Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/ecba0557-c004-41c2-bd5b-63142dbee294.roa
File:                     ecba0557-c004-41c2-bd5b-63142dbee294.roa (raw, json)
Hash identifier:          og/HAgldyOoKlj4KuSocr8w9xcBVbawhdE5TY/7w6HY=
Subject key identifier:   D7:CF:76:97:48:14:C3:53:3B:1F:27:C5:A0:8A:0E:19:62:57:F4:9B
Certificate issuer:       /CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
Certificate serial:       5E2868EB3795E4BD1D2F780E035922EF00834C36
Authority key identifier: E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/ecba0557-c004-41c2-bd5b-63142dbee294.roa
Signing time:             Sat 09 Sep 2023 00:00:00 +0000
ROA not before:           Sat 09 Sep 2023 00:00:00 +0000
ROA not after:            Sat 14 Oct 2023 23:59:59 +0000
asID:                     16509
IP address blocks:        205.251.248.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/99f8fed2-292b-4722-b928-fee7bf0a5910.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 10 Sep 2023 12:03:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5e:28:68:eb:37:95:e4:bd:1d:2f:78:0e:03:59:22:ef:00:83:4c:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce
        Validity
            Not Before: Sep  9 00:00:00 2023 GMT
            Not After : Oct 14 23:59:59 2023 GMT
        Subject: serialNumber=a33cb46de5c6136df4c6b9afba643caa3141f3cf8a687a68f32cbda046fbc833, CN=9f230fa9-aa2f-4020-ae2a-1a60374084b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:77:ab:39:d9:cf:fe:cf:7f:ad:01:d4:44:44:
                    ee:40:2b:d0:65:c7:1b:4a:9f:e6:f9:96:41:2b:d0:
                    5e:10:9d:db:c9:ea:11:24:16:8d:8e:ee:c6:0f:50:
                    01:c9:c0:a9:6b:84:68:0e:2b:8e:29:d2:3e:1f:39:
                    9c:f7:ad:2f:0c:72:32:1b:36:30:fe:87:0d:be:b9:
                    54:a0:f4:54:a5:eb:04:d3:80:50:36:59:8a:38:99:
                    47:8d:fb:27:e8:01:19:b4:7a:d3:2b:38:94:15:d9:
                    d4:56:f4:c8:93:03:55:6b:7f:15:c9:a2:40:8d:8f:
                    c0:b7:bd:84:10:54:dc:50:e2:3d:4b:3c:03:df:af:
                    91:32:69:27:f6:2c:fa:fe:97:a1:18:ea:c1:39:7d:
                    31:a7:ba:b2:21:10:7d:f3:fd:5a:39:a9:d7:5b:d7:
                    36:57:fa:36:ec:b9:e1:11:90:88:52:a6:89:f0:ab:
                    7c:e4:dd:89:19:3d:20:f4:6d:75:b8:cb:28:b6:30:
                    a3:17:ad:2c:4c:27:9c:f6:5a:ee:f3:db:62:90:cd:
                    6a:70:6a:da:40:ef:4b:26:82:b9:3c:cc:9a:c5:04:
                    63:91:a2:73:be:22:a0:37:ae:68:dd:a2:7d:91:d7:
                    39:63:fb:ea:df:54:e3:89:f8:8f:22:36:ae:9c:4c:
                    70:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:CF:76:97:48:14:C3:53:3B:1F:27:C5:A0:8A:0E:19:62:57:F4:9B
            X509v3 Authority Key Identifier:
                keyid:E8:F3:C5:20:E2:0E:F2:5D:3A:B7:A2:16:BB:14:04:31:6A:37:38:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/99f8fed2-292b-4722-b928-fee7bf0a5910/551209027f5e7ad54e04f042e4ac0e9e65c56e55c77478d2ce.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/ecba0557-c004-41c2-bd5b-63142dbee294.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e7518af5-a343-428d-bf78-f982b6e60505/XnrVTgTwQuSsDp5lxW5Vx3R40s4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  205.251.248.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a3:78:b3:6b:8a:50:86:53:8f:c6:89:f6:8d:71:e0:cf:78:97:
         0b:a4:84:73:3a:65:04:8f:13:52:49:4c:04:85:cd:57:64:d9:
         b7:4d:9b:ba:4f:37:e7:e3:b6:f8:db:ab:44:6f:93:ea:7c:06:
         7b:84:a4:ad:a1:70:48:d0:63:b2:74:b7:23:2e:96:0e:f7:a0:
         ee:ba:73:ae:1e:33:54:3b:40:51:39:37:fb:5f:2c:a0:36:1f:
         f4:41:30:ce:f4:a4:75:21:90:52:f2:1c:98:94:3e:fe:03:70:
         16:45:f1:a0:35:90:7d:22:f3:6e:cb:53:23:52:4d:07:da:12:
         8b:7a:21:60:2a:2a:85:e9:60:07:39:55:2b:76:11:40:cd:ec:
         96:ee:35:b0:07:34:95:14:f3:4a:2c:10:64:86:46:68:3c:7f:
         84:0a:ba:ed:16:cb:6b:a6:5a:ed:7f:a2:5d:da:fa:64:ca:69:
         ba:b0:10:bc:58:ef:89:0d:44:ab:4c:e9:5f:cc:e3:5c:a5:fd:
         bb:34:aa:01:ad:7c:89:c3:55:14:ca:74:c0:94:82:e7:f3:69:
         8a:3e:a8:2f:1e:be:9b:a5:ab:a8:be:c2:71:0d:f3:3f:ce:41:
         6c:ff:05:e3:d6:86:cf:e6:f8:87:5e:75:7d:a1:8b:b4:6f:34:
         a0:92:96:99
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUXiho6zeV5L0dL3gOA1ki7wCDTDYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNTUxMjA5MDI3ZjVlN2FkNTRlMDRmMDQyZTRhYzBlOWU2
NWM1NmU1NWM3NzQ3OGQyY2UwHhcNMjMwOTA5MDAwMDAwWhcNMjMxMDE0MjM1OTU5
WjB6MUkwRwYDVQQFE0BhMzNjYjQ2ZGU1YzYxMzZkZjRjNmI5YWZiYTY0M2NhYTMx
NDFmM2NmOGE2ODdhNjhmMzJjYmRhMDQ2ZmJjODMzMS0wKwYDVQQDEyQ5ZjIzMGZh
OS1hYTJmLTQwMjAtYWUyYS0xYTYwMzc0MDg0YjgwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC6d6s52c/+z3+tAdRERO5AK9BlxxtKn+b5lkEr0F4QndvJ
6hEkFo2O7sYPUAHJwKlrhGgOK44p0j4fOZz3rS8McjIbNjD+hw2+uVSg9FSl6wTT
gFA2WYo4mUeN+yfoARm0etMrOJQV2dRW9MiTA1VrfxXJokCNj8C3vYQQVNxQ4j1L
PAPfr5EyaSf2LPr+l6EY6sE5fTGnurIhEH3z/Vo5qddb1zZX+jbsueERkIhSponw
q3zk3YkZPSD0bXW4yyi2MKMXrSxMJ5z2Wu7z22KQzWpwatpA70smgrk8zJrFBGOR
onO+IqA3rmjdon2R1zlj++rfVOOJ+I8iNq6cTHCfAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU1892l0gUw1M7HyfFoIoOGWJX9JswHwYDVR0jBBgwFoAU6PPFIOIO8l06
t6IWuxQEMWo3OPEwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS85OWY4ZmVkMi0y
OTJiLTQ3MjItYjkyOC1mZWU3YmYwYTU5MTAvNTUxMjA5MDI3ZjVlN2FkNTRlMDRm
MDQyZTRhYzBlOWU2NWM1NmU1NWM3NzQ3OGQyY2UuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTc1MThhZjUtYTM0My00MjhkLWJmNzgtZjk4
MmI2ZTYwNTA1L2VjYmEwNTU3LWMwMDQtNDFjMi1iZDViLTYzMTQyZGJlZTI5NC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3NTE4YWY1LWEzNDMtNDI4ZC1iZjc4
LWY5ODJiNmU2MDUwNS9YbnJWVGdUd1F1U3NEcDVseFc1VngzUjQwczQuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADN+/gwDQYJKoZIhvcNAQELBQADggEBAKN4s2uKUIZTj8aJ9o1x4M94lwuk
hHM6ZQSPE1JJTASFzVdk2bdNm7pPN+fjtvjbq0Rvk+p8BnuEpK2hcEjQY7J0tyMu
lg73oO66c64eM1Q7QFE5N/tfLKA2H/RBMM70pHUhkFLyHJiUPv4DcBZF8aA1kH0i
827LUyNSTQfaEot6IWAqKoXpYAc5VSt2EUDN7JbuNbAHNJUU80osEGSGRmg8f4QK
uu0Wy2umWu1/ol3a+mTKabqwELxY74kNRKtM6V/M41yl/bs0qgGtfInDVRTKdMCU
gufzaYo+qC8evpulq6i+wnEN8z/OQWz/BePWhs/m+IdedX2hi7RvNKCSlpk=
-----END CERTIFICATE-----
Generated at Sat Sep 9 00:20:02 2023 by rpki-client on console-ams.rpki-client.org