Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b7a5a7c8-080f-4821-b0ca-fbdfcc05b292.roa
File:                     b7a5a7c8-080f-4821-b0ca-fbdfcc05b292.roa (raw, json)
Hash identifier:          9c+9Vhi0ojX9u00aJubq3TMLUaKwpenv+XCSP+9ErlY=
Subject key identifier:   AC:B7:02:EC:7A:02:85:1A:7D:C7:62:B9:48:12:FA:A0:04:EA:A3:4B
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       70AADFC983C508C8DC78E57B95805FF03E22F408
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b7a5a7c8-080f-4821-b0ca-fbdfcc05b292.roa
Signing time:             Fri 22 Sep 2023 00:00:00 +0000
ROA not before:           Fri 22 Sep 2023 00:00:00 +0000
ROA not after:            Fri 27 Oct 2023 23:59:59 +0000
asID:                     16509
IP address blocks:        149.180.0.0/17 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 24 Sep 2023 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            70:aa:df:c9:83:c5:08:c8:dc:78:e5:7b:95:80:5f:f0:3e:22:f4:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Sep 22 00:00:00 2023 GMT
            Not After : Oct 27 23:59:59 2023 GMT
        Subject: serialNumber=913be5e67c9c0e565b1d49ee4df5895b5f736d311bbd6653ba089641fc8cec29, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:67:e1:5c:ea:a0:b2:40:05:69:9b:f4:68:3f:
                    c6:1e:68:00:c6:a5:19:81:b4:2d:e2:1b:05:17:85:
                    d3:f0:c7:79:4a:15:bf:99:e0:51:ed:9d:ff:be:dd:
                    63:7d:fb:0e:35:be:01:71:ea:40:8b:80:e9:90:36:
                    d3:86:3c:d5:f9:83:0d:e8:cf:18:4f:53:22:64:08:
                    8e:d2:53:6d:b7:f9:e1:e0:af:c2:22:fb:ce:5b:c8:
                    c4:60:ae:2a:8c:4a:1d:4b:8a:95:d1:10:b0:74:64:
                    ff:9a:03:01:4a:f3:25:b0:76:dc:95:bd:26:64:dc:
                    0c:39:43:ad:16:f3:e3:e0:39:25:63:7b:9b:87:29:
                    46:be:ec:a2:a3:fe:d1:c7:87:a9:03:02:12:de:0b:
                    c2:72:0c:1c:69:ce:8a:29:de:db:ec:26:56:53:4d:
                    4a:01:18:bf:37:9d:cd:83:98:b9:d8:93:e8:40:02:
                    49:aa:c7:db:be:25:45:88:15:31:2e:3f:59:37:fc:
                    54:9c:96:44:40:11:f2:40:22:7c:eb:ec:bf:d9:3b:
                    8a:a3:dd:e7:cd:07:52:6a:5a:66:78:9c:a6:8b:7f:
                    d5:61:13:7b:57:04:de:ab:e8:27:f0:ad:eb:5d:1b:
                    20:2f:ed:7f:ac:01:05:08:4b:21:4e:a3:8a:e5:a1:
                    ef:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:B7:02:EC:7A:02:85:1A:7D:C7:62:B9:48:12:FA:A0:04:EA:A3:4B
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b7a5a7c8-080f-4821-b0ca-fbdfcc05b292.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  149.180.0.0/17

    Signature Algorithm: sha256WithRSAEncryption
         8e:38:e1:22:b0:35:15:76:15:47:22:b2:b6:20:ad:7f:b8:2c:
         b6:db:d2:03:29:60:ce:e2:be:53:fe:24:17:69:bf:7f:4f:97:
         fb:57:e7:b7:83:8a:cc:43:85:f1:0c:23:ac:b2:5c:e7:ae:68:
         1b:85:85:12:d4:7c:f9:b0:ed:e6:a5:10:be:d7:cc:17:dc:32:
         6d:ee:5b:12:1d:61:f1:de:74:49:51:09:1f:15:08:56:e1:35:
         45:b8:12:d0:8e:13:ec:58:7f:44:4f:45:48:d9:55:26:28:4e:
         7e:51:ed:85:52:54:d6:96:5e:e1:1a:10:e4:83:19:f8:13:eb:
         ed:8a:cb:3e:20:21:f6:87:8c:21:26:d7:52:75:b5:cb:1f:ab:
         ed:0a:b5:cd:76:9f:25:b6:15:45:9f:bf:32:83:09:e8:2b:90:
         b8:93:f4:80:8d:f9:ce:0e:0f:68:8e:54:db:83:09:13:aa:de:
         2e:fa:68:24:94:ab:b6:c8:71:ea:23:a5:5b:03:64:5e:87:93:
         2d:b8:6f:40:52:9a:5d:fe:d7:c2:be:b5:23:c4:0d:b0:d3:9f:
         17:ee:ea:2d:d0:a5:31:c7:5b:ef:24:6e:c7:32:5f:27:af:41:
         7f:b9:48:e3:b1:96:af:ce:c4:68:f9:12:1e:d8:70:1d:fc:8a:
         e5:11:74:0d
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUcKrfyYPFCMjceOV7lYBf8D4i9AgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjMwOTIyMDAwMDAwWhcNMjMxMDI3MjM1OTU5
WjB6MUkwRwYDVQQFE0A5MTNiZTVlNjdjOWMwZTU2NWIxZDQ5ZWU0ZGY1ODk1YjVm
NzM2ZDMxMWJiZDY2NTNiYTA4OTY0MWZjOGNlYzI5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC5Z+Fc6qCyQAVpm/RoP8YeaADGpRmBtC3iGwUXhdPwx3lK
Fb+Z4FHtnf++3WN9+w41vgFx6kCLgOmQNtOGPNX5gw3ozxhPUyJkCI7SU223+eHg
r8Ii+85byMRgriqMSh1LipXRELB0ZP+aAwFK8yWwdtyVvSZk3Aw5Q60W8+PgOSVj
e5uHKUa+7KKj/tHHh6kDAhLeC8JyDBxpzoop3tvsJlZTTUoBGL83nc2DmLnYk+hA
Akmqx9u+JUWIFTEuP1k3/FSclkRAEfJAInzr7L/ZO4qj3efNB1JqWmZ4nKaLf9Vh
E3tXBN6r6CfwretdGyAv7X+sAQUISyFOo4rloe9ZAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUrLcC7HoChRp9x2K5SBL6oATqo0swHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2I3YTVhN2M4LTA4MGYtNDgyMS1iMGNhLWZiZGZjYzA1YjI5Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAeVtAAwDQYJKoZIhvcNAQELBQADggEBAI444SKwNRV2FUcisrYgrX+4LLbb
0gMpYM7ivlP+JBdpv39Pl/tX57eDisxDhfEMI6yyXOeuaBuFhRLUfPmw7ealEL7X
zBfcMm3uWxIdYfHedElRCR8VCFbhNUW4EtCOE+xYf0RPRUjZVSYoTn5R7YVSVNaW
XuEaEOSDGfgT6+2Kyz4gIfaHjCEm11J1tcsfq+0Ktc12nyW2FUWfvzKDCegrkLiT
9ICN+c4OD2iOVNuDCROq3i76aCSUq7bIceojpVsDZF6Hky24b0BSml3+18K+tSPE
DbDTnxfu6i3QpTHHW+8kbscyXyevQX+5SOOxlq/OxGj5Eh7YcB38iuURdA0=
-----END CERTIFICATE-----
Generated at Fri Sep 22 20:36:16 2023 by rpki-client on console-fra.rpki-client.org