Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c53a0576-1e08-4fba-a734-2cef153c43cb.roa
File:                     c53a0576-1e08-4fba-a734-2cef153c43cb.roa (raw, json)
Hash identifier:          MhsuuWHnnbO7Ab/cQy2Jx3H88zYxkvCWCSQmanlR3yo=
Subject key identifier:   F8:30:90:14:38:17:76:10:52:36:C0:35:87:15:78:FF:1D:94:B3:AE
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       4308CFB0129253CB8C555A25FA084BE10937F52C
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c53a0576-1e08-4fba-a734-2cef153c43cb.roa
Signing time:             Fri 22 Sep 2023 00:00:00 +0000
ROA not before:           Fri 22 Sep 2023 00:00:00 +0000
ROA not after:            Fri 27 Oct 2023 23:59:59 +0000
asID:                     16509
IP address blocks:        206.133.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 24 Sep 2023 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            43:08:cf:b0:12:92:53:cb:8c:55:5a:25:fa:08:4b:e1:09:37:f5:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Sep 22 00:00:00 2023 GMT
            Not After : Oct 27 23:59:59 2023 GMT
        Subject: serialNumber=8c3507c3f5422f75b234c2289f018feceedde4fdc5a112bbe6e0ebad597ba4df, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:07:3e:5d:da:3e:09:c6:62:fb:97:3d:fd:f6:
                    73:39:fb:14:7d:b9:f9:2e:1a:3b:82:fb:45:18:17:
                    65:93:41:1e:70:93:c8:df:eb:05:1b:1d:cf:ed:dd:
                    4e:be:24:72:d8:a6:2e:02:63:56:8e:58:c1:00:d3:
                    02:8e:a6:bd:32:9a:f3:52:e8:6a:03:f8:29:e2:93:
                    89:f3:7b:9c:3c:0c:f4:01:d0:ad:e8:45:05:d9:2f:
                    64:46:34:1f:c5:77:c8:0a:21:12:6b:af:89:68:06:
                    0a:89:9a:d6:19:a7:80:fa:33:59:1e:68:f5:5d:c3:
                    47:1e:bb:71:a7:3d:fa:49:97:46:1b:16:b3:ec:77:
                    89:c9:52:36:75:a6:fb:d5:8a:58:c4:b3:9b:fc:09:
                    8c:2b:35:51:2a:59:36:7f:60:fe:9b:32:73:7a:f1:
                    ed:db:a0:f1:cb:f5:af:7c:39:11:fc:16:b5:ff:80:
                    db:fe:5c:b3:69:ad:75:df:95:4b:d8:03:57:d7:2b:
                    9d:7f:8f:b5:49:9d:65:47:d6:e2:14:6a:78:6e:52:
                    d9:3c:d4:dd:6d:41:e3:ea:5b:6f:89:0b:5d:2f:a8:
                    ed:68:11:01:8b:84:d0:fe:da:27:7a:bc:54:1a:10:
                    1a:21:eb:5a:d1:8c:c0:48:c0:6e:0b:72:66:e7:4d:
                    d7:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:30:90:14:38:17:76:10:52:36:C0:35:87:15:78:FF:1D:94:B3:AE
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c53a0576-1e08-4fba-a734-2cef153c43cb.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  206.133.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         c1:6c:98:20:0b:ae:a5:d3:2a:c7:44:f8:18:43:59:18:50:02:
         04:65:68:5f:d5:6a:91:53:f2:47:e3:e0:fb:2a:61:80:1d:84:
         3e:13:44:05:ff:4d:82:8a:2b:d8:fd:fa:8b:46:8e:87:39:bb:
         9f:c9:e7:4c:3e:1e:31:96:bc:64:d8:b1:8a:3a:e7:2a:68:89:
         f6:cf:5d:bd:7d:59:9e:f1:dc:a4:08:87:66:d8:27:7e:1b:f3:
         d5:2e:34:d9:ca:5c:62:04:c7:e3:ab:e8:57:ff:44:9b:32:12:
         ec:1e:73:88:ab:77:54:89:de:fd:80:b1:20:97:07:67:61:7a:
         a4:f0:13:cd:5e:88:01:10:2f:d2:0f:36:81:da:93:2d:ab:52:
         56:f1:a3:92:ee:3b:ca:d0:48:ef:a3:6c:01:05:f7:08:dd:f3:
         f9:42:fa:86:64:8f:31:4d:33:ff:ea:1a:df:df:ff:c6:ea:01:
         a7:84:98:e2:0d:29:b5:19:d8:ac:ce:91:68:b5:db:7b:9a:44:
         15:60:a1:f0:e1:5a:db:89:fd:ac:33:22:8b:73:b6:1e:c1:b5:
         5f:c4:f2:6c:9d:e4:24:28:e6:07:c5:9f:2b:f3:ec:4f:58:81:
         6f:1c:ff:19:6d:fe:24:f7:d5:af:a8:bb:7f:35:cf:fa:bf:1c:
         a9:81:31:dd
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUQwjPsBKSU8uMVVol+ghL4Qk39SwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjMwOTIyMDAwMDAwWhcNMjMxMDI3MjM1OTU5
WjB6MUkwRwYDVQQFE0A4YzM1MDdjM2Y1NDIyZjc1YjIzNGMyMjg5ZjAxOGZlY2Vl
ZGRlNGZkYzVhMTEyYmJlNmUwZWJhZDU5N2JhNGRmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDbBz5d2j4JxmL7lz399nM5+xR9ufkuGjuC+0UYF2WTQR5w
k8jf6wUbHc/t3U6+JHLYpi4CY1aOWMEA0wKOpr0ymvNS6GoD+Cnik4nze5w8DPQB
0K3oRQXZL2RGNB/Fd8gKIRJrr4loBgqJmtYZp4D6M1keaPVdw0ceu3GnPfpJl0Yb
FrPsd4nJUjZ1pvvViljEs5v8CYwrNVEqWTZ/YP6bMnN68e3boPHL9a98ORH8FrX/
gNv+XLNprXXflUvYA1fXK51/j7VJnWVH1uIUanhuUtk81N1tQePqW2+JC10vqO1o
EQGLhND+2id6vFQaEBoh61rRjMBIwG4LcmbnTdexAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU+DCQFDgXdhBSNsA1hxV4/x2Us64wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2M1M2EwNTc2LTFlMDgtNGZiYS1hNzM0LTJjZWYxNTNjNDNjYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwDOhTANBgkqhkiG9w0BAQsFAAOCAQEAwWyYIAuupdMqx0T4GENZGFACBGVo
X9VqkVPyR+Pg+yphgB2EPhNEBf9Ngoor2P36i0aOhzm7n8nnTD4eMZa8ZNixijrn
KmiJ9s9dvX1ZnvHcpAiHZtgnfhvz1S402cpcYgTH46voV/9EmzIS7B5ziKt3VIne
/YCxIJcHZ2F6pPATzV6IARAv0g82gdqTLatSVvGjku47ytBI76NsAQX3CN3z+UL6
hmSPMU0z/+oa39//xuoBp4SY4g0ptRnYrM6RaLXbe5pEFWCh8OFa24n9rDMii3O2
HsG1X8TybJ3kJCjmB8WfK/PsT1iBbxz/GW3+JPfVr6i7fzXP+r8cqYEx3Q==
-----END CERTIFICATE-----
Generated at Fri Sep 22 18:47:36 2023 by rpki-client on console-fra.rpki-client.org