Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/63817736-7e5e-4740-8ee1-ac6f2317f08d/71143635-9833-37f3-9cf1-571e77e93ca0.roa
File:                     71143635-9833-37f3-9cf1-571e77e93ca0.roa (raw, json)
Hash identifier:          55mADSNrDcd/nBeFo9TllFaG7LrVHw6QvB54spBUBS4=
Subject key identifier:   0E:39:3D:7D:B9:1E:C6:D5:51:2E:6B:F3:78:04:64:BE:DA:E9:17:CF
Certificate issuer:       /CN=63817736-7e5e-4740-8ee1-ac6f2317f08d
Certificate serial:       010D0C9F43285841E46D4D294F5FDE57DAFD4780
Authority key identifier: B5:F4:FF:81:CB:E0:A0:26:F5:12:35:A7:B3:44:73:D0:89:4F:FC:77
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/63817736-7e5e-4740-8ee1-ac6f2317f08d.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/63817736-7e5e-4740-8ee1-ac6f2317f08d/71143635-9833-37f3-9cf1-571e77e93ca0.roa
Signing time:             Mon 15 May 2023 18:21:01 +0000
ROA not before:           Mon 15 May 2023 18:21:01 +0000
ROA not after:            Fri 23 Jun 2023 18:27:46 +0000
asID:                     20473
IP address blocks:        216.238.64.0/18 maxlen: 24
                          208.85.16.0/21 maxlen: 24
                          208.83.232.0/21 maxlen: 24
                          208.76.220.0/22 maxlen: 24
                          208.72.152.0/22 maxlen: 24
                          70.34.240.0/20 maxlen: 24
                          70.34.192.0/19 maxlen: 24
                          139.84.128.0/17 maxlen: 24
                          66.135.0.0/19 maxlen: 24
                          64.176.0.0/15 maxlen: 24
                          65.20.64.0/18 maxlen: 24
                          137.220.32.0/19 maxlen: 24
                          67.219.96.0/20 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/63817736-7e5e-4740-8ee1-ac6f2317f08d/63817736-7e5e-4740-8ee1-ac6f2317f08d.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/63817736-7e5e-4740-8ee1-ac6f2317f08d/63817736-7e5e-4740-8ee1-ac6f2317f08d.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/63817736-7e5e-4740-8ee1-ac6f2317f08d.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 17 May 2023 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:41:e4:6d:4d:29:4f:5f:de:57:da:fd:47:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63817736-7e5e-4740-8ee1-ac6f2317f08d
        Validity
            Not Before: May 15 18:21:01 2023 GMT
            Not After : Jun 23 18:27:46 2023 GMT
        Subject: CN=6732a75c-9905-402c-baa4-feec0aacba16
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:b2:0f:fd:f0:bc:1f:75:86:93:88:bf:d7:70:
                    43:81:52:11:b0:0c:8c:7b:bf:0e:eb:11:37:19:fd:
                    de:32:54:4f:22:5c:00:3f:fd:8a:26:b5:c1:87:bb:
                    58:a2:41:28:de:1d:1c:16:8f:1d:fb:ec:d9:84:56:
                    2c:2d:97:9d:e1:1d:80:0c:c8:01:ea:dd:e4:da:2c:
                    41:65:31:16:28:c1:dc:ed:0c:62:ed:e6:a1:59:2a:
                    6e:7f:ad:7f:25:53:c0:ff:c2:f3:5b:4c:1a:b3:88:
                    23:93:7a:59:d0:86:19:15:b3:19:53:39:88:ef:e1:
                    85:fa:85:9e:db:ae:a5:1f:e6:df:8f:df:2b:49:4a:
                    f7:ad:17:1f:1c:2f:4e:c7:b0:8d:29:65:e0:64:be:
                    7d:95:2b:bd:6e:cf:94:4c:51:73:23:8f:44:ee:45:
                    e3:a0:43:87:39:2f:5e:8c:3b:d7:cb:c3:c8:77:98:
                    c0:47:bd:0a:da:8c:eb:60:f3:f4:e0:f5:fd:6b:44:
                    c8:a6:07:54:93:62:df:f1:71:3a:a0:84:67:50:a7:
                    80:27:6e:84:7e:c4:53:b9:24:cf:4b:cd:cb:53:e9:
                    3e:bb:3d:fc:67:f8:43:2a:a0:1d:d4:47:35:aa:bb:
                    a1:fe:3a:c9:03:1f:ce:02:6c:cb:21:da:a2:b2:83:
                    d3:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:39:3D:7D:B9:1E:C6:D5:51:2E:6B:F3:78:04:64:BE:DA:E9:17:CF
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/63817736-7e5e-4740-8ee1-ac6f2317f08d/71143635-9833-37f3-9cf1-571e77e93ca0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/63817736-7e5e-4740-8ee1-ac6f2317f08d/63817736-7e5e-4740-8ee1-ac6f2317f08d.crl

            X509v3 Authority Key Identifier:
                keyid:B5:F4:FF:81:CB:E0:A0:26:F5:12:35:A7:B3:44:73:D0:89:4F:FC:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/63817736-7e5e-4740-8ee1-ac6f2317f08d.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  64.176.0.0/15
                  65.20.64.0/18
                  66.135.0.0/19
                  67.219.96.0/20
                  70.34.192.0/19
                  70.34.240.0/20
                  137.220.32.0/19
                  139.84.128.0/17
                  208.72.152.0/22
                  208.76.220.0/22
                  208.83.232.0/21
                  208.85.16.0/21
                  216.238.64.0/18

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         8a:ae:32:71:8e:b6:e4:0f:1e:97:00:c1:49:27:fd:6e:52:9b:
         56:65:b4:43:51:94:dd:61:79:3f:e9:ce:25:5a:08:47:1e:34:
         eb:36:22:7d:c2:9d:70:38:52:cd:c7:02:69:ce:0c:51:b7:cc:
         b2:8f:4e:a5:c0:e8:7f:9c:47:d3:48:75:35:58:5f:7d:c7:94:
         d2:e3:0d:a6:11:e5:3f:56:90:55:59:2d:e1:71:cd:1b:ac:96:
         c6:c2:35:1a:87:a2:eb:b9:3f:a1:d1:99:32:6a:eb:7b:2f:bf:
         05:cc:62:43:5d:29:42:cc:b7:24:fc:df:34:72:82:2b:18:b8:
         c5:07:7f:1f:13:2a:89:27:39:e7:0e:84:2b:8f:32:96:e3:90:
         76:47:12:c0:06:98:13:79:09:aa:7a:73:b9:ef:be:d2:8d:d9:
         a8:1b:0f:05:a7:93:1c:28:85:13:64:58:7e:28:05:76:1d:a6:
         92:bd:ec:cd:2b:15:ec:57:b1:6d:93:41:12:85:9a:76:f1:70:
         5b:ae:e0:68:20:a0:9d:e9:ad:38:74:7a:fe:ed:ba:a8:b9:14:
         6d:76:ae:02:ad:7b:34:8e:ea:bb:84:68:24:43:47:6c:c9:8e:
         59:3b:be:bc:69:f4:8c:7a:ed:60:3b:9a:f4:47:65:3c:04:5d:
         38:26:28:4f
-----BEGIN CERTIFICATE-----
MIIGijCCBXKgAwIBAgIUAQ0Mn0MoWEHkbU0pT1/eV9r9R4AwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNjM4MTc3MzYtN2U1ZS00NzQwLThlZTEtYWM2ZjIzMTdm
MDhkMB4XDTIzMDUxNTE4MjEwMVoXDTIzMDYyMzE4Mjc0NlowLzEtMCsGA1UEAxMk
NjczMmE3NWMtOTkwNS00MDJjLWJhYTQtZmVlYzBhYWNiYTE2MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjbIP/fC8H3WGk4i/13BDgVIRsAyMe78O6xE3
Gf3eMlRPIlwAP/2KJrXBh7tYokEo3h0cFo8d++zZhFYsLZed4R2ADMgB6t3k2ixB
ZTEWKMHc7Qxi7eahWSpuf61/JVPA/8LzW0was4gjk3pZ0IYZFbMZUzmI7+GF+oWe
266lH+bfj98rSUr3rRcfHC9Ox7CNKWXgZL59lSu9bs+UTFFzI49E7kXjoEOHOS9e
jDvXy8PId5jAR70K2ozrYPP04PX9a0TIpgdUk2Lf8XE6oIRnUKeAJ26EfsRTuSTP
S83LU+k+uz38Z/hDKqAd1Ec1qruh/jrJAx/OAmzLIdqisoPTDwIDAQABo4IDnDCC
A5gwHQYDVR0OBBYEFA45PX25HsbVUS5r83gEZL7a6RfPMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi82Mzgx
NzczNi03ZTVlLTQ3NDAtOGVlMS1hYzZmMjMxN2YwOGQvNzExNDM2MzUtOTgzMy0z
N2YzLTljZjEtNTcxZTc3ZTkzY2EwLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy8yYTI0Njk0Ny0y
ZDYyLTRhNmMtYmEwNS04NzE4N2YwMDk5YjIvNjM4MTc3MzYtN2U1ZS00NzQwLThl
ZTEtYWM2ZjIzMTdmMDhkLzYzODE3NzM2LTdlNWUtNDc0MC04ZWUxLWFjNmYyMzE3
ZjA4ZC5jcmwwHwYDVR0jBBgwFoAUtfT/gcvgoCb1EjWns0Rz0IlP/HcwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2
Yy1iYTA1LTg3MTg3ZjAwOTliMi82MzgxNzczNi03ZTVlLTQ3NDAtOGVlMS1hYzZm
MjMxN2YwOGQuY2VyMGYGCCsGAQUFBwEHAQH/BFcwVTBTBAIAATBNAwMBQLADBAZB
FEADBAVChwADBARD22ADBAVGIsADBARGIvADBAWJ3CADBAeLVIADBALQSJgDBALQ
TNwDBAPQU+gDBAPQVRADBAbY7kAwVAYDVR0gAQH/BEowSDBGBggrBgEFBQcOAjA6
MDgGCCsGAQUFBwIBFixodHRwczovL3d3dy5hcmluLm5ldC9yZXNvdXJjZXMvcnBr
aS9jcHMuaHRtbDANBgkqhkiG9w0BAQsFAAOCAQEAiq4ycY625A8elwDBSSf9blKb
VmW0Q1GU3WF5P+nOJVoIRx406zYifcKdcDhSzccCac4MUbfMso9OpcDof5xH00h1
NVhffceU0uMNphHlP1aQVVkt4XHNG6yWxsI1Goei67k/odGZMmrrey+/BcxiQ10p
Qsy3JPzfNHKCKxi4xQd/HxMqiSc55w6EK48yluOQdkcSwAaYE3kJqnpzue++0o3Z
qBsPBaeTHCiFE2RYfigFdh2mkr3szSsV7FexbZNBEoWadvFwW67gaCCgnemtOHR6
/u26qLkUbXauAq17NI7qu4RoJENHbMmOWTu+vGn0jHrtYDua9EdlPARdOCYoTw==
-----END CERTIFICATE-----
Generated at Mon May 15 19:17:21 2023 by rpki-client on console-fra.rpki-client.org