDAs/DAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUfvNjZxDsqGQUHcyC5Vc5QGag0HYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2E1Mzc0NDRmLTk0OTEtNDE0NC1hOTNiLTEzODYxNzAzMmZjMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABA/GowDQYJKoZIhvcNAQELBQADggEBACJKHLcSn1X3fJu90gz2FEIgTnMA
2DniB9MXk9eR72tOh4c9BDPYTpf4fJySEf4bjK1p6TjXkzCA82+JDI3O315cEe0C
CtBK+jhKv59ksaM/Ta1SC9Sie7gIGtrdEiaGw1LYehzE+lNe/XRX6/AFMhzOgjFg
Mpm37YvYK1alOfZXnwKiPeh7jzxuWGsv4MHh/+7cTwC4lxZeHXn1btkxeFZPvK1h
aHQKCbo7K+fsekEcEHKkFEOqJ7YzsZM5NtHLEVajC55pWqoUOFHEcAI+eqSRhfAh
Q/p4dBIk2h7SdkX2q9DAV0x3bm8Fi43+iFhhLkkSvscQioX0FXvAu60GlDQ=
-----END CERTIFICATE-----
Generated at Fri Sep 22 22:27:02 2023 by rpki-client on console-fra.rpki-client.org