Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d1aee116-020f-479a-8386-23330a294f65.roa
File:                     d1aee116-020f-479a-8386-23330a294f65.roa (raw, json)
Hash identifier:          WzkhuelRIyiIsqPJtkoGIcJYwxg0Q6fFsr5nZ4jIF7Q=
Subject key identifier:   4D:88:CA:7F:46:96:4B:CF:50:5F:6A:BF:A0:8B:4F:29:BC:D5:2E:A2
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       4ABA2575519C0FB4C330334D3CC659C716F96575
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d1aee116-020f-479a-8386-23330a294f65.roa
Signing time:             Mon 28 Aug 2023 00:00:00 +0000
ROA not before:           Mon 28 Aug 2023 00:00:00 +0000
ROA not after:            Mon 02 Oct 2023 23:59:59 +0000
asID:                     16509
IP address blocks:        16.138.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 30 Aug 2023 07:09:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4a:ba:25:75:51:9c:0f:b4:c3:30:33:4d:3c:c6:59:c7:16:f9:65:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug 28 00:00:00 2023 GMT
            Not After : Oct  2 23:59:59 2023 GMT
        Subject: serialNumber=8a7ad9c3e79f372dc9463ce1ad83510c390eb644248cdc76a6fdf4c833e5370f, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:2a:97:25:24:90:b6:bb:f8:c8:15:07:bf:b3:
                    ed:a3:2b:40:69:24:41:f0:66:af:0b:06:98:3d:e8:
                    2e:8b:80:46:f3:7c:2e:a6:f4:d0:0b:1f:89:ce:0c:
                    2a:72:bb:6e:6c:e1:a1:99:c8:5f:37:fe:6d:06:94:
                    0f:9e:98:81:0e:95:e5:3f:8d:9d:c1:6e:83:b0:44:
                    b5:e0:36:6d:f8:79:6d:3c:22:84:d2:09:67:4b:87:
                    af:d7:c8:81:1e:ca:17:68:9a:11:31:6b:ee:18:97:
                    90:05:62:52:a6:d4:3c:5a:ab:88:08:70:04:b6:f9:
                    bb:b7:c6:0b:08:27:fb:47:e3:6a:58:e9:f7:2f:2f:
                    d5:28:d6:59:ce:2e:dc:f7:e9:cd:8b:46:66:3f:ff:
                    56:ea:8f:06:71:41:da:9c:a8:5e:a8:c4:c5:51:d4:
                    05:a4:d8:02:2d:4b:6b:5b:4d:df:76:f5:11:d4:48:
                    fb:c3:49:1e:89:f6:17:9b:ad:ae:1e:a9:14:f6:82:
                    fc:1e:21:0a:e6:71:20:a2:53:8d:74:36:8a:b8:0d:
                    e9:8c:84:2a:f2:1e:c9:09:f9:01:a1:33:ad:6b:fd:
                    c8:14:f2:b3:5b:1e:34:41:6d:dc:16:64:5b:ee:d6:
                    c7:a2:67:10:a8:66:85:02:ce:b0:6b:6c:a1:73:a2:
                    e4:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:88:CA:7F:46:96:4B:CF:50:5F:6A:BF:A0:8B:4F:29:BC:D5:2E:A2
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d1aee116-020f-479a-8386-23330a294f65.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.138.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         c5:05:6e:c0:54:3e:d8:af:d8:43:0e:9c:8c:df:ae:71:df:e1:
         c5:fb:b3:c6:b2:d4:ac:ad:82:ee:19:d6:51:33:9b:69:ab:33:
         a1:fb:6d:fe:cf:99:61:1f:29:09:23:41:65:0e:96:20:00:59:
         56:26:9f:e7:c2:e0:7e:97:74:00:83:35:b0:7e:f5:60:dc:18:
         51:16:b4:98:5c:93:ee:f5:7d:a0:1d:67:49:77:99:75:48:4e:
         e1:44:46:be:d0:e0:04:d5:88:91:25:cc:bf:75:2c:81:73:45:
         9d:07:11:fc:9e:4d:bd:e3:19:ca:89:fa:03:4c:1d:21:4d:a9:
         e4:06:ac:b9:3c:d6:b1:e1:be:7a:a2:a1:f9:40:37:e5:57:85:
         e5:8e:a5:f6:1e:05:7d:00:59:e4:db:91:43:97:79:e6:1c:73:
         4e:83:fa:d6:ca:23:51:d2:6c:7b:35:6b:e1:ac:5a:d0:0f:c5:
         34:7f:19:31:4d:dd:f6:73:38:b4:00:b0:0b:d0:65:ad:d2:fe:
         9a:7d:13:10:10:df:a3:39:64:38:37:bf:98:5b:64:9f:28:ac:
         2c:0f:4c:52:b8:f8:57:c1:9b:3f:ab:12:bd:d2:81:1b:3f:6c:
         87:92:fd:9c:d5:7e:91:75:bf:3c:bf:b8:48:4c:e6:62:78:10:
         8f:f7:ca:c8
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUSroldVGcD7TDMDNNPMZZxxb5ZXUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjMwODI4MDAwMDAwWhcNMjMxMDAyMjM1OTU5
WjB6MUkwRwYDVQQFE0A4YTdhZDljM2U3OWYzNzJkYzk0NjNjZTFhZDgzNTEwYzM5
MGViNjQ0MjQ4Y2RjNzZhNmZkZjRjODMzZTUzNzBmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDdKpclJJC2u/jIFQe/s+2jK0BpJEHwZq8LBpg96C6LgEbz
fC6m9NALH4nODCpyu25s4aGZyF83/m0GlA+emIEOleU/jZ3BboOwRLXgNm34eW08
IoTSCWdLh6/XyIEeyhdomhExa+4Yl5AFYlKm1Dxaq4gIcAS2+bu3xgsIJ/tH42pY
6fcvL9Uo1lnOLtz36c2LRmY//1bqjwZxQdqcqF6oxMVR1AWk2AItS2tbTd929RHU
SPvDSR6J9hebra4eqRT2gvweIQrmcSCiU410Noq4DemMhCryHskJ+QGhM61r/cgU
8rNbHjRBbdwWZFvu1seiZxCoZoUCzrBrbKFzouSJAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUTYjKf0aWS89QX2q/oItPKbzVLqIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2QxYWVlMTE2LTAyMGYtNDc5YS04Mzg2LTIzMzMwYTI5NGY2NS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQijANBgkqhkiG9w0BAQsFAAOCAQEAxQVuwFQ+2K/YQw6cjN+ucd/hxfuz
xrLUrK2C7hnWUTObaaszoftt/s+ZYR8pCSNBZQ6WIABZViaf58Lgfpd0AIM1sH71
YNwYURa0mFyT7vV9oB1nSXeZdUhO4URGvtDgBNWIkSXMv3UsgXNFnQcR/J5NveMZ
yon6A0wdIU2p5AasuTzWseG+eqKh+UA35VeF5Y6l9h4FfQBZ5NuRQ5d55hxzToP6
1sojUdJsezVr4axa0A/FNH8ZMU3d9nM4tACwC9BlrdL+mn0TEBDfozlkODe/mFtk
nyisLA9MUrj4V8GbP6sSvdKBGz9sh5L9nNV+kXW/PL+4SEzmYngQj/fKyA==
-----END CERTIFICATE-----
Generated at Mon Aug 28 19:28:03 2023 by rpki-client on console-fra.rpki-client.org