Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/28df346d-3f66-4555-b2ab-67f450efdcb3/4dd8305e-e04a-3ce1-a306-cad4284760dd.roa
File:                     4dd8305e-e04a-3ce1-a306-cad4284760dd.roa (raw, json)
Hash identifier:          THUkWUXQiHljP0y2xGAkFa7hPjdo0BJ5wn6gS8Igckc=
Subject key identifier:   38:CA:D1:40:25:DE:88:23:DE:2B:1F:4D:E3:89:6E:5B:DF:71:89:E9
Certificate issuer:       /CN=28df346d-3f66-4555-b2ab-67f450efdcb3
Certificate serial:       010D0C9F43285848A13612DC161F345A2AFB5500
Authority key identifier: D1:31:34:B4:B4:77:2C:0C:8A:FF:F5:82:03:50:28:76:EA:E5:1D:9E
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/28df346d-3f66-4555-b2ab-67f450efdcb3.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/28df346d-3f66-4555-b2ab-67f450efdcb3/4dd8305e-e04a-3ce1-a306-cad4284760dd.roa
Signing time:             Wed 22 Jan 2025 14:00:52 +0000
ROA not before:           Wed 22 Jan 2025 14:00:52 +0000
ROA not after:            Tue 22 Apr 2025 13:00:52 +0000
asID:                     14230
IP address blocks:        64.71.192.0/20 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/28df346d-3f66-4555-b2ab-67f450efdcb3/28df346d-3f66-4555-b2ab-67f450efdcb3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/28df346d-3f66-4555-b2ab-67f450efdcb3/28df346d-3f66-4555-b2ab-67f450efdcb3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/28df346d-3f66-4555-b2ab-67f450efdcb3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/a73420cb-b3cc-4b03-bda7-1be204933ae5.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/a73420cb-b3cc-4b03-bda7-1be204933ae5.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 07 Apr 2025 18:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:48:a1:36:12:dc:16:1f:34:5a:2a:fb:55:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=28df346d-3f66-4555-b2ab-67f450efdcb3
        Validity
            Not Before: Jan 22 14:00:52 2025 GMT
            Not After : Apr 22 13:00:52 2025 GMT
        Subject: CN=98b87f00-4ada-4e60-a088-6584b7d4b0bf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:16:75:e8:35:37:ea:17:9c:21:02:7f:c1:62:
                    b9:78:6f:e2:9f:02:69:e2:fc:1e:e9:07:59:a8:06:
                    90:10:86:9a:01:14:0d:16:92:43:ce:10:1c:0e:27:
                    b9:40:a6:8e:ce:3f:20:6c:f9:93:1f:3a:48:3e:59:
                    94:3b:2d:4d:f3:8f:0a:a1:e0:b4:dc:e2:d3:79:eb:
                    4e:6f:68:04:aa:35:3d:e5:de:26:74:42:f2:8c:72:
                    1b:8f:c0:29:16:06:c1:75:b2:74:6f:d0:87:cf:06:
                    bb:4d:6b:62:01:fa:94:f8:36:4f:04:c4:b4:1b:ee:
                    e6:de:de:74:01:05:0f:df:4e:8f:28:8b:ad:7c:df:
                    4a:13:56:9f:cf:ff:cd:8a:0a:cd:08:bc:28:97:9f:
                    be:3d:00:f8:a5:a9:13:69:d3:0d:ad:81:74:68:3c:
                    93:98:e6:15:4b:e4:35:c8:e9:37:2a:3b:13:87:59:
                    46:b0:6e:fb:59:23:12:50:89:f9:68:17:77:25:14:
                    4a:b1:5a:00:5c:97:b2:47:ca:98:a0:63:99:f2:6b:
                    32:06:28:f9:35:c3:9a:34:a1:ad:9b:00:2c:15:10:
                    8f:78:3c:66:10:c9:31:2e:67:28:58:5d:5b:a1:fd:
                    da:b3:8f:a2:84:7a:a7:55:da:73:0c:03:17:3a:4f:
                    82:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:CA:D1:40:25:DE:88:23:DE:2B:1F:4D:E3:89:6E:5B:DF:71:89:E9
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/28df346d-3f66-4555-b2ab-67f450efdcb3/4dd8305e-e04a-3ce1-a306-cad4284760dd.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/28df346d-3f66-4555-b2ab-67f450efdcb3/28df346d-3f66-4555-b2ab-67f450efdcb3.crl

            X509v3 Authority Key Identifier:
                keyid:D1:31:34:B4:B4:77:2C:0C:8A:FF:F5:82:03:50:28:76:EA:E5:1D:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/28df346d-3f66-4555-b2ab-67f450efdcb3.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  64.71.192.0/20

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         86:27:cf:0f:39:28:3a:5b:41:69:80:47:2b:bb:e0:a6:45:76:
         a5:4a:38:2a:b2:a5:1f:77:23:85:cc:a5:1d:04:02:45:fc:02:
         1e:fe:72:1e:3f:48:84:c4:65:bd:29:32:5c:2c:af:7c:ad:9d:
         71:a0:38:b1:19:eb:12:74:be:58:16:d6:0f:1c:ef:99:78:61:
         67:fa:8f:50:61:0a:0d:9b:5c:b4:6e:2a:05:6a:d3:44:24:6c:
         cf:c7:37:df:09:57:e3:af:5e:c4:82:8b:8f:e4:d6:1b:65:e7:
         92:68:44:0a:16:57:54:a8:66:41:db:a8:1c:12:14:54:b3:68:
         da:55:bb:39:01:bd:64:14:9d:02:07:07:97:13:8c:c1:35:aa:
         49:44:1a:ea:4d:50:7c:7a:81:49:5e:82:63:7e:ad:a7:5c:70:
         16:9a:98:28:3e:aa:1b:37:be:a0:15:d6:19:03:2c:70:a8:16:
         4d:3f:30:c5:e6:f7:4f:6b:30:97:4c:78:c6:a2:30:9e:93:5b:
         d6:2b:6a:ba:f2:8d:b2:72:52:67:aa:35:c2:42:06:0c:ca:ea:
         34:91:86:8c:f2:35:85:50:93:2b:62:4a:05:64:63:b2:9c:b6:
         dd:36:f6:05:29:bb:26:ea:30:d5:ab:d8:fd:b7:8b:c3:06:a6:
         ab:cd:5b:c2
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEihNhLcFh80Wir7VQAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkMjhkZjM0NmQtM2Y2Ni00NTU1LWIyYWItNjdmNDUwZWZk
Y2IzMB4XDTI1MDEyMjE0MDA1MloXDTI1MDQyMjEzMDA1MlowLzEtMCsGA1UEAxMk
OThiODdmMDAtNGFkYS00ZTYwLWEwODgtNjU4NGI3ZDRiMGJmMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyhZ16DU36hecIQJ/wWK5eG/inwJp4vwe6QdZ
qAaQEIaaARQNFpJDzhAcDie5QKaOzj8gbPmTHzpIPlmUOy1N848KoeC03OLTeetO
b2gEqjU95d4mdELyjHIbj8ApFgbBdbJ0b9CHzwa7TWtiAfqU+DZPBMS0G+7m3t50
AQUP306PKIutfN9KE1afz//NigrNCLwol5++PQD4pakTadMNrYF0aDyTmOYVS+Q1
yOk3KjsTh1lGsG77WSMSUIn5aBd3JRRKsVoAXJeyR8qYoGOZ8msyBij5NcOaNKGt
mwAsFRCPeDxmEMkxLmcoWF1bof3as4+ihHqnVdpzDAMXOk+CJwIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFDjK0UAl3ogj3isfTeOJblvfcYnpMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzL2E3MzQyMGNiLWIzY2MtNGIwMy1iZGE3LTFiZTIwNDkzM2FlNS8yOGRm
MzQ2ZC0zZjY2LTQ1NTUtYjJhYi02N2Y0NTBlZmRjYjMvNGRkODMwNWUtZTA0YS0z
Y2UxLWEzMDYtY2FkNDI4NDc2MGRkLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy9hNzM0MjBjYi1i
M2NjLTRiMDMtYmRhNy0xYmUyMDQ5MzNhZTUvMjhkZjM0NmQtM2Y2Ni00NTU1LWIy
YWItNjdmNDUwZWZkY2IzLzI4ZGYzNDZkLTNmNjYtNDU1NS1iMmFiLTY3ZjQ1MGVm
ZGNiMy5jcmwwHwYDVR0jBBgwFoAU0TE0tLR3LAyK//WCA1AodurlHZ4wDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzL2E3MzQyMGNiLWIzY2MtNGIw
My1iZGE3LTFiZTIwNDkzM2FlNS8yOGRmMzQ2ZC0zZjY2LTQ1NTUtYjJhYi02N2Y0
NTBlZmRjYjMuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEQEfAMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAIYnzw85KDpbQWmARyu74KZFdqVKOCqypR93I4XMpR0EAkX8Ah7+ch4/
SITEZb0pMlwsr3ytnXGgOLEZ6xJ0vlgW1g8c75l4YWf6j1BhCg2bXLRuKgVq00Qk
bM/HN98JV+OvXsSCi4/k1htl55JoRAoWV1SoZkHbqBwSFFSzaNpVuzkBvWQUnQIH
B5cTjME1qklEGupNUHx6gUlegmN+radccBaamCg+qhs3vqAV1hkDLHCoFk0/MMXm
909rMJdMeMaiMJ6TW9YrarryjbJyUmeqNcJCBgzK6jSRhozyNYVQkytiSgVkY7Kc
tt029gUpuybqMNWr2P23i8MGpqvNW8I=
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:54:25 2025 by rpki-client