Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/4e95a28e-27fe-479a-b086-2cc9809d54f6/b00896ce-0362-3943-8ce0-12fe02c5e055.roa
File:                     b00896ce-0362-3943-8ce0-12fe02c5e055.roa (raw, json)
Hash identifier:          vY/APYPkZOtiZImxuZlDTWNQtuScLOdzduMP6ewD2yc=
Subject key identifier:   AC:A9:6B:0D:24:A8:B5:0D:8D:F8:55:4A:97:FA:77:52:CB:6F:C7:80
Certificate issuer:       /CN=4e95a28e-27fe-479a-b086-2cc9809d54f6
Certificate serial:       010D0C9F4328584B95A8B519CC4162958C8EC1C0
Authority key identifier: 55:43:28:31:2B:A2:11:E9:0C:63:2A:6B:C1:7E:0D:D6:92:76:3E:61
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/4e95a28e-27fe-479a-b086-2cc9809d54f6.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/4e95a28e-27fe-479a-b086-2cc9809d54f6/b00896ce-0362-3943-8ce0-12fe02c5e055.roa
Signing time:             Mon 20 Oct 2025 13:00:38 +0000
ROA not before:           Mon 20 Oct 2025 13:00:38 +0000
ROA not after:            Sun 18 Jan 2026 14:00:38 +0000
asID:                     33668
IP address blocks:        68.37.152.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/4e95a28e-27fe-479a-b086-2cc9809d54f6/4e95a28e-27fe-479a-b086-2cc9809d54f6.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/4e95a28e-27fe-479a-b086-2cc9809d54f6/4e95a28e-27fe-479a-b086-2cc9809d54f6.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/4e95a28e-27fe-479a-b086-2cc9809d54f6.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 23 Oct 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:4b:95:a8:b5:19:cc:41:62:95:8c:8e:c1:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4e95a28e-27fe-479a-b086-2cc9809d54f6
        Validity
            Not Before: Oct 20 13:00:38 2025 GMT
            Not After : Jan 18 14:00:38 2026 GMT
        Subject: CN=a06eb530-6536-4cc2-ae28-3ae7f6613671
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:91:08:33:dd:bb:7c:d9:5f:49:5c:87:7e:92:
                    80:f2:96:52:4a:d5:e9:cf:a5:0c:f0:6e:4c:72:f2:
                    b5:0a:d4:43:7b:1c:d2:2d:e7:c6:c8:44:92:a0:d1:
                    92:77:2e:3f:91:d5:ca:fd:cf:c7:61:f0:5a:64:98:
                    99:7e:52:2c:e3:a7:33:22:ab:2b:25:13:56:14:c4:
                    bc:19:23:0a:d8:7a:28:c6:61:6d:53:90:96:77:33:
                    36:7c:81:3e:ce:1a:95:df:17:49:80:06:91:e3:cf:
                    6a:dc:64:68:ee:2a:ad:e0:a8:0d:9e:0c:df:f5:3b:
                    74:21:8c:ea:a6:90:11:fb:1e:9c:e7:cd:33:e4:6a:
                    80:cd:ee:28:d8:9f:95:18:00:89:09:66:dc:89:75:
                    66:3d:0a:76:a8:19:2e:5e:39:d5:64:d6:14:7d:ae:
                    13:cc:5d:a7:0b:0f:3e:4d:92:52:2d:3a:d1:0f:69:
                    a6:8c:78:cf:82:c6:44:19:d4:75:9d:1a:79:90:5d:
                    45:fe:34:34:6d:26:d1:20:25:1a:06:d5:a9:56:fd:
                    3c:00:af:d9:ee:db:84:97:24:8f:a7:82:68:76:b6:
                    a0:49:81:8d:ed:71:3e:6b:43:73:30:85:3b:2b:9d:
                    6e:be:cb:4d:2c:1f:30:d7:dd:43:7b:ce:73:0e:85:
                    8f:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:A9:6B:0D:24:A8:B5:0D:8D:F8:55:4A:97:FA:77:52:CB:6F:C7:80
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/4e95a28e-27fe-479a-b086-2cc9809d54f6/b00896ce-0362-3943-8ce0-12fe02c5e055.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/4e95a28e-27fe-479a-b086-2cc9809d54f6/4e95a28e-27fe-479a-b086-2cc9809d54f6.crl

            X509v3 Authority Key Identifier:
                keyid:55:43:28:31:2B:A2:11:E9:0C:63:2A:6B:C1:7E:0D:D6:92:76:3E:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/4e95a28e-27fe-479a-b086-2cc9809d54f6.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  68.37.152.0/23

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         34:c3:51:6f:be:47:a0:ac:be:de:c1:f8:10:f3:76:3b:e3:52:
         95:4c:6f:e8:8e:f6:16:cc:8b:e7:d2:72:d3:df:81:b4:b0:f4:
         c2:b1:a5:69:de:3e:ca:74:98:3c:d9:56:f8:37:36:92:b2:3d:
         66:2b:1b:b6:82:7d:47:d3:87:08:b9:9f:01:b4:7f:dd:6e:90:
         67:73:a8:c8:c9:87:93:b6:49:5c:28:4f:a2:ed:56:1a:bb:00:
         f2:77:16:ac:61:e8:32:c7:53:e1:02:1d:28:fc:55:c5:b4:58:
         a0:77:22:2e:1b:09:01:c0:2d:29:93:c5:6f:72:19:0a:24:76:
         39:bc:99:61:98:e5:3d:bb:f7:8d:5e:81:92:92:77:96:65:ce:
         0b:0a:3e:66:68:2a:65:6c:08:bc:00:b7:45:4b:7e:cf:e3:bb:
         ef:30:a4:6c:65:04:ec:89:8d:36:dc:cd:34:f2:57:72:dc:1c:
         64:d1:e8:c0:5f:e2:67:42:4d:37:fc:77:61:5d:7a:43:e5:07:
         53:74:51:26:f2:04:a7:24:21:f7:70:68:fb:cb:08:87:2f:52:
         73:9d:63:af:29:9d:73:06:e4:76:f6:27:d3:c7:5e:d9:54:b7:
         63:6b:59:df:b8:84:e1:7b:2e:8d:1e:68:7c:bb:18:0f:53:88:
         36:75:76:c6
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEuVqLUZzEFilYyOwcAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNGU5NWEyOGUtMjdmZS00NzlhLWIwODYtMmNjOTgwOWQ1
NGY2MB4XDTI1MTAyMDEzMDAzOFoXDTI2MDExODE0MDAzOFowLzEtMCsGA1UEAxMk
YTA2ZWI1MzAtNjUzNi00Y2MyLWFlMjgtM2FlN2Y2NjEzNjcxMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZEIM927fNlfSVyHfpKA8pZSStXpz6UM8G5M
cvK1CtRDexzSLefGyESSoNGSdy4/kdXK/c/HYfBaZJiZflIs46czIqsrJRNWFMS8
GSMK2HooxmFtU5CWdzM2fIE+zhqV3xdJgAaR489q3GRo7iqt4KgNngzf9Tt0IYzq
ppAR+x6c580z5GqAze4o2J+VGACJCWbciXVmPQp2qBkuXjnVZNYUfa4TzF2nCw8+
TZJSLTrRD2mmjHjPgsZEGdR1nRp5kF1F/jQ0bSbRICUaBtWpVv08AK/Z7tuElySP
p4JodragSYGN7XE+a0NzMIU7K51uvstNLB8w191De85zDoWPSQIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFKypaw0kqLUNjfhVSpf6d1LLb8eAMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi80ZTk1
YTI4ZS0yN2ZlLTQ3OWEtYjA4Ni0yY2M5ODA5ZDU0ZjYvYjAwODk2Y2UtMDM2Mi0z
OTQzLThjZTAtMTJmZTAyYzVlMDU1LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy8yYTI0Njk0Ny0y
ZDYyLTRhNmMtYmEwNS04NzE4N2YwMDk5YjIvNGU5NWEyOGUtMjdmZS00NzlhLWIw
ODYtMmNjOTgwOWQ1NGY2LzRlOTVhMjhlLTI3ZmUtNDc5YS1iMDg2LTJjYzk4MDlk
NTRmNi5jcmwwHwYDVR0jBBgwFoAUVUMoMSuiEekMYyprwX4N1pJ2PmEwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2
Yy1iYTA1LTg3MTg3ZjAwOTliMi80ZTk1YTI4ZS0yN2ZlLTQ3OWEtYjA4Ni0yY2M5
ODA5ZDU0ZjYuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBRCWYMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBADTDUW++R6Csvt7B+BDzdjvjUpVMb+iO9hbMi+fSctPfgbSw9MKxpWne
Psp0mDzZVvg3NpKyPWYrG7aCfUfThwi5nwG0f91ukGdzqMjJh5O2SVwoT6LtVhq7
APJ3Fqxh6DLHU+ECHSj8VcW0WKB3Ii4bCQHALSmTxW9yGQokdjm8mWGY5T27941e
gZKSd5ZlzgsKPmZoKmVsCLwAt0VLfs/ju+8wpGxlBOyJjTbczTTyV3LcHGTR6MBf
4mdCTTf8d2FdekPlB1N0USbyBKckIfdwaPvLCIcvUnOdY68pnXMG5Hb2J9PHXtlU
t2NrWd+4hOF7Lo0eaHy7GA9TiDZ1dsY=
-----END CERTIFICATE-----
Generated at Tue Oct 21 22:19:27 2025 by rpki-client