Route Origin Authorization

$ cd rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/b433f23f-334b-4db9-9fe1-bef76714d97f/

$ rpki-client -vvf c2694fc5-efd8-3ec0-8ef8-1357d5f2c87d.roa
File:                     c2694fc5-efd8-3ec0-8ef8-1357d5f2c87d.roa (download)
Hash identifier:          tLDDJxuzODkbda7J5/H7nDlvjqmowVxuSUzaomJ2TBs=
Subject key identifier:   58:0D:C0:71:BF:8C:F3:4E:BB:16:61:00:81:45:DC:B7:BB:55:4A:56
Certificate serial:       010D0C9F4328576D51CC73C042CFC16DD05526C7
Authority key identifier: 8C:AB:5D:C7:32:C2:D8:F3:E5:93:61:6A:EE:B8:B5:20:B2:F9:13:BA
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/b433f23f-334b-4db9-9fe1-bef76714d97f.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/b433f23f-334b-4db9-9fe1-bef76714d97f/c2694fc5-efd8-3ec0-8ef8-1357d5f2c87d.roa
ROA valid until:          Apr 10 04:00:00 2028 GMT
asID:                     2914
IP address blocks:
    1: 209.157.54.0/24 maxlen: 24
    2: 209.157.68.136/29 maxlen: 29
    3: 209.157.64.0/21 maxlen: 21

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:57:6d:51:cc:73:c0:42:cf:c1:6d:d0:55:26:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b433f23f-334b-4db9-9fe1-bef76714d97f
        Validity
            Not Before: Apr 10 04:00:00 2018 GMT
            Not After : Apr 10 04:00:00 2028 GMT
        Subject: CN=cd644bb5-349e-4e69-8b99-7b596ff5efc1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:7b:2f:a8:52:50:07:71:c5:95:fa:2c:68:ae:
                    46:7f:5f:1b:30:f4:25:60:ab:20:ce:57:68:ca:8e:
                    23:46:61:a0:12:cc:21:8c:b1:72:42:07:b0:09:a0:
                    eb:0f:55:de:04:e1:12:09:11:c7:dc:04:de:27:47:
                    11:48:64:32:e1:b2:63:91:4d:c3:5b:26:4e:b2:0f:
                    e3:b7:8a:47:79:cd:b4:8b:5d:51:8d:ab:0a:68:6b:
                    e9:ad:72:81:5b:24:32:f7:97:97:b1:f6:0b:54:21:
                    55:4b:2f:df:31:4e:91:4b:f3:a5:98:88:f0:79:06:
                    fd:7b:12:eb:2c:bb:89:0b:fe:c2:6b:39:32:23:f7:
                    eb:d6:84:12:a5:e8:2d:4f:0c:9e:5e:94:0c:49:69:
                    3a:3b:22:08:bd:ee:de:2b:cb:29:7e:d8:12:3d:3a:
                    07:da:03:b6:f3:25:89:5e:6b:6b:6b:0a:79:4a:1f:
                    2a:d7:2d:c2:ec:bb:eb:f5:a4:4f:a1:2b:c1:21:2c:
                    b3:38:8d:b6:da:45:53:60:6f:50:b9:93:99:78:29:
                    9d:4e:a8:ae:29:98:7d:0e:9b:c7:48:85:e5:1e:3c:
                    bb:13:15:73:b2:29:63:cd:e4:94:d6:50:ec:ac:33:
                    6c:18:82:7c:04:9d:ea:8d:69:10:37:01:83:ad:5e:
                    94:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                58:0D:C0:71:BF:8C:F3:4E:BB:16:61:00:81:45:DC:B7:BB:55:4A:56
            Subject Information Access: 
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/b433f23f-334b-4db9-9fe1-bef76714d97f/c2694fc5-efd8-3ec0-8ef8-1357d5f2c87d.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/b433f23f-334b-4db9-9fe1-bef76714d97f/b433f23f-334b-4db9-9fe1-bef76714d97f.crl

            X509v3 Authority Key Identifier: 
                keyid:8C:AB:5D:C7:32:C2:D8:F3:E5:93:61:6A:EE:B8:B5:20:B2:F9:13:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/b433f23f-334b-4db9-9fe1-bef76714d97f.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  209.157.54.0/24
                  209.157.64.0/21

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         5b:06:43:bf:62:c6:c1:c2:25:51:20:ea:ce:d4:f5:e3:70:c9:
         16:19:82:78:e8:32:6f:98:c8:34:a6:ff:3d:af:52:b4:de:c2:
         46:65:9a:70:e2:76:dc:6a:64:cb:9f:fc:93:a4:1b:57:4b:16:
         38:9d:dc:52:22:26:57:ed:33:21:58:33:e3:27:f2:08:2b:6b:
         9a:41:d8:3b:b1:87:d0:90:91:66:20:75:a2:a0:d7:c9:e4:2a:
         af:73:5a:be:7a:78:99:24:e4:53:9b:d8:6d:63:5c:7d:7f:c4:
         25:f5:28:a3:ac:34:bb:b1:77:3a:94:dc:63:2c:3c:9c:71:b2:
         65:31:71:ea:94:18:57:64:43:a2:39:a6:1e:d3:f0:da:27:94:
         c1:f3:3a:8d:35:ed:18:2b:68:b2:bd:60:4d:d6:a2:30:68:ca:
         6f:a8:e0:9d:a6:17:a6:3a:68:16:52:a5:6e:3c:fd:d9:78:c1:
         31:b8:c1:04:92:6f:a7:0b:5c:62:7e:00:8d:9d:19:4b:c0:22:
         57:a1:84:8d:a1:55:35:05:29:fd:f1:00:8a:c3:58:fb:a8:5e:
         0c:0b:b8:f7:91:c2:45:de:ab:f3:d3:f7:6c:01:e7:c2:36:53:
         ed:63:24:4a:60:ea:16:48:eb:a2:88:ac:94:26:e6:c5:e9:2b:
         19:a0:68:b2
-----BEGIN CERTIFICATE-----
MIIGRTCCBS+gAwIBAgIUAQ0Mn0MoV21RzHPAQs/BbdBVJscwCwYJKoZIhvcNAQEL
MC8xLTArBgNVBAMTJGI0MzNmMjNmLTMzNGItNGRiOS05ZmUxLWJlZjc2NzE0ZDk3
ZjAeFw0xODA0MTAwNDAwMDBaFw0yODA0MTAwNDAwMDBaMC8xLTArBgNVBAMTJGNk
NjQ0YmI1LTM0OWUtNGU2OS04Yjk5LTdiNTk2ZmY1ZWZjMTCCASIwDQYJKoZIhvcN
AQEBBQADggEPADCCAQoCggEBALp7L6hSUAdxxZX6LGiuRn9fGzD0JWCrIM5XaMqO
I0ZhoBLMIYyxckIHsAmg6w9V3gThEgkRx9wE3idHEUhkMuGyY5FNw1smTrIP47eK
R3nNtItdUY2rCmhr6a1ygVskMveXl7H2C1QhVUsv3zFOkUvzpZiI8HkG/XsS6yy7
iQv+wms5MiP369aEEqXoLU8Mnl6UDElpOjsiCL3u3ivLKX7YEj06B9oDtvMliV5r
a2sKeUofKtctwuy76/WkT6ErwSEssziNttpFU2BvULmTmXgpnU6orimYfQ6bx0iF
5R48uxMVc7IpY83klNZQ7KwzbBiCfASd6o1pEDcBg61elL0CAwEAAaOCA1swggNX
MB0GA1UdDgQWBBRYDcBxv4zzTrsWYQCBRdy3u1VKVjCB5QYIKwYBBQUHAQsEgdgw
gdUwgdIGCCsGAQUFBzALhoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRv
cnkvYXJpbi1ycGtpLXRhLzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIx
NTdkMy8yYTI0Njk0Ny0yZDYyLTRhNmMtYmEwNS04NzE4N2YwMDk5YjIvYjQzM2Yy
M2YtMzM0Yi00ZGI5LTlmZTEtYmVmNzY3MTRkOTdmL2MyNjk0ZmM1LWVmZDgtM2Vj
MC04ZWY4LTEzNTdkNWYyYzg3ZC5yb2EwgdwGA1UdHwSB1DCB0TCBzqCBy6CByIaB
xXJzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4tcnBraS10YS81
ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMmEyNDY5NDctMmQ2
Mi00YTZjLWJhMDUtODcxODdmMDA5OWIyL2I0MzNmMjNmLTMzNGItNGRiOS05ZmUx
LWJlZjc2NzE0ZDk3Zi9iNDMzZjIzZi0zMzRiLTRkYjktOWZlMS1iZWY3NjcxNGQ5
N2YuY3JsMB8GA1UdIwQYMBaAFIyrXccywtjz5ZNhau64tSCy+RO6MA4GA1UdDwEB
/wQEAwIHgDCBwAYIKwYBBQUHAQEEgbMwgbAwga0GCCsGAQUFBzAChoGgcnN5bmM6
Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRhLzVlNGEyM2Vh
LWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy8yYTI0Njk0Ny0yZDYyLTRhNmMt
YmEwNS04NzE4N2YwMDk5YjIvYjQzM2YyM2YtMzM0Yi00ZGI5LTlmZTEtYmVmNzY3
MTRkOTdmLmNlcjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEANGdNgMEA9Gd
QDBUBgNVHSABAf8ESjBIMEYGCCsGAQUFBw4CMDowOAYIKwYBBQUHAgEWLGh0dHBz
Oi8vd3d3LmFyaW4ubmV0L3Jlc291cmNlcy9ycGtpL2Nwcy5odG1sMAsGCSqGSIb3
DQEBCwOCAQEAWwZDv2LGwcIlUSDqztT143DJFhmCeOgyb5jINKb/Pa9StN7CRmWa
cOJ23Gpky5/8k6QbV0sWOJ3cUiImV+0zIVgz4yfyCCtrmkHYO7GH0JCRZiB1oqDX
yeQqr3Navnp4mSTkU5vYbWNcfX/EJfUoo6w0u7F3OpTcYyw8nHGyZTFx6pQYV2RD
ojmmHtPw2ieUwfM6jTXtGCtosr1gTdaiMGjKb6jgnaYXpjpoFlKlbjz92XjBMbjB
BJJvpwtcYn4AjZ0ZS8AiV6GEjaFVNQUp/fEAisNY+6heDAu495HCRd6r89P3bAHn
wjZT7WMkSmDqFkjrooislCbmxekrGaBosg==
-----END CERTIFICATE-----
Generated at Fri Dec 2 06:00:08 2022 by rpki-client.