Route Origin Authorization

$ cd rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/b433f23f-334b-4db9-9fe1-bef76714d97f/

$ rpki-client -vvf 88447e22-5afd-37a2-8f83-565773ec44c2.roa
File:                     88447e22-5afd-37a2-8f83-565773ec44c2.roa (download)
Hash identifier:          TZnkiItfJ1e/6KYZDwhzkugGyK6YTyy/YXdqWxQ+cS4=
Subject key identifier:   BD:F5:54:F3:78:D1:B0:DF:8E:9F:1A:5A:F2:BF:DC:89:53:AF:EE:D9
Certificate serial:       010D0C9F4328576D51CC73C042CFC16DB8B0040E
Authority key identifier: 8C:AB:5D:C7:32:C2:D8:F3:E5:93:61:6A:EE:B8:B5:20:B2:F9:13:BA
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/b433f23f-334b-4db9-9fe1-bef76714d97f.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/b433f23f-334b-4db9-9fe1-bef76714d97f/88447e22-5afd-37a2-8f83-565773ec44c2.roa
ROA valid until:          Apr 10 04:00:00 2028 GMT
asID:                     2914
IP address blocks:
    1: 199.239.136.0/21 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:57:6d:51:cc:73:c0:42:cf:c1:6d:b8:b0:04:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b433f23f-334b-4db9-9fe1-bef76714d97f
        Validity
            Not Before: Apr 10 04:00:00 2018 GMT
            Not After : Apr 10 04:00:00 2028 GMT
        Subject: CN=8331b0ac-f4c2-4442-9bbf-0e08386ee873
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:65:3f:08:d8:9b:12:6b:1e:7a:71:f9:aa:dc:
                    6f:a2:1b:51:be:03:2e:e5:f4:ef:49:81:47:0a:4b:
                    e9:92:df:c0:df:1a:32:39:2f:13:dd:dc:3a:a5:35:
                    a6:73:68:39:65:93:8e:27:0a:62:67:ef:f1:77:fb:
                    0f:a9:29:88:46:10:fd:9d:28:6a:bf:6a:cb:e4:c8:
                    2d:dd:e0:4a:18:ee:80:8c:fa:3a:97:0c:5b:60:82:
                    c8:1c:82:f2:75:3e:69:23:2d:e0:fb:b2:99:f8:36:
                    50:ab:90:28:bb:0e:7c:45:4e:a0:11:c2:d6:2a:c4:
                    e4:44:bc:bb:6f:2b:81:a1:1a:38:ca:88:13:9a:bc:
                    55:cd:fe:6a:d1:31:b5:a5:fc:2a:c3:74:c3:ea:bf:
                    fb:f9:ee:e2:a4:28:f8:63:29:66:b3:48:19:02:4c:
                    ba:e3:3c:20:1a:4c:8a:c8:58:45:e9:37:d6:47:9a:
                    b9:7c:08:15:08:84:a5:08:95:46:74:a6:f8:2d:ed:
                    f7:91:c1:31:f2:42:11:6a:5d:bc:ea:d9:ee:67:c7:
                    f9:87:f8:a7:2b:33:2a:79:71:87:c0:80:b2:9c:36:
                    9e:1f:18:3e:e9:6c:ca:99:12:07:eb:5b:71:39:70:
                    59:66:e3:b0:61:ea:e5:f5:05:a7:fd:1c:be:ae:8f:
                    67:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                BD:F5:54:F3:78:D1:B0:DF:8E:9F:1A:5A:F2:BF:DC:89:53:AF:EE:D9
            Subject Information Access: 
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/b433f23f-334b-4db9-9fe1-bef76714d97f/88447e22-5afd-37a2-8f83-565773ec44c2.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/b433f23f-334b-4db9-9fe1-bef76714d97f/b433f23f-334b-4db9-9fe1-bef76714d97f.crl

            X509v3 Authority Key Identifier: 
                keyid:8C:AB:5D:C7:32:C2:D8:F3:E5:93:61:6A:EE:B8:B5:20:B2:F9:13:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/b433f23f-334b-4db9-9fe1-bef76714d97f.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.239.136.0/21

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         25:3d:38:fc:45:ed:ed:42:0e:34:b5:70:f1:86:ee:63:aa:49:
         de:c3:10:5e:b9:a8:d4:90:db:d2:90:b4:3c:69:ff:d8:83:6d:
         52:99:d2:53:03:7c:f6:2d:4c:6a:0c:33:13:b7:58:d7:de:c3:
         81:80:dc:ac:91:b0:3f:9b:5b:01:0f:e0:ff:2c:98:6c:42:ab:
         7e:ff:04:d5:90:20:81:7a:bf:19:31:69:8f:ae:64:29:4c:94:
         04:21:42:4e:2b:cd:0c:eb:9a:e5:44:9b:72:fe:a7:95:3b:d6:
         09:6a:6c:e8:45:fe:40:16:02:42:3e:ae:6c:31:8e:67:8f:0c:
         b9:b7:00:4d:42:47:16:37:d0:31:77:f9:df:d3:4b:d2:77:67:
         3f:c4:86:78:8e:b2:70:aa:9c:36:77:58:70:34:48:6c:ef:88:
         59:0a:99:87:ce:3a:46:ce:85:7e:8a:fe:46:3b:a5:7d:0f:35:
         64:bf:d1:aa:1c:12:5a:43:34:c0:08:33:e6:fa:cc:b1:04:4d:
         90:b1:1e:b8:ce:05:62:d3:66:ec:e5:65:c7:1f:8b:85:b3:8b:
         e8:37:c6:30:41:8e:8c:1e:37:29:0b:73:08:5a:0e:0d:49:16:
         2d:7b:f5:2d:74:c6:fa:01:69:e7:c1:b4:8a:88:b3:0d:53:ed:
         b9:53:5d:a2
-----BEGIN CERTIFICATE-----
MIIGPzCCBSmgAwIBAgIUAQ0Mn0MoV21RzHPAQs/BbbiwBA4wCwYJKoZIhvcNAQEL
MC8xLTArBgNVBAMTJGI0MzNmMjNmLTMzNGItNGRiOS05ZmUxLWJlZjc2NzE0ZDk3
ZjAeFw0xODA0MTAwNDAwMDBaFw0yODA0MTAwNDAwMDBaMC8xLTArBgNVBAMTJDgz
MzFiMGFjLWY0YzItNDQ0Mi05YmJmLTBlMDgzODZlZTg3MzCCASIwDQYJKoZIhvcN
AQEBBQADggEPADCCAQoCggEBAKllPwjYmxJrHnpx+arcb6IbUb4DLuX070mBRwpL
6ZLfwN8aMjkvE93cOqU1pnNoOWWTjicKYmfv8Xf7D6kpiEYQ/Z0oar9qy+TILd3g
ShjugIz6OpcMW2CCyByC8nU+aSMt4Puymfg2UKuQKLsOfEVOoBHC1irE5ES8u28r
gaEaOMqIE5q8Vc3+atExtaX8KsN0w+q/+/nu4qQo+GMpZrNIGQJMuuM8IBpMishY
Rek31keauXwIFQiEpQiVRnSm+C3t95HBMfJCEWpdvOrZ7mfH+Yf4pyszKnlxh8CA
spw2nh8YPulsypkSB+tbcTlwWWbjsGHq5fUFp/0cvq6PZ/8CAwEAAaOCA1UwggNR
MB0GA1UdDgQWBBS99VTzeNGw346fGlryv9yJU6/u2TCB5QYIKwYBBQUHAQsEgdgw
gdUwgdIGCCsGAQUFBzALhoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRv
cnkvYXJpbi1ycGtpLXRhLzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIx
NTdkMy8yYTI0Njk0Ny0yZDYyLTRhNmMtYmEwNS04NzE4N2YwMDk5YjIvYjQzM2Yy
M2YtMzM0Yi00ZGI5LTlmZTEtYmVmNzY3MTRkOTdmLzg4NDQ3ZTIyLTVhZmQtMzdh
Mi04ZjgzLTU2NTc3M2VjNDRjMi5yb2EwgdwGA1UdHwSB1DCB0TCBzqCBy6CByIaB
xXJzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4tcnBraS10YS81
ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMmEyNDY5NDctMmQ2
Mi00YTZjLWJhMDUtODcxODdmMDA5OWIyL2I0MzNmMjNmLTMzNGItNGRiOS05ZmUx
LWJlZjc2NzE0ZDk3Zi9iNDMzZjIzZi0zMzRiLTRkYjktOWZlMS1iZWY3NjcxNGQ5
N2YuY3JsMB8GA1UdIwQYMBaAFIyrXccywtjz5ZNhau64tSCy+RO6MA4GA1UdDwEB
/wQEAwIHgDCBwAYIKwYBBQUHAQEEgbMwgbAwga0GCCsGAQUFBzAChoGgcnN5bmM6
Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRhLzVlNGEyM2Vh
LWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy8yYTI0Njk0Ny0yZDYyLTRhNmMt
YmEwNS04NzE4N2YwMDk5YjIvYjQzM2YyM2YtMzM0Yi00ZGI5LTlmZTEtYmVmNzY3
MTRkOTdmLmNlcjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA8fviDBUBgNV
HSABAf8ESjBIMEYGCCsGAQUFBw4CMDowOAYIKwYBBQUHAgEWLGh0dHBzOi8vd3d3
LmFyaW4ubmV0L3Jlc291cmNlcy9ycGtpL2Nwcy5odG1sMAsGCSqGSIb3DQEBCwOC
AQEAJT04/EXt7UIONLVw8YbuY6pJ3sMQXrmo1JDb0pC0PGn/2INtUpnSUwN89i1M
agwzE7dY197DgYDcrJGwP5tbAQ/g/yyYbEKrfv8E1ZAggXq/GTFpj65kKUyUBCFC
TivNDOua5USbcv6nlTvWCWps6EX+QBYCQj6ubDGOZ48MubcATUJHFjfQMXf539NL
0ndnP8SGeI6ycKqcNndYcDRIbO+IWQqZh846Rs6Ffor+RjulfQ81ZL/RqhwSWkM0
wAgz5vrMsQRNkLEeuM4FYtNm7OVlxx+LhbOL6DfGMEGOjB43KQtzCFoODUkWLXv1
LXTG+gFp58G0ioizDVPtuVNdog==
-----END CERTIFICATE-----
Generated at Fri Dec 2 06:00:06 2022 by rpki-client.