Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/ab85686b-bac3-40d2-b46e-f2593fb0bc6b/29d649ff-7028-3767-8327-8c4721bf56a8.roa
File:                     29d649ff-7028-3767-8327-8c4721bf56a8.roa (raw, json)
Hash identifier:          r+z7WPiHLYrJbfONVHHyuCBeo49g7GoCqQpZHEPCJkQ=
Subject key identifier:   51:B1:1E:BF:C9:BA:A0:0E:90:0E:5B:76:EB:93:69:5B:ED:27:FD:EF
Certificate issuer:       /CN=ab85686b-bac3-40d2-b46e-f2593fb0bc6b
Certificate serial:       010D0C9F432858459633460F79B261048229EC00
Authority key identifier: 0E:5E:F6:3E:A7:FF:42:C0:84:5C:18:ED:96:19:B7:6D:8A:D9:86:BE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/ab85686b-bac3-40d2-b46e-f2593fb0bc6b.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/ab85686b-bac3-40d2-b46e-f2593fb0bc6b/29d649ff-7028-3767-8327-8c4721bf56a8.roa
Signing time:             Thu 18 Apr 2024 13:00:33 +0000
ROA not before:           Thu 18 Apr 2024 13:00:33 +0000
ROA not after:            Wed 17 Jul 2024 13:00:33 +0000
asID:                     399668
IP address blocks:        2620:98:a000::/48 maxlen: 64

Validation:               OK
Signature path:           rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/ab85686b-bac3-40d2-b46e-f2593fb0bc6b/ab85686b-bac3-40d2-b46e-f2593fb0bc6b.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/ab85686b-bac3-40d2-b46e-f2593fb0bc6b/ab85686b-bac3-40d2-b46e-f2593fb0bc6b.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/ab85686b-bac3-40d2-b46e-f2593fb0bc6b.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 25 Apr 2024 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:45:96:33:46:0f:79:b2:61:04:82:29:ec:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ab85686b-bac3-40d2-b46e-f2593fb0bc6b
        Validity
            Not Before: Apr 18 13:00:33 2024 GMT
            Not After : Jul 17 13:00:33 2024 GMT
        Subject: CN=6be23c61-7633-4362-a12e-3949907b4836
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:37:35:56:54:43:69:81:81:e1:35:1d:d4:47:
                    b9:89:a5:f5:45:c2:81:8e:1b:cd:ee:fa:79:43:85:
                    6a:92:8f:ca:d3:2e:7d:dd:3f:f6:91:bd:74:4c:ed:
                    8b:10:6e:4c:87:0e:fa:de:aa:a7:a4:65:9a:7c:0f:
                    cc:f9:ec:d4:b5:dd:7c:ec:3c:16:68:6e:45:58:7d:
                    29:19:6c:3f:b7:f0:75:b5:a5:d9:be:c2:e7:9e:1c:
                    c1:33:c6:98:df:4a:bb:46:38:99:2d:7a:5e:17:8c:
                    fe:29:69:3b:a6:52:eb:c7:aa:1a:81:0a:b9:7f:d7:
                    17:b8:7d:06:c9:d9:52:e5:28:d0:34:4b:fa:4d:c4:
                    5f:64:58:2e:a2:5b:7f:d1:94:39:08:1e:e7:b4:7a:
                    fe:fe:f7:a3:a5:01:f5:55:44:5d:42:5b:2a:9c:c2:
                    a8:16:9a:04:8b:db:a7:9f:14:6e:04:ce:ae:fb:f0:
                    f2:4d:27:b0:59:1e:d9:1a:7b:a1:dd:79:67:cf:35:
                    9c:64:78:fa:fc:ca:e8:f7:cc:55:42:e1:63:f7:c4:
                    5b:95:da:0b:02:46:cf:ba:d8:d0:9c:87:6a:1c:9b:
                    f6:aa:eb:94:6c:26:e3:f0:85:79:84:3a:2f:00:4f:
                    17:27:71:99:c2:c3:61:a1:19:de:47:72:9a:16:a9:
                    5a:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:B1:1E:BF:C9:BA:A0:0E:90:0E:5B:76:EB:93:69:5B:ED:27:FD:EF
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/ab85686b-bac3-40d2-b46e-f2593fb0bc6b/29d649ff-7028-3767-8327-8c4721bf56a8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/ab85686b-bac3-40d2-b46e-f2593fb0bc6b/ab85686b-bac3-40d2-b46e-f2593fb0bc6b.crl

            X509v3 Authority Key Identifier:
                keyid:0E:5E:F6:3E:A7:FF:42:C0:84:5C:18:ED:96:19:B7:6D:8A:D9:86:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/ab85686b-bac3-40d2-b46e-f2593fb0bc6b.cer

            sbgp-ipAddrBlock: critical
                IPv6:
                  2620:98:a000::/48

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         ad:ca:14:d4:f9:c3:af:2f:ce:a7:07:fb:4d:b3:8f:ed:e4:c3:
         1a:86:8a:04:08:2a:e2:a8:46:ad:31:91:60:3c:00:5a:c2:46:
         a8:3e:d8:23:2f:3e:ec:89:bf:6a:6f:18:cd:4b:a1:b0:54:3a:
         30:4e:64:e4:b1:b9:53:24:af:6d:5e:08:84:5c:21:7e:71:80:
         94:a9:ca:38:dc:b7:cf:42:ab:d8:6b:ac:0d:8d:54:20:18:49:
         67:f2:1a:cc:05:09:8b:f7:d3:43:3f:e0:b4:99:ec:bd:a7:0b:
         4a:26:c4:d1:eb:01:77:00:00:07:41:ed:fb:18:a7:13:ee:e6:
         f8:2d:33:ef:2c:54:0c:4d:87:cc:15:ec:b4:ab:a5:ba:eb:25:
         93:5c:09:f5:a8:ba:79:65:cf:14:ff:e6:cb:99:af:72:7a:78:
         6b:83:d7:9e:b2:fe:3c:17:c2:47:3d:41:b7:5c:ed:b2:76:56:
         e7:8b:c8:95:1d:7e:c1:4c:a4:ee:86:f2:38:fa:93:76:39:64:
         2f:6b:2a:ad:bb:51:04:17:d0:27:7e:50:67:db:a6:ae:f2:fc:
         bf:b3:57:05:b3:b4:91:da:d1:42:d3:a5:53:63:1e:cc:c9:cd:
         f8:c5:1c:9c:6a:a0:64:6c:c7:5d:cf:7f:aa:55:e7:9e:c7:83:
         a4:8d:83:bd
-----BEGIN CERTIFICATE-----
MIIGRjCCBS6gAwIBAgIUAQ0Mn0MoWEWWM0YPebJhBIIp7AAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkYWI4NTY4NmItYmFjMy00MGQyLWI0NmUtZjI1OTNmYjBi
YzZiMB4XDTI0MDQxODEzMDAzM1oXDTI0MDcxNzEzMDAzM1owLzEtMCsGA1UEAxMk
NmJlMjNjNjEtNzYzMy00MzYyLWExMmUtMzk0OTkwN2I0ODM2MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAojc1VlRDaYGB4TUd1Ee5iaX1RcKBjhvN7vp5
Q4Vqko/K0y593T/2kb10TO2LEG5Mhw763qqnpGWafA/M+ezUtd187DwWaG5FWH0p
GWw/t/B1taXZvsLnnhzBM8aY30q7RjiZLXpeF4z+KWk7plLrx6oagQq5f9cXuH0G
ydlS5SjQNEv6TcRfZFguolt/0ZQ5CB7ntHr+/vejpQH1VURdQlsqnMKoFpoEi9un
nxRuBM6u+/DyTSewWR7ZGnuh3XlnzzWcZHj6/Mro98xVQuFj98RbldoLAkbPutjQ
nIdqHJv2quuUbCbj8IV5hDovAE8XJ3GZwsNhoRneR3KaFqlaQwIDAQABo4IDWDCC
A1QwHQYDVR0OBBYEFFGxHr/JuqAOkA5bduuTaVvtJ/3vMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy9hYjg1
Njg2Yi1iYWMzLTQwZDItYjQ2ZS1mMjU5M2ZiMGJjNmIvMjlkNjQ5ZmYtNzAyOC0z
NzY3LTgzMjctOGM0NzIxYmY1NmE4LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvYWI4NTY4NmItYmFjMy00MGQyLWI0
NmUtZjI1OTNmYjBiYzZiL2FiODU2ODZiLWJhYzMtNDBkMi1iNDZlLWYyNTkzZmIw
YmM2Yi5jcmwwHwYDVR0jBBgwFoAUDl72Pqf/QsCEXBjtlhm3bYrZhr4wDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy9hYjg1Njg2Yi1iYWMzLTQwZDItYjQ2ZS1mMjU5
M2ZiMGJjNmIuY2VyMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAJiAAmKAA
MFQGA1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6
Ly93d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcN
AQELBQADggEBAK3KFNT5w68vzqcH+02zj+3kwxqGigQIKuKoRq0xkWA8AFrCRqg+
2CMvPuyJv2pvGM1LobBUOjBOZOSxuVMkr21eCIRcIX5xgJSpyjjct89Cq9hrrA2N
VCAYSWfyGswFCYv300M/4LSZ7L2nC0omxNHrAXcAAAdB7fsYpxPu5vgtM+8sVAxN
h8wV7LSrpbrrJZNcCfWounllzxT/5suZr3J6eGuD156y/jwXwkc9Qbdc7bJ2VueL
yJUdfsFMpO6G8jj6k3Y5ZC9rKq27UQQX0Cd+UGfbpq7y/L+zVwWztJHa0ULTpVNj
HszJzfjFHJxqoGRsx13Pf6pV557Hg6SNg70=
-----END CERTIFICATE-----
Generated at Tue Apr 23 18:42:37 2024 by rpki-client on console-fra.rpki-client.org