Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b638a86e-2174-4795-b7a4-540333a16485.roa
File:                     b638a86e-2174-4795-b7a4-540333a16485.roa (raw, json)
Hash identifier:          kn303LH1AFbgvtpprCXO/NsoZpH0HJZLzrbqLLvsm1c=
Subject key identifier:   13:3C:12:5A:38:AA:A1:05:25:4C:31:19:7C:F6:AE:FC:A8:A2:6D:E4
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       537F3B6364BBD1960FED1F683BDBFB08D0790D9F
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b638a86e-2174-4795-b7a4-540333a16485.roa
Signing time:             Mon 18 Mar 2024 00:00:00 +0000
ROA not before:           Mon 18 Mar 2024 00:00:00 +0000
ROA not after:            Mon 22 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        54.43.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 30 Mar 2024 12:04:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            53:7f:3b:63:64:bb:d1:96:0f:ed:1f:68:3b:db:fb:08:d0:79:0d:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 18 00:00:00 2024 GMT
            Not After : Apr 22 23:59:59 2024 GMT
        Subject: serialNumber=65476b709591aa0ffd5f51e93a9928501d842a10917624dacf8f1bb5277223b3, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:b7:63:ff:f9:53:c2:86:2d:a5:91:0d:b5:57:
                    97:19:43:45:3e:d6:1b:7e:b6:f3:33:df:e2:02:ef:
                    08:02:84:23:e9:42:05:8d:a6:00:fd:f3:18:6a:8e:
                    fd:b9:6c:c8:e7:a5:c5:14:48:0b:cb:64:90:df:dc:
                    37:93:e1:bb:b7:d8:ef:a8:0b:07:be:39:d4:05:3d:
                    4d:53:4d:2c:16:53:df:3b:7f:88:9d:78:1b:ab:f2:
                    1b:dd:86:d0:a2:b8:69:51:a2:cd:4e:7e:6a:da:50:
                    2a:f9:6b:9f:a8:59:47:c6:6f:29:63:a1:f8:03:d4:
                    ed:f0:c7:5e:2a:c0:5f:66:1a:5b:dd:ad:03:33:37:
                    74:d3:a1:06:13:10:08:f8:fb:f9:65:46:43:f4:7a:
                    7e:ba:35:6f:4d:b9:f5:0a:90:42:4c:94:d3:26:c1:
                    75:ad:b3:98:4c:86:12:00:9b:25:71:79:a4:11:b5:
                    fd:10:b8:80:ea:8c:ae:b6:03:fb:33:5a:6d:e0:cb:
                    ce:69:1c:0f:11:16:36:52:ba:8e:b1:ec:90:11:fc:
                    21:08:76:1d:79:30:fc:f4:c5:6c:c2:02:5c:aa:20:
                    cb:d3:44:04:4a:de:66:93:06:52:a9:a7:7f:6b:1c:
                    6a:3e:69:50:73:9d:75:e4:47:a5:bb:cd:42:28:d1:
                    cb:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:3C:12:5A:38:AA:A1:05:25:4C:31:19:7C:F6:AE:FC:A8:A2:6D:E4
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b638a86e-2174-4795-b7a4-540333a16485.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.43.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         20:60:ee:0a:fc:0b:d3:c5:3a:17:19:e8:09:3d:63:a6:c7:d4:
         6a:c6:0a:58:93:0a:8e:bc:e5:15:d4:83:79:27:de:6e:f5:ec:
         c4:7e:a0:bb:ee:78:e6:ba:d7:3e:ff:22:40:d3:84:0e:6d:eb:
         ec:50:ea:f8:ca:8d:f3:90:bb:62:a6:ce:ae:2a:d3:23:be:19:
         a3:2f:bd:e7:0e:c3:ca:2d:45:d4:fd:be:20:f0:24:e1:9b:cf:
         59:cb:54:32:a9:39:82:3f:30:28:e5:20:1c:d1:4d:d3:5e:06:
         58:6d:f2:6c:cd:2b:85:10:d7:19:14:c0:e3:98:35:66:f0:a0:
         ce:93:1d:a8:c6:8f:f2:d5:31:7b:38:21:3b:ff:ea:1d:72:67:
         9b:f2:26:1e:ac:12:dc:0b:27:d6:dc:e6:f0:73:d9:bf:aa:f6:
         cf:0a:50:f4:0d:ac:54:02:5f:50:a1:49:fd:e3:98:26:fe:80:
         95:8d:d5:9f:c6:2d:60:38:85:19:4d:13:ba:b6:76:5e:42:96:
         27:d0:88:44:6b:71:f4:9d:f5:c9:88:2b:c9:b0:9c:41:bf:5c:
         a3:0e:53:fb:cd:c6:b7:41:8a:df:ef:9c:ca:6e:82:4b:b5:0a:
         0b:ce:ec:09:74:39:83:96:74:b5:ad:ff:62:ad:78:81:9e:3a:
         c6:dc:48:74
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUU387Y2S70ZYP7R9oO9v7CNB5DZ8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE4MDAwMDAwWhcNMjQwNDIyMjM1OTU5
WjB6MUkwRwYDVQQFE0A2NTQ3NmI3MDk1OTFhYTBmZmQ1ZjUxZTkzYTk5Mjg1MDFk
ODQyYTEwOTE3NjI0ZGFjZjhmMWJiNTI3NzIyM2IzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDNt2P/+VPChi2lkQ21V5cZQ0U+1ht+tvMz3+IC7wgChCPp
QgWNpgD98xhqjv25bMjnpcUUSAvLZJDf3DeT4bu32O+oCwe+OdQFPU1TTSwWU987
f4ideBur8hvdhtCiuGlRos1OfmraUCr5a5+oWUfGbyljofgD1O3wx14qwF9mGlvd
rQMzN3TToQYTEAj4+/llRkP0en66NW9NufUKkEJMlNMmwXWts5hMhhIAmyVxeaQR
tf0QuIDqjK62A/szWm3gy85pHA8RFjZSuo6x7JAR/CEIdh15MPz0xWzCAlyqIMvT
RARK3maTBlKpp39rHGo+aVBznXXkR6W7zUIo0ctBAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUEzwSWjiqoQUlTDEZfPau/KiibeQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2I2MzhhODZlLTIxNzQtNDc5NS1iN2E0LTU0MDMzM2ExNjQ4NS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA2KzANBgkqhkiG9w0BAQsFAAOCAQEAIGDuCvwL08U6FxnoCT1jpsfUasYK
WJMKjrzlFdSDeSfebvXsxH6gu+545rrXPv8iQNOEDm3r7FDq+MqN85C7YqbOrirT
I74Zoy+95w7Dyi1F1P2+IPAk4ZvPWctUMqk5gj8wKOUgHNFN014GWG3ybM0rhRDX
GRTA45g1ZvCgzpMdqMaP8tUxezghO//qHXJnm/ImHqwS3Asn1tzm8HPZv6r2zwpQ
9A2sVAJfUKFJ/eOYJv6AlY3Vn8YtYDiFGU0TurZ2XkKWJ9CIRGtx9J31yYgrybCc
Qb9cow5T+83Gt0GK3++cym6CS7UKC87sCXQ5g5Z0ta3/Yq14gZ46xtxIdA==
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:17:31 2024 by rpki-client on console-ams.rpki-client.org