Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/7b60dddc-79ff-4630-ae39-5d29920471be.roa
File:                     7b60dddc-79ff-4630-ae39-5d29920471be.roa (raw, json)
Hash identifier:          UiXCYsnSdj8HygCc1F6QIbcf/N+keH2b8ITLV6dsj4w=
Subject key identifier:   26:73:41:5A:3F:18:31:D2:83:C3:3B:8D:95:CC:EC:F3:D6:8D:71:70
Certificate issuer:       /CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
Certificate serial:       3EBC83568CA89B00F09292B843CE659279C56FCE
Authority key identifier: E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/7b60dddc-79ff-4630-ae39-5d29920471be.roa
Signing time:             Sat 09 Sep 2023 00:00:00 +0000
ROA not before:           Sat 09 Sep 2023 00:00:00 +0000
ROA not after:            Sat 14 Oct 2023 23:59:59 +0000
asID:                     16509
IP address blocks:        204.246.176.0/20 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 10 Sep 2023 12:03:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3e:bc:83:56:8c:a8:9b:00:f0:92:92:b8:43:ce:65:92:79:c5:6f:ce
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
        Validity
            Not Before: Sep  9 00:00:00 2023 GMT
            Not After : Oct 14 23:59:59 2023 GMT
        Subject: serialNumber=28748dc8bbed9d612dc471fbc46ab7eb6c8775c74406689369a7ae0a52dfd829, CN=9f230fa9-aa2f-4020-ae2a-1a60374084b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:c2:a8:69:20:64:dd:c7:81:b6:fc:6b:5a:a9:
                    d9:6e:24:b2:3c:43:05:7b:f2:26:b8:d9:bb:d0:a2:
                    9b:78:2a:2b:e7:ce:5a:98:49:a8:34:48:aa:a6:8e:
                    a3:0c:dd:64:e3:02:01:e8:15:83:89:12:ef:99:92:
                    eb:38:a3:f2:e5:96:bb:64:59:ab:64:5f:8f:89:d4:
                    e5:1e:c6:7d:68:e2:35:99:c0:6c:ff:11:6d:56:b2:
                    77:4e:5e:ff:b4:ae:1c:bc:de:37:de:1f:d0:bc:f8:
                    7e:7a:18:bb:4d:85:01:07:3e:e3:44:e2:70:db:b7:
                    5d:f0:98:e1:64:4f:c0:23:aa:9b:0c:ec:a1:5a:35:
                    8f:c4:e7:0f:a3:19:ab:b8:d1:25:59:d3:56:fd:9b:
                    3f:cb:7f:c1:40:09:fd:8d:11:1f:46:29:54:0c:19:
                    a0:24:bd:0c:e9:05:f3:5f:b8:22:c2:a3:d1:8c:bf:
                    73:37:a2:f0:36:53:14:9a:f6:3a:da:87:a6:1a:67:
                    3b:d2:95:25:f4:8c:72:46:32:07:2f:68:1c:2a:11:
                    4b:5d:17:89:fd:68:4b:3e:37:1b:80:2a:a2:50:ce:
                    38:0f:b4:12:e8:ff:2c:e7:b4:75:78:ed:e0:a1:2e:
                    e7:bb:11:2b:35:ce:c3:a4:cc:16:d0:a3:26:2b:16:
                    14:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:73:41:5A:3F:18:31:D2:83:C3:3B:8D:95:CC:EC:F3:D6:8D:71:70
            X509v3 Authority Key Identifier:
                keyid:E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/7b60dddc-79ff-4630-ae39-5d29920471be.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  204.246.176.0/20

    Signature Algorithm: sha256WithRSAEncryption
         89:80:b5:89:ca:24:90:7f:52:88:79:84:99:83:cb:89:4b:31:
         30:11:df:20:bf:fb:3c:ab:99:72:29:5d:fd:14:2e:06:a0:61:
         d7:13:55:44:a4:5c:5d:94:33:b8:ab:cb:91:d6:83:9f:f4:8a:
         e2:ac:cc:dc:63:05:1a:b1:96:d8:5e:06:5e:93:cd:fe:f7:01:
         eb:ec:32:51:1c:e8:df:fa:ec:42:94:13:ff:a5:bc:98:35:28:
         8e:be:d5:3e:33:3c:ea:19:a9:0b:69:63:c4:8c:04:ea:79:34:
         a0:be:21:1b:65:05:3d:7b:5a:4b:bd:ec:91:1a:84:52:0c:5f:
         67:98:a3:b8:50:83:7b:dc:90:96:dd:8b:46:99:c9:04:7f:c0:
         99:d3:df:28:0b:a6:df:06:5a:72:ef:f3:ba:ad:56:15:cb:f0:
         91:6c:f2:e6:c9:80:6b:e9:fd:88:2b:72:7e:fd:5c:7d:be:4d:
         e4:0b:44:8b:3e:bb:a8:cc:77:9e:63:e5:28:0d:9c:34:d5:44:
         21:85:ba:6f:8d:01:9e:29:8e:f7:48:f9:4c:7d:00:52:e9:1c:
         13:bf:e2:88:86:06:4e:6e:d2:b9:48:6f:f3:d2:79:71:c8:e4:
         30:18:65:ec:a1:0d:da:36:37:01:54:97:a3:a2:a5:64:29:66:
         03:09:8b:a5
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUPryDVoyomwDwkpK4Q85lknnFb84wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNTUxMjA5MDI3ZjVlN2FkNTRlMDRmMDQyZTRhYzBlOWU2
NWM1NmU1NWM3NzQ3OGQyY2UwHhcNMjMwOTA5MDAwMDAwWhcNMjMxMDE0MjM1OTU5
WjB6MUkwRwYDVQQFE0AyODc0OGRjOGJiZWQ5ZDYxMmRjNDcxZmJjNDZhYjdlYjZj
ODc3NWM3NDQwNjY4OTM2OWE3YWUwYTUyZGZkODI5MS0wKwYDVQQDEyQ5ZjIzMGZh
OS1hYTJmLTQwMjAtYWUyYS0xYTYwMzc0MDg0YjgwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCOwqhpIGTdx4G2/GtaqdluJLI8QwV78ia42bvQopt4Kivn
zlqYSag0SKqmjqMM3WTjAgHoFYOJEu+Zkus4o/LllrtkWatkX4+J1OUexn1o4jWZ
wGz/EW1WsndOXv+0rhy83jfeH9C8+H56GLtNhQEHPuNE4nDbt13wmOFkT8AjqpsM
7KFaNY/E5w+jGau40SVZ01b9mz/Lf8FACf2NER9GKVQMGaAkvQzpBfNfuCLCo9GM
v3M3ovA2UxSa9jrah6YaZzvSlSX0jHJGMgcvaBwqEUtdF4n9aEs+NxuAKqJQzjgP
tBLo/yzntHV47eChLue7ESs1zsOkzBbQoyYrFhTtAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUJnNBWj8YMdKDwzuNlczs89aNcXAwHwYDVR0jBBgwFoAU6PPFIOIO8l06
t6IWuxQEMWo3OPEwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS85OWY4ZmVkMi0y
OTJiLTQ3MjItYjkyOC1mZWU3YmYwYTU5MTAvNTUxMjA5MDI3ZjVlN2FkNTRlMDRm
MDQyZTRhYzBlOWU2NWM1NmU1NWM3NzQ3OGQyY2UuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTc1MThhZjUtYTM0My00MjhkLWJmNzgtZjk4
MmI2ZTYwNTA1LzdiNjBkZGRjLTc5ZmYtNDYzMC1hZTM5LTVkMjk5MjA0NzFiZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3NTE4YWY1LWEzNDMtNDI4ZC1iZjc4
LWY5ODJiNmU2MDUwNS9YbnJWVGdUd1F1U3NEcDVseFc1VngzUjQwczQuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBATM9rAwDQYJKoZIhvcNAQELBQADggEBAImAtYnKJJB/Uoh5hJmDy4lLMTAR
3yC/+zyrmXIpXf0ULgagYdcTVUSkXF2UM7iry5HWg5/0iuKszNxjBRqxltheBl6T
zf73AevsMlEc6N/67EKUE/+lvJg1KI6+1T4zPOoZqQtpY8SMBOp5NKC+IRtlBT17
Wku97JEahFIMX2eYo7hQg3vckJbdi0aZyQR/wJnT3ygLpt8GWnLv87qtVhXL8JFs
8ubJgGvp/Ygrcn79XH2+TeQLRIs+u6jMd55j5SgNnDTVRCGFum+NAZ4pjvdI+Ux9
AFLpHBO/4oiGBk5u0rlIb/PSeXHI5DAYZeyhDdo2NwFUl6OipWQpZgMJi6U=
-----END CERTIFICATE-----
Generated at Sat Sep 9 00:20:01 2023 by rpki-client on console-ams.rpki-client.org