Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/2b35ab1a-8001-404a-9285-196aa943aa95.roa
File:                     2b35ab1a-8001-404a-9285-196aa943aa95.roa (raw, json)
Hash identifier:          WztIEeJQBjpWqb52kw88bojjPDNFkUBhF87TLTzzukw=
Subject key identifier:   EE:F5:15:7D:02:AC:F4:0B:0F:F6:21:47:DD:C0:56:F1:5A:E1:F5:C2
Certificate issuer:       /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
Certificate serial:       7E548C971481E7FC8840885F6B5F7438C7893100
Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/2b35ab1a-8001-404a-9285-196aa943aa95.roa
Signing time:             Mon 18 Sep 2023 00:00:00 +0000
ROA not before:           Mon 18 Sep 2023 00:00:00 +0000
ROA not after:            Mon 23 Oct 2023 23:59:59 +0000
asID:                     16509
IP address blocks:        2605:9cc0:387::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 19 Sep 2023 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7e:54:8c:97:14:81:e7:fc:88:40:88:5f:6b:5f:74:38:c7:89:31:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424
        Validity
            Not Before: Sep 18 00:00:00 2023 GMT
            Not After : Oct 23 23:59:59 2023 GMT
        Subject: serialNumber=cfa6d8557df341e71d6c137537356a019f4f77964e85db2f0788ec560c0d9f39, CN=f7243785-46de-414b-9b8f-7a9699e979e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:f3:75:7c:c3:09:af:76:cb:0e:f4:00:e2:55:
                    74:95:05:4b:13:fa:be:f1:42:67:8d:ad:06:b9:33:
                    31:b2:b3:49:ff:98:a5:18:83:c3:1b:a9:7d:8d:12:
                    95:07:43:3a:2c:9d:48:a7:59:91:85:a0:9b:dc:67:
                    89:8f:79:15:83:c9:93:ca:4f:b2:16:35:de:6e:31:
                    d4:ff:c8:1c:d5:7b:52:7d:85:b0:87:0a:f3:e5:c8:
                    17:fb:ab:a7:ac:b8:10:97:75:d6:27:63:5f:dd:f5:
                    ca:fb:b5:ba:73:c5:9e:1e:7c:ea:94:ad:b6:5c:7a:
                    29:f1:d9:21:3e:8b:82:b2:3e:07:a6:ab:2b:3e:cc:
                    22:42:8d:20:b3:5d:61:e1:d2:31:5c:0a:29:3d:1f:
                    10:b3:c6:f1:bc:d9:75:66:89:af:1b:5d:d9:e3:88:
                    0e:0f:67:a1:3d:15:26:eb:fd:46:d0:52:e4:f2:5f:
                    b1:86:14:58:b1:04:f3:bc:21:c4:ed:8e:44:aa:e2:
                    6e:e8:7c:a9:90:21:c8:dd:0e:9c:f6:e5:3e:72:a8:
                    c8:d4:a7:ed:67:08:72:88:d0:52:f4:7f:b6:4a:29:
                    c7:fd:57:d8:b6:46:a2:91:f9:d4:61:81:1d:e3:96:
                    e2:be:2b:7a:a6:fb:b0:0b:50:29:d3:0b:4f:06:f8:
                    ed:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:F5:15:7D:02:AC:F4:0B:0F:F6:21:47:DD:C0:56:F1:5A:E1:F5:C2
            X509v3 Authority Key Identifier:
                keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/2b35ab1a-8001-404a-9285-196aa943aa95.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2605:9cc0:387::/48

    Signature Algorithm: sha256WithRSAEncryption
         46:9d:16:52:22:b1:20:c8:bd:57:fa:e1:cb:6d:6b:c9:c7:65:
         3f:b9:d9:7e:ef:65:f8:a2:d3:a9:4f:d4:da:41:74:3a:d3:d7:
         6c:94:5a:4d:3e:b8:b5:64:aa:51:49:6d:06:65:0f:60:47:ee:
         ba:82:dc:4c:7a:34:52:7e:42:d7:d5:a7:e3:99:a9:78:29:4e:
         0c:d4:12:b0:37:2e:67:00:9e:f8:7c:f6:03:65:c5:d9:0b:75:
         59:03:e4:22:cc:40:ec:81:45:cd:a4:64:73:e9:b6:de:bb:e8:
         58:ed:9d:07:40:f8:7f:2b:ca:fb:7d:a7:22:49:d5:14:5a:c2:
         29:ba:b4:5c:75:46:ea:00:20:72:4d:a0:1d:b2:85:73:36:0e:
         d1:21:2f:a4:f2:17:2b:45:72:63:d6:20:2d:1d:de:f9:c8:d8:
         6d:63:2b:f5:08:24:c7:d3:56:b4:be:15:83:02:ea:08:dd:3e:
         6c:67:04:fd:f4:07:5a:f0:b4:2c:f7:c6:de:cd:3b:5e:ad:ba:
         d7:f6:6c:56:67:7f:8a:32:fb:f9:07:16:e7:e6:b6:8d:c6:b0:
         64:4c:c3:7f:c3:34:1c:12:17:b3:1b:02:4d:42:3b:0e:ee:b0:
         29:55:81:72:85:f2:03:29:6a:e4:f8:64:25:0d:aa:05:3b:95:
         d4:f5:aa:41
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUflSMlxSB5/yIQIhfa190OMeJMQAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw
MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjMwOTE4MDAwMDAwWhcNMjMxMDIzMjM1OTU5
WjB6MUkwRwYDVQQFE0BjZmE2ZDg1NTdkZjM0MWU3MWQ2YzEzNzUzNzM1NmEwMTlm
NGY3Nzk2NGU4NWRiMmYwNzg4ZWM1NjBjMGQ5ZjM5MS0wKwYDVQQDEyRmNzI0Mzc4
NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC083V8wwmvdssO9ADiVXSVBUsT+r7xQmeNrQa5MzGys0n/
mKUYg8MbqX2NEpUHQzosnUinWZGFoJvcZ4mPeRWDyZPKT7IWNd5uMdT/yBzVe1J9
hbCHCvPlyBf7q6esuBCXddYnY1/d9cr7tbpzxZ4efOqUrbZceinx2SE+i4KyPgem
qys+zCJCjSCzXWHh0jFcCik9HxCzxvG82XVmia8bXdnjiA4PZ6E9FSbr/UbQUuTy
X7GGFFixBPO8IcTtjkSq4m7ofKmQIcjdDpz25T5yqMjUp+1nCHKI0FL0f7ZKKcf9
V9i2RqKR+dRhgR3jluK+K3qm+7ALUCnTC08G+O3rAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQU7vUVfQKs9AsP9iFH3cBW8Vrh9cIwHwYDVR0jBBgwFoAUugzhfiM/vHHU
MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m
NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5
YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy
YTEzOWVhOTJiLzJiMzVhYjFhLTgwMDEtNDA0YS05Mjg1LTE5NmFhOTQzYWE5NS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh
LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmBZzAA4cwDQYJKoZIhvcNAQELBQADggEBAEadFlIisSDIvVf64ctta8nH
ZT+52X7vZfii06lP1NpBdDrT12yUWk0+uLVkqlFJbQZlD2BH7rqC3Ex6NFJ+QtfV
p+OZqXgpTgzUErA3LmcAnvh89gNlxdkLdVkD5CLMQOyBRc2kZHPptt676FjtnQdA
+H8ryvt9pyJJ1RRawim6tFx1RuoAIHJNoB2yhXM2DtEhL6TyFytFcmPWIC0d3vnI
2G1jK/UIJMfTVrS+FYMC6gjdPmxnBP30B1rwtCz3xt7NO16tutf2bFZnf4oy+/kH
Fufmto3GsGRMw3/DNBwSF7MbAk1COw7usClVgXKF8gMpauT4ZCUNqgU7ldT1qkE=
-----END CERTIFICATE-----
Generated at Mon Sep 18 15:40:40 2023 by rpki-client on console-ams.rpki-client.org