Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/daa8bdf2-31df-4e1e-bcf3-96d6c5800faa/7332e9a4-0787-3148-ac49-59abb3ffcd35.roa
File:                     7332e9a4-0787-3148-ac49-59abb3ffcd35.roa (raw, json)
Hash identifier:          HfmJrBpxjoUZgvfzPo4BVTTjTjAWpVZe9qX4QxqEQjQ=
Subject key identifier:   9E:75:43:18:88:D6:02:9D:C6:53:17:FE:86:A4:FB:7B:F5:4B:49:0D
Certificate issuer:       /CN=daa8bdf2-31df-4e1e-bcf3-96d6c5800faa
Certificate serial:       010D0C9F43285847767B8DE1BC9C00B0A4FD3E00
Authority key identifier: C8:21:6A:53:54:33:76:13:DB:FB:F3:B4:60:95:5E:18:1E:6A:D3:C5
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/daa8bdf2-31df-4e1e-bcf3-96d6c5800faa.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/daa8bdf2-31df-4e1e-bcf3-96d6c5800faa/7332e9a4-0787-3148-ac49-59abb3ffcd35.roa
Signing time:             Mon 07 Oct 2024 13:54:17 +0000
ROA not before:           Mon 07 Oct 2024 13:54:17 +0000
ROA not after:            Sun 05 Jan 2025 14:54:17 +0000
asID:                     398210
IP address blocks:        168.220.168.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/daa8bdf2-31df-4e1e-bcf3-96d6c5800faa/daa8bdf2-31df-4e1e-bcf3-96d6c5800faa.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/daa8bdf2-31df-4e1e-bcf3-96d6c5800faa/daa8bdf2-31df-4e1e-bcf3-96d6c5800faa.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/daa8bdf2-31df-4e1e-bcf3-96d6c5800faa.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 23 Nov 2024 13:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:47:76:7b:8d:e1:bc:9c:00:b0:a4:fd:3e:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=daa8bdf2-31df-4e1e-bcf3-96d6c5800faa
        Validity
            Not Before: Oct  7 13:54:17 2024 GMT
            Not After : Jan  5 14:54:17 2025 GMT
        Subject: CN=80985958-05f5-49f0-bab6-e4d7db725910
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:3e:78:8e:b3:9b:c8:31:e8:46:99:66:0e:ee:
                    a7:bf:ee:65:37:ce:29:df:39:ba:6f:0e:3f:77:96:
                    9f:3f:42:78:bc:18:94:3c:55:0c:55:c3:0b:cb:1f:
                    90:03:3c:3c:9f:7b:17:b3:38:a1:6d:6f:85:c5:e4:
                    11:8e:80:45:59:dd:47:1c:24:39:fe:42:96:14:bb:
                    f3:29:94:71:52:a2:f4:74:fb:fe:bf:e0:41:d8:93:
                    71:a0:8d:ab:bc:6b:07:9f:76:d7:1f:36:4f:bb:ad:
                    f6:9f:77:4b:d7:4d:2f:92:48:af:1e:d6:b1:47:54:
                    63:e2:ba:bb:ec:25:4e:ce:6f:40:f4:81:33:1e:6f:
                    69:10:d4:89:7b:e4:1c:5f:e5:63:76:e6:29:df:cc:
                    c8:e5:19:9d:8e:bc:af:77:e2:0b:bb:3c:c6:3f:65:
                    4b:5f:0c:b1:5f:b8:6e:d1:2f:af:d4:da:00:9f:95:
                    ae:b4:15:a4:71:eb:10:71:4b:06:e9:f1:5d:63:8d:
                    1e:bb:4e:f5:91:8c:88:54:8b:c0:d9:c6:79:dc:76:
                    04:8c:03:18:24:c2:88:48:a0:b2:ff:81:dc:e0:ff:
                    03:5c:2c:bb:e5:32:86:5b:54:58:23:df:77:26:22:
                    e6:48:fe:89:c3:c4:d7:34:31:87:1c:a1:89:e1:2b:
                    da:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:75:43:18:88:D6:02:9D:C6:53:17:FE:86:A4:FB:7B:F5:4B:49:0D
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/daa8bdf2-31df-4e1e-bcf3-96d6c5800faa/7332e9a4-0787-3148-ac49-59abb3ffcd35.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/daa8bdf2-31df-4e1e-bcf3-96d6c5800faa/daa8bdf2-31df-4e1e-bcf3-96d6c5800faa.crl

            X509v3 Authority Key Identifier:
                keyid:C8:21:6A:53:54:33:76:13:DB:FB:F3:B4:60:95:5E:18:1E:6A:D3:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/daa8bdf2-31df-4e1e-bcf3-96d6c5800faa.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.220.168.0/23

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         8e:6d:b6:2a:99:ec:76:d0:80:9f:df:76:41:bc:9f:93:d8:a1:
         48:13:2f:f5:c8:93:92:4e:bd:58:a4:64:27:11:1a:6b:80:8e:
         e3:33:9b:b7:82:94:47:23:0a:be:17:19:aa:ac:11:71:56:dd:
         02:b5:7e:08:24:e4:a6:e3:df:0a:58:84:5c:a1:39:5c:67:2d:
         13:fd:27:c1:33:33:c2:ca:88:1f:9a:4e:b5:78:d2:8c:07:3a:
         98:5a:dd:bd:cd:62:3e:00:8c:f6:d1:d1:e9:eb:09:3c:15:28:
         a0:a9:82:9f:70:2a:52:9c:be:ca:2c:00:33:6f:6b:72:52:48:
         93:10:b1:dd:7f:a8:2f:9b:e5:7a:7b:68:a3:48:ff:71:95:cf:
         2d:76:d9:31:19:8c:6a:d4:52:24:12:1f:b5:9a:f8:29:5e:90:
         4e:19:88:13:82:59:21:21:28:8a:b9:5f:b2:81:31:07:e0:f6:
         e6:79:6d:68:03:8e:40:12:62:13:58:c9:87:c6:b2:be:a8:1f:
         ad:d1:5d:5f:0c:70:9c:b3:fd:23:4c:00:f2:bd:7c:57:a7:85:
         cb:86:31:8b:38:b7:50:f2:26:69:f7:2b:71:11:d3:c6:4f:f5:
         6e:20:37:f7:57:c8:44:1c:f1:c1:6d:5e:cb:ba:4a:53:91:59:
         e9:6d:e6:4a
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEd2e43hvJwAsKT9PgAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkZGFhOGJkZjItMzFkZi00ZTFlLWJjZjMtOTZkNmM1ODAw
ZmFhMB4XDTI0MTAwNzEzNTQxN1oXDTI1MDEwNTE0NTQxN1owLzEtMCsGA1UEAxMk
ODA5ODU5NTgtMDVmNS00OWYwLWJhYjYtZTRkN2RiNzI1OTEwMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEApj54jrObyDHoRplmDu6nv+5lN84p3zm6bw4/
d5afP0J4vBiUPFUMVcMLyx+QAzw8n3sXszihbW+FxeQRjoBFWd1HHCQ5/kKWFLvz
KZRxUqL0dPv+v+BB2JNxoI2rvGsHn3bXHzZPu632n3dL100vkkivHtaxR1Rj4rq7
7CVOzm9A9IEzHm9pENSJe+QcX+VjduYp38zI5Rmdjryvd+ILuzzGP2VLXwyxX7hu
0S+v1NoAn5WutBWkcesQcUsG6fFdY40eu071kYyIVIvA2cZ53HYEjAMYJMKISKCy
/4Hc4P8DXCy75TKGW1RYI993JiLmSP6Jw8TXNDGHHKGJ4SvamQIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFJ51QxiI1gKdxlMX/oak+3v1S0kNMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy9kYWE4
YmRmMi0zMWRmLTRlMWUtYmNmMy05NmQ2YzU4MDBmYWEvNzMzMmU5YTQtMDc4Ny0z
MTQ4LWFjNDktNTlhYmIzZmZjZDM1LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvZGFhOGJkZjItMzFkZi00ZTFlLWJj
ZjMtOTZkNmM1ODAwZmFhL2RhYThiZGYyLTMxZGYtNGUxZS1iY2YzLTk2ZDZjNTgw
MGZhYS5jcmwwHwYDVR0jBBgwFoAUyCFqU1QzdhPb+/O0YJVeGB5q08UwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy9kYWE4YmRmMi0zMWRmLTRlMWUtYmNmMy05NmQ2
YzU4MDBmYWEuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBqNyoMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAI5ttiqZ7HbQgJ/fdkG8n5PYoUgTL/XIk5JOvVikZCcRGmuAjuMzm7eC
lEcjCr4XGaqsEXFW3QK1fggk5Kbj3wpYhFyhOVxnLRP9J8EzM8LKiB+aTrV40owH
Opha3b3NYj4AjPbR0enrCTwVKKCpgp9wKlKcvsosADNva3JSSJMQsd1/qC+b5Xp7
aKNI/3GVzy122TEZjGrUUiQSH7Wa+ClekE4ZiBOCWSEhKIq5X7KBMQfg9uZ5bWgD
jkASYhNYyYfGsr6oH63RXV8McJyz/SNMAPK9fFenhcuGMYs4t1DyJmn3K3ER08ZP
9W4gN/dXyEQc8cFtXsu6SlORWelt5ko=
-----END CERTIFICATE-----