Route Origin Authorization

$ cd rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/

$ rpki-client -vvf 6f899861-ca32-3cdd-a5e2-5d7029c1fe56.roa
File:                     6f899861-ca32-3cdd-a5e2-5d7029c1fe56.roa (download)
Hash identifier:          LaShwZSXJB1KzIZ1/53SQPAJ3/ntomjFPOXcG+v9QKA=
Subject key identifier:   81:44:C5:E7:A5:4E:BC:93:2B:15:96:02:7E:0B:8C:57:55:94:BF:4A
Certificate issuer:       /CN=18800324-5150-4981-a144-bdb80e6bcb7c
Certificate serial:       010D0C9F4328583DF5D66A4EBDD94B393095D840
Authority key identifier: 11:6B:47:33:36:D9:E8:9D:B5:96:1B:5E:EF:A3:40:22:AE:DE:69:B6
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/6f899861-ca32-3cdd-a5e2-5d7029c1fe56.roa
ROA valid until:          Aug 21 04:00:00 2024 GMT
asID:                     1239
IP address blocks:
    1: 45.38.60.0/24 maxlen: 24
    2: 23.27.184.0/24 maxlen: 24
    3: 23.230.11.0/24 maxlen: 24
    4: 45.38.44.0/24 maxlen: 24
    5: 45.38.181.0/24 maxlen: 24
    6: 50.118.172.0/24 maxlen: 24
    7: 45.39.184.0/24 maxlen: 24
    8: 45.39.45.0/24 maxlen: 24
    9: 45.39.46.0/24 maxlen: 24
   10: 45.39.57.0/24 maxlen: 24
   11: 45.39.78.0/24 maxlen: 24
   12: 45.39.116.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:3d:f5:d6:6a:4e:bd:d9:4b:39:30:95:d8:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18800324-5150-4981-a144-bdb80e6bcb7c
        Validity
            Not Before: Aug 26 17:55:28 2020 GMT
            Not After : Aug 21 04:00:00 2024 GMT
        Subject: CN=3c26b58f-7286-4450-a666-4153b692139d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:92:97:71:37:8a:0c:49:16:ad:5f:52:71:7c:
                    04:b2:6c:b8:6f:29:41:d2:c5:a6:42:66:d7:2d:1c:
                    e9:10:d2:f3:1e:85:d2:69:d0:69:09:43:e9:06:ed:
                    aa:71:ad:b6:06:fb:bb:77:5f:df:13:3c:3a:de:1d:
                    be:fd:a6:76:24:34:8a:1c:9e:ee:07:17:fd:3b:c5:
                    99:29:13:aa:b3:c9:b1:4f:ae:b5:8c:be:d8:81:18:
                    63:37:b8:5c:d4:d2:df:d0:29:2c:0a:62:d6:0b:e4:
                    67:ce:6b:c3:81:09:cb:51:22:92:55:eb:85:b2:b9:
                    75:a0:39:f9:16:54:6c:d2:3a:8d:12:12:7d:88:f4:
                    5a:58:81:5d:c5:2f:ca:02:7c:cc:21:88:60:a1:fc:
                    99:8e:8f:15:7e:e5:f8:4b:eb:5b:0f:e1:bc:4f:9e:
                    a6:ef:eb:e9:b8:d7:0d:af:80:32:96:08:eb:d9:18:
                    98:4c:27:f4:bc:05:1f:a4:7c:ca:47:08:78:e5:9b:
                    02:53:2f:52:08:3d:a1:9e:04:e1:8f:28:2b:c9:54:
                    4a:8e:7d:51:00:5a:99:69:b6:e1:05:2a:ab:df:eb:
                    41:b8:84:a4:f7:17:98:c3:21:ab:d9:d2:dd:c5:ac:
                    03:60:0d:77:84:44:e5:b6:41:e8:e2:26:5c:87:55:
                    86:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                81:44:C5:E7:A5:4E:BC:93:2B:15:96:02:7E:0B:8C:57:55:94:BF:4A
            Subject Information Access: 
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/6f899861-ca32-3cdd-a5e2-5d7029c1fe56.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/18800324-5150-4981-a144-bdb80e6bcb7c.crl

            X509v3 Authority Key Identifier: 
                keyid:11:6B:47:33:36:D9:E8:9D:B5:96:1B:5E:EF:A3:40:22:AE:DE:69:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  23.27.184.0/24
                  23.230.11.0/24
                  45.38.44.0/24
                  45.38.60.0/24
                  45.38.181.0/24
                  45.39.45.0-45.39.46.255
                  45.39.57.0/24
                  45.39.78.0/24
                  45.39.116.0/24
                  45.39.184.0/24
                  50.118.172.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         0c:24:9c:e1:9c:47:fa:43:dc:1a:86:4b:48:db:35:13:63:20:
         e2:6b:6b:40:bc:fd:9c:22:a8:50:a4:62:82:40:60:fd:8a:01:
         e4:9c:df:04:47:a3:bb:1f:13:e9:50:51:8d:3e:77:0e:fb:20:
         17:5a:17:cb:0d:a5:7a:ea:c9:4f:21:f9:48:67:37:8f:ba:f2:
         3b:cc:15:dd:55:44:a8:3a:82:08:1c:38:72:b7:83:26:87:8b:
         11:c3:ab:48:f0:f2:43:b2:20:71:37:fe:32:a5:e3:fb:b3:ce:
         1a:42:4c:39:f0:00:1b:c7:dd:50:04:e4:c7:e7:28:03:91:82:
         34:ce:e4:c3:32:0a:34:ce:54:5c:62:5e:3b:30:96:d3:f5:00:
         a2:22:65:b3:fb:7b:d6:42:74:26:71:b8:db:d3:45:2c:43:4b:
         b8:66:55:c1:c7:30:5c:fe:d8:cb:d7:a5:73:a2:ad:7a:94:b1:
         18:54:37:54:70:67:06:7c:4b:20:73:fe:7b:e5:65:8d:6e:95:
         1d:45:c7:98:cf:02:39:0d:b0:ab:d2:86:ce:a7:e4:6e:ee:e5:
         bc:6f:59:1a:bb:27:54:f2:95:1a:5e:6c:ec:ee:12:8b:e1:b9:
         25:ca:83:ff:c2:58:b8:98:b5:0d:ec:80:ef:da:03:ef:63:14:
         69:b4:3a:0a
-----BEGIN CERTIFICATE-----
MIIGhzCCBW+gAwIBAgIUAQ0Mn0MoWD311mpOvdlLOTCV2EAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkMTg4MDAzMjQtNTE1MC00OTgxLWExNDQtYmRiODBlNmJj
YjdjMB4XDTIwMDgyNjE3NTUyOFoXDTI0MDgyMTA0MDAwMFowLzEtMCsGA1UEAxMk
M2MyNmI1OGYtNzI4Ni00NDUwLWE2NjYtNDE1M2I2OTIxMzlkMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv5KXcTeKDEkWrV9ScXwEsmy4bylB0sWmQmbX
LRzpENLzHoXSadBpCUPpBu2qca22Bvu7d1/fEzw63h2+/aZ2JDSKHJ7uBxf9O8WZ
KROqs8mxT661jL7YgRhjN7hc1NLf0CksCmLWC+RnzmvDgQnLUSKSVeuFsrl1oDn5
FlRs0jqNEhJ9iPRaWIFdxS/KAnzMIYhgofyZjo8VfuX4S+tbD+G8T56m7+vpuNcN
r4Aylgjr2RiYTCf0vAUfpHzKRwh45ZsCUy9SCD2hngThjygryVRKjn1RAFqZabbh
BSqr3+tBuISk9xeYwyGr2dLdxawDYA13hETltkHo4iZch1WGtQIDAQABo4IDmTCC
A5UwHQYDVR0OBBYEFIFExeelTryTKxWWAn4LjFdVlL9KMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzc0NmUwMTExLWZhZmItNDMwZi1iNzc4LWQyMDRjZmNkOTlhOC8xODgw
MDMyNC01MTUwLTQ5ODEtYTE0NC1iZGI4MGU2YmNiN2MvNmY4OTk4NjEtY2EzMi0z
Y2RkLWE1ZTItNWQ3MDI5YzFmZTU2LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy83NDZlMDExMS1m
YWZiLTQzMGYtYjc3OC1kMjA0Y2ZjZDk5YTgvMTg4MDAzMjQtNTE1MC00OTgxLWEx
NDQtYmRiODBlNmJjYjdjLzE4ODAwMzI0LTUxNTAtNDk4MS1hMTQ0LWJkYjgwZTZi
Y2I3Yy5jcmwwHwYDVR0jBBgwFoAUEWtHMzbZ6J21lhte76NAIq7eabYwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzc0NmUwMTExLWZhZmItNDMw
Zi1iNzc4LWQyMDRjZmNkOTlhOC8xODgwMDMyNC01MTUwLTQ5ODEtYTE0NC1iZGI4
MGU2YmNiN2MuY2VyMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQAFxu4AwQA
F+YLAwQALSYsAwQALSY8AwQALSa1MAwDBAAtJy0DBAAtJy4DBAAtJzkDBAAtJ04D
BAAtJ3QDBAAtJ7gDBAAydqwwVAYDVR0gAQH/BEowSDBGBggrBgEFBQcOAjA6MDgG
CCsGAQUFBwIBFixodHRwczovL3d3dy5hcmluLm5ldC9yZXNvdXJjZXMvcnBraS9j
cHMuaHRtbDANBgkqhkiG9w0BAQsFAAOCAQEADCSc4ZxH+kPcGoZLSNs1E2Mg4mtr
QLz9nCKoUKRigkBg/YoB5JzfBEejux8T6VBRjT53DvsgF1oXyw2leurJTyH5SGc3
j7ryO8wV3VVEqDqCCBw4creDJoeLEcOrSPDyQ7IgcTf+MqXj+7POGkJMOfAAG8fd
UATkx+coA5GCNM7kwzIKNM5UXGJeOzCW0/UAoiJls/t71kJ0JnG429NFLENLuGZV
wccwXP7Yy9elc6KtepSxGFQ3VHBnBnxLIHP+e+VljW6VHUXHmM8COQ2wq9KGzqfk
bu7lvG9ZGrsnVPKVGl5s7O4Si+G5JcqD/8JYuJi1DeyA79oD72MUabQ6Cg==
-----END CERTIFICATE-----
Generated at Fri Dec 2 12:20:13 2022 by rpki-client.