Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c5989b5a-6ca7-4f3b-94d1-8295ab72632c.roa
File:                     c5989b5a-6ca7-4f3b-94d1-8295ab72632c.roa (raw, json)
Hash identifier:          4aYWEOV0lRFZC0m+UU0T8xqDoDwPpUzEtNOsU7GzeD8=
Subject key identifier:   D1:67:8D:6C:02:F0:9B:66:0E:34:04:6A:8F:33:C8:FD:E6:D8:24:45
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       258423139E7AD64CD2F0C366EAA63EA51A47D1D2
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c5989b5a-6ca7-4f3b-94d1-8295ab72632c.roa
Signing time:             Fri 22 Sep 2023 00:00:00 +0000
ROA not before:           Fri 22 Sep 2023 00:00:00 +0000
ROA not after:            Fri 27 Oct 2023 23:59:59 +0000
asID:                     16509
IP address blocks:        162.213.233.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 24 Sep 2023 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            25:84:23:13:9e:7a:d6:4c:d2:f0:c3:66:ea:a6:3e:a5:1a:47:d1:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Sep 22 00:00:00 2023 GMT
            Not After : Oct 27 23:59:59 2023 GMT
        Subject: serialNumber=5fa573148cb8f9e4c98da2b7c4d5627b6981db582dcd355d1392d83ee0d63af0, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:8f:06:35:af:b4:f9:d6:bc:0a:41:62:b4:66:
                    b5:51:78:54:37:80:f4:9d:a2:99:96:a2:cd:0f:99:
                    30:ea:01:57:88:f4:df:c2:de:39:2d:85:fa:99:88:
                    9a:f3:1c:a4:3d:26:52:94:7e:95:4c:bf:70:b4:e9:
                    ea:22:24:3d:1b:b1:6a:5e:e3:45:61:3f:ab:33:bb:
                    b7:aa:f3:42:4d:e9:18:fa:95:4a:ae:1c:7e:c6:83:
                    ce:29:9b:4c:2c:64:ad:0d:87:8f:a5:85:8e:75:11:
                    38:02:d3:d2:1f:51:0e:03:31:da:ef:2b:50:bc:c1:
                    e5:ab:af:75:af:d7:09:b2:ff:9a:48:2d:64:3b:c1:
                    58:e5:66:5d:5e:b1:2b:c7:cb:23:08:e2:f0:1e:f0:
                    23:be:26:55:a0:33:87:00:d0:8c:39:40:a6:16:d3:
                    9b:6a:46:97:ea:7d:c8:bc:b3:f1:a8:1d:35:62:c3:
                    6c:35:89:c5:da:d9:16:2c:b0:40:79:42:4d:d0:83:
                    21:6b:f9:d4:65:a8:52:8b:59:93:6e:12:d7:fa:aa:
                    ca:42:7d:b5:ee:7a:00:a9:23:f2:c2:03:4d:2a:8b:
                    64:c9:4e:85:24:58:d9:88:76:43:75:ba:8e:81:a5:
                    19:a1:96:36:5c:c4:00:50:1d:c0:3e:40:fe:8d:9f:
                    1b:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:67:8D:6C:02:F0:9B:66:0E:34:04:6A:8F:33:C8:FD:E6:D8:24:45
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c5989b5a-6ca7-4f3b-94d1-8295ab72632c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  162.213.233.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b2:6d:95:51:07:20:06:92:39:3c:ee:1c:25:15:cb:c1:bb:b7:
         51:1b:46:d0:f2:ba:f0:cf:76:30:16:58:d7:58:bf:10:7f:19:
         83:57:62:6c:51:55:af:af:52:36:a1:61:8d:08:3c:b1:e6:f4:
         83:50:10:89:96:85:81:5b:a3:d6:60:f9:e2:09:4a:a7:2b:18:
         32:fb:00:d2:08:bd:5f:3d:3c:54:df:05:4b:54:1b:6a:5b:60:
         fc:6b:3b:e7:1e:9a:55:1b:c9:0c:3c:0a:60:aa:55:bb:36:94:
         ce:38:a5:5d:96:85:3f:ca:43:ce:fa:16:b2:5c:76:22:43:37:
         56:7b:af:2d:be:0e:e9:9c:15:cf:cd:fc:a7:d3:25:f3:70:e2:
         fd:1e:f3:14:51:a7:9b:42:51:59:2c:20:d0:81:2b:6b:73:d4:
         6a:47:04:37:ce:03:05:df:3f:6d:51:0d:3b:cb:04:44:78:91:
         13:aa:ff:e8:9d:b4:c7:14:91:1e:38:87:17:c6:52:9a:52:f4:
         84:d3:0f:bc:b5:ae:5a:8a:b1:9a:3c:f1:96:a8:48:fa:8c:20:
         f6:95:33:19:83:2a:98:28:d5:48:60:f6:17:4b:29:64:21:d8:
         6f:c2:d0:35:a6:83:2a:e2:e8:29:36:15:2b:01:50:74:0f:af:
         87:20:1d:5c
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUJYQjE5561kzS8MNm6qY+pRpH0dIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjMwOTIyMDAwMDAwWhcNMjMxMDI3MjM1OTU5
WjB6MUkwRwYDVQQFE0A1ZmE1NzMxNDhjYjhmOWU0Yzk4ZGEyYjdjNGQ1NjI3YjY5
ODFkYjU4MmRjZDM1NWQxMzkyZDgzZWUwZDYzYWYwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCvjwY1r7T51rwKQWK0ZrVReFQ3gPSdopmWos0PmTDqAVeI
9N/C3jkthfqZiJrzHKQ9JlKUfpVMv3C06eoiJD0bsWpe40VhP6szu7eq80JN6Rj6
lUquHH7Gg84pm0wsZK0Nh4+lhY51ETgC09IfUQ4DMdrvK1C8weWrr3Wv1wmy/5pI
LWQ7wVjlZl1esSvHyyMI4vAe8CO+JlWgM4cA0Iw5QKYW05tqRpfqfci8s/GoHTVi
w2w1icXa2RYssEB5Qk3QgyFr+dRlqFKLWZNuEtf6qspCfbXuegCpI/LCA00qi2TJ
ToUkWNmIdkN1uo6BpRmhljZcxABQHcA+QP6NnxvLAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU0WeNbALwm2YONARqjzPI/ebYJEUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2M1OTg5YjVhLTZjYTctNGYzYi05NGQxLTgyOTVhYjcyNjMyYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBACi1ekwDQYJKoZIhvcNAQELBQADggEBALJtlVEHIAaSOTzuHCUVy8G7t1Eb
RtDyuvDPdjAWWNdYvxB/GYNXYmxRVa+vUjahYY0IPLHm9INQEImWhYFbo9Zg+eIJ
SqcrGDL7ANIIvV89PFTfBUtUG2pbYPxrO+cemlUbyQw8CmCqVbs2lM44pV2WhT/K
Q876FrJcdiJDN1Z7ry2+DumcFc/N/KfTJfNw4v0e8xRRp5tCUVksINCBK2tz1GpH
BDfOAwXfP21RDTvLBER4kROq/+idtMcUkR44hxfGUppS9ITTD7y1rlqKsZo88Zao
SPqMIPaVMxmDKpgo1Uhg9hdLKWQh2G/C0DWmgyri6Ck2FSsBUHQPr4cgHVw=
-----END CERTIFICATE-----
Generated at Fri Sep 22 22:31:08 2023 by rpki-client on console-ams.rpki-client.org