Route Origin Authorization

$ cd rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/927d18e8-718f-412b-a0b2-a97decff6f3f/

$ rpki-client -vvf 9991720e-7c6a-33e3-872b-729d82d4813e.roa
File:                     9991720e-7c6a-33e3-872b-729d82d4813e.roa (download)
Hash identifier:          csQxTCkhgvms3d1U+wst6gK9Kv6D4zgpImuIK8bcpEo=
Subject key identifier:   4A:C5:6E:EA:22:AB:93:9A:30:CD:B2:24:E9:04:B5:21:42:95:AC:AD
Certificate issuer:       /CN=927d18e8-718f-412b-a0b2-a97decff6f3f
Certificate serial:       010D0C9F4328583D2C07B4DB59B12380F3156680
Authority key identifier: 65:DD:C3:69:D5:D8:1B:0F:95:D5:AB:AD:7B:F5:30:38:B1:C0:60:04
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/927d18e8-718f-412b-a0b2-a97decff6f3f.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/927d18e8-718f-412b-a0b2-a97decff6f3f/9991720e-7c6a-33e3-872b-729d82d4813e.roa
ROA valid until:          Mar 07 05:00:00 2030 GMT
asID:                     1239
IP address blocks:
    1: 167.94.252.0/23 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:3d:2c:07:b4:db:59:b1:23:80:f3:15:66:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=927d18e8-718f-412b-a0b2-a97decff6f3f
        Validity
            Not Before: Mar  7 05:00:00 2022 GMT
            Not After : Mar  7 05:00:00 2030 GMT
        Subject: CN=d41baa0e-172b-49e9-a2c8-31f4e263eaae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:55:c9:31:37:5f:fd:41:18:65:66:90:87:3f:
                    4b:3b:be:83:a8:cd:ea:92:6c:9f:d2:8e:71:10:ec:
                    49:7e:6d:65:a9:5f:96:78:cb:37:2f:9b:b9:58:9b:
                    0e:37:72:a9:90:9b:ad:de:43:87:af:ab:db:dd:8a:
                    e1:fa:76:2f:60:40:57:17:a9:f2:fa:12:e1:47:54:
                    a1:7a:ee:c6:67:ec:e9:46:40:da:cf:39:17:b8:35:
                    a5:f7:34:b4:93:7b:60:0c:91:00:f3:93:f4:55:64:
                    61:18:b2:a3:ae:a5:89:96:c2:7e:30:e2:80:08:1c:
                    84:6e:63:17:c1:84:31:5f:45:37:34:0b:25:8c:a0:
                    51:de:33:8d:20:5c:08:69:f0:37:35:39:ff:60:eb:
                    f1:74:a3:75:0b:8b:4d:07:0d:33:5f:ce:23:2a:b9:
                    03:30:cb:96:98:02:c7:d8:a6:15:d1:45:bc:aa:68:
                    aa:29:ea:1c:f9:18:30:c0:0d:0d:81:72:49:02:04:
                    40:2b:fe:d9:a8:44:8d:0f:9d:0f:d2:3f:81:e9:ce:
                    53:f9:5d:6e:2e:50:90:a9:be:61:26:17:b2:db:b6:
                    e9:a2:19:72:9d:80:46:bd:0d:3c:d4:19:28:89:d0:
                    52:69:d6:99:e3:6f:ae:c4:f5:e0:cf:1c:00:a5:b2:
                    1d:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                4A:C5:6E:EA:22:AB:93:9A:30:CD:B2:24:E9:04:B5:21:42:95:AC:AD
            Subject Information Access: 
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/927d18e8-718f-412b-a0b2-a97decff6f3f/9991720e-7c6a-33e3-872b-729d82d4813e.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/927d18e8-718f-412b-a0b2-a97decff6f3f/927d18e8-718f-412b-a0b2-a97decff6f3f.crl

            X509v3 Authority Key Identifier: 
                keyid:65:DD:C3:69:D5:D8:1B:0F:95:D5:AB:AD:7B:F5:30:38:B1:C0:60:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/927d18e8-718f-412b-a0b2-a97decff6f3f.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  167.94.252.0/23

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         7f:af:88:54:8c:6c:a6:9a:27:f8:f4:f6:e9:34:e7:a2:fb:0a:
         a5:41:64:e6:f4:0a:4e:5b:02:4d:3d:6e:bb:57:0d:6c:28:51:
         f1:73:ad:cf:ae:69:4c:3c:29:97:95:95:f4:4b:77:1c:95:b8:
         58:2a:7d:5c:39:d3:83:61:fa:2b:df:a6:42:37:5a:9e:1b:1e:
         2f:85:3e:2c:d7:73:9a:84:cd:17:a2:7d:0a:90:40:32:75:07:
         4e:c9:48:cd:3d:73:83:b4:53:f7:85:b1:48:f8:0a:60:2b:01:
         4f:c5:d7:06:b9:6c:93:8f:f8:ad:a6:9d:09:a1:2a:25:e7:69:
         c2:9c:07:0d:04:cc:f0:5b:85:15:a6:64:43:f5:98:48:43:b7:
         5e:33:5e:6d:7f:59:b0:8e:3c:f6:f9:4e:12:80:8e:86:e9:ae:
         81:f3:72:f3:65:ba:c7:61:de:51:73:ea:10:2a:bc:95:b1:b0:
         54:27:d4:84:10:69:8f:ca:9d:69:fc:69:64:a4:d4:c5:46:07:
         81:a2:88:74:74:c8:95:e0:1d:1d:4a:94:fe:d3:bc:68:ed:d2:
         64:db:21:e5:64:e1:e1:ba:78:87:6c:5f:4e:af:e8:fa:04:68:
         ab:dd:fd:29:4a:f8:ca:32:77:04:d8:78:80:9a:3d:fa:70:aa:
         e6:db:e5:3d
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWD0sB7TbWbEjgPMVZoAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkOTI3ZDE4ZTgtNzE4Zi00MTJiLWEwYjItYTk3ZGVjZmY2
ZjNmMB4XDTIyMDMwNzA1MDAwMFoXDTMwMDMwNzA1MDAwMFowLzEtMCsGA1UEAxMk
ZDQxYmFhMGUtMTcyYi00OWU5LWEyYzgtMzFmNGUyNjNlYWFlMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjVXJMTdf/UEYZWaQhz9LO76DqM3qkmyf0o5x
EOxJfm1lqV+WeMs3L5u5WJsON3KpkJut3kOHr6vb3Yrh+nYvYEBXF6ny+hLhR1Sh
eu7GZ+zpRkDazzkXuDWl9zS0k3tgDJEA85P0VWRhGLKjrqWJlsJ+MOKACByEbmMX
wYQxX0U3NAsljKBR3jONIFwIafA3NTn/YOvxdKN1C4tNBw0zX84jKrkDMMuWmALH
2KYV0UW8qmiqKeoc+RgwwA0NgXJJAgRAK/7ZqESND50P0j+B6c5T+V1uLlCQqb5h
Jhey27bpohlynYBGvQ081BkoidBSadaZ42+uxPXgzxwApbIdpQIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFErFbuoiq5OaMM2yJOkEtSFClaytMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzc0NmUwMTExLWZhZmItNDMwZi1iNzc4LWQyMDRjZmNkOTlhOC85Mjdk
MThlOC03MThmLTQxMmItYTBiMi1hOTdkZWNmZjZmM2YvOTk5MTcyMGUtN2M2YS0z
M2UzLTg3MmItNzI5ZDgyZDQ4MTNlLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy83NDZlMDExMS1m
YWZiLTQzMGYtYjc3OC1kMjA0Y2ZjZDk5YTgvOTI3ZDE4ZTgtNzE4Zi00MTJiLWEw
YjItYTk3ZGVjZmY2ZjNmLzkyN2QxOGU4LTcxOGYtNDEyYi1hMGIyLWE5N2RlY2Zm
NmYzZi5jcmwwHwYDVR0jBBgwFoAUZd3DadXYGw+V1aute/UwOLHAYAQwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzc0NmUwMTExLWZhZmItNDMw
Zi1iNzc4LWQyMDRjZmNkOTlhOC85MjdkMThlOC03MThmLTQxMmItYTBiMi1hOTdk
ZWNmZjZmM2YuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBp178MFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAH+viFSMbKaaJ/j09uk056L7CqVBZOb0Ck5bAk09brtXDWwoUfFzrc+u
aUw8KZeVlfRLdxyVuFgqfVw504Nh+ivfpkI3Wp4bHi+FPizXc5qEzReifQqQQDJ1
B07JSM09c4O0U/eFsUj4CmArAU/F1wa5bJOP+K2mnQmhKiXnacKcBw0EzPBbhRWm
ZEP1mEhDt14zXm1/WbCOPPb5ThKAjobproHzcvNlusdh3lFz6hAqvJWxsFQn1IQQ
aY/KnWn8aWSk1MVGB4GiiHR0yJXgHR1KlP7TvGjt0mTbIeVk4eG6eIdsX06v6PoE
aKvd/SlK+MoydwTYeICaPfpwqubb5T0=
-----END CERTIFICATE-----
Generated at Fri Dec 2 13:30:51 2022 by rpki-client.