Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b8ae0d6d-16cf-40c3-9a3e-054480e1b35b.roa
File:                     b8ae0d6d-16cf-40c3-9a3e-054480e1b35b.roa (raw, json)
Hash identifier:          I9V/tWrN1EXdywdFoQZe6m28wnfcIv9REzUenUg5b88=
Subject key identifier:   E0:27:51:16:D2:E1:EB:07:0B:D7:C7:D4:03:AE:EB:2B:DE:31:75:3C
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       4134FD4588DA7D9E3CAADB8A143105D825271E02
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b8ae0d6d-16cf-40c3-9a3e-054480e1b35b.roa
Signing time:             Fri 22 Sep 2023 00:00:00 +0000
ROA not before:           Fri 22 Sep 2023 00:00:00 +0000
ROA not after:            Fri 27 Oct 2023 23:59:59 +0000
asID:                     16509
IP address blocks:        206.134.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 24 Sep 2023 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            41:34:fd:45:88:da:7d:9e:3c:aa:db:8a:14:31:05:d8:25:27:1e:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Sep 22 00:00:00 2023 GMT
            Not After : Oct 27 23:59:59 2023 GMT
        Subject: serialNumber=3295ecc64afccbef6da7a411c93bb8b29f7b60f86398204f6adbae7b466d511e, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:b9:de:36:38:08:b3:8a:8a:c4:ed:0e:ef:01:
                    7a:02:98:11:8d:31:37:92:a7:01:04:76:a9:2c:5c:
                    27:73:53:62:fb:7a:68:86:c3:01:a5:4e:53:92:e1:
                    4a:39:8d:ff:39:c4:6e:d8:57:4b:d8:bf:06:56:48:
                    d3:e2:79:38:d9:5d:e4:7a:a8:fc:6b:6d:ef:2e:45:
                    71:7f:90:05:3d:53:32:95:ae:f8:f1:29:4e:28:d1:
                    97:6a:07:42:4a:06:86:ea:b0:cb:39:6f:91:2e:6c:
                    80:e1:44:82:0b:31:01:b9:22:65:27:69:8d:a4:87:
                    f2:c9:bc:15:6b:38:73:82:79:29:d0:3b:26:10:d1:
                    d6:68:b4:c6:7f:4e:fc:7a:b0:ce:a8:a4:8d:f2:2c:
                    8f:bc:7a:4e:62:74:ff:64:b9:2d:38:23:04:78:82:
                    fe:ef:3e:18:55:40:29:69:a8:c7:0e:25:59:a7:ec:
                    6f:e5:54:e2:f0:1d:63:be:b4:07:f6:8d:69:e0:11:
                    0b:6f:86:5a:72:fc:56:41:11:f3:0e:9b:6a:c6:73:
                    c9:a9:83:8b:87:41:a7:d9:32:c3:80:57:79:7b:07:
                    7f:74:2c:d7:bd:32:ca:ad:cf:d5:6f:2f:01:32:cd:
                    40:1d:76:02:73:6a:0c:75:0a:cd:94:2d:13:54:b4:
                    b4:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:27:51:16:D2:E1:EB:07:0B:D7:C7:D4:03:AE:EB:2B:DE:31:75:3C
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b8ae0d6d-16cf-40c3-9a3e-054480e1b35b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  206.134.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         60:ee:94:e3:7a:b1:8d:a3:7a:3b:a1:04:ca:44:f6:0a:ad:0d:
         23:13:60:1d:c6:1b:b9:19:12:c2:cc:ad:5d:6d:34:09:50:42:
         91:66:b7:88:cb:dd:13:ac:ff:07:75:d0:fb:ec:4c:e6:48:ce:
         33:cb:6b:9a:d4:a3:af:a5:e8:64:37:14:e8:74:1e:b2:b3:1a:
         fa:ce:28:2f:6e:0a:84:79:18:28:5e:ac:c8:35:ab:9d:23:9a:
         48:30:e5:71:6f:5a:ab:ef:e0:43:c7:82:c2:ae:35:7a:a7:95:
         22:e4:5d:66:c4:ae:0d:fc:1f:c9:9c:ab:92:1d:2b:c6:07:76:
         5d:92:a3:4f:19:01:0e:93:00:f5:a4:64:90:e9:16:80:a1:aa:
         f3:34:72:32:5e:2d:6a:14:cc:d9:0c:82:6a:2d:37:51:c6:21:
         62:66:b4:e8:85:17:83:59:a2:8b:df:7a:4c:4c:94:15:18:a5:
         5a:ff:6b:6d:de:67:08:07:ab:9d:fb:b6:81:7a:ea:9e:e2:dd:
         45:2e:14:d8:cc:d8:ec:22:ed:a2:ea:9f:2f:cf:3a:90:3d:19:
         68:ea:a6:0a:df:9a:78:a1:cc:1e:18:bc:1c:0c:ee:bb:8b:fd:
         19:74:43:07:01:16:17:6b:3e:26:8b:bc:6f:c4:84:71:58:49:
         e7:3a:e1:23
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUQTT9RYjafZ48qtuKFDEF2CUnHgIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjMwOTIyMDAwMDAwWhcNMjMxMDI3MjM1OTU5
WjB6MUkwRwYDVQQFE0AzMjk1ZWNjNjRhZmNjYmVmNmRhN2E0MTFjOTNiYjhiMjlm
N2I2MGY4NjM5ODIwNGY2YWRiYWU3YjQ2NmQ1MTFlMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCpud42OAiziorE7Q7vAXoCmBGNMTeSpwEEdqksXCdzU2L7
emiGwwGlTlOS4Uo5jf85xG7YV0vYvwZWSNPieTjZXeR6qPxrbe8uRXF/kAU9UzKV
rvjxKU4o0ZdqB0JKBobqsMs5b5EubIDhRIILMQG5ImUnaY2kh/LJvBVrOHOCeSnQ
OyYQ0dZotMZ/Tvx6sM6opI3yLI+8ek5idP9kuS04IwR4gv7vPhhVQClpqMcOJVmn
7G/lVOLwHWO+tAf2jWngEQtvhlpy/FZBEfMOm2rGc8mpg4uHQafZMsOAV3l7B390
LNe9Msqtz9VvLwEyzUAddgJzagx1Cs2ULRNUtLT5AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU4CdRFtLh6wcL18fUA67rK94xdTwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2I4YWUwZDZkLTE2Y2YtNDBjMy05YTNlLTA1NDQ4MGUxYjM1Yi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwDOhjANBgkqhkiG9w0BAQsFAAOCAQEAYO6U43qxjaN6O6EEykT2Cq0NIxNg
HcYbuRkSwsytXW00CVBCkWa3iMvdE6z/B3XQ++xM5kjOM8trmtSjr6XoZDcU6HQe
srMa+s4oL24KhHkYKF6syDWrnSOaSDDlcW9aq+/gQ8eCwq41eqeVIuRdZsSuDfwf
yZyrkh0rxgd2XZKjTxkBDpMA9aRkkOkWgKGq8zRyMl4tahTM2QyCai03UcYhYma0
6IUXg1mii996TEyUFRilWv9rbd5nCAernfu2gXrqnuLdRS4U2MzY7CLtouqfL886
kD0ZaOqmCt+aeKHMHhi8HAzuu4v9GXRDBwEWF2s+Jou8b8SEcVhJ5zrhIw==
-----END CERTIFICATE-----
Generated at Fri Sep 22 19:21:57 2023 by rpki-client on console-ams.rpki-client.org