Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/3b72c968-d673-4a7a-bfec-4071a7be5317/828c35a4-d70a-329b-afc8-43f0c6744f3e.roa
File:                     828c35a4-d70a-329b-afc8-43f0c6744f3e.roa (raw, json)
Hash identifier:          lQWH6wjQyT3miHEDB/PifXOLzSWd6DzD9q2lPK6in7s=
Subject key identifier:   3E:EB:45:F3:53:19:22:CC:1C:82:76:59:59:26:3C:42:4F:06:1E:B7
Certificate issuer:       /CN=3b72c968-d673-4a7a-bfec-4071a7be5317
Certificate serial:       010D0C9F43285849E91FA905B660DD881439BC00
Authority key identifier: D4:D0:6C:E1:8F:F9:73:1D:53:22:23:6D:36:3F:38:F6:81:03:B5:6F
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/3b72c968-d673-4a7a-bfec-4071a7be5317.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/3b72c968-d673-4a7a-bfec-4071a7be5317/828c35a4-d70a-329b-afc8-43f0c6744f3e.roa
Signing time:             Tue 20 May 2025 01:00:49 +0000
ROA not before:           Tue 20 May 2025 01:00:49 +0000
ROA not after:            Mon 18 Aug 2025 01:00:49 +0000
asID:                     27589
IP address blocks:        64.59.64.0/18 maxlen: 24
                          66.244.144.0/20 maxlen: 24
                          74.206.160.0/19 maxlen: 24
                          99.192.128.0/17 maxlen: 24
                          104.193.120.0/22 maxlen: 24
                          162.250.76.0/22 maxlen: 24
                          184.94.144.0/20 maxlen: 24
                          199.19.200.0/21 maxlen: 24
                          199.59.88.0/21 maxlen: 24
                          199.182.104.0/21 maxlen: 24
                          199.241.96.0/21 maxlen: 24
                          208.74.148.0/22 maxlen: 24
                          208.122.192.0/19 maxlen: 24
                          2607:f5a8::/32 maxlen: 48
                          2607:ffb8::/32 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/3b72c968-d673-4a7a-bfec-4071a7be5317/3b72c968-d673-4a7a-bfec-4071a7be5317.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/3b72c968-d673-4a7a-bfec-4071a7be5317/3b72c968-d673-4a7a-bfec-4071a7be5317.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/3b72c968-d673-4a7a-bfec-4071a7be5317.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 11 Jun 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:49:e9:1f:a9:05:b6:60:dd:88:14:39:bc:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b72c968-d673-4a7a-bfec-4071a7be5317
        Validity
            Not Before: May 20 01:00:49 2025 GMT
            Not After : Aug 18 01:00:49 2025 GMT
        Subject: CN=9e1793e4-a725-4b6e-8cf3-d6dbad1952f7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:0e:ed:ce:de:4c:39:9f:62:56:24:c0:6b:8e:
                    df:1f:36:22:92:1e:b0:d9:68:56:8d:da:20:4d:ea:
                    1e:3d:1c:fb:ef:12:ac:d7:36:d1:e3:1b:cf:da:92:
                    a3:e4:27:56:61:3c:f8:b5:e5:d8:5f:70:54:7a:45:
                    bd:d2:d9:f1:06:d2:6a:d3:94:cb:80:9f:41:1f:20:
                    d3:dd:8a:8e:d9:80:aa:27:08:27:05:22:d4:e9:41:
                    24:db:77:f0:c0:c8:fd:7e:1c:45:4c:73:80:65:10:
                    85:32:b3:99:64:91:84:09:d0:85:7a:cc:e0:75:c1:
                    4b:ac:f3:30:61:dc:91:99:2a:97:01:ab:2d:dd:53:
                    c8:c9:ea:26:db:f8:69:dc:e5:f3:3d:61:fb:19:57:
                    6c:c7:45:9d:24:a3:3d:d9:71:63:a3:4d:f7:9a:85:
                    64:ae:48:40:dc:6a:f3:10:cd:40:43:5d:c3:1c:72:
                    6e:69:d8:d3:d8:f7:8f:55:52:8f:1b:26:09:57:23:
                    21:06:5c:15:18:23:56:2d:54:3b:05:b5:26:2e:43:
                    d9:de:b2:0c:fa:9f:a2:0e:43:30:26:84:e9:38:67:
                    52:56:dd:6e:28:e3:5c:ed:7b:41:cb:ef:db:79:93:
                    0a:11:b0:fe:5f:f0:03:02:fc:8d:bc:9d:81:4e:4e:
                    f0:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:EB:45:F3:53:19:22:CC:1C:82:76:59:59:26:3C:42:4F:06:1E:B7
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/3b72c968-d673-4a7a-bfec-4071a7be5317/828c35a4-d70a-329b-afc8-43f0c6744f3e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/3b72c968-d673-4a7a-bfec-4071a7be5317/3b72c968-d673-4a7a-bfec-4071a7be5317.crl

            X509v3 Authority Key Identifier:
                keyid:D4:D0:6C:E1:8F:F9:73:1D:53:22:23:6D:36:3F:38:F6:81:03:B5:6F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/3b72c968-d673-4a7a-bfec-4071a7be5317.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  64.59.64.0/18
                  66.244.144.0/20
                  74.206.160.0/19
                  99.192.128.0/17
                  104.193.120.0/22
                  162.250.76.0/22
                  184.94.144.0/20
                  199.19.200.0/21
                  199.59.88.0/21
                  199.182.104.0/21
                  199.241.96.0/21
                  208.74.148.0/22
                  208.122.192.0/19
                IPv6:
                  2607:f5a8::/32
                  2607:ffb8::/32

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         16:d8:a0:61:a4:fd:e9:16:16:be:99:d4:8d:f4:b2:fb:d4:7f:
         fd:28:65:34:a0:fa:76:7b:5a:1c:73:44:69:d1:80:bb:22:a0:
         27:90:e3:a3:b8:a5:dd:26:81:e1:14:b7:d3:a3:39:c2:db:e1:
         c2:89:a8:3a:93:db:77:a8:2f:b0:2b:5a:2a:1f:f2:45:6f:6b:
         a5:7e:43:fa:e2:7b:ab:44:99:96:d8:ea:75:c2:37:0f:15:e7:
         df:0a:49:43:bd:03:7c:63:47:09:a2:ce:3e:70:ce:e2:c8:20:
         91:d9:1d:7f:63:67:14:2e:b2:a7:02:46:28:d5:16:f4:91:0a:
         2a:1f:b2:39:bf:9a:ad:24:64:0b:e0:e7:25:ce:a6:0c:42:23:
         ac:25:e8:c9:fc:ca:20:31:2f:8a:d5:8d:2c:85:4a:8d:f8:ac:
         67:3e:c4:ef:01:1b:5c:47:95:83:c8:68:53:b8:25:85:d7:67:
         42:a0:0d:a3:20:2f:32:b4:6b:83:cd:b2:fd:b8:ce:ff:5f:5b:
         8a:70:bc:f7:25:a0:19:f9:0a:cd:ef:ab:0e:7d:5c:af:89:5e:
         fc:34:ce:c8:96:3d:b2:81:ca:88:d8:59:44:41:04:d4:61:46:
         58:50:d1:4b:ff:a7:2a:34:40:73:06:b8:ad:82:e7:53:e0:e4:
         ca:0c:e8:b4
-----BEGIN CERTIFICATE-----
MIIGoTCCBYmgAwIBAgIUAQ0Mn0MoWEnpH6kFtmDdiBQ5vAAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkM2I3MmM5NjgtZDY3My00YTdhLWJmZWMtNDA3MWE3YmU1
MzE3MB4XDTI1MDUyMDAxMDA0OVoXDTI1MDgxODAxMDA0OVowLzEtMCsGA1UEAxMk
OWUxNzkzZTQtYTcyNS00YjZlLThjZjMtZDZkYmFkMTk1MmY3MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiQ7tzt5MOZ9iViTAa47fHzYikh6w2WhWjdog
TeoePRz77xKs1zbR4xvP2pKj5CdWYTz4teXYX3BUekW90tnxBtJq05TLgJ9BHyDT
3YqO2YCqJwgnBSLU6UEk23fwwMj9fhxFTHOAZRCFMrOZZJGECdCFeszgdcFLrPMw
YdyRmSqXAast3VPIyeom2/hp3OXzPWH7GVdsx0WdJKM92XFjo033moVkrkhA3Grz
EM1AQ13DHHJuadjT2PePVVKPGyYJVyMhBlwVGCNWLVQ7BbUmLkPZ3rIM+p+iDkMw
JoTpOGdSVt1uKONc7XtBy+/beZMKEbD+X/ADAvyNvJ2BTk7wEQIDAQABo4IDszCC
A68wHQYDVR0OBBYEFD7rRfNTGSLMHIJ2WVkmPEJPBh63MIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8zYjcy
Yzk2OC1kNjczLTRhN2EtYmZlYy00MDcxYTdiZTUzMTcvODI4YzM1YTQtZDcwYS0z
MjliLWFmYzgtNDNmMGM2NzQ0ZjNlLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy8yYTI0Njk0Ny0y
ZDYyLTRhNmMtYmEwNS04NzE4N2YwMDk5YjIvM2I3MmM5NjgtZDY3My00YTdhLWJm
ZWMtNDA3MWE3YmU1MzE3LzNiNzJjOTY4LWQ2NzMtNGE3YS1iZmVjLTQwNzFhN2Jl
NTMxNy5jcmwwHwYDVR0jBBgwFoAU1NBs4Y/5cx1TIiNtNj849oEDtW8wDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2
Yy1iYTA1LTg3MTg3ZjAwOTliMi8zYjcyYzk2OC1kNjczLTRhN2EtYmZlYy00MDcx
YTdiZTUzMTcuY2VyMH0GCCsGAQUFBwEHAQH/BG4wbDBUBAIAATBOAwQGQDtAAwQE
QvSQAwQFSs6gAwQHY8CAAwQCaMF4AwQCovpMAwQEuF6QAwQDxxPIAwQDxztYAwQD
x7ZoAwQDx/FgAwQC0EqUAwQF0HrAMBQEAgACMA4DBQAmB/WoAwUAJgf/uDBUBgNV
HSABAf8ESjBIMEYGCCsGAQUFBw4CMDowOAYIKwYBBQUHAgEWLGh0dHBzOi8vd3d3
LmFyaW4ubmV0L3Jlc291cmNlcy9ycGtpL2Nwcy5odG1sMA0GCSqGSIb3DQEBCwUA
A4IBAQAW2KBhpP3pFha+mdSN9LL71H/9KGU0oPp2e1occ0Rp0YC7IqAnkOOjuKXd
JoHhFLfToznC2+HCiag6k9t3qC+wK1oqH/JFb2ulfkP64nurRJmW2Op1wjcPFeff
CklDvQN8Y0cJos4+cM7iyCCR2R1/Y2cULrKnAkYo1Rb0kQoqH7I5v5qtJGQL4Ocl
zqYMQiOsJejJ/MogMS+K1Y0shUqN+KxnPsTvARtcR5WDyGhTuCWF12dCoA2jIC8y
tGuDzbL9uM7/X1uKcLz3JaAZ+QrN76sOfVyviV78NM7Ilj2ygcqI2FlEQQTUYUZY
UNFL/6cqNEBzBritgudT4OTKDOi0
-----END CERTIFICATE-----
Generated at Tue Jun 10 07:11:05 2025 by rpki-client