Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/a1e648bb-cfc9-4252-8342-da6740732696.roa
File:                     a1e648bb-cfc9-4252-8342-da6740732696.roa (raw, json)
Hash identifier:          OU8FTwIda4hWszYb+QejDTqfqvGKp8g4QOnZQMV3+fQ=
Subject key identifier:   DA:70:AF:0E:98:7B:27:14:50:7E:A9:83:F1:CE:81:BC:72:F5:08:0E
Certificate issuer:       /CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
Certificate serial:       68FA75BF67D7DA9369924EE094AFCD8B0A0A7C3F
Authority key identifier: E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/a1e648bb-cfc9-4252-8342-da6740732696.roa
Signing time:             Sat 09 Sep 2023 00:00:00 +0000
ROA not before:           Sat 09 Sep 2023 00:00:00 +0000
ROA not after:            Sat 14 Oct 2023 23:59:59 +0000
asID:                     16509
IP address blocks:        205.251.240.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 10 Sep 2023 12:03:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            68:fa:75:bf:67:d7:da:93:69:92:4e:e0:94:af:cd:8b:0a:0a:7c:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
        Validity
            Not Before: Sep  9 00:00:00 2023 GMT
            Not After : Oct 14 23:59:59 2023 GMT
        Subject: serialNumber=a11deadcec18e9097a950e3d49f8fe64c369876545a7ad61abbc54eede942081, CN=9f230fa9-aa2f-4020-ae2a-1a60374084b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:88:24:53:78:f2:31:dc:15:80:8d:20:1e:cc:
                    d8:e5:8b:58:e0:40:65:86:e0:6e:bb:eb:ae:46:30:
                    30:22:89:6e:92:f1:89:22:7c:5e:d0:62:b1:02:e8:
                    16:1a:f2:86:f6:93:d0:6d:14:ed:9f:2f:35:d6:b7:
                    c2:a8:b2:6b:38:41:0e:74:a0:a8:9f:5b:12:3d:6d:
                    21:9c:e4:22:ab:e1:03:ee:35:71:2c:6c:12:42:45:
                    15:3a:88:98:36:68:cd:be:e1:62:c8:12:57:86:a0:
                    8d:50:4c:e4:96:ce:8b:c3:f8:50:b3:ba:90:40:38:
                    92:b1:4a:8f:c6:7f:f6:01:7f:7b:61:8d:0d:1f:67:
                    50:fa:3f:a3:8c:63:9c:87:fb:9b:1a:8d:91:f1:84:
                    a5:6a:1d:c4:65:8a:ed:ff:c5:e4:60:cf:d8:b6:7b:
                    2f:be:90:db:d3:ba:a4:b5:e7:1a:6c:7d:e5:9b:e0:
                    1e:51:29:f3:c2:6f:b1:19:ab:fd:fc:94:8a:99:19:
                    f9:2e:89:a7:eb:4b:f4:e3:dd:26:3c:34:08:61:11:
                    13:e7:5c:0a:4a:d6:8a:32:bf:ee:4a:c4:16:81:4e:
                    67:19:4d:69:a9:be:18:c4:2a:a5:15:ea:e0:cc:ee:
                    9e:a4:4f:83:86:cd:fc:2b:4a:ba:2b:cc:e5:26:1d:
                    b1:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:70:AF:0E:98:7B:27:14:50:7E:A9:83:F1:CE:81:BC:72:F5:08:0E
            X509v3 Authority Key Identifier:
                keyid:E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/a1e648bb-cfc9-4252-8342-da6740732696.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  205.251.240.0/22

    Signature Algorithm: sha256WithRSAEncryption
         46:44:b4:d0:45:83:1d:38:f3:5f:0e:e5:dd:8a:e3:2a:f0:11:
         c7:15:51:bf:00:b2:8d:e6:f9:36:db:5b:0a:84:7f:db:ee:02:
         5e:fa:37:c6:a7:4b:78:0b:b7:a9:23:77:b9:19:e4:ae:61:d0:
         78:0b:7a:06:8a:66:76:43:55:6b:78:32:4d:2b:0c:ce:73:b9:
         a8:9b:44:c4:2c:40:f3:b1:77:59:47:8a:23:32:de:48:f9:36:
         a5:31:57:52:5e:42:9f:3c:05:0e:32:d7:34:33:18:4a:16:df:
         12:71:3b:66:c1:6e:84:c4:68:ef:0c:2d:47:49:fb:8e:be:56:
         28:51:b0:2a:90:63:83:88:d9:d7:b8:ba:d4:f3:25:2f:4b:20:
         ee:50:ba:0e:6d:0a:f0:76:44:8a:cb:f9:39:fc:26:27:52:62:
         e4:04:16:62:c5:2d:38:75:a5:e0:87:78:f3:60:41:09:68:e0:
         33:9a:20:51:02:0a:de:a0:53:8f:92:ff:91:4a:11:5c:15:5c:
         65:31:ee:25:4a:ea:ec:04:09:12:20:69:88:c6:a8:f2:11:fd:
         f7:b1:91:91:32:87:72:94:d1:c4:d2:66:63:78:c7:1f:4d:01:
         2b:7c:78:90:ca:72:e0:72:cd:db:2c:0f:c8:7d:ed:25:e1:05:
         c2:c1:bf:a1
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUaPp1v2fX2pNpkk7glK/NiwoKfD8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNTUxMjA5MDI3ZjVlN2FkNTRlMDRmMDQyZTRhYzBlOWU2
NWM1NmU1NWM3NzQ3OGQyY2UwHhcNMjMwOTA5MDAwMDAwWhcNMjMxMDE0MjM1OTU5
WjB6MUkwRwYDVQQFE0BhMTFkZWFkY2VjMThlOTA5N2E5NTBlM2Q0OWY4ZmU2NGMz
Njk4NzY1NDVhN2FkNjFhYmJjNTRlZWRlOTQyMDgxMS0wKwYDVQQDEyQ5ZjIzMGZh
OS1hYTJmLTQwMjAtYWUyYS0xYTYwMzc0MDg0YjgwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDdiCRTePIx3BWAjSAezNjli1jgQGWG4G67665GMDAiiW6S
8YkifF7QYrEC6BYa8ob2k9BtFO2fLzXWt8Kosms4QQ50oKifWxI9bSGc5CKr4QPu
NXEsbBJCRRU6iJg2aM2+4WLIEleGoI1QTOSWzovD+FCzupBAOJKxSo/Gf/YBf3th
jQ0fZ1D6P6OMY5yH+5sajZHxhKVqHcRliu3/xeRgz9i2ey++kNvTuqS15xpsfeWb
4B5RKfPCb7EZq/38lIqZGfkuiafrS/Tj3SY8NAhhERPnXApK1ooyv+5KxBaBTmcZ
TWmpvhjEKqUV6uDM7p6kT4OGzfwrSrorzOUmHbF1AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU2nCvDph7JxRQfqmD8c6BvHL1CA4wHwYDVR0jBBgwFoAU6PPFIOIO8l06
t6IWuxQEMWo3OPEwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS85OWY4ZmVkMi0y
OTJiLTQ3MjItYjkyOC1mZWU3YmYwYTU5MTAvNTUxMjA5MDI3ZjVlN2FkNTRlMDRm
MDQyZTRhYzBlOWU2NWM1NmU1NWM3NzQ3OGQyY2UuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTc1MThhZjUtYTM0My00MjhkLWJmNzgtZjk4
MmI2ZTYwNTA1L2ExZTY0OGJiLWNmYzktNDI1Mi04MzQyLWRhNjc0MDczMjY5Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3NTE4YWY1LWEzNDMtNDI4ZC1iZjc4
LWY5ODJiNmU2MDUwNS9YbnJWVGdUd1F1U3NEcDVseFc1VngzUjQwczQuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBALN+/AwDQYJKoZIhvcNAQELBQADggEBAEZEtNBFgx04818O5d2K4yrwEccV
Ub8Aso3m+TbbWwqEf9vuAl76N8anS3gLt6kjd7kZ5K5h0HgLegaKZnZDVWt4Mk0r
DM5zuaibRMQsQPOxd1lHiiMy3kj5NqUxV1JeQp88BQ4y1zQzGEoW3xJxO2bBboTE
aO8MLUdJ+46+VihRsCqQY4OI2de4utTzJS9LIO5Qug5tCvB2RIrL+Tn8JidSYuQE
FmLFLTh1peCHePNgQQlo4DOaIFECCt6gU4+S/5FKEVwVXGUx7iVK6uwECRIgaYjG
qPIR/fexkZEyh3KU0cTSZmN4xx9NASt8eJDKcuByzdssD8h97SXhBcLBv6E=
-----END CERTIFICATE-----
Generated at Sat Sep 9 00:20:01 2023 by rpki-client on console-ams.rpki-client.org