Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09/2dfa2958-869d-3921-a8ad-1a559be0d746.roa
File:                     2dfa2958-869d-3921-a8ad-1a559be0d746.roa (raw, json)
Hash identifier:          tDzUTWyf0BboRDNcOEws8ZvAiCQRzWrDh+ZRp8Q3mKE=
Subject key identifier:   38:B8:E0:40:43:73:18:99:A9:0C:A8:3C:A6:8B:8C:BB:3F:9E:68:0B
Certificate issuer:       /CN=66dea2a5-837d-46d8-8f8e-9447ece20c09
Certificate serial:       010D0C9F43285848D64115EA15209F8F6635E860
Authority key identifier: C3:86:AD:8B:F4:19:4B:35:94:24:9B:90:BA:9D:80:11:C2:08:71:C9
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09/2dfa2958-869d-3921-a8ad-1a559be0d746.roa
Signing time:             Mon 10 Feb 2025 14:00:52 +0000
ROA not before:           Mon 10 Feb 2025 14:00:52 +0000
ROA not after:            Sun 11 May 2025 13:00:52 +0000
asID:                     10103
IP address blocks:        166.0.218.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09/66dea2a5-837d-46d8-8f8e-9447ece20c09.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09/66dea2a5-837d-46d8-8f8e-9447ece20c09.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 19 Feb 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:48:d6:41:15:ea:15:20:9f:8f:66:35:e8:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=66dea2a5-837d-46d8-8f8e-9447ece20c09
        Validity
            Not Before: Feb 10 14:00:52 2025 GMT
            Not After : May 11 13:00:52 2025 GMT
        Subject: CN=03995bb4-12b0-4da8-8a6f-276c5ed05f6a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:f0:ba:80:7e:da:ca:5c:68:76:ca:83:e4:f7:
                    ac:ec:cc:9f:80:af:ae:93:7c:d6:30:95:78:b8:6f:
                    40:06:11:a9:c2:c4:78:a2:22:0f:e7:2b:42:8b:3a:
                    8b:3d:8a:94:27:73:52:3f:6f:c4:90:f6:bb:a9:c8:
                    ff:25:b4:95:b4:e1:db:26:14:af:8b:b4:57:6b:f4:
                    04:3f:6d:be:3b:c0:77:1a:47:bf:e6:9f:93:45:8f:
                    49:e4:a0:55:33:79:f4:b0:4f:35:fa:b7:38:f5:21:
                    da:6c:40:78:e4:66:2a:14:da:33:a1:3d:af:fe:f1:
                    33:a2:28:a3:4b:b2:05:e3:10:86:7f:cf:27:71:25:
                    ff:4c:28:23:e4:35:d5:6d:3e:d7:86:20:da:8e:75:
                    4f:6b:3d:da:3a:e6:de:46:7a:3a:6e:d8:99:a5:3a:
                    c1:cb:11:2c:01:0b:39:49:c0:6c:83:a4:b7:02:da:
                    44:4f:b9:51:e6:30:31:6c:de:bc:7e:9f:02:4d:36:
                    66:c6:6f:58:c1:5b:d8:20:ea:62:a9:4c:9f:d2:20:
                    e7:be:3b:72:6b:c8:50:70:cf:0b:fb:98:53:f1:e9:
                    fe:dc:d6:b5:e4:fd:c1:29:6c:3a:15:ac:58:9d:e3:
                    c1:fb:06:a7:42:16:fc:82:f2:40:f3:84:55:24:b0:
                    18:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:B8:E0:40:43:73:18:99:A9:0C:A8:3C:A6:8B:8C:BB:3F:9E:68:0B
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09/2dfa2958-869d-3921-a8ad-1a559be0d746.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09/66dea2a5-837d-46d8-8f8e-9447ece20c09.crl

            X509v3 Authority Key Identifier:
                keyid:C3:86:AD:8B:F4:19:4B:35:94:24:9B:90:BA:9D:80:11:C2:08:71:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  166.0.218.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         56:8d:78:78:c4:92:c9:e6:4d:a6:a3:73:80:a4:f0:75:5a:a3:
         f1:41:4b:8d:db:82:b8:12:10:a3:42:2c:d2:cc:59:be:3e:13:
         c7:57:22:75:94:d0:2d:76:aa:98:f4:e8:9e:be:56:d9:1a:cc:
         1e:4b:8f:a8:52:07:da:e2:73:8e:c4:e8:e5:ce:c8:8b:00:04:
         cb:aa:ee:29:e8:07:46:74:cf:3b:7e:94:e6:af:5a:b3:69:27:
         ec:34:30:f2:e1:2d:96:36:89:6a:9d:19:bc:c4:07:b5:59:82:
         72:9e:63:4e:30:bb:a8:53:e8:7a:54:3d:5c:4c:f4:92:ef:7f:
         37:b1:bc:da:a2:17:0c:9e:84:c5:95:8d:6c:e9:89:96:15:cf:
         0d:3a:65:e9:1a:45:af:ea:b6:3b:35:04:72:78:a7:ce:eb:66:
         37:f4:ef:0e:fd:7e:a7:c8:65:10:1d:49:4a:b2:e2:d3:d8:00:
         29:86:71:35:13:aa:a2:01:1f:6d:2f:f9:8b:3b:b4:22:db:4e:
         ad:fd:6f:05:43:56:d1:94:39:7a:c3:f6:f5:8b:61:9b:23:c0:
         ab:60:fa:00:ab:df:08:40:32:86:22:29:40:d6:ca:b5:db:f4:
         80:91:b5:a7:cb:0f:31:c5:21:2e:fd:d1:18:90:3d:73:bf:36:
         03:f1:2e:93
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEjWQRXqFSCfj2Y16GAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNjZkZWEyYTUtODM3ZC00NmQ4LThmOGUtOTQ0N2VjZTIw
YzA5MB4XDTI1MDIxMDE0MDA1MloXDTI1MDUxMTEzMDA1MlowLzEtMCsGA1UEAxMk
MDM5OTViYjQtMTJiMC00ZGE4LThhNmYtMjc2YzVlZDA1ZjZhMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyPC6gH7aylxodsqD5Pes7MyfgK+uk3zWMJV4
uG9ABhGpwsR4oiIP5ytCizqLPYqUJ3NSP2/EkPa7qcj/JbSVtOHbJhSvi7RXa/QE
P22+O8B3Gke/5p+TRY9J5KBVM3n0sE81+rc49SHabEB45GYqFNozoT2v/vEzoiij
S7IF4xCGf88ncSX/TCgj5DXVbT7XhiDajnVPaz3aOubeRno6btiZpTrByxEsAQs5
ScBsg6S3AtpET7lR5jAxbN68fp8CTTZmxm9YwVvYIOpiqUyf0iDnvjtya8hQcM8L
+5hT8en+3Na15P3BKWw6FaxYnePB+wanQhb8gvJA84RVJLAYtwIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFDi44EBDcxiZqQyoPKaLjLs/nmgLMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi82NmRl
YTJhNS04MzdkLTQ2ZDgtOGY4ZS05NDQ3ZWNlMjBjMDkvMmRmYTI5NTgtODY5ZC0z
OTIxLWE4YWQtMWE1NTliZTBkNzQ2LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy8yYTI0Njk0Ny0y
ZDYyLTRhNmMtYmEwNS04NzE4N2YwMDk5YjIvNjZkZWEyYTUtODM3ZC00NmQ4LThm
OGUtOTQ0N2VjZTIwYzA5LzY2ZGVhMmE1LTgzN2QtNDZkOC04ZjhlLTk0NDdlY2Uy
MGMwOS5jcmwwHwYDVR0jBBgwFoAUw4ati/QZSzWUJJuQup2AEcIIcckwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2
Yy1iYTA1LTg3MTg3ZjAwOTliMi82NmRlYTJhNS04MzdkLTQ2ZDgtOGY4ZS05NDQ3
ZWNlMjBjMDkuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQApgDaMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAFaNeHjEksnmTaajc4Ck8HVao/FBS43bgrgSEKNCLNLMWb4+E8dXInWU
0C12qpj06J6+VtkazB5Lj6hSB9ric47E6OXOyIsABMuq7inoB0Z0zzt+lOavWrNp
J+w0MPLhLZY2iWqdGbzEB7VZgnKeY04wu6hT6HpUPVxM9JLvfzexvNqiFwyehMWV
jWzpiZYVzw06ZekaRa/qtjs1BHJ4p87rZjf07w79fqfIZRAdSUqy4tPYACmGcTUT
qqIBH20v+Ys7tCLbTq39bwVDVtGUOXrD9vWLYZsjwKtg+gCr3whAMoYiKUDWyrXb
9ICRtafLDzHFIS790RiQPXO/NgPxLpM=
-----END CERTIFICATE-----
Generated at Mon Feb 17 05:21:35 2025 by rpki-client