Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/0f6b659b-9df4-477a-a87b-b8bcd08d670e.roa
File:                     0f6b659b-9df4-477a-a87b-b8bcd08d670e.roa (raw, json)
Hash identifier:          oeyQ844j1vZpJSsH55zygmBE6njOaYmQErSICoRKLpw=
Subject key identifier:   40:26:BB:20:BF:88:15:DA:8F:8A:96:A6:35:36:E4:13:23:06:90:59
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       34D165718AF9017661E32571EE785EC13C8BFBA0
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/0f6b659b-9df4-477a-a87b-b8bcd08d670e.roa
Signing time:             Fri 08 Sep 2023 00:00:00 +0000
ROA not before:           Fri 08 Sep 2023 00:00:00 +0000
ROA not after:            Fri 13 Oct 2023 23:59:59 +0000
asID:                     16509
IP address blocks:        2605:9cc0:402::/47 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 09 Sep 2023 12:02:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            34:d1:65:71:8a:f9:01:76:61:e3:25:71:ee:78:5e:c1:3c:8b:fb:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Sep  8 00:00:00 2023 GMT
            Not After : Oct 13 23:59:59 2023 GMT
        Subject: serialNumber=c43cbdc1d49079367fc5cc67d7675bf59b466490b6a6d1e18410ce1e50831a64, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:f7:b8:c8:d1:05:a4:9f:1e:b5:91:0f:c2:91:
                    06:af:6a:b3:09:a5:5d:7f:19:35:08:07:3c:4b:dd:
                    6c:77:6c:69:ae:1e:f8:2f:a8:14:9d:f0:4d:c4:1c:
                    b2:c5:7d:c8:45:f1:c0:54:8c:e4:77:6f:e7:6a:82:
                    ba:59:b5:8a:50:08:c7:fe:e4:28:2d:35:fc:09:d9:
                    1c:60:9c:78:b9:20:9c:76:73:5a:be:06:e2:90:93:
                    00:d0:18:46:b6:e7:c2:5c:bf:d9:69:45:73:41:27:
                    fe:fb:95:be:15:93:a2:e9:39:72:e7:a9:fa:f4:55:
                    93:a1:c3:06:0a:00:42:a2:51:4c:f3:79:09:c8:3c:
                    87:bb:18:f8:29:8d:f8:41:5d:28:83:c7:e9:e1:dd:
                    8d:28:68:cd:b2:b8:67:04:38:35:aa:2f:d2:3d:41:
                    55:a7:58:a7:57:b6:a4:a2:d1:1e:03:ac:84:59:a8:
                    d4:03:2c:97:dc:de:99:ec:84:2a:9a:7d:db:11:e6:
                    fe:4a:03:43:35:c2:4f:20:2b:88:eb:9a:d2:99:e0:
                    69:72:76:20:06:ec:c9:96:1b:31:35:b0:85:49:4d:
                    00:51:8b:a9:dd:16:44:c8:df:1f:a7:fb:2b:e1:02:
                    d1:d7:70:59:ab:1b:55:2e:bd:a8:6d:20:44:0e:c0:
                    a3:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:26:BB:20:BF:88:15:DA:8F:8A:96:A6:35:36:E4:13:23:06:90:59
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/0f6b659b-9df4-477a-a87b-b8bcd08d670e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:402::/47

    Signature Algorithm: sha256WithRSAEncryption
         a4:64:61:29:30:8f:5a:37:b4:39:0f:fc:ed:5a:a5:e3:ba:cd:
         1e:3e:38:8d:e3:57:8a:37:32:8f:2d:9a:8c:92:8e:a5:bf:80:
         ed:fd:aa:41:84:1e:26:1e:fe:2c:4d:a0:69:1f:7b:fd:6d:25:
         6f:8e:ba:df:a8:6f:90:ae:5b:0a:b6:62:16:20:c3:c8:f7:14:
         66:df:e0:72:5d:7e:68:ec:c1:fe:54:a2:38:25:c6:d6:db:b8:
         40:ea:2b:39:53:cd:81:4b:c5:89:18:dc:53:de:c7:1b:4d:9b:
         6b:5a:f9:7e:1e:98:2a:fc:22:d3:84:ae:29:21:04:32:67:4b:
         fa:b4:cd:13:94:31:8e:cf:41:45:60:aa:c5:78:ba:57:91:ee:
         1a:ee:f3:ac:33:26:e4:2d:71:0e:e9:49:70:cf:66:70:e1:8c:
         1a:e2:e3:dd:95:bf:30:12:4e:1f:d6:60:f9:66:14:35:ae:62:
         95:28:98:13:d9:8a:58:ed:dc:6d:d2:4a:6f:62:d4:79:e0:ee:
         33:59:5f:68:b4:b7:a6:74:12:61:67:2f:ec:08:86:10:6d:2f:
         1d:59:75:41:59:b3:18:72:e5:25:ee:df:bb:90:ad:ba:3a:31:
         ed:21:4b:d5:bb:b6:bc:b1:e7:4e:89:74:d9:36:88:3a:de:af:
         32:58:97:65
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUNNFlcYr5AXZh4yVx7nhewTyL+6AwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjMwOTA4MDAwMDAwWhcNMjMxMDEzMjM1OTU5
WjB6MUkwRwYDVQQFE0BjNDNjYmRjMWQ0OTA3OTM2N2ZjNWNjNjdkNzY3NWJmNTli
NDY2NDkwYjZhNmQxZTE4NDEwY2UxZTUwODMxYTY0MS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC397jI0QWknx61kQ/CkQavarMJpV1/GTUIBzxL3Wx3bGmu
HvgvqBSd8E3EHLLFfchF8cBUjOR3b+dqgrpZtYpQCMf+5CgtNfwJ2RxgnHi5IJx2
c1q+BuKQkwDQGEa258Jcv9lpRXNBJ/77lb4Vk6LpOXLnqfr0VZOhwwYKAEKiUUzz
eQnIPIe7GPgpjfhBXSiDx+nh3Y0oaM2yuGcEODWqL9I9QVWnWKdXtqSi0R4DrIRZ
qNQDLJfc3pnshCqafdsR5v5KA0M1wk8gK4jrmtKZ4GlydiAG7MmWGzE1sIVJTQBR
i6ndFkTI3x+n+yvhAtHXcFmrG1UuvahtIEQOwKO3AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUQCa7IL+IFdqPipamNTbkEyMGkFkwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiLzBmNmI2NTliLTlkZjQtNDc3YS1hODdiLWI4YmNkMDhkNjcwZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwEmBZzABAIwDQYJKoZIhvcNAQELBQADggEBAKRkYSkwj1o3tDkP/O1apeO6
zR4+OI3jV4o3Mo8tmoySjqW/gO39qkGEHiYe/ixNoGkfe/1tJW+Out+ob5CuWwq2
YhYgw8j3FGbf4HJdfmjswf5UojglxtbbuEDqKzlTzYFLxYkY3FPexxtNm2ta+X4e
mCr8ItOErikhBDJnS/q0zROUMY7PQUVgqsV4uleR7hru86wzJuQtcQ7pSXDPZnDh
jBri492VvzASTh/WYPlmFDWuYpUomBPZiljt3G3SSm9i1Hng7jNZX2i0t6Z0EmFn
L+wIhhBtLx1ZdUFZsxhy5SXu37uQrbo6Me0hS9W7tryx506JdNk2iDrerzJYl2U=
-----END CERTIFICATE-----
Generated at Fri Sep 8 00:38:22 2023 by rpki-client on console-ams.rpki-client.org