Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/4e95a28e-27fe-479a-b086-2cc9809d54f6/d8cb8f44-6024-34f1-a24a-5a4f5c77c1d0.roa
File:                     d8cb8f44-6024-34f1-a24a-5a4f5c77c1d0.roa (raw, json)
Hash identifier:          R/oZWRpD8Lx7+zsTFtLIIXfdpINjJv8clJLtyDDv+4Q=
Subject key identifier:   B2:53:F3:65:87:5C:7F:C6:EA:29:C9:75:E9:64:60:5A:C8:1C:46:CB
Certificate issuer:       /CN=4e95a28e-27fe-479a-b086-2cc9809d54f6
Certificate serial:       010D0C9F43285848F4F7989B437C23AB3AC60D30
Authority key identifier: 55:43:28:31:2B:A2:11:E9:0C:63:2A:6B:C1:7E:0D:D6:92:76:3E:61
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/4e95a28e-27fe-479a-b086-2cc9809d54f6.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/4e95a28e-27fe-479a-b086-2cc9809d54f6/d8cb8f44-6024-34f1-a24a-5a4f5c77c1d0.roa
Signing time:             Fri 21 Feb 2025 14:00:50 +0000
ROA not before:           Fri 21 Feb 2025 14:00:50 +0000
ROA not after:            Thu 22 May 2025 13:00:50 +0000
asID:                     33668
IP address blocks:        68.56.16.0/21 maxlen: 21
Validation:               OK
Signature path:           rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/4e95a28e-27fe-479a-b086-2cc9809d54f6/4e95a28e-27fe-479a-b086-2cc9809d54f6.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/4e95a28e-27fe-479a-b086-2cc9809d54f6/4e95a28e-27fe-479a-b086-2cc9809d54f6.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/4e95a28e-27fe-479a-b086-2cc9809d54f6.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 14 Apr 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:48:f4:f7:98:9b:43:7c:23:ab:3a:c6:0d:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4e95a28e-27fe-479a-b086-2cc9809d54f6
        Validity
            Not Before: Feb 21 14:00:50 2025 GMT
            Not After : May 22 13:00:50 2025 GMT
        Subject: CN=56471ade-f1b7-48ab-b368-eba3ea63c785
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:d1:70:f9:c6:18:12:09:16:ce:71:6d:97:3f:
                    c3:38:a3:42:9f:2c:70:0e:c7:b0:97:6c:63:92:c7:
                    44:f8:0d:82:d0:bb:bc:3a:b3:12:fc:0c:13:78:f4:
                    51:c8:94:94:ff:24:35:36:ef:1d:03:f1:9e:b8:d7:
                    04:a1:bd:3d:ba:62:4d:a8:17:70:b6:43:a2:10:8d:
                    63:31:9b:b7:ff:27:27:d5:15:11:ae:41:85:1c:41:
                    7d:5f:49:a2:28:0d:13:53:dc:f6:8f:3c:bf:7b:c2:
                    61:8d:88:b6:ef:77:11:dd:e7:3f:f1:0b:32:b7:82:
                    d6:8c:7c:f4:38:c2:a7:fc:e5:3e:6a:da:33:fd:fe:
                    25:0d:5a:17:ea:c0:e2:70:fb:79:75:bb:1e:06:ac:
                    fd:46:8b:b7:82:6a:1d:5d:83:d1:3c:e3:7c:d3:23:
                    e9:36:e0:a7:44:06:33:c1:f3:9d:e4:72:08:4e:2d:
                    5f:47:e1:b0:7b:5e:26:2f:3f:08:2d:2e:9b:7d:d2:
                    eb:0a:dd:02:4e:6b:5e:1d:b4:45:3e:a0:ad:ff:0e:
                    6a:21:ab:0d:d3:66:ad:79:3e:ff:5c:94:c0:89:77:
                    7d:8e:c9:e7:f1:b0:0e:20:96:c4:89:dd:2b:1a:10:
                    f0:f9:80:08:43:3c:cb:a1:cb:7f:6b:06:d0:17:e0:
                    43:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:53:F3:65:87:5C:7F:C6:EA:29:C9:75:E9:64:60:5A:C8:1C:46:CB
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/4e95a28e-27fe-479a-b086-2cc9809d54f6/d8cb8f44-6024-34f1-a24a-5a4f5c77c1d0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/4e95a28e-27fe-479a-b086-2cc9809d54f6/4e95a28e-27fe-479a-b086-2cc9809d54f6.crl

            X509v3 Authority Key Identifier:
                keyid:55:43:28:31:2B:A2:11:E9:0C:63:2A:6B:C1:7E:0D:D6:92:76:3E:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/4e95a28e-27fe-479a-b086-2cc9809d54f6.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  68.56.16.0/21

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         22:3d:87:2f:ed:82:f3:a1:ce:b7:52:43:98:96:37:9b:1a:3b:
         80:24:af:03:2a:1b:dc:2e:7e:b1:c2:48:57:21:ef:0f:74:69:
         41:d1:aa:e3:e2:9a:a7:04:c1:5c:52:c7:25:c0:be:05:4c:36:
         5a:20:3a:c4:d6:df:54:30:f7:85:74:91:33:a0:7b:db:bf:2e:
         ad:d1:a5:50:12:4a:18:eb:13:78:2e:e5:1a:d3:7d:17:bb:39:
         29:b8:7c:04:59:97:16:0e:51:da:bb:ba:0f:82:1a:85:87:fe:
         58:37:e2:28:46:d3:8c:db:ee:25:ce:24:fb:d1:2c:6a:d8:a5:
         aa:ef:59:54:3c:34:43:c9:b7:30:78:83:6b:c3:17:f3:82:df:
         d7:8d:ae:2d:8b:22:0d:96:7c:af:c4:c5:0d:f3:f2:58:c9:2b:
         b5:2d:d7:ff:cc:84:eb:3a:1c:65:f6:df:1b:e5:71:c0:38:27:
         86:6d:3d:52:90:ed:b0:aa:dd:17:bc:7f:96:b0:86:ab:e1:69:
         fc:a0:b1:3b:7a:cd:f9:fb:64:63:78:24:25:05:f1:e8:a3:43:
         1f:46:4a:8f:d1:2f:91:4c:90:ce:69:fe:a3:c2:01:db:28:68:
         ef:3e:06:e3:30:61:28:ae:94:90:00:38:6e:0c:5f:bf:25:2d:
         c1:d0:41:23
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEj095ibQ3wjqzrGDTAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNGU5NWEyOGUtMjdmZS00NzlhLWIwODYtMmNjOTgwOWQ1
NGY2MB4XDTI1MDIyMTE0MDA1MFoXDTI1MDUyMjEzMDA1MFowLzEtMCsGA1UEAxMk
NTY0NzFhZGUtZjFiNy00OGFiLWIzNjgtZWJhM2VhNjNjNzg1MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnNFw+cYYEgkWznFtlz/DOKNCnyxwDsewl2xj
ksdE+A2C0Lu8OrMS/AwTePRRyJSU/yQ1Nu8dA/GeuNcEob09umJNqBdwtkOiEI1j
MZu3/ycn1RURrkGFHEF9X0miKA0TU9z2jzy/e8JhjYi273cR3ec/8Qsyt4LWjHz0
OMKn/OU+atoz/f4lDVoX6sDicPt5dbseBqz9Rou3gmodXYPRPON80yPpNuCnRAYz
wfOd5HIITi1fR+Gwe14mLz8ILS6bfdLrCt0CTmteHbRFPqCt/w5qIasN02ateT7/
XJTAiXd9jsnn8bAOIJbEid0rGhDw+YAIQzzLoct/awbQF+BDKQIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFLJT82WHXH/G6inJdelkYFrIHEbLMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi80ZTk1
YTI4ZS0yN2ZlLTQ3OWEtYjA4Ni0yY2M5ODA5ZDU0ZjYvZDhjYjhmNDQtNjAyNC0z
NGYxLWEyNGEtNWE0ZjVjNzdjMWQwLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy8yYTI0Njk0Ny0y
ZDYyLTRhNmMtYmEwNS04NzE4N2YwMDk5YjIvNGU5NWEyOGUtMjdmZS00NzlhLWIw
ODYtMmNjOTgwOWQ1NGY2LzRlOTVhMjhlLTI3ZmUtNDc5YS1iMDg2LTJjYzk4MDlk
NTRmNi5jcmwwHwYDVR0jBBgwFoAUVUMoMSuiEekMYyprwX4N1pJ2PmEwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2
Yy1iYTA1LTg3MTg3ZjAwOTliMi80ZTk1YTI4ZS0yN2ZlLTQ3OWEtYjA4Ni0yY2M5
ODA5ZDU0ZjYuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDRDgQMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBACI9hy/tgvOhzrdSQ5iWN5saO4AkrwMqG9wufrHCSFch7w90aUHRquPi
mqcEwVxSxyXAvgVMNlogOsTW31Qw94V0kTOge9u/Lq3RpVASShjrE3gu5RrTfRe7
OSm4fARZlxYOUdq7ug+CGoWH/lg34ihG04zb7iXOJPvRLGrYparvWVQ8NEPJtzB4
g2vDF/OC39eNri2LIg2WfK/ExQ3z8ljJK7Ut1//MhOs6HGX23xvlccA4J4ZtPVKQ
7bCq3Re8f5awhqvhafygsTt6zfn7ZGN4JCUF8eijQx9GSo/RL5FMkM5p/qPCAdso
aO8+BuMwYSiulJAAOG4MX78lLcHQQSM=
-----END CERTIFICATE-----
Generated at Sat Apr 12 13:54:36 2025 by rpki-client