Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/b0d33020-6ece-4acd-b13b-856d17693653.roa
File:                     b0d33020-6ece-4acd-b13b-856d17693653.roa (raw, json)
Hash identifier:          f0POnRc5igmtQ/DVaTFN+lmf3aXD9QW8WUOwdY3zJgM=
Subject key identifier:   32:A8:94:AD:EF:25:24:6B:C8:C9:D0:2C:DF:D9:2D:FD:1E:C3:7B:02
Certificate issuer:       /CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
Certificate serial:       73CFB7D86302D29A020BD6A730C5532AB6925164
Authority key identifier: E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/b0d33020-6ece-4acd-b13b-856d17693653.roa
Signing time:             Sat 09 Sep 2023 00:00:00 +0000
ROA not before:           Sat 09 Sep 2023 00:00:00 +0000
ROA not after:            Sat 14 Oct 2023 23:59:59 +0000
asID:                     16509
IP address blocks:        204.246.160.0/19 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 10 Sep 2023 12:03:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            73:cf:b7:d8:63:02:d2:9a:02:0b:d6:a7:30:c5:53:2a:b6:92:51:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
        Validity
            Not Before: Sep  9 00:00:00 2023 GMT
            Not After : Oct 14 23:59:59 2023 GMT
        Subject: serialNumber=9f715eccc540bb333b09a2398ad6d76770abbe2c3bfa08a975c8a3eb570fd541, CN=9f230fa9-aa2f-4020-ae2a-1a60374084b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:4b:06:27:04:f8:fe:29:27:65:d3:6c:57:17:
                    5f:f5:de:a6:db:f4:44:4b:62:cb:13:74:2a:d9:e8:
                    45:5d:9e:07:24:a3:89:74:65:48:6b:f7:80:6c:d7:
                    90:b9:36:0e:56:3c:4d:f4:fa:5e:76:53:96:4e:63:
                    88:90:bb:ea:70:65:a9:91:6d:80:dd:8e:62:2f:a9:
                    b2:83:3f:49:3d:46:dc:8d:bb:8c:fc:0e:9e:73:8d:
                    be:cf:1f:f8:32:29:b0:b9:16:ea:31:6f:f0:ff:e7:
                    6b:91:a4:5f:db:d4:23:ba:1c:80:b3:be:e5:1a:16:
                    d9:f1:a5:87:40:e5:04:ee:ee:1a:b4:dd:1d:d7:69:
                    14:8f:c8:01:75:0d:18:ad:65:e2:75:a2:5f:09:28:
                    93:da:9f:6a:16:c2:73:1b:48:94:0f:5a:17:ec:43:
                    b2:00:d6:5e:0f:f7:7a:7f:7a:8b:cc:bc:3e:f3:27:
                    b0:66:85:66:76:e8:1e:2b:3d:28:7b:b7:ed:67:a3:
                    14:7e:80:38:fc:29:df:11:db:06:0e:e7:ca:a4:cf:
                    0a:5a:29:dd:64:18:d3:05:fb:b5:99:63:d4:33:0b:
                    1f:27:68:22:0d:e0:34:5e:1d:60:62:f6:ce:aa:f4:
                    f1:e5:32:c2:06:33:aa:60:c4:b8:e4:fd:4e:4d:3a:
                    c7:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:A8:94:AD:EF:25:24:6B:C8:C9:D0:2C:DF:D9:2D:FD:1E:C3:7B:02
            X509v3 Authority Key Identifier:
                keyid:E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/b0d33020-6ece-4acd-b13b-856d17693653.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  204.246.160.0/19

    Signature Algorithm: sha256WithRSAEncryption
         c2:03:37:7e:81:7e:fd:a3:56:b5:da:37:e2:28:93:d1:b0:2a:
         0f:68:a9:57:ee:67:44:a6:bf:83:9b:74:35:c9:b7:7f:d8:7d:
         09:39:ce:02:a5:2e:f3:e0:c8:fc:64:8c:64:43:17:0c:2d:a7:
         82:a1:ba:1b:4d:17:5b:c6:f6:b2:b9:6e:18:73:2a:78:aa:80:
         4d:9b:14:80:ec:64:ef:11:95:00:78:a4:d0:36:d3:1d:4d:94:
         d2:49:99:19:3f:15:ee:5b:63:07:ec:66:6e:13:3f:26:60:fb:
         03:4c:d5:68:2f:9c:52:ae:28:62:8d:ed:5d:e0:01:c5:fd:76:
         2d:95:97:3c:42:6d:58:0a:fc:3b:12:8c:d3:7d:2d:1d:cf:a6:
         8b:3e:9d:ea:6b:81:00:52:d0:8c:b9:ee:f6:64:f3:b5:e6:c0:
         40:81:6f:bd:19:52:9e:0e:03:48:13:5e:01:8c:ae:89:d1:71:
         3c:da:c3:06:8e:bd:54:7b:6c:5b:e6:05:d2:80:9d:2d:f7:ea:
         6e:44:ef:b6:ca:21:59:0b:f1:05:12:6d:f3:f6:86:87:c7:8f:
         a6:5e:91:98:fb:89:5f:63:c1:a7:b1:fd:b7:be:21:da:43:95:
         6c:c3:48:bf:f6:94:7c:63:92:9b:3c:c8:f5:08:fe:c9:ef:94:
         82:80:43:9e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUc8+32GMC0poCC9anMMVTKraSUWQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNTUxMjA5MDI3ZjVlN2FkNTRlMDRmMDQyZTRhYzBlOWU2
NWM1NmU1NWM3NzQ3OGQyY2UwHhcNMjMwOTA5MDAwMDAwWhcNMjMxMDE0MjM1OTU5
WjB6MUkwRwYDVQQFE0A5ZjcxNWVjY2M1NDBiYjMzM2IwOWEyMzk4YWQ2ZDc2Nzcw
YWJiZTJjM2JmYTA4YTk3NWM4YTNlYjU3MGZkNTQxMS0wKwYDVQQDEyQ5ZjIzMGZh
OS1hYTJmLTQwMjAtYWUyYS0xYTYwMzc0MDg0YjgwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDASwYnBPj+KSdl02xXF1/13qbb9ERLYssTdCrZ6EVdngck
o4l0ZUhr94Bs15C5Ng5WPE30+l52U5ZOY4iQu+pwZamRbYDdjmIvqbKDP0k9RtyN
u4z8Dp5zjb7PH/gyKbC5Fuoxb/D/52uRpF/b1CO6HICzvuUaFtnxpYdA5QTu7hq0
3R3XaRSPyAF1DRitZeJ1ol8JKJPan2oWwnMbSJQPWhfsQ7IA1l4P93p/eovMvD7z
J7BmhWZ26B4rPSh7t+1noxR+gDj8Kd8R2wYO58qkzwpaKd1kGNMF+7WZY9QzCx8n
aCIN4DReHWBi9s6q9PHlMsIGM6pgxLjk/U5NOsf1AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUMqiUre8lJGvIydAs39kt/R7DewIwHwYDVR0jBBgwFoAU6PPFIOIO8l06
t6IWuxQEMWo3OPEwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS85OWY4ZmVkMi0y
OTJiLTQ3MjItYjkyOC1mZWU3YmYwYTU5MTAvNTUxMjA5MDI3ZjVlN2FkNTRlMDRm
MDQyZTRhYzBlOWU2NWM1NmU1NWM3NzQ3OGQyY2UuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTc1MThhZjUtYTM0My00MjhkLWJmNzgtZjk4
MmI2ZTYwNTA1L2IwZDMzMDIwLTZlY2UtNGFjZC1iMTNiLTg1NmQxNzY5MzY1My5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3NTE4YWY1LWEzNDMtNDI4ZC1iZjc4
LWY5ODJiNmU2MDUwNS9YbnJWVGdUd1F1U3NEcDVseFc1VngzUjQwczQuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAXM9qAwDQYJKoZIhvcNAQELBQADggEBAMIDN36Bfv2jVrXaN+Iok9GwKg9o
qVfuZ0Smv4ObdDXJt3/YfQk5zgKlLvPgyPxkjGRDFwwtp4KhuhtNF1vG9rK5bhhz
KniqgE2bFIDsZO8RlQB4pNA20x1NlNJJmRk/Fe5bYwfsZm4TPyZg+wNM1WgvnFKu
KGKN7V3gAcX9di2VlzxCbVgK/DsSjNN9LR3Ppos+neprgQBS0Iy57vZk87XmwECB
b70ZUp4OA0gTXgGMronRcTzawwaOvVR7bFvmBdKAnS336m5E77bKIVkL8QUSbfP2
hofHj6ZekZj7iV9jwaex/be+IdpDlWzDSL/2lHxjkps8yPUI/snvlIKAQ54=
-----END CERTIFICATE-----