Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/72ef7c9b-c756-439a-ac59-0fb5e5e8c1ee/4e8a6a60-1d92-37f6-9990-fdedce5dd603.roa
File:                     4e8a6a60-1d92-37f6-9990-fdedce5dd603.roa (raw, json)
Hash identifier:          nQHUL2L/z8KGf07JQO0n9KJlAlZ+k8Vv7ZVU4IwfH9c=
Subject key identifier:   AD:89:B1:DF:61:5D:9D:B5:15:DD:E7:B1:14:74:56:A7:DF:6B:3C:1C
Certificate issuer:       /CN=72ef7c9b-c756-439a-ac59-0fb5e5e8c1ee
Certificate serial:       010D0C9F4328584BA667A5F328E1F5F60DC0FF00
Authority key identifier: 27:B8:A3:DD:49:F5:D9:F3:10:53:B6:43:5A:C2:38:B8:25:A7:D7:7D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/72ef7c9b-c756-439a-ac59-0fb5e5e8c1ee.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/72ef7c9b-c756-439a-ac59-0fb5e5e8c1ee/4e8a6a60-1d92-37f6-9990-fdedce5dd603.roa
Signing time:             Sun 26 Oct 2025 13:00:38 +0000
ROA not before:           Sun 26 Oct 2025 13:00:38 +0000
ROA not after:            Sat 24 Jan 2026 14:00:38 +0000
asID:                     26946
IP address blocks:        207.28.238.0/24 maxlen: 24
                          207.165.60.0/24 maxlen: 24
                          207.165.200.0/24 maxlen: 24
                          207.165.223.0/24 maxlen: 24
                          207.165.224.0/23 maxlen: 24
                          209.56.112.0/23 maxlen: 24
                          209.56.158.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/72ef7c9b-c756-439a-ac59-0fb5e5e8c1ee/72ef7c9b-c756-439a-ac59-0fb5e5e8c1ee.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/72ef7c9b-c756-439a-ac59-0fb5e5e8c1ee/72ef7c9b-c756-439a-ac59-0fb5e5e8c1ee.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/72ef7c9b-c756-439a-ac59-0fb5e5e8c1ee.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/871da40f-793a-4a45-a0a9-978148321a07.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/871da40f-793a-4a45-a0a9-978148321a07.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 30 Oct 2025 15:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:4b:a6:67:a5:f3:28:e1:f5:f6:0d:c0:ff:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72ef7c9b-c756-439a-ac59-0fb5e5e8c1ee
        Validity
            Not Before: Oct 26 13:00:38 2025 GMT
            Not After : Jan 24 14:00:38 2026 GMT
        Subject: CN=2b0803ae-dd9e-4537-b17d-309fd071e34f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:6c:31:10:9f:0d:db:0f:cf:ac:d0:15:99:06:
                    6f:0c:f2:0d:b3:41:a9:c5:7e:24:85:87:8b:e5:a4:
                    73:2b:7e:81:2d:ca:10:4c:20:69:d4:8b:4f:93:d7:
                    a6:a3:0d:bf:1c:c1:70:d1:be:36:5a:57:0c:0c:df:
                    fe:16:2d:d8:c4:e4:8e:92:02:4c:c5:41:1d:6b:a8:
                    6c:46:3f:e4:2b:33:38:e9:40:f3:85:6b:50:75:1f:
                    c5:54:ee:98:69:ec:56:4b:1f:63:88:7b:39:ba:6e:
                    18:ce:fb:37:da:5e:bd:e3:2d:b8:96:fe:92:80:2a:
                    6a:63:eb:2b:54:2c:be:b7:72:b4:95:70:d7:15:2a:
                    05:ef:19:4e:34:46:f4:66:c8:1d:44:6b:bb:69:49:
                    a0:fd:e6:dd:63:25:70:dd:7f:bd:88:31:3d:71:a5:
                    1e:10:df:f1:d3:62:53:11:10:cb:9b:25:b3:65:99:
                    f6:53:2d:27:00:83:7b:96:39:0a:47:a9:cd:8d:7a:
                    0b:83:52:7d:54:dc:21:3d:56:fc:fc:52:4f:cd:33:
                    17:03:4e:c8:95:cb:f8:27:cc:1d:ad:fa:4f:e7:80:
                    8e:ae:91:2a:bd:f3:85:7a:48:40:c2:f0:ca:61:11:
                    d3:34:3a:29:e1:d0:4c:72:f7:1f:ff:6e:17:4e:57:
                    c0:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:89:B1:DF:61:5D:9D:B5:15:DD:E7:B1:14:74:56:A7:DF:6B:3C:1C
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/72ef7c9b-c756-439a-ac59-0fb5e5e8c1ee/4e8a6a60-1d92-37f6-9990-fdedce5dd603.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/72ef7c9b-c756-439a-ac59-0fb5e5e8c1ee/72ef7c9b-c756-439a-ac59-0fb5e5e8c1ee.crl

            X509v3 Authority Key Identifier:
                keyid:27:B8:A3:DD:49:F5:D9:F3:10:53:B6:43:5A:C2:38:B8:25:A7:D7:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/72ef7c9b-c756-439a-ac59-0fb5e5e8c1ee.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  207.28.238.0/24
                  207.165.60.0/24
                  207.165.200.0/24
                  207.165.223.0-207.165.225.255
                  209.56.112.0/23
                  209.56.158.0/23

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         98:b6:d0:93:95:0a:09:2c:a8:61:72:83:1e:10:c7:6f:42:d2:
         37:3a:c3:63:da:ec:db:1b:96:ab:d2:23:f6:39:67:a0:f2:61:
         d9:f3:7c:34:2c:d9:ce:3b:2c:98:5a:ed:92:fb:7c:a7:4b:c8:
         7a:4e:fc:4e:27:de:50:53:0e:24:81:bf:a1:2c:61:ff:4b:10:
         8a:3c:fd:7b:fc:a6:73:14:aa:de:a6:27:75:d8:57:78:a8:bd:
         8e:68:a3:2b:1d:37:e7:ea:4e:a2:fd:ef:b4:f2:63:e1:56:25:
         c9:ba:e4:e6:ba:b4:c7:7c:44:3c:26:ab:8d:43:55:c3:b7:b2:
         47:fb:fc:9e:51:bb:81:dd:a1:56:1f:66:4c:6f:f9:ed:b5:bf:
         20:23:94:4c:dd:b9:e0:3c:65:99:ba:08:fa:e5:ef:03:ff:53:
         c1:55:6c:b5:a6:4b:04:1f:e4:82:5f:26:01:8b:e0:00:91:9b:
         81:49:d5:39:a0:b1:fc:97:36:29:df:f7:be:cd:a7:97:fd:6d:
         e7:a8:62:67:5b:86:8c:d9:4e:fb:e2:e2:cc:49:f4:f9:f0:30:
         fe:e9:9e:d3:81:03:40:03:10:da:2b:9b:38:90:d9:23:23:a8:
         18:ce:0a:f6:bb:34:6c:f2:d5:6c:82:e5:9e:04:58:7e:b7:e3:
         d0:a7:6d:fa
-----BEGIN CERTIFICATE-----
MIIGaTCCBVGgAwIBAgIUAQ0Mn0MoWEumZ6XzKOH19g3A/wAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNzJlZjdjOWItYzc1Ni00MzlhLWFjNTktMGZiNWU1ZThj
MWVlMB4XDTI1MTAyNjEzMDAzOFoXDTI2MDEyNDE0MDAzOFowLzEtMCsGA1UEAxMk
MmIwODAzYWUtZGQ5ZS00NTM3LWIxN2QtMzA5ZmQwNzFlMzRmMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmmwxEJ8N2w/PrNAVmQZvDPINs0GpxX4khYeL
5aRzK36BLcoQTCBp1ItPk9emow2/HMFw0b42WlcMDN/+Fi3YxOSOkgJMxUEda6hs
Rj/kKzM46UDzhWtQdR/FVO6YaexWSx9jiHs5um4Yzvs32l694y24lv6SgCpqY+sr
VCy+t3K0lXDXFSoF7xlONEb0ZsgdRGu7aUmg/ebdYyVw3X+9iDE9caUeEN/x02JT
ERDLmyWzZZn2Uy0nAIN7ljkKR6nNjXoLg1J9VNwhPVb8/FJPzTMXA07Ilcv4J8wd
rfpP54COrpEqvfOFekhAwvDKYRHTNDop4dBMcvcf/24XTlfAowIDAQABo4IDezCC
A3cwHQYDVR0OBBYEFK2Jsd9hXZ21Fd3nsRR0VqffazwcMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzg3MWRhNDBmLTc5M2EtNGE0NS1hMGE5LTk3ODE0ODMyMWEwNy83MmVm
N2M5Yi1jNzU2LTQzOWEtYWM1OS0wZmI1ZTVlOGMxZWUvNGU4YTZhNjAtMWQ5Mi0z
N2Y2LTk5OTAtZmRlZGNlNWRkNjAzLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy84NzFkYTQwZi03
OTNhLTRhNDUtYTBhOS05NzgxNDgzMjFhMDcvNzJlZjdjOWItYzc1Ni00MzlhLWFj
NTktMGZiNWU1ZThjMWVlLzcyZWY3YzliLWM3NTYtNDM5YS1hYzU5LTBmYjVlNWU4
YzFlZS5jcmwwHwYDVR0jBBgwFoAUJ7ij3Un12fMQU7ZDWsI4uCWn130wDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzg3MWRhNDBmLTc5M2EtNGE0
NS1hMGE5LTk3ODE0ODMyMWEwNy83MmVmN2M5Yi1jNzU2LTQzOWEtYWM1OS0wZmI1
ZTVlOGMxZWUuY2VyMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAzxzuAwQA
z6U8AwQAz6XIMAwDBADPpd8DBAHPpeADBAHROHADBAHROJ4wVAYDVR0gAQH/BEow
SDBGBggrBgEFBQcOAjA6MDgGCCsGAQUFBwIBFixodHRwczovL3d3dy5hcmluLm5l
dC9yZXNvdXJjZXMvcnBraS9jcHMuaHRtbDANBgkqhkiG9w0BAQsFAAOCAQEAmLbQ
k5UKCSyoYXKDHhDHb0LSNzrDY9rs2xuWq9Ij9jlnoPJh2fN8NCzZzjssmFrtkvt8
p0vIek78TifeUFMOJIG/oSxh/0sQijz9e/ymcxSq3qYnddhXeKi9jmijKx035+pO
ov3vtPJj4VYlybrk5rq0x3xEPCarjUNVw7eyR/v8nlG7gd2hVh9mTG/57bW/ICOU
TN254DxlmboI+uXvA/9TwVVstaZLBB/kgl8mAYvgAJGbgUnVOaCx/Jc2Kd/3vs2n
l/1t56hiZ1uGjNlO++LizEn0+fAw/ume04EDQAMQ2iubOJDZIyOoGM4K9rs0bPLV
bILlngRYfrfj0Kdt+g==
-----END CERTIFICATE-----