Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/2380e964-f7b9-45fc-86f9-20cb3046f265.roa
File:                     2380e964-f7b9-45fc-86f9-20cb3046f265.roa (raw, json)
Hash identifier:          5B2eGm8i9LuFsBpjf6GqIZgFFbZqvOoIYlR/OSsUvQU=
Subject key identifier:   FD:94:83:DE:76:9D:3D:F4:62:99:A5:A7:61:62:DC:33:92:7B:84:9F
Certificate issuer:       /CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
Certificate serial:       18B89909852B35DA540800B0AD4028C669601A26
Authority key identifier: E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/2380e964-f7b9-45fc-86f9-20cb3046f265.roa
Signing time:             Sat 09 Sep 2023 00:00:00 +0000
ROA not before:           Sat 09 Sep 2023 00:00:00 +0000
ROA not after:            Sat 14 Oct 2023 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:9000:a200::/40 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 10 Sep 2023 12:03:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            18:b8:99:09:85:2b:35:da:54:08:00:b0:ad:40:28:c6:69:60:1a:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
        Validity
            Not Before: Sep  9 00:00:00 2023 GMT
            Not After : Oct 14 23:59:59 2023 GMT
        Subject: serialNumber=a6e4d33b674e0a3d55dc869f0d3926c203920753f764c4cfd4755080308b2733, CN=9f230fa9-aa2f-4020-ae2a-1a60374084b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:86:30:c1:f1:35:59:7a:a5:ba:f4:0e:93:30:
                    78:cd:14:51:a8:78:3b:5a:2d:3e:a5:01:32:cc:e8:
                    31:c8:3e:05:ee:b3:71:93:fa:61:5e:61:1b:2b:ee:
                    a9:08:fb:de:82:ad:09:fa:b0:7f:8d:11:30:11:11:
                    b6:0b:d7:df:58:07:15:54:36:d5:4e:2c:1c:6a:7f:
                    99:fb:24:75:60:17:b8:3c:19:f6:75:f3:94:6e:f3:
                    d8:02:d0:a1:b0:7c:8f:c4:50:f1:d7:40:d2:ce:84:
                    9f:a5:3c:68:25:5d:89:be:60:1d:8a:71:d6:6d:e6:
                    65:ca:42:64:41:3e:a9:c6:66:51:78:61:33:94:27:
                    98:f5:57:77:8f:0f:9d:2f:51:10:60:40:c9:1a:5a:
                    cb:1a:cc:3e:33:38:45:97:27:78:30:07:73:75:84:
                    48:62:f5:5d:f7:c1:c0:6f:57:63:17:33:82:44:50:
                    68:6a:67:0a:22:41:e7:52:cb:38:90:a8:65:ce:f5:
                    80:3f:64:53:ac:06:53:94:38:8d:67:5f:dd:71:e9:
                    39:21:ce:da:67:42:bf:d2:2c:68:ca:5c:14:bd:65:
                    fd:f9:7b:54:81:77:f4:ea:4e:32:df:94:77:b1:c5:
                    b3:44:86:58:fd:a0:81:d5:f2:d6:b8:a7:52:09:04:
                    ff:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:94:83:DE:76:9D:3D:F4:62:99:A5:A7:61:62:DC:33:92:7B:84:9F
            X509v3 Authority Key Identifier:
                keyid:E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/2380e964-f7b9-45fc-86f9-20cb3046f265.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:9000:a200::/40

    Signature Algorithm: sha256WithRSAEncryption
         2b:0f:c9:9c:5c:1d:72:cf:38:49:b9:8e:62:51:36:8a:d9:10:
         7f:ee:51:94:87:fd:99:8f:17:dd:a7:a0:a5:14:d9:17:9c:21:
         bc:1e:20:96:f7:c6:fa:54:19:3f:db:63:8e:f8:28:ad:22:39:
         75:9c:d7:21:60:fe:30:aa:27:08:be:22:93:78:f0:e3:96:bd:
         d0:19:2e:95:88:6d:ba:e9:9c:c1:89:a3:5d:86:8b:43:81:d7:
         34:41:e5:05:b7:fd:df:38:bb:c7:18:5b:a6:4b:3d:c8:92:64:
         ee:e3:35:df:1a:59:c5:59:c0:4e:e6:47:70:63:b2:31:69:88:
         1d:2e:89:ca:f7:97:5c:98:00:94:55:1d:e3:eb:6c:10:51:41:
         cc:63:2d:02:42:a6:39:b8:30:0a:a0:cd:39:5a:4e:2a:79:a5:
         a6:83:83:bd:76:b2:1c:b8:64:f3:da:df:d8:9f:c0:3b:e2:a3:
         5a:a2:a5:79:10:7c:55:50:56:98:94:91:23:77:a6:25:9d:54:
         c6:12:b6:00:68:8a:4a:eb:24:4a:17:0d:11:18:64:86:82:51:
         65:ae:50:40:f4:8f:cf:6b:43:14:47:44:1e:53:94:67:6d:07:
         d2:79:8d:2f:81:9e:3c:d4:41:18:6c:cf:6c:61:7c:71:57:8c:
         0f:e5:8e:09
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUGLiZCYUrNdpUCACwrUAoxmlgGiYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNTUxMjA5MDI3ZjVlN2FkNTRlMDRmMDQyZTRhYzBlOWU2
NWM1NmU1NWM3NzQ3OGQyY2UwHhcNMjMwOTA5MDAwMDAwWhcNMjMxMDE0MjM1OTU5
WjB6MUkwRwYDVQQFE0BhNmU0ZDMzYjY3NGUwYTNkNTVkYzg2OWYwZDM5MjZjMjAz
OTIwNzUzZjc2NGM0Y2ZkNDc1NTA4MDMwOGIyNzMzMS0wKwYDVQQDEyQ5ZjIzMGZh
OS1hYTJmLTQwMjAtYWUyYS0xYTYwMzc0MDg0YjgwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDGhjDB8TVZeqW69A6TMHjNFFGoeDtaLT6lATLM6DHIPgXu
s3GT+mFeYRsr7qkI+96CrQn6sH+NETAREbYL199YBxVUNtVOLBxqf5n7JHVgF7g8
GfZ185Ru89gC0KGwfI/EUPHXQNLOhJ+lPGglXYm+YB2KcdZt5mXKQmRBPqnGZlF4
YTOUJ5j1V3ePD50vURBgQMkaWssazD4zOEWXJ3gwB3N1hEhi9V33wcBvV2MXM4JE
UGhqZwoiQedSyziQqGXO9YA/ZFOsBlOUOI1nX91x6TkhztpnQr/SLGjKXBS9Zf35
e1SBd/TqTjLflHexxbNEhlj9oIHV8ta4p1IJBP8pAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQU/ZSD3nadPfRimaWnYWLcM5J7hJ8wHwYDVR0jBBgwFoAU6PPFIOIO8l06
t6IWuxQEMWo3OPEwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS85OWY4ZmVkMi0y
OTJiLTQ3MjItYjkyOC1mZWU3YmYwYTU5MTAvNTUxMjA5MDI3ZjVlN2FkNTRlMDRm
MDQyZTRhYzBlOWU2NWM1NmU1NWM3NzQ3OGQyY2UuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTc1MThhZjUtYTM0My00MjhkLWJmNzgtZjk4
MmI2ZTYwNTA1LzIzODBlOTY0LWY3YjktNDVmYy04NmY5LTIwY2IzMDQ2ZjI2NS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3NTE4YWY1LWEzNDMtNDI4ZC1iZjc4
LWY5ODJiNmU2MDUwNS9YbnJWVGdUd1F1U3NEcDVseFc1VngzUjQwczQuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAJAAojANBgkqhkiG9w0BAQsFAAOCAQEAKw/JnFwdcs84SbmOYlE2itkQ
f+5RlIf9mY8X3aegpRTZF5whvB4glvfG+lQZP9tjjvgorSI5dZzXIWD+MKonCL4i
k3jw45a90BkulYhtuumcwYmjXYaLQ4HXNEHlBbf93zi7xxhbpks9yJJk7uM13xpZ
xVnATuZHcGOyMWmIHS6JyveXXJgAlFUd4+tsEFFBzGMtAkKmObgwCqDNOVpOKnml
poODvXayHLhk89rf2J/AO+KjWqKleRB8VVBWmJSRI3emJZ1UxhK2AGiKSuskShcN
ERhkhoJRZa5QQPSPz2tDFEdEHlOUZ20H0nmNL4GePNRBGGzPbGF8cVeMD+WOCQ==
-----END CERTIFICATE-----
Generated at Sat Sep 9 00:20:01 2023 by rpki-client on console-ams.rpki-client.org