Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fa628970-b51f-4235-8866-b34eb9ef3808.roa
File:                     fa628970-b51f-4235-8866-b34eb9ef3808.roa (raw, json)
Hash identifier:          /VAYA6ir9REqmh5mMgCxgD/khizwMoGgPh+/7Kj1LBA=
Subject key identifier:   C7:DE:92:17:F7:E7:F5:EA:13:53:F4:C0:DF:E9:26:6C:3C:52:74:CD
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       2BE03F668EB25273856E0C5749EA4F4914DDBE08
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fa628970-b51f-4235-8866-b34eb9ef3808.roa
Signing time:             Fri 22 Sep 2023 00:00:00 +0000
ROA not before:           Fri 22 Sep 2023 00:00:00 +0000
ROA not after:            Fri 27 Oct 2023 23:59:59 +0000
asID:                     16509
IP address blocks:        54.54.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 24 Sep 2023 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2b:e0:3f:66:8e:b2:52:73:85:6e:0c:57:49:ea:4f:49:14:dd:be:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Sep 22 00:00:00 2023 GMT
            Not After : Oct 27 23:59:59 2023 GMT
        Subject: serialNumber=48b1d4b7c0ea429cebb4a098ec9e6d22ec691f5a14e16286a105078561abd926, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:94:ce:7d:a0:a0:6d:0a:89:7f:a2:55:37:dd:
                    7a:8d:f4:9b:ba:85:10:f1:e0:32:0b:60:5e:77:db:
                    5f:fb:1e:e1:f6:a7:f3:5e:df:67:ee:72:ab:e9:fb:
                    cf:b7:02:b1:7a:fd:86:21:b6:2f:52:77:fd:6d:32:
                    76:af:92:48:92:f0:71:a5:da:e5:40:78:fa:74:38:
                    6d:6b:a5:49:3e:0f:66:2c:d5:11:1b:32:31:60:b0:
                    fc:f0:ed:ea:9d:1e:22:d1:73:bc:a1:b0:65:e2:e9:
                    42:cc:ab:f2:88:b9:af:39:08:4c:a7:ab:dd:97:66:
                    5c:e0:24:04:60:25:6c:e7:fc:ab:31:06:92:db:a7:
                    8d:1d:b7:24:85:e3:26:35:63:45:b2:dd:0f:09:c7:
                    2b:3e:38:e8:86:3d:0e:ca:00:ac:92:63:ce:a8:de:
                    02:50:b1:6c:ed:da:ed:f1:4e:94:4f:c9:1f:31:d4:
                    95:ce:16:ef:85:2f:8e:d8:4d:22:47:7c:6a:33:8d:
                    ad:e9:1b:a0:23:84:4c:30:b2:4c:09:14:34:27:27:
                    63:db:f0:d8:a9:48:99:f9:0d:f2:44:d2:5e:3b:ed:
                    b9:dd:44:29:97:cb:aa:71:a3:31:c1:f0:91:cc:f0:
                    ee:5b:78:39:42:87:22:44:73:74:c0:33:28:de:da:
                    13:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:DE:92:17:F7:E7:F5:EA:13:53:F4:C0:DF:E9:26:6C:3C:52:74:CD
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fa628970-b51f-4235-8866-b34eb9ef3808.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  54.54.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         c0:ac:5a:bb:14:58:86:28:3c:4d:f6:5e:29:67:b5:4b:de:16:
         b8:cb:a3:b4:6a:f9:0c:85:0d:23:e6:4c:63:2d:93:72:cc:9b:
         4e:7e:00:06:da:ca:fa:13:4c:b0:21:a3:85:2d:d9:6f:17:8b:
         22:69:cf:5d:4f:7f:77:da:1f:a1:ee:8e:2c:09:ca:f8:3b:ed:
         f6:b2:9d:bb:62:5e:6c:9d:64:10:2f:60:e2:c5:f6:0f:6a:2f:
         f4:65:a9:35:bc:af:82:c4:9c:02:ac:d1:d2:d0:bc:6f:30:1a:
         53:a4:ee:14:11:fb:32:6e:cb:e4:5d:e1:66:16:3e:7b:03:c7:
         74:a8:8d:cb:4a:41:9c:83:a7:99:b5:da:31:0f:18:16:60:9c:
         8f:17:cb:eb:ea:3e:75:29:0a:20:a9:96:a1:bb:97:64:7a:ef:
         10:e2:2f:3e:dc:12:bb:da:36:79:1a:37:1a:98:75:90:a1:ea:
         63:21:16:67:ed:b2:2e:b5:c6:7f:49:63:a9:9f:18:f8:89:a2:
         40:14:f5:c5:35:d7:52:22:9f:ed:9a:43:7e:54:b7:8e:ec:65:
         3f:79:e8:2c:21:d9:28:9f:f2:7f:9a:e0:df:69:5b:22:4c:10:
         d8:7e:86:61:62:da:c0:1b:00:a0:65:b5:06:ef:74:83:72:0a:
         d5:e3:40:02
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUK+A/Zo6yUnOFbgxXSepPSRTdvggwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjMwOTIyMDAwMDAwWhcNMjMxMDI3MjM1OTU5
WjB6MUkwRwYDVQQFE0A0OGIxZDRiN2MwZWE0MjljZWJiNGEwOThlYzllNmQyMmVj
NjkxZjVhMTRlMTYyODZhMTA1MDc4NTYxYWJkOTI2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCWlM59oKBtCol/olU33XqN9Ju6hRDx4DILYF5321/7HuH2
p/Ne32fucqvp+8+3ArF6/YYhti9Sd/1tMnavkkiS8HGl2uVAePp0OG1rpUk+D2Ys
1REbMjFgsPzw7eqdHiLRc7yhsGXi6ULMq/KIua85CEynq92XZlzgJARgJWzn/Ksx
BpLbp40dtySF4yY1Y0Wy3Q8Jxys+OOiGPQ7KAKySY86o3gJQsWzt2u3xTpRPyR8x
1JXOFu+FL47YTSJHfGozja3pG6AjhEwwskwJFDQnJ2Pb8NipSJn5DfJE0l477bnd
RCmXy6pxozHB8JHM8O5beDlChyJEc3TAMyje2hNDAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUx96SF/fn9eoTU/TA3+kmbDxSdM0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2ZhNjI4OTcwLWI1MWYtNDIzNS04ODY2LWIzNGViOWVmMzgwOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA2NjANBgkqhkiG9w0BAQsFAAOCAQEAwKxauxRYhig8TfZeKWe1S94WuMuj
tGr5DIUNI+ZMYy2TcsybTn4ABtrK+hNMsCGjhS3ZbxeLImnPXU9/d9ofoe6OLAnK
+Dvt9rKdu2JebJ1kEC9g4sX2D2ov9GWpNbyvgsScAqzR0tC8bzAaU6TuFBH7Mm7L
5F3hZhY+ewPHdKiNy0pBnIOnmbXaMQ8YFmCcjxfL6+o+dSkKIKmWobuXZHrvEOIv
PtwSu9o2eRo3Gph1kKHqYyEWZ+2yLrXGf0ljqZ8Y+ImiQBT1xTXXUiKf7ZpDflS3
juxlP3noLCHZKJ/yf5rg32lbIkwQ2H6GYWLawBsAoGW1Bu90g3IK1eNAAg==
-----END CERTIFICATE-----
Generated at Fri Sep 22 21:28:02 2023 by rpki-client on console-ams.rpki-client.org