Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/0d3a5699-3eb8-4ecb-80a5-e8761a19b971/7e39b765-e3e8-3881-9da8-a808c316afd5.roa
File:                     7e39b765-e3e8-3881-9da8-a808c316afd5.roa (raw, json)
Hash identifier:          e+GszvPm5zTp9rAkc8QaD8C15JemBC7F3g7Chkx3NZo=
Subject key identifier:   87:EA:37:78:48:F5:B5:14:86:DE:C9:9B:15:64:1A:A1:E6:8C:B9:6E
Certificate issuer:       /CN=0d3a5699-3eb8-4ecb-80a5-e8761a19b971
Certificate serial:       010D0C9F43285847792BB32086F5B86C0F3B3A00
Authority key identifier: 57:1A:A5:27:EC:17:91:77:8C:71:79:03:73:62:71:C5:53:17:64:66
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/0d3a5699-3eb8-4ecb-80a5-e8761a19b971.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/0d3a5699-3eb8-4ecb-80a5-e8761a19b971/7e39b765-e3e8-3881-9da8-a808c316afd5.roa
Signing time:             Tue 08 Oct 2024 13:00:40 +0000
ROA not before:           Tue 08 Oct 2024 13:00:40 +0000
ROA not after:            Mon 06 Jan 2025 14:00:40 +0000
asID:                     18659
IP address blocks:        208.74.167.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/0d3a5699-3eb8-4ecb-80a5-e8761a19b971/0d3a5699-3eb8-4ecb-80a5-e8761a19b971.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/0d3a5699-3eb8-4ecb-80a5-e8761a19b971/0d3a5699-3eb8-4ecb-80a5-e8761a19b971.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/0d3a5699-3eb8-4ecb-80a5-e8761a19b971.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 23 Nov 2024 13:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:47:79:2b:b3:20:86:f5:b8:6c:0f:3b:3a:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d3a5699-3eb8-4ecb-80a5-e8761a19b971
        Validity
            Not Before: Oct  8 13:00:40 2024 GMT
            Not After : Jan  6 14:00:40 2025 GMT
        Subject: CN=1da45eb4-442b-4311-934a-4cdb6020dda3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:d1:65:8d:72:8c:3b:96:de:e6:73:bc:29:62:
                    aa:e8:a5:e3:e9:8c:c4:8c:8e:8f:d7:36:41:7c:7d:
                    71:b3:6b:94:f4:f4:f0:2a:34:6b:5c:ff:5a:86:9d:
                    ed:54:04:2f:40:b7:d8:e7:8a:f7:7e:fc:f4:2f:9a:
                    66:87:6a:9a:4e:33:03:15:30:25:60:ab:0a:b5:39:
                    8d:4c:20:92:39:37:8c:8e:de:ac:aa:fb:81:e3:39:
                    24:72:79:e6:f0:e1:d5:19:7d:69:87:5c:1d:52:db:
                    d3:88:75:3d:35:ae:c4:20:54:7e:9a:43:4f:44:56:
                    95:71:ac:48:e6:6f:94:f1:7e:a5:4e:bb:a3:81:48:
                    51:2c:5f:aa:85:dc:b9:22:ad:11:e4:27:eb:29:fc:
                    4c:5e:84:55:4a:0c:90:91:76:78:37:cb:18:5c:62:
                    07:ad:b7:7c:19:f7:59:04:22:42:6d:91:05:da:f2:
                    05:3b:17:83:98:4a:01:a3:3e:15:b5:5f:35:01:bd:
                    2d:14:e5:2e:84:66:17:90:7b:44:d9:1a:bf:f9:5f:
                    2b:e5:ba:f2:ab:ee:02:3e:cb:fa:4d:15:df:cd:d7:
                    36:b5:91:df:5c:fa:d7:37:bd:52:18:8f:d7:34:26:
                    99:d4:b3:7e:2b:7b:6f:b5:16:f0:50:68:db:ba:d7:
                    0f:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:EA:37:78:48:F5:B5:14:86:DE:C9:9B:15:64:1A:A1:E6:8C:B9:6E
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/0d3a5699-3eb8-4ecb-80a5-e8761a19b971/7e39b765-e3e8-3881-9da8-a808c316afd5.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/0d3a5699-3eb8-4ecb-80a5-e8761a19b971/0d3a5699-3eb8-4ecb-80a5-e8761a19b971.crl

            X509v3 Authority Key Identifier:
                keyid:57:1A:A5:27:EC:17:91:77:8C:71:79:03:73:62:71:C5:53:17:64:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/0d3a5699-3eb8-4ecb-80a5-e8761a19b971.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  208.74.167.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         2a:19:b8:91:a5:23:fb:6b:0c:6c:a1:20:07:28:c2:91:f9:af:
         c3:03:f4:ca:46:ab:d0:eb:f9:23:aa:9a:40:62:26:99:fd:01:
         27:6d:49:fe:e0:27:a2:82:e4:34:0c:8d:96:c9:46:77:a8:97:
         3b:ac:37:fb:a0:1f:f3:01:e7:1b:62:d3:63:56:22:cf:54:7c:
         35:91:8a:0c:0c:79:d3:2d:8f:9d:45:61:e3:b0:6d:57:82:68:
         37:a7:93:d8:66:d7:ca:27:60:49:38:d7:94:9d:d5:64:7b:7a:
         d0:79:65:8f:66:73:3b:03:b2:8c:05:61:d3:a6:f0:05:5c:15:
         e2:ab:22:ad:62:1e:0e:81:56:8b:a9:5b:d7:12:d1:53:61:d9:
         5e:76:b6:e2:db:ab:87:0f:ef:d2:3e:93:03:d4:79:d8:42:f4:
         b3:e9:f5:9d:33:ae:f7:28:e7:e0:90:2e:41:ce:91:0b:07:5e:
         24:65:76:ff:e9:5a:7d:42:f1:59:a5:dd:81:26:c8:6f:27:db:
         34:14:e1:7a:a3:28:37:94:1f:dc:00:76:c4:74:27:2c:96:fc:
         fd:67:7e:c5:88:b7:df:1c:88:b6:ac:9a:4a:1f:0a:8d:1f:9e:
         71:e8:b9:fe:f9:75:53:86:26:a0:d4:05:c0:71:9a:bf:dc:82:
         71:95:eb:b0
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEd5K7MghvW4bA87OgAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkMGQzYTU2OTktM2ViOC00ZWNiLTgwYTUtZTg3NjFhMTli
OTcxMB4XDTI0MTAwODEzMDA0MFoXDTI1MDEwNjE0MDA0MFowLzEtMCsGA1UEAxMk
MWRhNDVlYjQtNDQyYi00MzExLTkzNGEtNGNkYjYwMjBkZGEzMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2tFljXKMO5be5nO8KWKq6KXj6YzEjI6P1zZB
fH1xs2uU9PTwKjRrXP9ahp3tVAQvQLfY54r3fvz0L5pmh2qaTjMDFTAlYKsKtTmN
TCCSOTeMjt6sqvuB4zkkcnnm8OHVGX1ph1wdUtvTiHU9Na7EIFR+mkNPRFaVcaxI
5m+U8X6lTrujgUhRLF+qhdy5Iq0R5CfrKfxMXoRVSgyQkXZ4N8sYXGIHrbd8GfdZ
BCJCbZEF2vIFOxeDmEoBoz4VtV81Ab0tFOUuhGYXkHtE2Rq/+V8r5bryq+4CPsv6
TRXfzdc2tZHfXPrXN71SGI/XNCaZ1LN+K3tvtRbwUGjbutcPzwIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFIfqN3hI9bUUht7JmxVkGqHmjLluMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy8wZDNh
NTY5OS0zZWI4LTRlY2ItODBhNS1lODc2MWExOWI5NzEvN2UzOWI3NjUtZTNlOC0z
ODgxLTlkYTgtYTgwOGMzMTZhZmQ1LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvMGQzYTU2OTktM2ViOC00ZWNiLTgw
YTUtZTg3NjFhMTliOTcxLzBkM2E1Njk5LTNlYjgtNGVjYi04MGE1LWU4NzYxYTE5
Yjk3MS5jcmwwHwYDVR0jBBgwFoAUVxqlJ+wXkXeMcXkDc2JxxVMXZGYwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy8wZDNhNTY5OS0zZWI4LTRlY2ItODBhNS1lODc2
MWExOWI5NzEuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA0EqnMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBACoZuJGlI/trDGyhIAcowpH5r8MD9MpGq9Dr+SOqmkBiJpn9ASdtSf7g
J6KC5DQMjZbJRneolzusN/ugH/MB5xti02NWIs9UfDWRigwMedMtj51FYeOwbVeC
aDenk9hm18onYEk415Sd1WR7etB5ZY9mczsDsowFYdOm8AVcFeKrIq1iHg6BVoup
W9cS0VNh2V52tuLbq4cP79I+kwPUedhC9LPp9Z0zrvco5+CQLkHOkQsHXiRldv/p
Wn1C8Vml3YEmyG8n2zQU4XqjKDeUH9wAdsR0JyyW/P1nfsWIt98ciLasmkofCo0f
nnHouf75dVOGJqDUBcBxmr/cgnGV67A=
-----END CERTIFICATE-----