Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c9379183-2f78-494b-8d27-201a280c0f46.roa
File:                     c9379183-2f78-494b-8d27-201a280c0f46.roa (raw, json)
Hash identifier:          ud8ZrpAn0yEvXUPFgvv8ExER7qf+rxkqKBfJKpwNNR4=
Subject key identifier:   6A:BD:7C:1A:95:A3:D2:52:D8:32:93:39:4B:B0:29:4E:84:7B:27:1B
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       46F11B486AECEC89162555349ACD5D9BD851725B
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c9379183-2f78-494b-8d27-201a280c0f46.roa
Signing time:             Fri 22 Sep 2023 00:00:00 +0000
ROA not before:           Fri 22 Sep 2023 00:00:00 +0000
ROA not after:            Fri 27 Oct 2023 23:59:59 +0000
asID:                     16509
IP address blocks:        207.127.128.0/17 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 24 Sep 2023 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            46:f1:1b:48:6a:ec:ec:89:16:25:55:34:9a:cd:5d:9b:d8:51:72:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Sep 22 00:00:00 2023 GMT
            Not After : Oct 27 23:59:59 2023 GMT
        Subject: serialNumber=edfc432ad62fe09b0a828adc6e58f45fd9bd8aef3249241bca3cbf6d2fcece07, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:ec:54:b0:48:5b:39:cd:cd:d3:6c:04:50:0e:
                    87:7f:38:4b:a2:a8:d1:f4:01:3f:7f:02:8e:4c:6e:
                    3c:54:c6:98:09:91:8f:09:0a:6b:3b:a9:9b:08:9f:
                    3b:fc:ca:1b:9d:f4:83:04:a4:cb:a2:1f:52:f9:bc:
                    c3:e8:c3:ff:48:95:e7:6c:93:7b:fb:b2:b2:83:52:
                    43:43:07:9a:27:24:81:45:68:68:18:dd:ad:6d:85:
                    28:d1:21:e8:fa:4e:5e:e8:fe:c1:02:5a:4b:13:25:
                    6b:2d:5e:3d:df:74:0f:51:3f:75:b4:9e:c9:de:02:
                    a0:49:7b:eb:5f:9d:04:b0:10:84:a1:20:ea:6f:ec:
                    79:c5:26:e8:5c:6a:79:8d:02:14:0d:a7:90:f2:ad:
                    20:30:16:a2:90:ec:21:fb:8e:27:d0:c9:1a:f0:85:
                    4e:1d:d9:eb:b4:6e:dd:3a:b1:af:73:79:cd:5f:ac:
                    8e:8f:58:88:25:2e:16:41:11:56:1f:6a:c4:12:3f:
                    f9:4d:c3:2e:41:78:92:ec:36:11:7e:5c:9e:4f:03:
                    d4:2e:b3:7f:e7:20:3b:20:77:72:13:e6:b5:bc:28:
                    89:50:ee:2a:ac:5d:29:c2:29:0f:cc:e0:40:34:98:
                    fd:35:39:c8:8a:b3:b5:c4:d6:ed:25:5c:72:08:cb:
                    fb:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:BD:7C:1A:95:A3:D2:52:D8:32:93:39:4B:B0:29:4E:84:7B:27:1B
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c9379183-2f78-494b-8d27-201a280c0f46.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  207.127.128.0/17

    Signature Algorithm: sha256WithRSAEncryption
         5b:7a:40:35:dc:4b:5a:fb:d4:5f:d7:c4:65:5f:99:33:e2:99:
         2a:7e:b8:9c:c4:cc:09:83:e3:0f:9b:45:26:ff:78:f4:f1:1e:
         33:2e:ae:1c:b7:43:af:60:92:c5:43:be:1d:37:87:9f:fe:8d:
         ca:af:f6:19:dc:df:e1:cb:2c:b1:96:5b:27:21:2d:84:82:37:
         ba:59:ad:d4:d8:fa:c2:9c:c7:1f:79:47:05:64:41:7e:ed:16:
         d8:25:4e:dd:86:88:28:f0:6b:81:b4:0c:38:69:d5:ad:5e:04:
         07:29:38:3b:a1:f2:17:9d:1d:79:85:93:37:b0:34:e3:ac:8f:
         d0:59:61:e3:15:1a:06:51:68:7d:cf:1e:0d:78:63:65:01:7d:
         65:f4:66:cf:a0:14:68:f7:6d:b6:16:ca:a6:be:27:9d:f9:b0:
         6d:9b:0a:52:c1:6a:86:88:95:56:4a:f5:ba:b4:0d:b1:e5:df:
         7b:d5:67:e1:5f:86:d0:c4:3d:f7:99:b1:f0:13:d8:05:5b:08:
         c8:2d:77:36:b3:0b:d5:b2:77:fd:b0:8c:6f:80:5b:09:10:f5:
         80:6f:27:42:dd:35:66:ee:1e:b9:c3:e6:b1:06:59:aa:3a:d2:
         d8:bf:76:f0:df:f9:b8:c7:aa:e9:5e:e2:ec:f5:77:6a:fc:d6:
         c3:62:83:7f
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIURvEbSGrs7IkWJVU0ms1dm9hRclswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjMwOTIyMDAwMDAwWhcNMjMxMDI3MjM1OTU5
WjB6MUkwRwYDVQQFE0BlZGZjNDMyYWQ2MmZlMDliMGE4MjhhZGM2ZTU4ZjQ1ZmQ5
YmQ4YWVmMzI0OTI0MWJjYTNjYmY2ZDJmY2VjZTA3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC87FSwSFs5zc3TbARQDod/OEuiqNH0AT9/Ao5MbjxUxpgJ
kY8JCms7qZsInzv8yhud9IMEpMuiH1L5vMPow/9Iledsk3v7srKDUkNDB5onJIFF
aGgY3a1thSjRIej6Tl7o/sECWksTJWstXj3fdA9RP3W0nsneAqBJe+tfnQSwEISh
IOpv7HnFJuhcanmNAhQNp5DyrSAwFqKQ7CH7jifQyRrwhU4d2eu0bt06sa9zec1f
rI6PWIglLhZBEVYfasQSP/lNwy5BeJLsNhF+XJ5PA9Qus3/nIDsgd3IT5rW8KIlQ
7iqsXSnCKQ/M4EA0mP01OciKs7XE1u0lXHIIy/tPAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUar18GpWj0lLYMpM5S7ApToR7JxswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2M5Mzc5MTgzLTJmNzgtNDk0Yi04ZDI3LTIwMWEyODBjMGY0Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAfPf4AwDQYJKoZIhvcNAQELBQADggEBAFt6QDXcS1r71F/XxGVfmTPimSp+
uJzEzAmD4w+bRSb/ePTxHjMurhy3Q69gksVDvh03h5/+jcqv9hnc3+HLLLGWWych
LYSCN7pZrdTY+sKcxx95RwVkQX7tFtglTt2GiCjwa4G0DDhp1a1eBAcpODuh8hed
HXmFkzewNOOsj9BZYeMVGgZRaH3PHg14Y2UBfWX0Zs+gFGj3bbYWyqa+J535sG2b
ClLBaoaIlVZK9bq0DbHl33vVZ+FfhtDEPfeZsfAT2AVbCMgtdzazC9Wyd/2wjG+A
WwkQ9YBvJ0LdNWbuHrnD5rEGWao60ti/dvDf+bjHqule4uz1d2r81sNig38=
-----END CERTIFICATE-----
Generated at Fri Sep 22 20:24:25 2023 by rpki-client on console-ams.rpki-client.org