Route Origin Authorization

$ cd rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/b433f23f-334b-4db9-9fe1-bef76714d97f/

$ rpki-client -vvf da906603-c536-343b-8202-ec7225532347.roa
File:                     da906603-c536-343b-8202-ec7225532347.roa (download)
Hash identifier:          1DJ8jGbUjOOF3pMg1Vkka0ahyTp464g9KX6dcLavSgw=
Subject key identifier:   1C:76:81:7C:99:EC:97:44:A5:A4:9A:1F:97:03:66:BD:18:E0:78:74
Certificate serial:       010D0C9F4328576D51CC73C042CFC164973CBB17
Authority key identifier: 8C:AB:5D:C7:32:C2:D8:F3:E5:93:61:6A:EE:B8:B5:20:B2:F9:13:BA
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/b433f23f-334b-4db9-9fe1-bef76714d97f.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/b433f23f-334b-4db9-9fe1-bef76714d97f/da906603-c536-343b-8202-ec7225532347.roa
ROA valid until:          Apr 10 04:00:00 2028 GMT
asID:                     2914
IP address blocks:
    1: 209.43.128.0/17 maxlen: 17

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:57:6d:51:cc:73:c0:42:cf:c1:64:97:3c:bb:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b433f23f-334b-4db9-9fe1-bef76714d97f
        Validity
            Not Before: Apr 10 04:00:00 2018 GMT
            Not After : Apr 10 04:00:00 2028 GMT
        Subject: CN=b62b1d61-0dd0-4eb0-b28a-85d179ebb04d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:9b:82:b8:d2:1d:14:ae:25:85:5c:0e:d6:c8:
                    c6:5f:64:34:33:0e:8d:a7:9f:a0:5a:05:0c:86:37:
                    34:b5:6c:c8:28:0a:db:3b:94:6c:b4:e3:52:ed:61:
                    f6:22:38:0b:48:7c:0b:a8:ab:eb:ac:ce:67:11:13:
                    c2:e9:23:f8:df:00:ad:0e:a9:cd:d9:d6:6c:c2:b6:
                    4e:58:e0:fa:b6:17:ad:ef:83:b0:59:69:cd:98:92:
                    9e:1d:ff:84:3b:a4:2e:34:51:e0:1b:d0:ee:2e:3c:
                    e4:78:d8:26:32:a5:48:a9:27:33:7e:52:a6:8e:d2:
                    ac:40:50:f3:e0:a4:be:a6:f6:55:48:98:d7:4f:93:
                    84:f5:a2:31:dc:1b:0d:a9:a8:47:c5:9d:e2:f7:b1:
                    87:43:d1:6c:0b:15:34:27:bc:42:80:55:6c:39:0a:
                    8a:95:35:7a:b2:e8:b3:0b:85:d1:ec:f9:3c:e7:e2:
                    32:28:e0:5d:28:d2:d8:8f:cd:3a:82:2c:3c:49:a0:
                    97:3d:e7:2b:8e:a3:30:9a:d8:7f:62:ba:15:b4:1e:
                    f7:b8:6e:8c:5f:4b:23:d1:13:32:b2:ce:4c:3d:1b:
                    5c:82:19:1c:ae:7d:74:78:92:a1:21:ba:b1:79:4b:
                    7f:a5:93:69:69:1c:4c:17:ef:fa:fd:7f:c0:1e:0d:
                    17:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                1C:76:81:7C:99:EC:97:44:A5:A4:9A:1F:97:03:66:BD:18:E0:78:74
            Subject Information Access: 
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/b433f23f-334b-4db9-9fe1-bef76714d97f/da906603-c536-343b-8202-ec7225532347.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/b433f23f-334b-4db9-9fe1-bef76714d97f/b433f23f-334b-4db9-9fe1-bef76714d97f.crl

            X509v3 Authority Key Identifier: 
                keyid:8C:AB:5D:C7:32:C2:D8:F3:E5:93:61:6A:EE:B8:B5:20:B2:F9:13:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/b433f23f-334b-4db9-9fe1-bef76714d97f.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  209.43.128.0/17

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         08:cf:e1:31:87:77:d9:f5:e0:e6:89:62:dc:85:8c:6a:46:22:
         d6:f6:b1:9f:5a:af:81:f0:f2:d5:fa:98:1e:e2:90:4d:e8:46:
         c7:8e:e7:31:71:49:7f:6f:7d:32:6d:42:95:54:4a:31:1e:1d:
         bd:02:1a:81:ea:8a:65:27:5a:64:a1:7c:5c:51:c7:63:b3:8b:
         ed:86:65:08:35:0d:76:cf:58:0a:23:f4:eb:17:f8:8d:9a:82:
         4e:e8:1a:19:b7:03:26:d6:b6:23:08:bd:78:0d:d9:e3:43:8b:
         f4:ef:28:4b:1a:74:00:7e:0e:81:42:9d:d6:f4:75:be:07:6e:
         c9:23:fa:82:7f:26:3d:8a:c4:2d:3b:d6:70:6f:bd:44:90:30:
         af:c1:3b:93:41:4d:a6:31:35:47:0b:4a:60:ec:99:93:8e:f5:
         29:81:a7:ef:73:4b:57:d3:05:60:28:ba:4d:46:d0:b8:09:0c:
         43:05:cc:8f:2d:b0:c9:d6:4d:d4:75:ba:62:b8:92:30:07:ba:
         36:0b:7e:8c:20:56:bd:ea:18:96:93:8d:bd:11:8b:a5:90:f9:
         a8:fe:4d:e4:50:75:23:a7:1a:61:4c:24:30:d0:dc:d0:31:91:
         a0:f2:e4:1d:57:1b:22:e4:e5:59:31:eb:e8:fb:85:bf:1b:7a:
         72:45:80:63
-----BEGIN CERTIFICATE-----
MIIGPzCCBSmgAwIBAgIUAQ0Mn0MoV21RzHPAQs/BZJc8uxcwCwYJKoZIhvcNAQEL
MC8xLTArBgNVBAMTJGI0MzNmMjNmLTMzNGItNGRiOS05ZmUxLWJlZjc2NzE0ZDk3
ZjAeFw0xODA0MTAwNDAwMDBaFw0yODA0MTAwNDAwMDBaMC8xLTArBgNVBAMTJGI2
MmIxZDYxLTBkZDAtNGViMC1iMjhhLTg1ZDE3OWViYjA0ZDCCASIwDQYJKoZIhvcN
AQEBBQADggEPADCCAQoCggEBAKSbgrjSHRSuJYVcDtbIxl9kNDMOjaefoFoFDIY3
NLVsyCgK2zuUbLTjUu1h9iI4C0h8C6ir66zOZxETwukj+N8ArQ6pzdnWbMK2Tljg
+rYXre+DsFlpzZiSnh3/hDukLjRR4BvQ7i485HjYJjKlSKknM35Spo7SrEBQ8+Ck
vqb2VUiY10+ThPWiMdwbDamoR8Wd4vexh0PRbAsVNCe8QoBVbDkKipU1erLoswuF
0ez5POfiMijgXSjS2I/NOoIsPEmglz3nK46jMJrYf2K6FbQe97hujF9LI9ETMrLO
TD0bXIIZHK59dHiSoSG6sXlLf6WTaWkcTBfv+v1/wB4NF70CAwEAAaOCA1UwggNR
MB0GA1UdDgQWBBQcdoF8meyXRKWkmh+XA2a9GOB4dDCB5QYIKwYBBQUHAQsEgdgw
gdUwgdIGCCsGAQUFBzALhoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRv
cnkvYXJpbi1ycGtpLXRhLzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIx
NTdkMy8yYTI0Njk0Ny0yZDYyLTRhNmMtYmEwNS04NzE4N2YwMDk5YjIvYjQzM2Yy
M2YtMzM0Yi00ZGI5LTlmZTEtYmVmNzY3MTRkOTdmL2RhOTA2NjAzLWM1MzYtMzQz
Yi04MjAyLWVjNzIyNTUzMjM0Ny5yb2EwgdwGA1UdHwSB1DCB0TCBzqCBy6CByIaB
xXJzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4tcnBraS10YS81
ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMmEyNDY5NDctMmQ2
Mi00YTZjLWJhMDUtODcxODdmMDA5OWIyL2I0MzNmMjNmLTMzNGItNGRiOS05ZmUx
LWJlZjc2NzE0ZDk3Zi9iNDMzZjIzZi0zMzRiLTRkYjktOWZlMS1iZWY3NjcxNGQ5
N2YuY3JsMB8GA1UdIwQYMBaAFIyrXccywtjz5ZNhau64tSCy+RO6MA4GA1UdDwEB
/wQEAwIHgDCBwAYIKwYBBQUHAQEEgbMwgbAwga0GCCsGAQUFBzAChoGgcnN5bmM6
Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRhLzVlNGEyM2Vh
LWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy8yYTI0Njk0Ny0yZDYyLTRhNmMt
YmEwNS04NzE4N2YwMDk5YjIvYjQzM2YyM2YtMzM0Yi00ZGI5LTlmZTEtYmVmNzY3
MTRkOTdmLmNlcjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB9ErgDBUBgNV
HSABAf8ESjBIMEYGCCsGAQUFBw4CMDowOAYIKwYBBQUHAgEWLGh0dHBzOi8vd3d3
LmFyaW4ubmV0L3Jlc291cmNlcy9ycGtpL2Nwcy5odG1sMAsGCSqGSIb3DQEBCwOC
AQEACM/hMYd32fXg5oli3IWMakYi1vaxn1qvgfDy1fqYHuKQTehGx47nMXFJf299
Mm1ClVRKMR4dvQIageqKZSdaZKF8XFHHY7OL7YZlCDUNds9YCiP06xf4jZqCTuga
GbcDJta2Iwi9eA3Z40OL9O8oSxp0AH4OgUKd1vR1vgduySP6gn8mPYrELTvWcG+9
RJAwr8E7k0FNpjE1RwtKYOyZk471KYGn73NLV9MFYCi6TUbQuAkMQwXMjy2wydZN
1HW6YriSMAe6Ngt+jCBWveoYlpONvRGLpZD5qP5N5FB1I6caYUwkMNDc0DGRoPLk
HVcbIuTlWTHr6PuFvxt6ckWAYw==
-----END CERTIFICATE-----
Generated at Thu Dec 1 22:55:47 2022 by rpki-client.