Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ac0e1b21-614e-4a93-afb4-0c6709d67c6b.roa
File:                     ac0e1b21-614e-4a93-afb4-0c6709d67c6b.roa (raw, json)
Hash identifier:          FyAzQCl2/II974rpKDvwxBr12/eQDIU4YBtuKAflo/w=
Subject key identifier:   A9:FF:03:A9:F7:CB:20:54:56:8D:12:49:D3:3F:39:5B:35:AE:CE:40
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0EBD8AB7A78AD47A5282C28BF2C3D9EE07CCE571
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ac0e1b21-614e-4a93-afb4-0c6709d67c6b.roa
Signing time:             Sat 23 Sep 2023 00:00:00 +0000
ROA not before:           Sat 23 Sep 2023 00:00:00 +0000
ROA not after:            Sat 28 Oct 2023 23:59:59 +0000
asID:                     16509
IP address blocks:        99.150.40.0/21 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 24 Sep 2023 12:11:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0e:bd:8a:b7:a7:8a:d4:7a:52:82:c2:8b:f2:c3:d9:ee:07:cc:e5:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Sep 23 00:00:00 2023 GMT
            Not After : Oct 28 23:59:59 2023 GMT
        Subject: serialNumber=f699cc04ee8438118b0a2e8d72465753b9bb8fac93049541457df0807b20329c, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:32:ec:0f:31:0f:99:b9:07:37:70:51:58:89:
                    97:86:c4:86:36:62:23:7a:65:e4:ad:68:bd:5f:f9:
                    5c:52:a0:3c:67:c4:b3:38:98:aa:62:b9:b9:e4:01:
                    47:d1:ba:86:69:21:82:4b:16:17:a4:76:ee:64:5b:
                    17:76:01:03:f8:cb:b2:39:c0:b8:38:fe:ae:4c:ba:
                    f1:7f:01:37:a3:d0:72:0e:81:aa:74:70:e0:f7:ae:
                    c1:b9:39:dc:e2:60:7d:f2:6b:a4:44:12:97:e4:98:
                    3d:fb:1e:3c:48:df:fd:13:b2:2a:31:cd:12:4f:fd:
                    78:cf:dc:39:88:e7:bd:a6:64:d9:8f:b4:19:23:fe:
                    84:a6:4d:1b:6f:1c:d7:03:4f:d1:6e:0c:b7:0e:a9:
                    07:46:d0:84:62:a1:87:8b:8c:52:89:09:21:57:8c:
                    0f:21:7a:ee:dd:fc:63:2e:8a:ac:f7:46:a4:a9:0a:
                    59:62:bb:79:5d:58:ea:98:bf:57:e5:55:1c:85:24:
                    9d:70:d8:48:26:a3:b1:17:60:81:22:96:5a:71:7d:
                    9b:f7:8a:4b:fa:98:78:e6:96:30:19:b7:8b:ab:f4:
                    53:88:2f:fc:5b:6d:b0:aa:40:2f:c1:52:31:e6:35:
                    e4:17:f4:37:6f:8d:a1:c7:3d:07:47:0c:6f:f4:91:
                    6b:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:FF:03:A9:F7:CB:20:54:56:8D:12:49:D3:3F:39:5B:35:AE:CE:40
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ac0e1b21-614e-4a93-afb4-0c6709d67c6b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.150.40.0/21

    Signature Algorithm: sha256WithRSAEncryption
         41:76:c5:11:4f:98:30:17:2e:05:17:d3:db:da:46:a7:2d:6e:
         98:6b:36:64:d4:d4:39:e2:9a:ee:cc:30:8d:69:43:ef:f0:5a:
         94:5f:36:5a:ce:4d:53:61:f0:fd:02:f5:6d:20:6e:ea:f1:53:
         25:8c:1a:21:50:97:04:ab:99:0f:80:10:71:83:ea:b1:6d:77:
         8f:92:e9:27:5e:e6:e2:40:20:08:6c:a1:b5:7d:8b:03:9d:68:
         cc:c5:c9:f8:6b:98:44:3e:3b:37:66:63:58:07:5a:15:70:ca:
         e0:5b:87:f0:c2:1a:7f:6c:f2:9a:0e:58:5d:50:40:17:4e:37:
         35:a3:bc:de:de:e3:ee:69:41:24:ab:7c:0f:af:39:1c:59:1c:
         2b:5f:a0:c2:82:27:be:d5:68:3e:f1:df:a6:bf:6e:27:cd:11:
         a5:c2:7a:6b:f9:bc:2e:b0:5b:3b:65:1b:09:5b:f7:d7:97:a7:
         98:32:a8:58:6b:94:f2:33:80:79:7e:b2:11:dd:63:1a:a4:5c:
         f9:5c:61:14:04:1d:35:db:95:b7:c4:76:cb:75:f2:8e:4d:82:
         30:48:72:13:90:8a:ec:9b:52:40:1b:63:f4:1d:bf:c1:3f:11:
         96:a5:05:fe:fc:f7:b5:2f:d2:4e:8a:d6:2c:a9:fe:08:11:eb:
         63:47:85:f6
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUDr2Kt6eK1HpSgsKL8sPZ7gfM5XEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjMwOTIzMDAwMDAwWhcNMjMxMDI4MjM1OTU5
WjB6MUkwRwYDVQQFE0BmNjk5Y2MwNGVlODQzODExOGIwYTJlOGQ3MjQ2NTc1M2I5
YmI4ZmFjOTMwNDk1NDE0NTdkZjA4MDdiMjAzMjljMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDpMuwPMQ+ZuQc3cFFYiZeGxIY2YiN6ZeStaL1f+VxSoDxn
xLM4mKpiubnkAUfRuoZpIYJLFhekdu5kWxd2AQP4y7I5wLg4/q5MuvF/ATej0HIO
gap0cOD3rsG5OdziYH3ya6REEpfkmD37HjxI3/0TsioxzRJP/XjP3DmI572mZNmP
tBkj/oSmTRtvHNcDT9FuDLcOqQdG0IRioYeLjFKJCSFXjA8heu7d/GMuiqz3RqSp
Clliu3ldWOqYv1flVRyFJJ1w2Egmo7EXYIEillpxfZv3ikv6mHjmljAZt4ur9FOI
L/xbbbCqQC/BUjHmNeQX9DdvjaHHPQdHDG/0kWs5AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUqf8DqffLIFRWjRJJ0z85WzWuzkAwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2FjMGUxYjIxLTYxNGUtNGE5My1hZmI0LTBjNjcwOWQ2N2M2Yi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBANjligwDQYJKoZIhvcNAQELBQADggEBAEF2xRFPmDAXLgUX09vaRqctbphr
NmTU1Dnimu7MMI1pQ+/wWpRfNlrOTVNh8P0C9W0gburxUyWMGiFQlwSrmQ+AEHGD
6rFtd4+S6Sde5uJAIAhsobV9iwOdaMzFyfhrmEQ+OzdmY1gHWhVwyuBbh/DCGn9s
8poOWF1QQBdONzWjvN7e4+5pQSSrfA+vORxZHCtfoMKCJ77VaD7x36a/bifNEaXC
emv5vC6wWztlGwlb99eXp5gyqFhrlPIzgHl+shHdYxqkXPlcYRQEHTXblbfEdst1
8o5NgjBIchOQiuybUkAbY/Qdv8E/EZalBf7897Uv0k6K1iyp/ggR62NHhfY=
-----END CERTIFICATE-----
Generated at Sat Sep 23 00:38:46 2023 by rpki-client on console-ams.rpki-client.org