Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/a57f9d8b-6b3c-4ec9-845a-81cab3a69ef2.roa
File:                     a57f9d8b-6b3c-4ec9-845a-81cab3a69ef2.roa (raw, json)
Hash identifier:          dLfXH00IbnwThgxpOH2jYSYS5e6AjFpfGV2iPQX8Lxk=
Subject key identifier:   E0:2F:37:7F:EC:26:0B:B1:0E:A8:9A:BB:3B:08:0C:55:98:92:ED:30
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       373E8DD2BA13460AA3633CDE41CF658CB9D4ED84
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/a57f9d8b-6b3c-4ec9-845a-81cab3a69ef2.roa
Signing time:             Fri 24 Mar 2023 00:00:00 +0000
ROA not before:           Fri 24 Mar 2023 00:00:00 +0000
ROA not after:            Fri 28 Apr 2023 23:59:59 +0000
asID:                     16509
IP address blocks:        18.53.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 25 Mar 2023 12:08:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            37:3e:8d:d2:ba:13:46:0a:a3:63:3c:de:41:cf:65:8c:b9:d4:ed:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Mar 24 00:00:00 2023 GMT
            Not After : Apr 28 23:59:59 2023 GMT
        Subject: serialNumber=c8aafa8d26527558fc9bb05cf14aca3d306964c2b4901e5b14a34f20ba17199a, CN=5f276045-5b9f-45ef-923d-f3fce24a6225, OU=Amazon RPKI, O=Amazon.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:98:21:7d:bd:ac:b9:22:ca:5c:06:4a:19:2a:
                    55:c4:e1:81:1a:7e:db:df:97:cf:5d:e7:4f:97:8a:
                    f5:71:7b:0c:d5:3b:28:bb:e4:fe:47:1f:8f:6d:4c:
                    62:20:ef:bd:24:e4:a9:47:6b:fa:99:8b:20:3e:5f:
                    7a:f5:fa:45:e7:a6:67:fe:0f:9a:33:85:71:f3:f6:
                    99:a5:16:86:b2:eb:70:0f:4d:25:35:f8:d6:bf:01:
                    0d:48:7f:41:4e:0e:24:27:fd:fb:5c:9e:14:8a:18:
                    77:b1:d8:78:78:7e:4a:3a:76:24:11:c7:e9:39:f1:
                    9d:0c:9c:ab:22:ac:f4:81:90:42:11:3a:eb:e0:3c:
                    1e:47:82:12:5f:ca:53:40:07:fe:a7:88:fe:03:e5:
                    64:c3:e4:80:44:81:75:7d:18:0e:24:55:d5:a3:1e:
                    e8:f1:d7:09:cb:cf:27:5f:9d:1a:dd:42:db:bd:a8:
                    48:ae:16:4f:a6:87:46:88:22:4b:0d:ca:85:9a:0d:
                    6b:3c:49:be:d0:cc:85:69:4f:2c:8c:77:a1:09:50:
                    da:87:d1:ef:8d:27:39:ff:96:48:f3:8a:56:6c:34:
                    3a:54:eb:38:41:bb:41:3e:cc:69:a7:52:04:83:73:
                    69:24:64:e0:4a:7e:6b:c2:59:17:13:15:1a:fd:ab:
                    42:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                E0:2F:37:7F:EC:26:0B:B1:0E:A8:9A:BB:3B:08:0C:55:98:92:ED:30
            X509v3 Authority Key Identifier: 
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access: 
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/a57f9d8b-6b3c-4ec9-845a-81cab3a69ef2.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  18.53.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         4c:50:3d:4c:6e:82:0b:f0:4b:a1:9f:26:19:e4:b2:d2:b9:1e:
         a9:fd:2a:ee:f5:8d:8d:96:96:46:ca:b3:26:0c:b7:e2:6e:fb:
         62:f6:ab:2d:b2:fc:9a:af:97:a3:5f:e3:9d:10:e1:d3:39:bc:
         83:83:c1:65:dd:a6:5c:c9:62:30:81:d1:c9:cd:88:82:50:16:
         89:46:d0:52:f9:ef:e1:35:42:24:04:bf:9c:a6:95:fe:68:87:
         9e:0e:f9:d7:bb:2e:b9:22:a8:65:11:12:08:b0:cc:31:12:b8:
         f4:f8:93:f1:24:dc:3f:cc:ac:33:22:5e:93:f0:41:aa:79:5f:
         d4:55:41:31:00:30:30:a4:dd:5b:06:8b:24:6f:44:87:36:8d:
         df:7a:cf:6b:43:d2:39:3e:89:91:e2:e7:f1:5c:c7:b9:5f:7a:
         47:b7:be:a4:9f:e7:5b:02:34:6a:92:fa:8d:1a:34:f7:fd:c2:
         64:a3:bd:c6:8f:5f:7f:bb:a7:d9:4a:f4:f2:26:6d:1e:21:fe:
         83:a6:9c:72:93:a6:c2:b3:bc:b7:96:2c:77:d8:a2:84:2e:8e:
         fb:ed:3f:9e:d1:2c:bd:50:ac:4a:b2:1b:f1:d7:05:c2:05:ec:
         0b:ea:ff:98:58:cd:e8:ef:1c:0c:01:14:ab:77:d4:56:62:fd:
         b0:9e:eb:c2
-----BEGIN CERTIFICATE-----
MIIGIzCCBQugAwIBAgIUNz6N0roTRgqjYzzeQc9ljLnU7YQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjMwMzI0MDAwMDAwWhcNMjMwNDI4MjM1OTU5
WjCBpTFJMEcGA1UEBRNAYzhhYWZhOGQyNjUyNzU1OGZjOWJiMDVjZjE0YWNhM2Qz
MDY5NjRjMmI0OTAxZTViMTRhMzRmMjBiYTE3MTk5YTEtMCsGA1UEAxMkNWYyNzYw
NDUtNWI5Zi00NWVmLTkyM2QtZjNmY2UyNGE2MjI1MRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBANmYIX29rLkiylwGShkqVcThgRp+29+Xz13nT5eK9XF7DNU7KLvk
/kcfj21MYiDvvSTkqUdr+pmLID5fevX6ReemZ/4PmjOFcfP2maUWhrLrcA9NJTX4
1r8BDUh/QU4OJCf9+1yeFIoYd7HYeHh+Sjp2JBHH6TnxnQycqyKs9IGQQhE66+A8
HkeCEl/KU0AH/qeI/gPlZMPkgESBdX0YDiRV1aMe6PHXCcvPJ1+dGt1C272oSK4W
T6aHRogiSw3KhZoNazxJvtDMhWlPLIx3oQlQ2ofR740nOf+WSPOKVmw0OlTrOEG7
QT7MaadSBINzaSRk4Ep+a8JZFxMVGv2rQgsCAwEAAaOCArAwggKsMB0GA1UdDgQW
BBTgLzd/7CYLsQ6omrs7CAxVmJLtMDAfBgNVHSMEGDAWgBQlrdNCsB63pY6tGZAm
iLVLP4H0uDAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMmEy
NDY5NDctMmQ2Mi00YTZjLWJhMDUtODcxODdmMDA5OWIyLzg1MWNlZjE3LTEzMmEt
NDMzNy1iN2QxLWJmMTZhNTJmZmQwMy9kZjZmM2IzYTM0YjYzODZkMWEzMmQ4ZjRm
YTMxNzhlZjMxODg3ZDhiNDI4ZGZhYTQ3Ni5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9mNzAzNjk2ZS1lNDdiLTRjMjAtYmQ5My02ZjgwOTA0
ZTQyZDIvYTU3ZjlkOGItNmIzYy00ZWM5LTg0NWEtODFjYWIzYTY5ZWYyLnJvYTCB
iAYDVR0fBIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyL3RqaHRHakxZOVBveGVPOHhpSDJMUW8zNnBIWS5jcmwwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMD
ABI1MA0GCSqGSIb3DQEBCwUAA4IBAQBMUD1MboIL8EuhnyYZ5LLSuR6p/Sru9Y2N
lpZGyrMmDLfibvti9qstsvyar5ejX+OdEOHTObyDg8Fl3aZcyWIwgdHJzYiCUBaJ
RtBS+e/hNUIkBL+cppX+aIeeDvnXuy65IqhlERIIsMwxErj0+JPxJNw/zKwzIl6T
8EGqeV/UVUExADAwpN1bBoskb0SHNo3fes9rQ9I5PomR4ufxXMe5X3pHt76kn+db
AjRqkvqNGjT3/cJko73Gj19/u6fZSvTyJm0eIf6Dppxyk6bCs7y3lix32KKELo77
7T+e0Sy9UKxKshvx1wXCBewL6v+YWM3o7xwMARSrd9RWYv2wnuvC
-----END CERTIFICATE-----
Generated at Fri Mar 24 00:27:25 2023 by rpki-client on console-fra.rpki-client.org