Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e718f292-3534-48a9-a800-2739137ff5ea.roa
File:                     e718f292-3534-48a9-a800-2739137ff5ea.roa (raw, json)
Hash identifier:          T5KlnMVCMF1bH8v1nZ9Kxyqke1KCokTXmjslgWwt+wo=
Subject key identifier:   67:BD:5C:4B:27:AA:78:8D:C9:14:6C:47:F0:1F:62:5F:CF:C5:DE:B4
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       27DA5E316D5B06D615878A1A527F3FEF5C9ECEBB
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e718f292-3534-48a9-a800-2739137ff5ea.roa
Signing time:             Tue 29 Aug 2023 00:00:00 +0000
ROA not before:           Tue 29 Aug 2023 00:00:00 +0000
ROA not after:            Tue 03 Oct 2023 23:59:59 +0000
asID:                     16509
IP address blocks:        99.77.246.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 30 Aug 2023 12:12:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            27:da:5e:31:6d:5b:06:d6:15:87:8a:1a:52:7f:3f:ef:5c:9e:ce:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug 29 00:00:00 2023 GMT
            Not After : Oct  3 23:59:59 2023 GMT
        Subject: serialNumber=7b74c717400fb3707303adbf7026c3858aefea74e9e1a01d268672383e33f33d, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:a2:06:46:c8:2a:06:bb:f1:df:74:14:9d:0f:
                    be:66:23:da:1a:6c:09:27:c4:01:16:f8:11:31:78:
                    e5:08:c6:0e:6d:d5:6a:51:cd:2b:65:41:2e:ba:3b:
                    37:47:f7:fc:db:95:12:d7:45:0f:44:87:c5:ee:f6:
                    73:1a:93:51:3c:a9:59:65:79:55:36:47:9d:6e:aa:
                    e9:2c:a3:83:88:44:29:94:79:57:26:49:0c:21:48:
                    ba:36:92:5e:75:c8:e9:a3:c6:80:71:6b:63:6c:5e:
                    85:46:25:6f:56:df:49:73:73:25:5d:35:12:fc:1e:
                    ef:cd:aa:ac:80:e3:bc:61:ba:df:2b:ea:f2:ed:00:
                    48:0d:f2:1a:90:f8:a2:87:64:d2:35:bf:0c:6e:ef:
                    fc:b1:a1:84:b5:4a:46:21:76:f3:be:72:0c:1c:02:
                    63:ae:23:6c:e5:da:b8:81:29:f1:da:4c:6b:dd:a0:
                    5e:e8:1f:00:a4:17:56:8d:e5:6b:59:ab:66:7e:4c:
                    59:6a:39:7d:67:c0:ad:8b:e6:0e:3a:90:23:33:9d:
                    5c:a1:7d:a5:6f:08:e6:08:18:da:44:0d:e6:f5:e1:
                    a1:8f:eb:f3:bc:c8:f6:96:cb:df:0d:bc:a5:72:b3:
                    4e:e4:bd:b0:f8:07:13:82:df:10:05:53:92:e1:c7:
                    a2:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:BD:5C:4B:27:AA:78:8D:C9:14:6C:47:F0:1F:62:5F:CF:C5:DE:B4
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e718f292-3534-48a9-a800-2739137ff5ea.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.77.246.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1f:a0:91:ed:fc:ad:dc:b9:20:02:dc:f6:e4:f4:3a:67:a2:bd:
         ec:ed:cb:a4:b4:35:fd:9c:a5:3e:d8:77:4b:b0:d8:83:a7:94:
         ba:67:8e:d8:4f:a7:6c:c2:c9:e0:1f:88:3a:03:00:e2:b1:64:
         2f:d3:d8:bb:b9:41:ef:1c:fd:61:53:49:0e:70:d9:0f:28:4d:
         19:47:d9:7f:07:dd:8a:95:c0:5f:d5:5c:ee:40:25:c1:49:f5:
         68:37:a7:d9:e5:1f:b1:ee:c7:56:17:72:9f:52:77:99:e4:4d:
         f8:d4:bc:4c:0c:ad:1f:86:4c:dc:58:b4:e7:bc:a3:c7:21:5d:
         a8:b6:da:5f:79:f8:04:90:52:d4:42:7e:a2:32:95:7d:e9:16:
         34:40:d1:f6:e5:08:00:bc:3d:99:46:7c:7d:8d:0b:25:91:e3:
         24:dd:b8:9b:f7:83:16:0d:c7:7d:3d:01:5c:e8:7b:4a:64:1f:
         0d:e6:e5:a1:2f:a2:c3:c4:fe:8b:49:ea:c1:e4:f6:65:23:fb:
         fe:2c:7d:4a:f7:19:95:b0:35:02:85:40:9f:e2:8c:ee:7e:f6:
         cd:60:6c:9e:e5:0c:43:c2:11:26:0c:57:46:2b:84:81:6b:a0:
         21:5a:07:d8:0b:ba:dc:9a:27:1e:42:eb:6c:38:0a:7b:aa:9b:
         aa:77:b3:2a
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUJ9peMW1bBtYVh4oaUn8/71yezrswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjMwODI5MDAwMDAwWhcNMjMxMDAzMjM1OTU5
WjB6MUkwRwYDVQQFE0A3Yjc0YzcxNzQwMGZiMzcwNzMwM2FkYmY3MDI2YzM4NThh
ZWZlYTc0ZTllMWEwMWQyNjg2NzIzODNlMzNmMzNkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCxogZGyCoGu/HfdBSdD75mI9oabAknxAEW+BExeOUIxg5t
1WpRzStlQS66OzdH9/zblRLXRQ9Eh8Xu9nMak1E8qVlleVU2R51uqukso4OIRCmU
eVcmSQwhSLo2kl51yOmjxoBxa2NsXoVGJW9W30lzcyVdNRL8Hu/NqqyA47xhut8r
6vLtAEgN8hqQ+KKHZNI1vwxu7/yxoYS1SkYhdvO+cgwcAmOuI2zl2riBKfHaTGvd
oF7oHwCkF1aN5WtZq2Z+TFlqOX1nwK2L5g46kCMznVyhfaVvCOYIGNpEDeb14aGP
6/O8yPaWy98NvKVys07kvbD4BxOC3xAFU5Lhx6KbAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUZ71cSyeqeI3JFGxH8B9iX8/F3rQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2U3MThmMjkyLTM1MzQtNDhhOS1hODAwLTI3MzkxMzdmZjVlYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABjTfYwDQYJKoZIhvcNAQELBQADggEBAB+gke38rdy5IALc9uT0Omeivezt
y6S0Nf2cpT7Yd0uw2IOnlLpnjthPp2zCyeAfiDoDAOKxZC/T2Lu5Qe8c/WFTSQ5w
2Q8oTRlH2X8H3YqVwF/VXO5AJcFJ9Wg3p9nlH7Hux1YXcp9Sd5nkTfjUvEwMrR+G
TNxYtOe8o8chXai22l95+ASQUtRCfqIylX3pFjRA0fblCAC8PZlGfH2NCyWR4yTd
uJv3gxYNx309AVzoe0pkHw3m5aEvosPE/otJ6sHk9mUj+/4sfUr3GZWwNQKFQJ/i
jO5+9s1gbJ7lDEPCESYMV0YrhIFroCFaB9gLutyaJx5C62w4Cnuqm6p3syo=
-----END CERTIFICATE-----
Generated at Tue Aug 29 00:48:27 2023 by rpki-client on console-ams.rpki-client.org