Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/eace1732-85ce-441d-b72a-18865e45354f.roa
File:                     eace1732-85ce-441d-b72a-18865e45354f.roa (raw, json)
Hash identifier:          7CdUI21oH8T2HiJjkKmRnzaQDIS2FUzhiSAJ5DNMT0c=
Subject key identifier:   3B:05:E9:8D:0B:6E:5E:2D:F5:AC:E6:73:66:86:13:F2:00:CC:0D:22
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       476F7C1BA31EED946B1EC5BE85432E828EECDE5F
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/eace1732-85ce-441d-b72a-18865e45354f.roa
Signing time:             Fri 22 Sep 2023 00:00:00 +0000
ROA not before:           Fri 22 Sep 2023 00:00:00 +0000
ROA not after:            Fri 27 Oct 2023 23:59:59 +0000
asID:                     16509
IP address blocks:        56.33.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 24 Sep 2023 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            47:6f:7c:1b:a3:1e:ed:94:6b:1e:c5:be:85:43:2e:82:8e:ec:de:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Sep 22 00:00:00 2023 GMT
            Not After : Oct 27 23:59:59 2023 GMT
        Subject: serialNumber=3ae941f47475b73f90704061ea2c956e11dcb85b0592f6e6a91e0a34d801c614, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:36:58:0c:7b:ef:d7:2a:58:d1:bc:0f:10:a9:
                    f9:24:c7:7a:27:f9:ca:3f:dd:1c:ff:6f:da:c8:c2:
                    24:dd:ee:7e:70:1a:88:76:69:9f:2d:51:23:64:98:
                    12:45:11:bb:d6:d5:a5:ec:b0:70:73:50:0b:54:a3:
                    f7:d2:9c:a3:0b:8e:ac:43:5b:94:75:93:ae:0e:97:
                    80:c5:57:e2:bb:a5:14:c9:25:12:fa:42:fb:46:89:
                    89:e9:66:9d:7c:8c:ee:fb:53:b8:5b:16:72:70:53:
                    a7:b7:46:a3:a5:a0:4d:9f:00:77:6d:4d:15:e3:eb:
                    05:ab:c3:98:ae:0f:a0:af:8e:be:33:78:29:14:d2:
                    57:30:63:fd:3a:49:bc:db:48:40:39:70:72:60:e7:
                    13:8f:be:c8:8a:3c:21:74:31:6b:af:76:4c:16:e1:
                    9a:35:41:4d:86:46:cb:83:73:eb:3e:97:e9:6f:09:
                    8c:c2:dc:de:6c:be:fd:ff:35:a8:f9:84:ab:62:a5:
                    18:49:4f:2c:c1:47:5c:19:b3:39:a1:03:22:e0:d0:
                    e7:ca:b3:00:5b:3d:3e:d7:7f:d2:70:e0:1b:70:53:
                    52:37:94:50:42:35:4a:43:6c:55:33:18:40:6f:2b:
                    f9:0c:26:55:8e:61:bb:75:ae:79:a7:7c:3b:8f:85:
                    dd:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:05:E9:8D:0B:6E:5E:2D:F5:AC:E6:73:66:86:13:F2:00:CC:0D:22
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/eace1732-85ce-441d-b72a-18865e45354f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.33.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         a2:b1:33:2b:8f:4f:0f:f4:46:9e:56:cb:36:2c:e7:94:9b:fc:
         34:65:80:33:06:d7:bf:5e:0a:7a:50:dc:5c:53:fb:b3:f6:64:
         2a:1b:80:5f:41:93:15:ef:99:75:79:ce:0a:1d:62:d4:5b:d2:
         cb:af:d9:87:00:4a:37:16:9b:8c:43:4f:e6:5d:c8:2d:25:c9:
         3c:3d:e3:d4:48:b7:f0:af:b0:dd:e8:8a:a4:97:c6:cd:9d:fb:
         0d:2a:ff:37:93:c4:7b:e6:ba:70:e7:94:7a:78:25:9a:26:28:
         4d:92:a0:79:71:59:28:23:05:c9:de:11:33:6e:58:c9:27:fd:
         fd:f1:c2:fe:e3:83:68:2a:7f:39:6f:5e:40:af:f4:c0:45:90:
         ca:49:51:e1:2f:a0:64:55:93:24:f7:23:78:fe:d4:f8:9f:4d:
         e4:fa:f7:39:da:9c:10:bb:44:da:2b:03:58:60:28:3d:fe:66:
         82:54:57:ce:66:7f:34:30:f9:cb:cb:26:ae:0c:3f:38:8a:0f:
         a1:b7:47:1c:25:57:81:f6:0d:c1:48:ab:96:bc:91:22:6b:a7:
         9f:a0:e4:ae:73:f2:8a:8a:2a:0e:b4:fc:bb:a5:51:e2:6e:cf:
         f8:d5:70:8f:94:d4:cd:8f:ce:42:6c:6b:32:83:a5:ab:e9:8e:
         d1:cb:41:50
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUR298G6Me7ZRrHsW+hUMugo7s3l8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjMwOTIyMDAwMDAwWhcNMjMxMDI3MjM1OTU5
WjB6MUkwRwYDVQQFE0AzYWU5NDFmNDc0NzViNzNmOTA3MDQwNjFlYTJjOTU2ZTEx
ZGNiODViMDU5MmY2ZTZhOTFlMGEzNGQ4MDFjNjE0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC3NlgMe+/XKljRvA8Qqfkkx3on+co/3Rz/b9rIwiTd7n5w
Goh2aZ8tUSNkmBJFEbvW1aXssHBzUAtUo/fSnKMLjqxDW5R1k64Ol4DFV+K7pRTJ
JRL6QvtGiYnpZp18jO77U7hbFnJwU6e3RqOloE2fAHdtTRXj6wWrw5iuD6Cvjr4z
eCkU0lcwY/06SbzbSEA5cHJg5xOPvsiKPCF0MWuvdkwW4Zo1QU2GRsuDc+s+l+lv
CYzC3N5svv3/Naj5hKtipRhJTyzBR1wZszmhAyLg0OfKswBbPT7Xf9Jw4BtwU1I3
lFBCNUpDbFUzGEBvK/kMJlWOYbt1rnmnfDuPhd1XAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUOwXpjQtuXi31rOZzZoYT8gDMDSIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2VhY2UxNzMyLTg1Y2UtNDQxZC1iNzJhLTE4ODY1ZTQ1MzU0Zi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4ITANBgkqhkiG9w0BAQsFAAOCAQEAorEzK49PD/RGnlbLNiznlJv8NGWA
MwbXv14KelDcXFP7s/ZkKhuAX0GTFe+ZdXnOCh1i1FvSy6/ZhwBKNxabjENP5l3I
LSXJPD3j1Ei38K+w3eiKpJfGzZ37DSr/N5PEe+a6cOeUenglmiYoTZKgeXFZKCMF
yd4RM25YySf9/fHC/uODaCp/OW9eQK/0wEWQyklR4S+gZFWTJPcjeP7U+J9N5Pr3
OdqcELtE2isDWGAoPf5mglRXzmZ/NDD5y8smrgw/OIoPobdHHCVXgfYNwUirlryR
Imunn6DkrnPyiooqDrT8u6VR4m7P+NVwj5TUzY/OQmxrMoOlq+mO0ctBUA==
-----END CERTIFICATE-----
Generated at Fri Sep 22 19:40:14 2023 by rpki-client on console-fra.rpki-client.org