Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f3125e31-ed97-4e31-89e9-d4af00e5b32d.roa
File:                     f3125e31-ed97-4e31-89e9-d4af00e5b32d.roa (raw, json)
Hash identifier:          dA4Va5cueRjl18p78hr8JJ4GBFk5yJFqJQ/wrDQvZlo=
Subject key identifier:   FE:1D:7D:B7:97:17:E1:DA:EE:83:E7:93:B0:08:83:7E:F9:2D:8B:A3
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       1BA9D87CFCE69FDE722775CF8F233768843DE8D8
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f3125e31-ed97-4e31-89e9-d4af00e5b32d.roa
Signing time:             Mon 28 Aug 2023 00:00:00 +0000
ROA not before:           Mon 28 Aug 2023 00:00:00 +0000
ROA not after:            Mon 02 Oct 2023 23:59:59 +0000
asID:                     16509
IP address blocks:        40.180.0.0/15 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 30 Aug 2023 08:06:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1b:a9:d8:7c:fc:e6:9f:de:72:27:75:cf:8f:23:37:68:84:3d:e8:d8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Aug 28 00:00:00 2023 GMT
            Not After : Oct  2 23:59:59 2023 GMT
        Subject: serialNumber=5b7415371d35a4493e6f21583ea19dcebde4b577dfcfd160dff88dfcce4b2887, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:bf:59:a2:e1:e7:b9:e8:4b:c0:11:42:ce:e1:
                    b3:01:34:fa:06:80:df:8f:ba:2e:28:be:b2:71:16:
                    48:2d:95:91:a7:a6:ae:50:69:e4:5d:5c:52:71:8d:
                    77:86:79:90:e3:e5:83:5e:07:79:50:ae:bf:c6:ee:
                    19:d8:58:3f:60:c7:e4:d5:11:de:93:c6:a5:84:b0:
                    e7:18:a4:f0:20:11:0a:db:ec:7f:e2:56:ff:7c:48:
                    dd:ff:ee:29:27:31:28:c7:3c:11:40:f6:ea:b0:73:
                    30:da:e3:df:94:7a:38:32:58:b0:74:81:9d:4d:88:
                    6e:1b:78:36:b9:a5:07:bb:c0:df:69:bb:48:82:92:
                    44:71:bc:85:37:c2:40:dd:86:c5:20:48:7a:f7:f3:
                    30:c4:2b:e1:6a:df:1d:e0:1d:00:25:00:fb:c3:1c:
                    21:a9:72:73:6c:0c:28:92:84:c5:e5:11:b1:7c:a0:
                    a0:5e:27:70:85:0b:11:72:29:f7:7e:d4:fc:72:8b:
                    c0:ba:fc:e5:8b:1e:00:a5:46:e6:77:90:46:1b:e3:
                    2b:34:e2:b6:e0:d0:95:4e:66:44:f4:04:05:36:50:
                    89:f8:93:38:9d:89:0e:05:69:34:c2:99:af:92:63:
                    0f:66:64:70:1e:e9:2d:85:40:6b:c1:1d:1b:6e:7a:
                    cf:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:1D:7D:B7:97:17:E1:DA:EE:83:E7:93:B0:08:83:7E:F9:2D:8B:A3
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f3125e31-ed97-4e31-89e9-d4af00e5b32d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  40.180.0.0/15

    Signature Algorithm: sha256WithRSAEncryption
         09:48:20:90:34:ba:b9:d6:81:2f:3c:50:d7:15:f0:ef:ef:2b:
         17:38:52:ab:54:38:ae:d3:ff:52:f5:a1:6a:6f:e7:42:95:a2:
         10:d2:bd:f2:29:c5:4b:2c:75:c4:a2:2f:fd:7a:32:c9:5c:bb:
         45:a3:f0:ba:97:f0:de:ed:a2:1e:e2:7c:b5:f2:b8:3c:6e:2b:
         e0:24:5a:03:20:69:87:2b:2d:b8:7e:d2:03:8f:13:61:12:60:
         66:c8:02:7a:25:82:36:19:b7:64:5b:6a:bc:d2:d6:98:cf:c0:
         c3:cb:97:cf:74:fc:a3:94:53:25:d7:71:98:52:a3:27:89:b2:
         24:54:45:a7:0f:b0:f6:b1:ed:31:26:cd:22:46:ca:49:02:98:
         e8:4b:0f:17:ab:79:d4:7d:35:85:8e:31:c6:6f:ac:f0:52:ca:
         e6:30:9e:6e:0e:73:db:9b:b9:cb:f1:ee:8f:53:ed:08:2d:63:
         e1:02:63:43:e7:be:53:15:42:4e:53:e3:c7:ea:06:7b:ad:a9:
         64:2b:da:8b:fa:b7:9a:6a:66:5b:e1:85:45:62:74:90:49:0a:
         3a:06:27:0a:af:bb:40:f2:bd:df:f9:34:dd:31:77:7c:ea:e3:
         6a:da:22:7d:68:f3:8b:26:24:d7:01:91:15:1a:05:d7:dd:48:
         88:3c:c0:05
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUG6nYfPzmn95yJ3XPjyM3aIQ96NgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjMwODI4MDAwMDAwWhcNMjMxMDAyMjM1OTU5
WjB6MUkwRwYDVQQFE0A1Yjc0MTUzNzFkMzVhNDQ5M2U2ZjIxNTgzZWExOWRjZWJk
ZTRiNTc3ZGZjZmQxNjBkZmY4OGRmY2NlNGIyODg3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQClv1mi4ee56EvAEULO4bMBNPoGgN+Pui4ovrJxFkgtlZGn
pq5QaeRdXFJxjXeGeZDj5YNeB3lQrr/G7hnYWD9gx+TVEd6TxqWEsOcYpPAgEQrb
7H/iVv98SN3/7iknMSjHPBFA9uqwczDa49+UejgyWLB0gZ1NiG4beDa5pQe7wN9p
u0iCkkRxvIU3wkDdhsUgSHr38zDEK+Fq3x3gHQAlAPvDHCGpcnNsDCiShMXlEbF8
oKBeJ3CFCxFyKfd+1Pxyi8C6/OWLHgClRuZ3kEYb4ys04rbg0JVOZkT0BAU2UIn4
kzidiQ4FaTTCma+SYw9mZHAe6S2FQGvBHRtues9DAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU/h19t5cX4drug+eTsAiDfvkti6MwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2YzMTI1ZTMxLWVkOTctNGUzMS04OWU5LWQ0YWYwMGU1YjMyZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwEotDANBgkqhkiG9w0BAQsFAAOCAQEACUggkDS6udaBLzxQ1xXw7+8rFzhS
q1Q4rtP/UvWham/nQpWiENK98inFSyx1xKIv/XoyyVy7RaPwupfw3u2iHuJ8tfK4
PG4r4CRaAyBphystuH7SA48TYRJgZsgCeiWCNhm3ZFtqvNLWmM/Aw8uXz3T8o5RT
JddxmFKjJ4myJFRFpw+w9rHtMSbNIkbKSQKY6EsPF6t51H01hY4xxm+s8FLK5jCe
bg5z25u5y/Huj1PtCC1j4QJjQ+e+UxVCTlPjx+oGe62pZCvai/q3mmpmW+GFRWJ0
kEkKOgYnCq+7QPK93/k03TF3fOrjatoifWjziyYk1wGRFRoF191IiDzABQ==
-----END CERTIFICATE-----
Generated at Mon Aug 28 20:17:38 2023 by rpki-client on console-fra.rpki-client.org