Route Origin Authorization

$ cd rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09/

$ rpki-client -vvf d9ae8429-f463-37bb-b807-a010823ce9e4.roa
File:                     d9ae8429-f463-37bb-b807-a010823ce9e4.roa (download)
Hash identifier:          CFg5HPt//BJu/giuc6wiKoiazkQ6wG3FS7ht7Rt1MJE=
Subject key identifier:   93:D5:11:5F:C9:02:94:A7:07:A8:AF:F0:DE:2F:D3:B3:2B:C6:58:57
Certificate issuer:       /CN=66dea2a5-837d-46d8-8f8e-9447ece20c09
Certificate serial:       010D0C9F43285839D1319D328BEED39734E0AC20
Authority key identifier: C3:86:AD:8B:F4:19:4B:35:94:24:9B:90:BA:9D:80:11:C2:08:71:C9
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09/d9ae8429-f463-37bb-b807-a010823ce9e4.roa
ROA valid until:          Aug 08 04:00:00 2023 GMT
asID:                     1239
IP address blocks:
    1: 108.165.167.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:39:d1:31:9d:32:8b:ee:d3:97:34:e0:ac:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=66dea2a5-837d-46d8-8f8e-9447ece20c09
        Validity
            Not Before: May  5 04:00:00 2020 GMT
            Not After : Aug  8 04:00:00 2023 GMT
        Subject: CN=c2f1d170-2d8e-485d-a836-bb1a8ef70842
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:0a:ca:71:c4:57:da:0a:9e:5a:ff:da:eb:81:
                    43:ef:6a:d0:f2:14:34:82:39:9e:52:a2:1f:be:57:
                    40:41:aa:aa:3d:ad:fa:4f:0d:f3:46:8d:8f:79:73:
                    5e:dc:50:e9:bf:8c:c6:b8:d7:29:28:58:6d:c7:ca:
                    24:16:e6:c7:7c:98:2a:51:ba:1a:5a:31:66:55:d9:
                    9e:e4:97:8b:ec:46:de:02:1c:ff:53:92:e3:21:f6:
                    4c:be:dc:a5:86:ea:97:4c:74:dd:0a:1d:00:8c:cd:
                    46:f4:02:38:15:84:5d:75:16:e2:dd:49:43:13:09:
                    7b:51:f7:a8:28:4c:93:24:71:76:60:2f:6d:f2:c2:
                    e9:c4:3e:b3:be:5b:cb:94:7a:d4:cf:0a:7e:d1:ca:
                    20:3e:82:98:6f:c5:7a:e2:7e:c9:f9:c1:73:3a:ac:
                    4c:f3:01:6c:0d:d0:d2:d3:6f:7a:33:25:4d:2d:ce:
                    29:46:37:92:05:76:f4:a5:74:f8:86:4a:a3:b4:0e:
                    1d:c3:e3:14:4b:7d:e1:cf:6a:b6:97:4b:95:4f:7f:
                    be:ce:1e:be:f3:0a:1d:23:e1:02:81:2e:5b:18:01:
                    c6:ee:d7:85:cf:04:d3:ae:31:30:94:e1:40:9e:7e:
                    11:28:47:47:97:6e:5a:f2:cc:33:9e:9e:9f:80:eb:
                    5f:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                93:D5:11:5F:C9:02:94:A7:07:A8:AF:F0:DE:2F:D3:B3:2B:C6:58:57
            Subject Information Access: 
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09/d9ae8429-f463-37bb-b807-a010823ce9e4.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09/66dea2a5-837d-46d8-8f8e-9447ece20c09.crl

            X509v3 Authority Key Identifier: 
                keyid:C3:86:AD:8B:F4:19:4B:35:94:24:9B:90:BA:9D:80:11:C2:08:71:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  108.165.167.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         75:b6:3a:42:99:ee:7a:0a:a1:d7:a7:98:c0:d2:e2:98:63:8a:
         4f:ce:fb:7c:c3:cb:35:55:1d:12:db:9e:cb:12:20:da:1d:66:
         68:de:d4:cb:a6:7b:32:33:55:a3:f6:86:70:27:6d:2a:98:c2:
         ea:94:2c:bf:44:4a:16:a5:28:ba:a7:ce:cd:33:2c:62:6f:8c:
         9b:16:8b:30:de:36:41:8f:98:42:53:72:af:11:55:6e:e7:9b:
         e2:fc:9f:32:2d:fa:41:5f:0f:9c:70:68:6f:6f:48:9d:1c:f2:
         76:26:1c:cb:bc:f4:ab:20:bf:3f:18:19:eb:32:23:e0:8d:05:
         2c:43:6e:12:ce:d1:15:a6:6c:e0:12:b1:9d:f2:0e:02:eb:a3:
         ae:72:8d:a3:08:20:30:86:60:12:a3:fe:80:e6:99:0f:e0:0a:
         40:e5:22:4c:33:6e:14:54:41:21:5f:d4:22:54:f5:36:8f:27:
         21:82:3a:b3:c0:d5:03:d1:22:44:e4:90:67:97:bd:03:c2:04:
         88:2a:80:7d:37:32:a7:5f:34:b3:56:13:42:c0:89:6e:23:e2:
         96:f3:6b:41:2c:11:02:31:de:23:fc:bf:e6:c5:8f:f1:3c:29:
         74:37:5b:8c:62:57:83:d5:a2:16:b3:b4:66:e2:2d:f5:1a:f0:
         f8:1d:e3:2e
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWDnRMZ0yi+7TlzTgrCAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNjZkZWEyYTUtODM3ZC00NmQ4LThmOGUtOTQ0N2VjZTIw
YzA5MB4XDTIwMDUwNTA0MDAwMFoXDTIzMDgwODA0MDAwMFowLzEtMCsGA1UEAxMk
YzJmMWQxNzAtMmQ4ZS00ODVkLWE4MzYtYmIxYThlZjcwODQyMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnArKccRX2gqeWv/a64FD72rQ8hQ0gjmeUqIf
vldAQaqqPa36Tw3zRo2PeXNe3FDpv4zGuNcpKFhtx8okFubHfJgqUboaWjFmVdme
5JeL7EbeAhz/U5LjIfZMvtylhuqXTHTdCh0AjM1G9AI4FYRddRbi3UlDEwl7Ufeo
KEyTJHF2YC9t8sLpxD6zvlvLlHrUzwp+0cogPoKYb8V64n7J+cFzOqxM8wFsDdDS
0296MyVNLc4pRjeSBXb0pXT4hkqjtA4dw+MUS33hz2q2l0uVT3++zh6+8wodI+EC
gS5bGAHG7teFzwTTrjEwlOFAnn4RKEdHl25a8swznp6fgOtfawIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFJPVEV/JApSnB6iv8N4v07MrxlhXMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi82NmRl
YTJhNS04MzdkLTQ2ZDgtOGY4ZS05NDQ3ZWNlMjBjMDkvZDlhZTg0MjktZjQ2My0z
N2JiLWI4MDctYTAxMDgyM2NlOWU0LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy8yYTI0Njk0Ny0y
ZDYyLTRhNmMtYmEwNS04NzE4N2YwMDk5YjIvNjZkZWEyYTUtODM3ZC00NmQ4LThm
OGUtOTQ0N2VjZTIwYzA5LzY2ZGVhMmE1LTgzN2QtNDZkOC04ZjhlLTk0NDdlY2Uy
MGMwOS5jcmwwHwYDVR0jBBgwFoAUw4ati/QZSzWUJJuQup2AEcIIcckwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2
Yy1iYTA1LTg3MTg3ZjAwOTliMi82NmRlYTJhNS04MzdkLTQ2ZDgtOGY4ZS05NDQ3
ZWNlMjBjMDkuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbKWnMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAHW2OkKZ7noKodenmMDS4phjik/O+3zDyzVVHRLbnssSINodZmje1Mum
ezIzVaP2hnAnbSqYwuqULL9EShalKLqnzs0zLGJvjJsWizDeNkGPmEJTcq8RVW7n
m+L8nzIt+kFfD5xwaG9vSJ0c8nYmHMu89Ksgvz8YGesyI+CNBSxDbhLO0RWmbOAS
sZ3yDgLro65yjaMIIDCGYBKj/oDmmQ/gCkDlIkwzbhRUQSFf1CJU9TaPJyGCOrPA
1QPRIkTkkGeXvQPCBIgqgH03MqdfNLNWE0LAiW4j4pbza0EsEQIx3iP8v+bFj/E8
KXQ3W4xiV4PVohaztGbiLfUa8Pgd4y4=
-----END CERTIFICATE-----
Generated at Fri Dec 2 12:54:39 2022 by rpki-client.