Route Origin Authorization

$ cd rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/b433f23f-334b-4db9-9fe1-bef76714d97f/

$ rpki-client -vvf 2e305dee-19f4-37d3-8c13-c3034e7b84aa.roa
File:                     2e305dee-19f4-37d3-8c13-c3034e7b84aa.roa (download)
Hash identifier:          9h3aVofzP+0YjyffG+hUliiK9MVwU4fegRy0EUethcc=
Subject key identifier:   71:27:4F:C6:86:29:CB:75:34:BC:1D:67:8F:34:1C:4C:CD:16:D4:22
Certificate serial:       010D0C9F4328576D51CC73C042CFC164974415EA
Authority key identifier: 8C:AB:5D:C7:32:C2:D8:F3:E5:93:61:6A:EE:B8:B5:20:B2:F9:13:BA
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/b433f23f-334b-4db9-9fe1-bef76714d97f.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/b433f23f-334b-4db9-9fe1-bef76714d97f/2e305dee-19f4-37d3-8c13-c3034e7b84aa.roa
ROA valid until:          Apr 10 04:00:00 2028 GMT
asID:                     2914
IP address blocks:
    1: 209.217.128.0/18 maxlen: 18

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:57:6d:51:cc:73:c0:42:cf:c1:64:97:44:15:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b433f23f-334b-4db9-9fe1-bef76714d97f
        Validity
            Not Before: Apr 10 04:00:00 2018 GMT
            Not After : Apr 10 04:00:00 2028 GMT
        Subject: CN=aab076ec-2cc4-4c10-a17e-bfbe97cd8ba4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:c0:75:ad:43:9a:47:7b:a7:0d:3f:1e:41:ca:
                    8d:f6:32:6e:d2:22:44:c4:2b:89:28:66:d5:6e:91:
                    74:da:be:b9:c5:7d:b1:92:60:07:47:22:a4:e4:0d:
                    25:de:07:e6:4a:7f:8b:26:cb:55:36:ae:04:a1:3e:
                    af:e0:51:fa:8d:34:a7:78:cc:49:b4:a5:a0:76:21:
                    9d:d2:4d:fb:1a:06:0d:1e:46:90:25:1f:4a:95:6c:
                    4e:43:41:c1:d9:e3:e8:b1:ef:d9:dd:43:f5:18:65:
                    f0:e1:f8:4d:e6:c0:79:7d:7d:23:db:ea:16:a0:3a:
                    57:5e:f6:7c:17:5f:56:ed:66:83:e3:f2:23:2f:ec:
                    97:80:cb:0a:68:20:fb:3a:ec:3f:81:e7:52:df:77:
                    41:6a:6a:b1:5e:9c:d1:92:48:c7:6f:e9:22:7f:83:
                    17:47:e0:1a:d4:3e:c9:7a:33:e7:c1:8e:c6:ab:ef:
                    f2:de:0f:81:31:7a:58:8b:35:b4:31:b0:07:3f:1f:
                    0f:6d:90:a2:49:d4:f9:88:1f:19:a0:ac:fb:e3:17:
                    7b:57:2c:b0:2f:47:ae:04:cf:ce:56:07:ce:64:a8:
                    ff:9c:53:01:b5:2c:36:28:84:ef:29:50:d6:3b:58:
                    0e:07:3b:67:d6:e2:4c:21:5a:cc:8c:a9:7d:4d:7c:
                    1d:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                71:27:4F:C6:86:29:CB:75:34:BC:1D:67:8F:34:1C:4C:CD:16:D4:22
            Subject Information Access: 
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/b433f23f-334b-4db9-9fe1-bef76714d97f/2e305dee-19f4-37d3-8c13-c3034e7b84aa.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/b433f23f-334b-4db9-9fe1-bef76714d97f/b433f23f-334b-4db9-9fe1-bef76714d97f.crl

            X509v3 Authority Key Identifier: 
                keyid:8C:AB:5D:C7:32:C2:D8:F3:E5:93:61:6A:EE:B8:B5:20:B2:F9:13:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/b433f23f-334b-4db9-9fe1-bef76714d97f.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  209.217.128.0/18

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         1c:0f:e2:a1:49:f6:4d:18:1f:ce:25:de:04:9e:a5:f3:53:de:
         3f:e1:70:57:28:a3:43:a2:88:d6:ba:78:03:f1:38:fe:c7:60:
         4a:1b:76:02:f4:d5:83:e9:43:c6:d9:10:93:03:d4:df:fe:73:
         88:b6:3d:be:55:5c:a9:d0:56:1d:5a:ef:48:41:22:ff:9e:56:
         14:5f:75:75:e2:e8:65:45:44:d3:18:39:c7:66:c4:92:89:8a:
         5a:bb:74:3f:ec:76:33:60:84:3c:4a:69:bc:8a:fb:96:60:13:
         bc:4f:a2:3d:a6:9b:6f:52:00:b7:14:ee:e9:7a:ed:65:5e:15:
         27:dc:23:1e:96:ef:03:1a:b0:38:fd:55:49:f9:d6:31:28:3d:
         ea:26:f8:26:2e:3b:b5:86:b4:7d:b9:3b:c0:99:61:43:63:96:
         b7:18:aa:f9:83:6b:10:0e:f1:be:f2:05:d1:d0:c2:fe:9d:2d:
         3a:63:62:ac:d5:b1:6a:89:6c:65:4f:e9:56:34:bc:06:d6:51:
         cc:ea:f9:e9:ee:d4:48:d3:c1:c8:fc:7b:ae:5c:f1:97:3f:98:
         3e:7b:7a:8f:30:49:fc:bc:7b:f4:81:0c:dc:0f:15:0c:02:a9:
         3d:1a:83:62:04:7b:59:8a:30:f3:09:e5:bf:7d:1c:58:98:45:
         1b:c9:6c:aa
-----BEGIN CERTIFICATE-----
MIIGPzCCBSmgAwIBAgIUAQ0Mn0MoV21RzHPAQs/BZJdEFeowCwYJKoZIhvcNAQEL
MC8xLTArBgNVBAMTJGI0MzNmMjNmLTMzNGItNGRiOS05ZmUxLWJlZjc2NzE0ZDk3
ZjAeFw0xODA0MTAwNDAwMDBaFw0yODA0MTAwNDAwMDBaMC8xLTArBgNVBAMTJGFh
YjA3NmVjLTJjYzQtNGMxMC1hMTdlLWJmYmU5N2NkOGJhNDCCASIwDQYJKoZIhvcN
AQEBBQADggEPADCCAQoCggEBAKrAda1Dmkd7pw0/HkHKjfYybtIiRMQriShm1W6R
dNq+ucV9sZJgB0cipOQNJd4H5kp/iybLVTauBKE+r+BR+o00p3jMSbSloHYhndJN
+xoGDR5GkCUfSpVsTkNBwdnj6LHv2d1D9Rhl8OH4TebAeX19I9vqFqA6V172fBdf
Vu1mg+PyIy/sl4DLCmgg+zrsP4HnUt93QWpqsV6c0ZJIx2/pIn+DF0fgGtQ+yXoz
58GOxqvv8t4PgTF6WIs1tDGwBz8fD22QoknU+YgfGaCs++MXe1cssC9HrgTPzlYH
zmSo/5xTAbUsNiiE7ylQ1jtYDgc7Z9biTCFazIypfU18HScCAwEAAaOCA1UwggNR
MB0GA1UdDgQWBBRxJ0/GhinLdTS8HWePNBxMzRbUIjCB5QYIKwYBBQUHAQsEgdgw
gdUwgdIGCCsGAQUFBzALhoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRv
cnkvYXJpbi1ycGtpLXRhLzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIx
NTdkMy8yYTI0Njk0Ny0yZDYyLTRhNmMtYmEwNS04NzE4N2YwMDk5YjIvYjQzM2Yy
M2YtMzM0Yi00ZGI5LTlmZTEtYmVmNzY3MTRkOTdmLzJlMzA1ZGVlLTE5ZjQtMzdk
My04YzEzLWMzMDM0ZTdiODRhYS5yb2EwgdwGA1UdHwSB1DCB0TCBzqCBy6CByIaB
xXJzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4tcnBraS10YS81
ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMmEyNDY5NDctMmQ2
Mi00YTZjLWJhMDUtODcxODdmMDA5OWIyL2I0MzNmMjNmLTMzNGItNGRiOS05ZmUx
LWJlZjc2NzE0ZDk3Zi9iNDMzZjIzZi0zMzRiLTRkYjktOWZlMS1iZWY3NjcxNGQ5
N2YuY3JsMB8GA1UdIwQYMBaAFIyrXccywtjz5ZNhau64tSCy+RO6MA4GA1UdDwEB
/wQEAwIHgDCBwAYIKwYBBQUHAQEEgbMwgbAwga0GCCsGAQUFBzAChoGgcnN5bmM6
Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRhLzVlNGEyM2Vh
LWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy8yYTI0Njk0Ny0yZDYyLTRhNmMt
YmEwNS04NzE4N2YwMDk5YjIvYjQzM2YyM2YtMzM0Yi00ZGI5LTlmZTEtYmVmNzY3
MTRkOTdmLmNlcjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBtHZgDBUBgNV
HSABAf8ESjBIMEYGCCsGAQUFBw4CMDowOAYIKwYBBQUHAgEWLGh0dHBzOi8vd3d3
LmFyaW4ubmV0L3Jlc291cmNlcy9ycGtpL2Nwcy5odG1sMAsGCSqGSIb3DQEBCwOC
AQEAHA/ioUn2TRgfziXeBJ6l81PeP+FwVyijQ6KI1rp4A/E4/sdgSht2AvTVg+lD
xtkQkwPU3/5ziLY9vlVcqdBWHVrvSEEi/55WFF91deLoZUVE0xg5x2bEkomKWrt0
P+x2M2CEPEppvIr7lmATvE+iPaabb1IAtxTu6XrtZV4VJ9wjHpbvAxqwOP1VSfnW
MSg96ib4Ji47tYa0fbk7wJlhQ2OWtxiq+YNrEA7xvvIF0dDC/p0tOmNirNWxaols
ZU/pVjS8BtZRzOr56e7USNPByPx7rlzxlz+YPnt6jzBJ/Lx79IEM3A8VDAKpPRqD
YgR7WYow8wnlv30cWJhFG8lsqg==
-----END CERTIFICATE-----
Generated at Fri Dec 2 07:09:44 2022 by rpki-client.