Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/4e95a28e-27fe-479a-b086-2cc9809d54f6/290299e5-0f22-3823-b566-33f7489de718.roa
File:                     290299e5-0f22-3823-b566-33f7489de718.roa (raw, json)
Hash identifier:          fUhSCbQHerCzhsPNrcJ8QRd6KOvioZSONZq6qUPv/SU=
Subject key identifier:   38:88:65:BE:F5:C0:AC:DC:23:DA:36:F6:C7:74:1E:33:E2:41:81:96
Certificate issuer:       /CN=4e95a28e-27fe-479a-b086-2cc9809d54f6
Certificate serial:       010D0C9F43285849D430944D1C8D780390DBEB80
Authority key identifier: 55:43:28:31:2B:A2:11:E9:0C:63:2A:6B:C1:7E:0D:D6:92:76:3E:61
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/4e95a28e-27fe-479a-b086-2cc9809d54f6.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/4e95a28e-27fe-479a-b086-2cc9809d54f6/290299e5-0f22-3823-b566-33f7489de718.roa
Signing time:             Mon 12 May 2025 13:01:00 +0000
ROA not before:           Mon 12 May 2025 13:01:00 +0000
ROA not after:            Sun 10 Aug 2025 13:01:00 +0000
asID:                     33668
IP address blocks:        68.37.218.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/4e95a28e-27fe-479a-b086-2cc9809d54f6/4e95a28e-27fe-479a-b086-2cc9809d54f6.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/4e95a28e-27fe-479a-b086-2cc9809d54f6/4e95a28e-27fe-479a-b086-2cc9809d54f6.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/4e95a28e-27fe-479a-b086-2cc9809d54f6.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 05 Jun 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:49:d4:30:94:4d:1c:8d:78:03:90:db:eb:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4e95a28e-27fe-479a-b086-2cc9809d54f6
        Validity
            Not Before: May 12 13:01:00 2025 GMT
            Not After : Aug 10 13:01:00 2025 GMT
        Subject: CN=060757bb-a945-4a73-9b49-f926391577b1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:f7:ae:59:08:6f:f0:77:a5:71:21:e7:d3:32:
                    ba:d9:68:f0:ad:6e:66:b6:7e:6c:70:2c:a5:9e:2a:
                    48:e0:12:70:37:5a:67:50:81:0b:0a:ed:09:23:7b:
                    0e:9f:19:b1:8c:31:a4:cc:de:1a:d8:53:41:85:2c:
                    ff:99:68:82:c9:98:25:a1:2f:a7:01:ad:49:3f:4a:
                    e5:df:50:a1:df:c1:9a:91:c0:1a:48:ce:70:53:bb:
                    1a:03:68:98:0c:25:01:69:d6:42:73:ee:e3:7b:9f:
                    1a:b8:ba:99:cf:14:a9:54:51:88:0b:07:76:a6:a4:
                    7a:2b:f4:51:77:cf:ba:36:04:39:69:b3:1a:af:49:
                    d6:12:97:36:48:e8:6a:15:1d:7c:48:0a:26:78:ab:
                    f9:3d:53:47:d6:c8:98:b0:15:0f:07:69:13:ce:ad:
                    f0:c2:fe:8d:95:4a:6c:1f:88:81:89:27:3c:7c:26:
                    9c:1e:84:87:69:5e:c9:c4:d6:15:82:00:5a:f3:15:
                    23:fd:95:3b:9f:be:59:65:f8:8d:17:b1:b4:05:79:
                    5b:19:4c:7f:15:7a:63:fd:46:99:9e:7b:31:46:0a:
                    a4:94:3f:2f:de:de:86:3f:55:59:42:a3:3f:b9:1c:
                    e4:2d:f2:41:f8:0e:78:32:b4:97:b5:b3:7b:24:d1:
                    49:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:88:65:BE:F5:C0:AC:DC:23:DA:36:F6:C7:74:1E:33:E2:41:81:96
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/4e95a28e-27fe-479a-b086-2cc9809d54f6/290299e5-0f22-3823-b566-33f7489de718.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/4e95a28e-27fe-479a-b086-2cc9809d54f6/4e95a28e-27fe-479a-b086-2cc9809d54f6.crl

            X509v3 Authority Key Identifier:
                keyid:55:43:28:31:2B:A2:11:E9:0C:63:2A:6B:C1:7E:0D:D6:92:76:3E:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/4e95a28e-27fe-479a-b086-2cc9809d54f6.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  68.37.218.0/23

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         a7:d1:d0:15:c4:2d:06:2c:e4:8c:85:56:63:4b:90:63:e5:3c:
         6b:61:89:1b:be:8d:29:25:37:ab:6c:33:28:3c:ab:5c:6c:9b:
         f8:03:20:04:1d:db:a8:d4:93:78:40:3d:93:6e:e7:44:08:b4:
         4c:bb:f8:85:51:29:88:4f:ad:46:24:89:2e:ba:e3:30:b8:3c:
         9a:06:86:ed:06:c6:a1:a7:ce:fa:fc:48:69:a4:61:c3:72:17:
         0a:b2:80:30:dc:77:b2:0c:dc:81:bd:c7:84:11:dc:2e:20:be:
         78:b0:9e:3c:b9:6f:b2:89:f3:6b:fb:98:95:fc:c5:9a:99:25:
         96:d0:67:43:dc:54:41:da:5e:5f:4f:78:1a:c6:f4:cc:e2:94:
         4e:b0:78:80:7d:78:dc:d6:1a:2e:28:20:cd:7d:01:da:ed:27:
         22:f9:d8:4a:09:1e:4a:d9:9f:03:c2:41:4a:88:e1:b2:d9:d6:
         7e:df:69:aa:6e:a6:9a:8a:59:60:a1:12:54:77:22:38:68:ef:
         98:4d:cc:a8:63:ef:7c:29:b4:73:81:56:3e:f8:4f:ee:23:41:
         8e:89:d8:b0:eb:3c:3d:32:e8:13:9c:30:9f:9e:62:93:8c:84:
         70:bc:fb:bd:6a:cd:53:b8:a9:24:3c:ff:af:c9:69:4e:6b:66:
         cb:5b:81:e1
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEnUMJRNHI14A5Db64AwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNGU5NWEyOGUtMjdmZS00NzlhLWIwODYtMmNjOTgwOWQ1
NGY2MB4XDTI1MDUxMjEzMDEwMFoXDTI1MDgxMDEzMDEwMFowLzEtMCsGA1UEAxMk
MDYwNzU3YmItYTk0NS00YTczLTliNDktZjkyNjM5MTU3N2IxMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1PeuWQhv8HelcSHn0zK62WjwrW5mtn5scCyl
nipI4BJwN1pnUIELCu0JI3sOnxmxjDGkzN4a2FNBhSz/mWiCyZgloS+nAa1JP0rl
31Ch38GakcAaSM5wU7saA2iYDCUBadZCc+7je58auLqZzxSpVFGICwd2pqR6K/RR
d8+6NgQ5abMar0nWEpc2SOhqFR18SAomeKv5PVNH1siYsBUPB2kTzq3wwv6NlUps
H4iBiSc8fCacHoSHaV7JxNYVggBa8xUj/ZU7n75ZZfiNF7G0BXlbGUx/FXpj/UaZ
nnsxRgqklD8v3t6GP1VZQqM/uRzkLfJB+A54MrSXtbN7JNFJLwIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFDiIZb71wKzcI9o29sd0HjPiQYGWMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi80ZTk1
YTI4ZS0yN2ZlLTQ3OWEtYjA4Ni0yY2M5ODA5ZDU0ZjYvMjkwMjk5ZTUtMGYyMi0z
ODIzLWI1NjYtMzNmNzQ4OWRlNzE4LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy8yYTI0Njk0Ny0y
ZDYyLTRhNmMtYmEwNS04NzE4N2YwMDk5YjIvNGU5NWEyOGUtMjdmZS00NzlhLWIw
ODYtMmNjOTgwOWQ1NGY2LzRlOTVhMjhlLTI3ZmUtNDc5YS1iMDg2LTJjYzk4MDlk
NTRmNi5jcmwwHwYDVR0jBBgwFoAUVUMoMSuiEekMYyprwX4N1pJ2PmEwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2
Yy1iYTA1LTg3MTg3ZjAwOTliMi80ZTk1YTI4ZS0yN2ZlLTQ3OWEtYjA4Ni0yY2M5
ODA5ZDU0ZjYuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBRCXaMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAKfR0BXELQYs5IyFVmNLkGPlPGthiRu+jSklN6tsMyg8q1xsm/gDIAQd
26jUk3hAPZNu50QItEy7+IVRKYhPrUYkiS664zC4PJoGhu0GxqGnzvr8SGmkYcNy
FwqygDDcd7IM3IG9x4QR3C4gvniwnjy5b7KJ82v7mJX8xZqZJZbQZ0PcVEHaXl9P
eBrG9MzilE6weIB9eNzWGi4oIM19AdrtJyL52EoJHkrZnwPCQUqI4bLZ1n7faapu
ppqKWWChElR3Ijho75hNzKhj73wptHOBVj74T+4jQY6J2LDrPD0y6BOcMJ+eYpOM
hHC8+71qzVO4qSQ8/6/JaU5rZstbgeE=
-----END CERTIFICATE-----