Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d9d1572f-6cbb-4cf7-b599-e9d0e981d9bf/aa31a4a0-7b77-4f56-8f89-01525b506129/c1337ef0-f7e6-384f-a349-52b7ab3af9de.roa
File:                     c1337ef0-f7e6-384f-a349-52b7ab3af9de.roa (raw, json)
Hash identifier:          htSVEJXYRY3FZG1BPQ+oFWOb5gfB6G2KM4ATtQMCziw=
Subject key identifier:   BB:23:69:23:22:CF:B3:B9:A5:F2:B2:C6:D6:7E:51:39:7B:79:23:60
Certificate issuer:       /CN=aa31a4a0-7b77-4f56-8f89-01525b506129
Certificate serial:       010D0C9F43285848E2D1032FF649ECAF3407CD80
Authority key identifier: 58:89:4D:59:3D:A0:9D:73:D6:96:20:6E:85:EB:9B:B1:BA:9B:66:3D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d9d1572f-6cbb-4cf7-b599-e9d0e981d9bf/aa31a4a0-7b77-4f56-8f89-01525b506129.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d9d1572f-6cbb-4cf7-b599-e9d0e981d9bf/aa31a4a0-7b77-4f56-8f89-01525b506129/c1337ef0-f7e6-384f-a349-52b7ab3af9de.roa
Signing time:             Sat 15 Feb 2025 02:00:39 +0000
ROA not before:           Sat 15 Feb 2025 02:00:39 +0000
ROA not after:            Fri 16 May 2025 01:00:39 +0000
asID:                     46687
IP address blocks:        24.213.96.0/20 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d9d1572f-6cbb-4cf7-b599-e9d0e981d9bf/aa31a4a0-7b77-4f56-8f89-01525b506129/aa31a4a0-7b77-4f56-8f89-01525b506129.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d9d1572f-6cbb-4cf7-b599-e9d0e981d9bf/aa31a4a0-7b77-4f56-8f89-01525b506129/aa31a4a0-7b77-4f56-8f89-01525b506129.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d9d1572f-6cbb-4cf7-b599-e9d0e981d9bf/aa31a4a0-7b77-4f56-8f89-01525b506129.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d9d1572f-6cbb-4cf7-b599-e9d0e981d9bf/d9d1572f-6cbb-4cf7-b599-e9d0e981d9bf.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d9d1572f-6cbb-4cf7-b599-e9d0e981d9bf/d9d1572f-6cbb-4cf7-b599-e9d0e981d9bf.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d9d1572f-6cbb-4cf7-b599-e9d0e981d9bf.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 14 Apr 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:48:e2:d1:03:2f:f6:49:ec:af:34:07:cd:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aa31a4a0-7b77-4f56-8f89-01525b506129
        Validity
            Not Before: Feb 15 02:00:39 2025 GMT
            Not After : May 16 01:00:39 2025 GMT
        Subject: CN=01005fba-b47f-4c67-8afb-6db7c23b28bc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:95:0f:83:6d:ee:c5:19:b3:5f:a9:62:d6:52:
                    a2:2a:11:70:aa:2b:f0:69:0f:7c:84:98:26:15:f8:
                    80:15:33:da:50:9b:1d:5e:62:95:9f:b8:bd:76:f1:
                    87:55:d6:90:1e:45:54:62:0a:26:f3:94:68:eb:aa:
                    b7:35:76:e6:36:d1:93:35:f3:76:67:20:e8:f4:d1:
                    8f:b1:ed:56:3b:da:a5:5d:07:69:88:d3:df:ce:7f:
                    76:2a:73:61:9c:ee:02:f0:be:2e:c9:de:e3:28:3b:
                    b0:d8:10:a4:5b:66:dc:43:75:e5:53:98:c9:be:b6:
                    e4:1a:27:8e:51:e4:ab:1f:49:5c:88:e3:c4:b8:cf:
                    15:bc:1c:4f:db:f2:0e:35:ae:fb:2b:da:4c:8d:d2:
                    59:d2:16:00:b3:6f:a7:ee:f5:7e:91:e7:59:b8:3a:
                    87:59:d3:48:cc:42:d3:c0:6c:e7:2a:e4:33:fd:e8:
                    dd:20:2c:0d:a9:6f:03:24:cb:ce:b6:2d:6b:f2:e8:
                    80:31:db:10:fd:cd:ab:49:81:d6:59:71:8d:dc:f1:
                    6c:20:06:81:1c:bd:40:b1:3a:fe:f9:41:48:a5:68:
                    26:73:78:22:63:16:4c:97:9b:8c:70:dc:78:8b:9a:
                    28:e3:4d:42:68:9f:14:5f:5c:07:ca:56:66:04:c2:
                    89:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:23:69:23:22:CF:B3:B9:A5:F2:B2:C6:D6:7E:51:39:7B:79:23:60
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d9d1572f-6cbb-4cf7-b599-e9d0e981d9bf/aa31a4a0-7b77-4f56-8f89-01525b506129/c1337ef0-f7e6-384f-a349-52b7ab3af9de.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d9d1572f-6cbb-4cf7-b599-e9d0e981d9bf/aa31a4a0-7b77-4f56-8f89-01525b506129/aa31a4a0-7b77-4f56-8f89-01525b506129.crl

            X509v3 Authority Key Identifier:
                keyid:58:89:4D:59:3D:A0:9D:73:D6:96:20:6E:85:EB:9B:B1:BA:9B:66:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d9d1572f-6cbb-4cf7-b599-e9d0e981d9bf/aa31a4a0-7b77-4f56-8f89-01525b506129.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  24.213.96.0/20

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         bf:55:f8:57:ce:38:9c:55:1f:c4:ec:37:c6:03:86:b8:af:2b:
         82:4c:79:82:3f:bb:0a:77:37:de:90:80:2d:31:9a:db:9b:eb:
         67:6c:2b:52:b2:1a:8e:fb:7e:54:58:9c:ec:a8:63:e6:c0:10:
         68:fe:ad:5b:03:0a:94:f5:d8:4c:ee:f6:2f:75:4a:68:42:8a:
         2c:ec:6e:f4:b9:08:56:ce:aa:9f:40:50:05:6e:6c:ac:f0:97:
         58:27:e8:47:23:b4:43:5a:96:43:31:d5:3f:c4:81:f0:74:80:
         36:8e:32:fb:a0:04:28:f2:c8:ab:51:c7:6f:4f:76:9d:50:d5:
         b8:1c:64:55:0c:78:6e:32:98:29:b3:b6:31:81:91:8a:e8:aa:
         cb:4d:45:23:16:b7:a7:be:27:9b:77:38:bb:64:74:2b:06:7c:
         20:28:f2:1d:bc:e9:42:d4:22:fd:69:81:7f:90:d2:b9:34:60:
         d5:3c:63:c1:c0:80:dd:8b:9f:ab:4e:d9:df:2c:2f:1e:a8:d7:
         e1:b3:b6:c8:7d:a8:00:fc:38:65:22:6d:2f:a9:c6:63:f1:4d:
         8f:ee:36:35:f5:72:e3:4d:b4:00:7b:02:4c:b4:74:7f:5b:56:
         27:5b:7a:19:e3:a5:9c:4b:5f:96:7d:e6:e2:e8:8a:58:08:f9:
         93:c9:c1:15
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEji0QMv9knsrzQHzYAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkYWEzMWE0YTAtN2I3Ny00ZjU2LThmODktMDE1MjViNTA2
MTI5MB4XDTI1MDIxNTAyMDAzOVoXDTI1MDUxNjAxMDAzOVowLzEtMCsGA1UEAxMk
MDEwMDVmYmEtYjQ3Zi00YzY3LThhZmItNmRiN2MyM2IyOGJjMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyZUPg23uxRmzX6li1lKiKhFwqivwaQ98hJgm
FfiAFTPaUJsdXmKVn7i9dvGHVdaQHkVUYgom85Ro66q3NXbmNtGTNfN2ZyDo9NGP
se1WO9qlXQdpiNPfzn92KnNhnO4C8L4uyd7jKDuw2BCkW2bcQ3XlU5jJvrbkGieO
UeSrH0lciOPEuM8VvBxP2/IONa77K9pMjdJZ0hYAs2+n7vV+kedZuDqHWdNIzELT
wGznKuQz/ejdICwNqW8DJMvOti1r8uiAMdsQ/c2rSYHWWXGN3PFsIAaBHL1AsTr+
+UFIpWgmc3giYxZMl5uMcNx4i5oo401CaJ8UX1wHylZmBMKJewIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFLsjaSMiz7O5pfKyxtZ+UTl7eSNgMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzL2Q5ZDE1NzJmLTZjYmItNGNmNy1iNTk5LWU5ZDBlOTgxZDliZi9hYTMx
YTRhMC03Yjc3LTRmNTYtOGY4OS0wMTUyNWI1MDYxMjkvYzEzMzdlZjAtZjdlNi0z
ODRmLWEzNDktNTJiN2FiM2FmOWRlLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy9kOWQxNTcyZi02
Y2JiLTRjZjctYjU5OS1lOWQwZTk4MWQ5YmYvYWEzMWE0YTAtN2I3Ny00ZjU2LThm
ODktMDE1MjViNTA2MTI5L2FhMzFhNGEwLTdiNzctNGY1Ni04Zjg5LTAxNTI1YjUw
NjEyOS5jcmwwHwYDVR0jBBgwFoAUWIlNWT2gnXPWliBuheubsbqbZj0wDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzL2Q5ZDE1NzJmLTZjYmItNGNm
Ny1iNTk5LWU5ZDBlOTgxZDliZi9hYTMxYTRhMC03Yjc3LTRmNTYtOGY4OS0wMTUy
NWI1MDYxMjkuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEGNVgMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAL9V+FfOOJxVH8TsN8YDhrivK4JMeYI/uwp3N96QgC0xmtub62dsK1Ky
Go77flRYnOyoY+bAEGj+rVsDCpT12Ezu9i91SmhCiizsbvS5CFbOqp9AUAVubKzw
l1gn6EcjtENalkMx1T/EgfB0gDaOMvugBCjyyKtRx29Pdp1Q1bgcZFUMeG4ymCmz
tjGBkYroqstNRSMWt6e+J5t3OLtkdCsGfCAo8h286ULUIv1pgX+Q0rk0YNU8Y8HA
gN2Ln6tO2d8sLx6o1+Gztsh9qAD8OGUibS+pxmPxTY/uNjX1cuNNtAB7Aky0dH9b
VidbehnjpZxLX5Z95uLoilgI+ZPJwRU=
-----END CERTIFICATE-----
Generated at Sat Apr 12 15:12:35 2025 by rpki-client