Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2bc601f7-daff-4d8b-8556-b61503268309/109a2877-8f41-3e6a-b026-4ee9dbd03a1e.roa
File:                     109a2877-8f41-3e6a-b026-4ee9dbd03a1e.roa (raw, json)
Hash identifier:          zam0PpPXJ8tLNKdJKghq/eSm0Sa/2rbHnO6c9srhr6Y=
Subject key identifier:   48:FA:4A:0E:4F:50:50:D8:CA:70:EB:8A:CE:43:29:C5:39:C8:63:A9
Certificate issuer:       /CN=2bc601f7-daff-4d8b-8556-b61503268309
Certificate serial:       010D0C9F43285848C581103817D9CB3BE1BB0FC0
Authority key identifier: DA:C8:EF:29:AA:E9:B3:92:63:83:42:2B:DF:24:7A:85:A5:4E:83:17
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2bc601f7-daff-4d8b-8556-b61503268309.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2bc601f7-daff-4d8b-8556-b61503268309/109a2877-8f41-3e6a-b026-4ee9dbd03a1e.roa
Signing time:             Tue 04 Feb 2025 14:00:52 +0000
ROA not before:           Tue 04 Feb 2025 14:00:52 +0000
ROA not after:            Mon 05 May 2025 13:00:52 +0000
asID:                     7155
IP address blocks:        72.173.137.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2bc601f7-daff-4d8b-8556-b61503268309/2bc601f7-daff-4d8b-8556-b61503268309.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2bc601f7-daff-4d8b-8556-b61503268309/2bc601f7-daff-4d8b-8556-b61503268309.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2bc601f7-daff-4d8b-8556-b61503268309.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 13 Apr 2025 17:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:48:c5:81:10:38:17:d9:cb:3b:e1:bb:0f:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2bc601f7-daff-4d8b-8556-b61503268309
        Validity
            Not Before: Feb  4 14:00:52 2025 GMT
            Not After : May  5 13:00:52 2025 GMT
        Subject: CN=d78e5820-7989-4b31-9caf-66c8e01105a7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:08:b7:09:3e:87:ea:7d:95:04:29:a1:6e:5f:
                    d3:b6:5e:fc:82:dd:df:14:5b:eb:68:2b:22:73:4a:
                    eb:84:6b:d2:b4:ce:52:36:c3:20:b4:57:c5:56:be:
                    81:ea:67:f6:45:9c:be:69:26:83:96:ac:ec:11:48:
                    54:53:2c:b5:8a:d5:c0:25:40:79:94:82:f6:4f:bf:
                    22:ca:d2:52:34:b4:9b:48:05:9c:c7:70:00:1b:9e:
                    ca:cf:99:e7:ce:cf:54:aa:f5:fd:05:8b:47:de:65:
                    46:bd:8b:0d:33:45:30:92:2c:3b:b8:d0:0c:5c:39:
                    be:c1:1a:d3:77:26:76:f5:fb:5a:23:1a:53:7a:88:
                    30:fa:cd:1c:af:a4:ad:8e:c7:75:3f:ba:b8:ab:89:
                    ef:ba:f9:d3:c0:f9:3c:5a:34:06:7c:69:0e:be:bb:
                    14:d6:3f:78:d0:19:33:3e:55:df:69:ce:bf:d8:a3:
                    8c:07:4d:2e:4e:c8:c4:54:0d:36:6c:ee:76:1a:9c:
                    33:2c:28:a5:40:95:8f:b3:cd:a3:52:fa:b7:d3:69:
                    5c:9e:ff:00:1b:60:6d:70:3c:27:9a:52:6c:e6:4a:
                    47:25:23:d1:dd:f5:7f:74:88:eb:71:60:fb:77:ca:
                    69:ff:cb:59:2f:fa:4a:82:d0:08:47:e9:28:97:3d:
                    e2:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:FA:4A:0E:4F:50:50:D8:CA:70:EB:8A:CE:43:29:C5:39:C8:63:A9
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2bc601f7-daff-4d8b-8556-b61503268309/109a2877-8f41-3e6a-b026-4ee9dbd03a1e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2bc601f7-daff-4d8b-8556-b61503268309/2bc601f7-daff-4d8b-8556-b61503268309.crl

            X509v3 Authority Key Identifier:
                keyid:DA:C8:EF:29:AA:E9:B3:92:63:83:42:2B:DF:24:7A:85:A5:4E:83:17

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2bc601f7-daff-4d8b-8556-b61503268309.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  72.173.137.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         35:6a:27:5b:2d:02:1a:a3:7f:1c:d6:46:87:0c:9d:e7:d9:48:
         9c:9f:7d:f9:af:da:91:c3:ec:30:93:93:3c:1f:30:36:e9:fd:
         60:c9:70:9a:c2:3b:2a:ab:cd:c4:f1:38:9e:90:8f:d5:d6:07:
         2d:32:6d:ee:a8:a5:65:91:ee:d3:e9:28:3e:0f:bb:58:cb:07:
         d8:70:a1:fb:ad:5d:b1:01:e8:a1:e0:59:e4:31:b4:2c:54:01:
         20:b7:c0:96:09:f6:26:b3:4f:9b:87:e7:63:19:f7:e0:4e:2a:
         15:1f:b3:be:bd:c3:26:94:2f:63:7a:c6:4f:38:d7:c4:2f:35:
         20:2c:70:81:76:5d:d3:cb:21:3d:ba:11:15:c6:ed:c3:47:47:
         50:a2:87:0b:49:7e:02:d3:59:4a:07:21:2d:d2:24:9e:3f:3c:
         a6:21:8d:fb:2f:38:58:94:31:64:d1:f4:59:94:c8:33:7f:2b:
         88:a8:6b:7b:c4:19:c8:8b:c9:dc:3b:f8:a0:6f:78:81:7b:c3:
         6c:5c:d0:87:f2:3d:55:e9:e1:37:f9:c9:de:a4:d8:c1:ec:97:
         cd:34:6c:c7:0a:fe:40:32:d1:00:88:89:0d:92:b8:1c:4f:ec:
         d6:f8:02:83:1e:ad:c3:34:e8:bb:eb:e5:a5:5c:f0:e4:fd:5e:
         9d:60:41:08
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEjFgRA4F9nLO+G7D8AwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkMmJjNjAxZjctZGFmZi00ZDhiLTg1NTYtYjYxNTAzMjY4
MzA5MB4XDTI1MDIwNDE0MDA1MloXDTI1MDUwNTEzMDA1MlowLzEtMCsGA1UEAxMk
ZDc4ZTU4MjAtNzk4OS00YjMxLTljYWYtNjZjOGUwMTEwNWE3MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmAi3CT6H6n2VBCmhbl/Ttl78gt3fFFvraCsi
c0rrhGvStM5SNsMgtFfFVr6B6mf2RZy+aSaDlqzsEUhUUyy1itXAJUB5lIL2T78i
ytJSNLSbSAWcx3AAG57Kz5nnzs9UqvX9BYtH3mVGvYsNM0Uwkiw7uNAMXDm+wRrT
dyZ29ftaIxpTeogw+s0cr6Stjsd1P7q4q4nvuvnTwPk8WjQGfGkOvrsU1j940Bkz
PlXfac6/2KOMB00uTsjEVA02bO52GpwzLCilQJWPs82jUvq302lcnv8AG2BtcDwn
mlJs5kpHJSPR3fV/dIjrcWD7d8pp/8tZL/pKgtAIR+kolz3iNwIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFEj6Sg5PUFDYynDris5DKcU5yGOpMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8yYmM2
MDFmNy1kYWZmLTRkOGItODU1Ni1iNjE1MDMyNjgzMDkvMTA5YTI4NzctOGY0MS0z
ZTZhLWIwMjYtNGVlOWRiZDAzYTFlLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy8yYTI0Njk0Ny0y
ZDYyLTRhNmMtYmEwNS04NzE4N2YwMDk5YjIvMmJjNjAxZjctZGFmZi00ZDhiLTg1
NTYtYjYxNTAzMjY4MzA5LzJiYzYwMWY3LWRhZmYtNGQ4Yi04NTU2LWI2MTUwMzI2
ODMwOS5jcmwwHwYDVR0jBBgwFoAU2sjvKarps5Jjg0Ir3yR6haVOgxcwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2
Yy1iYTA1LTg3MTg3ZjAwOTliMi8yYmM2MDFmNy1kYWZmLTRkOGItODU1Ni1iNjE1
MDMyNjgzMDkuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQASK2JMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBADVqJ1stAhqjfxzWRocMnefZSJyfffmv2pHD7DCTkzwfMDbp/WDJcJrC
OyqrzcTxOJ6Qj9XWBy0ybe6opWWR7tPpKD4Pu1jLB9hwofutXbEB6KHgWeQxtCxU
ASC3wJYJ9iazT5uH52MZ9+BOKhUfs769wyaUL2N6xk8418QvNSAscIF2XdPLIT26
ERXG7cNHR1CihwtJfgLTWUoHIS3SJJ4/PKYhjfsvOFiUMWTR9FmUyDN/K4ioa3vE
GciLydw7+KBveIF7w2xc0IfyPVXp4Tf5yd6k2MHsl800bMcK/kAy0QCIiQ2SuBxP
7Nb4AoMercM06Lvr5aVc8OT9Xp1gQQg=
-----END CERTIFICATE-----
Generated at Sat Apr 12 02:54:06 2025 by rpki-client