Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/256c0a13-9cbc-490b-8be7-23b43e85292c.roa
File:                     256c0a13-9cbc-490b-8be7-23b43e85292c.roa (raw, json)
Hash identifier:          WkkNLxW3opkvN1pOuc+u43VhfSySJvSA8TvEIBh2BF0=
Subject key identifier:   B0:83:99:E7:F1:20:F5:55:1F:A3:A6:48:CB:AB:59:11:B0:14:52:3A
Certificate issuer:       /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial:       711AA480312B39A7C9A6A6CABF1627D6DA61A68B
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/256c0a13-9cbc-490b-8be7-23b43e85292c.roa
Signing time:             Sat 09 Sep 2023 00:00:00 +0000
ROA not before:           Sat 09 Sep 2023 00:00:00 +0000
ROA not after:            Sat 14 Oct 2023 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:f00f::/40 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 10 Sep 2023 12:03:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            71:1a:a4:80:31:2b:39:a7:c9:a6:a6:ca:bf:16:27:d6:da:61:a6:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
        Validity
            Not Before: Sep  9 00:00:00 2023 GMT
            Not After : Oct 14 23:59:59 2023 GMT
        Subject: serialNumber=50d0c481b12b01dd75d0ab0cc47502d8425ae0faf90c534737462a2e4a47356f, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:e8:55:07:d5:bc:a5:35:bf:78:f0:96:b0:8d:
                    3d:71:67:60:19:92:6a:39:e1:54:6b:ac:0e:47:3f:
                    a7:5c:ad:c3:92:2a:3b:50:c8:26:c6:90:ad:1d:39:
                    40:32:8e:cb:c8:c3:9e:fb:15:d5:99:e4:bc:96:6f:
                    cd:2b:09:58:57:64:54:dc:fc:17:9e:7c:34:8b:a0:
                    69:fa:97:33:e3:2a:47:4f:ec:1a:42:f6:fb:94:08:
                    d1:be:fc:46:a6:0e:86:41:f2:84:9c:b4:b7:6b:8d:
                    79:1b:38:b5:a7:0a:13:3b:88:08:0e:22:ae:4a:a7:
                    78:92:cc:8c:e9:7d:d5:39:9f:fc:79:a0:5f:f4:22:
                    bf:29:30:24:e9:ad:80:e6:ca:7e:94:38:c3:7e:41:
                    ce:e8:95:d8:88:f6:63:8d:df:c0:49:44:e2:dc:2d:
                    16:81:de:07:61:a1:77:83:a1:9a:59:0e:05:62:13:
                    48:ee:d0:54:bb:49:58:f3:15:18:4c:fb:42:82:d5:
                    01:21:1b:ac:e5:c0:fc:5a:4c:71:e3:17:77:6e:63:
                    bd:7b:b9:64:bd:46:fa:ab:78:73:68:4d:05:4c:5e:
                    c4:2e:d2:b2:6c:38:02:82:10:87:87:b4:ba:81:07:
                    9d:02:55:c9:e4:1a:98:f4:60:f2:7e:1d:b2:a6:eb:
                    5a:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:83:99:E7:F1:20:F5:55:1F:A3:A6:48:CB:AB:59:11:B0:14:52:3A
            X509v3 Authority Key Identifier:
                keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/256c0a13-9cbc-490b-8be7-23b43e85292c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:f00f::/40

    Signature Algorithm: sha256WithRSAEncryption
         06:a0:e1:56:c9:ba:42:05:05:0f:7f:54:6d:f4:f1:47:86:95:
         c3:15:9d:56:bf:6e:9e:1d:bd:5a:4f:d8:47:a0:05:76:43:09:
         4d:d4:dc:f6:d4:26:13:0d:c7:62:ce:51:d9:53:82:f8:20:43:
         7c:7f:b5:36:72:c9:38:95:cd:5f:ec:84:dd:d7:dc:7b:45:47:
         fd:86:8d:39:83:62:ed:4d:32:64:63:4c:51:8c:a1:ab:e7:08:
         49:f2:39:84:49:c1:e7:97:65:80:8f:91:59:40:42:f0:75:2a:
         78:8d:81:51:2f:92:65:43:cc:53:4c:4e:06:e1:0f:ac:f7:6d:
         c0:f3:81:23:f2:db:42:38:61:89:f9:4d:dc:83:1f:57:8b:7c:
         8d:0d:db:8d:2d:19:5b:34:0f:63:43:86:59:f9:78:3f:58:1c:
         53:11:5b:7e:c7:d8:53:cf:48:ef:56:c5:18:23:77:31:db:40:
         01:bd:f1:96:25:4f:fd:2a:33:e0:b1:23:f2:56:9d:ab:1c:6a:
         f1:56:e4:60:05:05:f1:6c:08:ae:76:34:41:30:83:d3:f7:ce:
         6c:9a:3b:d9:8e:d2:58:e9:e6:97:e0:22:83:98:24:fb:d5:42:
         49:74:47:de:6c:5e:bf:95:db:6e:07:7d:f9:74:22:fb:ac:34:
         75:59:e9:3d
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUcRqkgDErOafJpqbKvxYn1tphposwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjMwOTA5MDAwMDAwWhcNMjMxMDE0MjM1OTU5
WjB6MUkwRwYDVQQFE0A1MGQwYzQ4MWIxMmIwMWRkNzVkMGFiMGNjNDc1MDJkODQy
NWFlMGZhZjkwYzUzNDczNzQ2MmEyZTRhNDczNTZmMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDh6FUH1bylNb948JawjT1xZ2AZkmo54VRrrA5HP6dcrcOS
KjtQyCbGkK0dOUAyjsvIw577FdWZ5LyWb80rCVhXZFTc/BeefDSLoGn6lzPjKkdP
7BpC9vuUCNG+/EamDoZB8oSctLdrjXkbOLWnChM7iAgOIq5Kp3iSzIzpfdU5n/x5
oF/0Ir8pMCTprYDmyn6UOMN+Qc7oldiI9mON38BJROLcLRaB3gdhoXeDoZpZDgVi
E0ju0FS7SVjzFRhM+0KC1QEhG6zlwPxaTHHjF3duY717uWS9RvqreHNoTQVMXsQu
0rJsOAKCEIeHtLqBB50CVcnkGpj0YPJ+HbKm61rpAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUsIOZ5/Eg9VUfo6ZIy6tZEbAUUjowHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2LzI1NmMwYTEzLTljYmMtNDkwYi04YmU3LTIzYjQzZTg1MjkyYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAPAPADANBgkqhkiG9w0BAQsFAAOCAQEABqDhVsm6QgUFD39UbfTxR4aV
wxWdVr9unh29Wk/YR6AFdkMJTdTc9tQmEw3HYs5R2VOC+CBDfH+1NnLJOJXNX+yE
3dfce0VH/YaNOYNi7U0yZGNMUYyhq+cISfI5hEnB55dlgI+RWUBC8HUqeI2BUS+S
ZUPMU0xOBuEPrPdtwPOBI/LbQjhhiflN3IMfV4t8jQ3bjS0ZWzQPY0OGWfl4P1gc
UxFbfsfYU89I71bFGCN3MdtAAb3xliVP/Soz4LEj8ladqxxq8VbkYAUF8WwIrnY0
QTCD0/fObJo72Y7SWOnml+Aig5gk+9VCSXRH3mxev5Xbbgd9+XQi+6w0dVnpPQ==
-----END CERTIFICATE-----
Generated at Sat Sep 9 00:26:29 2023 by rpki-client on console-fra.rpki-client.org