Route Origin Authorization

$ cd rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/7afae497-a3f6-4f52-abeb-632cca8db94a/

$ rpki-client -vvf e20331fc-b228-36d6-99d9-b466cf925ad1.roa
File:                     e20331fc-b228-36d6-99d9-b466cf925ad1.roa (download)
Hash identifier:          psJR+nzOAs4rEwAJFMzwwO2ISBkgznRH0LXt9iUX4Rw=
Subject key identifier:   E0:DA:70:6B:1D:0A:20:18:40:20:47:59:CD:CA:D8:44:96:D0:F3:32
Certificate issuer:       /CN=7afae497-a3f6-4f52-abeb-632cca8db94a
Certificate serial:       010D0C9F4328583CCBF88BC7A69248F402DEA290
Authority key identifier: 4C:82:BD:2B:3F:94:20:83:FF:E4:68:4E:63:B7:64:55:C2:CB:79:A4
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/7afae497-a3f6-4f52-abeb-632cca8db94a.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/7afae497-a3f6-4f52-abeb-632cca8db94a/e20331fc-b228-36d6-99d9-b466cf925ad1.roa
ROA valid until:          May 07 04:00:00 2028 GMT
asID:                     1239
IP address blocks:
    1: 2606:40cc::/32 maxlen: 32
    2: 2606:40cd::/32 maxlen: 32
    3: 2606:40ce::/32 maxlen: 32
    4: 2606:40cf::/32 maxlen: 32

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:3c:cb:f8:8b:c7:a6:92:48:f4:02:de:a2:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7afae497-a3f6-4f52-abeb-632cca8db94a
        Validity
            Not Before: Jul  7 04:00:00 2021 GMT
            Not After : May  7 04:00:00 2028 GMT
        Subject: CN=7b3bb012-c6cc-4529-8901-d8989b9e8334
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:fa:4b:6b:57:de:a9:75:0f:88:bf:ce:3f:91:
                    31:a5:25:1a:cf:e2:bb:20:7f:6b:c6:54:26:c6:6c:
                    65:a6:60:64:59:6a:12:1e:20:f0:be:bf:ed:d0:20:
                    38:2f:b1:6e:a4:53:1a:61:73:27:6f:f0:28:d1:56:
                    ac:07:f7:ba:5a:76:0f:59:3c:6d:0a:7c:8d:e6:5c:
                    ef:81:32:b5:70:bb:e1:0e:62:c2:8e:ae:c9:1c:30:
                    c9:4c:62:9b:91:5b:3f:c5:60:90:eb:1a:74:d2:90:
                    dd:2d:4c:2f:15:9d:06:68:87:b9:1f:83:10:0b:41:
                    88:2a:39:d9:30:61:99:66:ca:8d:27:5b:ac:15:16:
                    04:bb:2f:87:7d:e3:11:66:61:4e:35:43:aa:d0:20:
                    8c:70:10:4d:e5:d2:2c:4e:af:5c:4d:17:14:27:f4:
                    a8:83:48:e1:77:ef:c1:e6:bc:d6:3e:8f:07:2e:94:
                    25:e4:be:66:a8:f6:fb:26:fe:d6:31:d9:4a:8e:a2:
                    29:66:84:65:d3:a1:29:45:42:04:3a:8a:e2:70:b7:
                    87:dd:38:01:b9:84:87:b3:fa:cc:55:bf:a1:04:22:
                    cb:3c:d4:a5:e3:01:80:89:53:19:1b:a5:91:07:02:
                    40:f2:0f:ea:f0:f5:5c:1f:35:fc:bd:4a:24:07:54:
                    20:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                E0:DA:70:6B:1D:0A:20:18:40:20:47:59:CD:CA:D8:44:96:D0:F3:32
            Subject Information Access: 
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/7afae497-a3f6-4f52-abeb-632cca8db94a/e20331fc-b228-36d6-99d9-b466cf925ad1.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/7afae497-a3f6-4f52-abeb-632cca8db94a/7afae497-a3f6-4f52-abeb-632cca8db94a.crl

            X509v3 Authority Key Identifier: 
                keyid:4C:82:BD:2B:3F:94:20:83:FF:E4:68:4E:63:B7:64:55:C2:CB:79:A4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/7afae497-a3f6-4f52-abeb-632cca8db94a.cer

            sbgp-ipAddrBlock: critical
                IPv6:
                  2606:40cc::/30

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         24:4a:ba:59:1e:52:3d:46:09:65:77:48:4a:4b:96:89:6b:64:
         b0:8f:72:b9:73:ab:29:03:17:bf:a0:18:07:22:9c:0e:be:ba:
         91:5c:bf:09:1a:b1:3c:89:1e:d4:ec:f2:82:b3:d5:cf:a0:3c:
         da:36:76:a4:b1:d9:8f:0d:ca:c0:0b:d5:b4:26:69:e8:dd:dd:
         9c:b6:f5:ce:09:ac:5f:eb:98:08:4e:be:5d:67:e9:dc:06:fa:
         13:79:33:cb:c0:22:4e:4e:58:67:23:7e:40:57:f8:82:66:97:
         f2:77:35:a0:db:14:fd:94:41:70:ca:f6:db:ff:bb:6f:f3:13:
         1c:c6:3b:69:95:e3:8a:65:df:95:d3:e7:17:5b:27:f0:89:8c:
         a9:a5:90:98:8f:6a:30:82:00:bd:65:60:78:5c:02:52:4b:b7:
         0f:30:65:cc:6f:f0:05:72:d7:04:42:74:67:0b:29:48:3b:31:
         ed:1a:41:0c:e3:89:25:ae:b7:30:82:ef:f7:b3:04:28:16:13:
         e5:0b:d9:1a:43:e5:48:49:04:a9:85:20:1a:dc:a6:59:0d:4f:
         b5:b1:87:82:21:cd:ca:cd:ba:80:13:b0:4a:69:e0:a6:54:f6:
         92:59:22:08:82:6c:db:cc:21:09:ba:c7:b7:16:dc:b8:1a:45:
         68:a1:14:a8
-----BEGIN CERTIFICATE-----
MIIGRDCCBSygAwIBAgIUAQ0Mn0MoWDzL+IvHppJI9ALeopAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkN2FmYWU0OTctYTNmNi00ZjUyLWFiZWItNjMyY2NhOGRi
OTRhMB4XDTIxMDcwNzA0MDAwMFoXDTI4MDUwNzA0MDAwMFowLzEtMCsGA1UEAxMk
N2IzYmIwMTItYzZjYy00NTI5LTg5MDEtZDg5ODliOWU4MzM0MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3PpLa1feqXUPiL/OP5ExpSUaz+K7IH9rxlQm
xmxlpmBkWWoSHiDwvr/t0CA4L7FupFMaYXMnb/Ao0VasB/e6WnYPWTxtCnyN5lzv
gTK1cLvhDmLCjq7JHDDJTGKbkVs/xWCQ6xp00pDdLUwvFZ0GaIe5H4MQC0GIKjnZ
MGGZZsqNJ1usFRYEuy+HfeMRZmFONUOq0CCMcBBN5dIsTq9cTRcUJ/Sog0jhd+/B
5rzWPo8HLpQl5L5mqPb7Jv7WMdlKjqIpZoRl06EpRUIEOoricLeH3TgBuYSHs/rM
Vb+hBCLLPNSl4wGAiVMZG6WRBwJA8g/q8PVcHzX8vUokB1QgUQIDAQABo4IDVjCC
A1IwHQYDVR0OBBYEFODacGsdCiAYQCBHWc3K2ESW0PMyMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzc2ZmUxMWQ0LWQzNTItNDk5NC04ZjZjLWQ2YzkxYjBiODQxNS83YWZh
ZTQ5Ny1hM2Y2LTRmNTItYWJlYi02MzJjY2E4ZGI5NGEvZTIwMzMxZmMtYjIyOC0z
NmQ2LTk5ZDktYjQ2NmNmOTI1YWQxLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy83NmZlMTFkNC1k
MzUyLTQ5OTQtOGY2Yy1kNmM5MWIwYjg0MTUvN2FmYWU0OTctYTNmNi00ZjUyLWFi
ZWItNjMyY2NhOGRiOTRhLzdhZmFlNDk3LWEzZjYtNGY1Mi1hYmViLTYzMmNjYThk
Yjk0YS5jcmwwHwYDVR0jBBgwFoAUTIK9Kz+UIIP/5GhOY7dkVcLLeaQwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzc2ZmUxMWQ0LWQzNTItNDk5
NC04ZjZjLWQ2YzkxYjBiODQxNS83YWZhZTQ5Ny1hM2Y2LTRmNTItYWJlYi02MzJj
Y2E4ZGI5NGEuY2VyMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUCJgZAzDBU
BgNVHSABAf8ESjBIMEYGCCsGAQUFBw4CMDowOAYIKwYBBQUHAgEWLGh0dHBzOi8v
d3d3LmFyaW4ubmV0L3Jlc291cmNlcy9ycGtpL2Nwcy5odG1sMA0GCSqGSIb3DQEB
CwUAA4IBAQAkSrpZHlI9Rglld0hKS5aJa2Swj3K5c6spAxe/oBgHIpwOvrqRXL8J
GrE8iR7U7PKCs9XPoDzaNnaksdmPDcrAC9W0Jmno3d2ctvXOCaxf65gITr5dZ+nc
BvoTeTPLwCJOTlhnI35AV/iCZpfydzWg2xT9lEFwyvbb/7tv8xMcxjtpleOKZd+V
0+cXWyfwiYyppZCYj2owggC9ZWB4XAJSS7cPMGXMb/AFctcEQnRnCylIOzHtGkEM
44klrrcwgu/3swQoFhPlC9kaQ+VISQSphSAa3KZZDU+1sYeCIc3KzbqAE7BKaeCm
VPaSWSIIgmzbzCEJuse3Fty4GkVooRSo
-----END CERTIFICATE-----
Generated at Fri Dec 2 13:30:58 2022 by rpki-client.