Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/2aa438c9-0cbb-4364-946d-9714249a8222/cb90c805-a9ab-3bdd-afdc-0a026851da93.roa
File:                     cb90c805-a9ab-3bdd-afdc-0a026851da93.roa (raw, json)
Hash identifier:          fqkczsxHSQKfcbOWdHMdyRW2t5dSHOIWixlHGxKei3Q=
Subject key identifier:   7C:E2:56:8A:4F:D0:D7:B0:E0:7F:B4:E7:B9:5F:9B:EB:E1:ED:D8:3E
Certificate issuer:       /CN=2aa438c9-0cbb-4364-946d-9714249a8222
Certificate serial:       010D0C9F432858460CD94808F2A8A8A2E6853C28
Authority key identifier: 05:23:DF:93:1B:FF:39:42:9C:2A:FE:7B:FF:7A:4B:33:56:E8:5E:B0
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/2aa438c9-0cbb-4364-946d-9714249a8222.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/2aa438c9-0cbb-4364-946d-9714249a8222/cb90c805-a9ab-3bdd-afdc-0a026851da93.roa
Signing time:             Fri 31 May 2024 01:00:24 +0000
ROA not before:           Fri 31 May 2024 01:00:24 +0000
ROA not after:            Thu 29 Aug 2024 01:00:24 +0000
asID:                     32934
IP address blocks:        157.240.212.0/24 maxlen: 24
                          157.240.199.0/24 maxlen: 24
                          157.240.211.0/24 maxlen: 24
                          157.240.7.0/24 maxlen: 24
                          157.240.12.0/24 maxlen: 24
                          69.171.255.0/24 maxlen: 24
                          157.240.254.0/24 maxlen: 24
                          69.171.250.0/24 maxlen: 24
                          69.171.239.0/24 maxlen: 24
                          157.240.244.0/24 maxlen: 24
                          157.240.214.0/24 maxlen: 24
                          157.240.243.0/24 maxlen: 24
                          157.240.249.0/24 maxlen: 24
                          157.240.251.0/24 maxlen: 24
                          157.240.216.0/24 maxlen: 24
                          157.240.229.0/24 maxlen: 24
                          157.240.218.0/24 maxlen: 24
                          157.240.24.0/24 maxlen: 24
                          157.240.217.0/24 maxlen: 24
                          157.240.222.0/24 maxlen: 24
                          157.240.223.0/24 maxlen: 24
                          157.240.11.0/24 maxlen: 24
                          157.240.252.0/24 maxlen: 24
                          157.240.247.0/24 maxlen: 24
                          157.240.13.0/24 maxlen: 24
                          157.240.14.0/24 maxlen: 24
                          157.240.8.0/24 maxlen: 24
                          157.240.9.0/24 maxlen: 24
                          157.240.236.0/24 maxlen: 24
                          157.240.237.0/24 maxlen: 24
                          157.240.234.0/24 maxlen: 24
                          157.240.208.0/24 maxlen: 24
                          157.240.233.0/24 maxlen: 24
                          157.240.225.0/24 maxlen: 24
                          157.240.235.0/24 maxlen: 24
                          157.240.226.0/24 maxlen: 24
                          157.240.227.0/24 maxlen: 24
                          157.240.197.0/24 maxlen: 24
                          157.240.198.0/24 maxlen: 24
                          157.240.231.0/24 maxlen: 24
                          157.240.192.0/24 maxlen: 24
                          157.240.195.0/24 maxlen: 24
                          157.240.31.0/24 maxlen: 24
                          157.240.196.0/24 maxlen: 24
                          129.134.28.0/24 maxlen: 24
                          157.240.210.0/24 maxlen: 24
                          157.240.245.0/24 maxlen: 24
                          129.134.127.0/24 maxlen: 24
                          157.240.238.0/24 maxlen: 24
                          157.240.224.0/24 maxlen: 24
                          157.240.241.0/24 maxlen: 24
                          157.240.202.0/24 maxlen: 24
                          157.240.201.0/24 maxlen: 24
                          157.240.200.0/24 maxlen: 24
                          157.240.203.0/24 maxlen: 24
                          157.240.209.0/24 maxlen: 24
                          157.240.207.0/24 maxlen: 24
                          157.240.205.0/24 maxlen: 24
                          157.240.242.0/24 maxlen: 24
                          157.240.204.0/24 maxlen: 24
                          157.240.221.0/24 maxlen: 24
                          157.240.19.0/24 maxlen: 24
                          157.240.17.0/24 maxlen: 24
                          157.240.30.0/24 maxlen: 24
                          157.240.22.0/24 maxlen: 24
                          157.240.3.0/24 maxlen: 24
                          129.134.27.0/24 maxlen: 24
                          157.240.1.0/24 maxlen: 24
                          157.240.0.0/24 maxlen: 24
                          129.134.29.0/24 maxlen: 24
                          157.240.5.0/24 maxlen: 24
                          157.240.239.0/24 maxlen: 24
                          157.240.253.0/24 maxlen: 24
                          157.240.15.0/24 maxlen: 24
                          157.240.215.0/24 maxlen: 24
                          157.240.25.0/24 maxlen: 24
                          157.240.26.0/24 maxlen: 24
                          157.240.27.0/24 maxlen: 24
                          157.240.29.0/24 maxlen: 24
                          157.240.16.0/24 maxlen: 24
                          129.134.25.0/24 maxlen: 24
                          157.240.23.0/24 maxlen: 24
                          129.134.26.0/24 maxlen: 24
                          2620:0:1cff::/48 maxlen: 48
                          2620:0:1cfa::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/2aa438c9-0cbb-4364-946d-9714249a8222/2aa438c9-0cbb-4364-946d-9714249a8222.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/2aa438c9-0cbb-4364-946d-9714249a8222/2aa438c9-0cbb-4364-946d-9714249a8222.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/2aa438c9-0cbb-4364-946d-9714249a8222.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 19 Jul 2024 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:46:0c:d9:48:08:f2:a8:a8:a2:e6:85:3c:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2aa438c9-0cbb-4364-946d-9714249a8222
        Validity
            Not Before: May 31 01:00:24 2024 GMT
            Not After : Aug 29 01:00:24 2024 GMT
        Subject: CN=3418c563-1ea0-43e8-a17f-3924b368f442
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:cc:33:11:b2:f1:f9:d7:9f:88:27:a9:bc:88:
                    df:b8:1a:a5:7b:ba:6a:35:36:68:c1:fe:44:01:12:
                    20:bd:1b:42:44:12:78:00:75:0f:3a:21:72:58:6d:
                    0e:15:d5:8f:97:21:42:02:fb:cd:11:70:50:30:42:
                    1c:ba:6c:9d:27:51:1d:e0:24:bd:e6:99:9b:37:c3:
                    36:c9:c8:9a:51:92:2f:68:d3:9e:d3:4d:27:6d:c7:
                    ca:cb:9a:9d:6e:c1:a5:28:b6:33:3e:45:95:b8:21:
                    2d:dc:83:39:89:55:35:09:7b:3f:57:3e:3c:b9:63:
                    b2:fc:0c:e7:a5:ba:79:d7:db:df:f2:fe:96:bd:ac:
                    93:43:8e:d4:3e:f2:5e:af:80:74:67:e2:eb:cb:6f:
                    13:72:19:93:56:27:38:8c:ea:f0:e8:28:a9:eb:bc:
                    f5:3c:59:d7:51:ba:a4:a2:a5:05:a2:0a:10:d0:07:
                    54:31:d8:33:79:f5:eb:c5:42:3c:2c:d9:97:06:5f:
                    42:48:49:04:b2:5a:1e:6d:52:65:f5:69:6b:5a:b4:
                    2d:44:a5:2e:d9:33:55:66:e6:12:13:95:f3:4e:12:
                    e6:d7:6b:7a:2d:23:8a:2a:99:9a:35:75:ec:e6:6a:
                    ea:93:aa:ef:b5:fc:2e:81:6c:26:e2:32:f1:57:20:
                    c1:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:E2:56:8A:4F:D0:D7:B0:E0:7F:B4:E7:B9:5F:9B:EB:E1:ED:D8:3E
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/2aa438c9-0cbb-4364-946d-9714249a8222/cb90c805-a9ab-3bdd-afdc-0a026851da93.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/2aa438c9-0cbb-4364-946d-9714249a8222/2aa438c9-0cbb-4364-946d-9714249a8222.crl

            X509v3 Authority Key Identifier:
                keyid:05:23:DF:93:1B:FF:39:42:9C:2A:FE:7B:FF:7A:4B:33:56:E8:5E:B0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/2aa438c9-0cbb-4364-946d-9714249a8222.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  69.171.239.0/24
                  69.171.250.0/24
                  69.171.255.0/24
                  129.134.25.0-129.134.29.255
                  129.134.127.0/24
                  157.240.0.0/23
                  157.240.3.0/24
                  157.240.5.0/24
                  157.240.7.0-157.240.9.255
                  157.240.11.0-157.240.17.255
                  157.240.19.0/24
                  157.240.22.0-157.240.27.255
                  157.240.29.0-157.240.31.255
                  157.240.192.0/24
                  157.240.195.0-157.240.205.255
                  157.240.207.0-157.240.212.255
                  157.240.214.0-157.240.218.255
                  157.240.221.0-157.240.227.255
                  157.240.229.0/24
                  157.240.231.0/24
                  157.240.233.0-157.240.239.255
                  157.240.241.0-157.240.245.255
                  157.240.247.0/24
                  157.240.249.0/24
                  157.240.251.0-157.240.254.255
                IPv6:
                  2620:0:1cfa::/48
                  2620:0:1cff::/48

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         8b:0f:36:79:d3:ae:b9:f2:c7:ba:0a:67:86:6a:45:5c:3b:28:
         34:ec:1b:51:18:2f:a3:03:4f:fb:2d:c8:d1:cc:06:7b:60:75:
         59:6c:0b:f5:c2:65:a0:25:e4:4d:e8:10:57:65:e2:dc:81:68:
         4e:bf:49:62:52:e5:82:c9:ea:1b:07:e0:85:78:d7:a8:a8:d7:
         0f:e8:6f:b7:74:88:04:8a:5b:b8:8d:b3:2b:1d:f9:3b:18:20:
         c6:85:d6:46:f2:88:79:97:4f:a2:40:34:29:aa:3b:5e:d8:24:
         4e:89:6b:c2:30:e9:ff:26:a4:98:6d:74:0d:7a:ba:4f:e1:ed:
         ad:0a:21:0b:cd:3f:08:e1:bc:78:69:eb:af:7f:7e:2b:2b:46:
         fb:26:0d:73:8c:95:84:c6:ac:90:26:cc:2f:ed:39:f5:a0:d2:
         0d:6c:e8:ea:0e:fd:f0:cb:eb:b8:23:c5:55:00:9a:b6:ca:70:
         be:dd:02:a8:61:87:29:1e:02:36:5a:b3:f0:7c:6e:93:1c:6e:
         89:21:d4:e6:1d:f2:cf:85:d4:21:5f:07:7b:9f:77:1e:30:d1:
         d0:74:27:ea:70:71:6c:0a:6d:58:38:e5:81:90:b5:e4:e4:84:
         61:aa:09:f8:af:78:b1:17:23:e1:39:8f:2d:68:44:0f:5a:2a:
         7a:f0:cb:d3
-----BEGIN CERTIFICATE-----
MIIHVTCCBj2gAwIBAgIUAQ0Mn0MoWEYM2UgI8qioouaFPCgwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkMmFhNDM4YzktMGNiYi00MzY0LTk0NmQtOTcxNDI0OWE4
MjIyMB4XDTI0MDUzMTAxMDAyNFoXDTI0MDgyOTAxMDAyNFowLzEtMCsGA1UEAxMk
MzQxOGM1NjMtMWVhMC00M2U4LWExN2YtMzkyNGIzNjhmNDQyMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoMwzEbLx+defiCepvIjfuBqle7pqNTZowf5E
ARIgvRtCRBJ4AHUPOiFyWG0OFdWPlyFCAvvNEXBQMEIcumydJ1Ed4CS95pmbN8M2
yciaUZIvaNOe000nbcfKy5qdbsGlKLYzPkWVuCEt3IM5iVU1CXs/Vz48uWOy/Azn
pbp519vf8v6WvayTQ47UPvJer4B0Z+Lry28TchmTVic4jOrw6Cip67z1PFnXUbqk
oqUFogoQ0AdUMdgzefXrxUI8LNmXBl9CSEkEsloebVJl9WlrWrQtRKUu2TNVZuYS
E5XzThLm12t6LSOKKpmaNXXs5mrqk6rvtfwugWwm4jLxVyDBWwIDAQABo4IEZzCC
BGMwHQYDVR0OBBYEFHziVopP0New4H+057lfm+vh7dg+MIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzL2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS8yYWE0
MzhjOS0wY2JiLTQzNjQtOTQ2ZC05NzE0MjQ5YTgyMjIvY2I5MGM4MDUtYTlhYi0z
YmRkLWFmZGMtMGEwMjY4NTFkYTkzLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy9mNjBjOWYzMi1h
ODdjLTQzMzktYTJmMy02Mjk5YTNiMDJlMjkvMmFhNDM4YzktMGNiYi00MzY0LTk0
NmQtOTcxNDI0OWE4MjIyLzJhYTQzOGM5LTBjYmItNDM2NC05NDZkLTk3MTQyNDlh
ODIyMi5jcmwwHwYDVR0jBBgwFoAUBSPfkxv/OUKcKv57/3pLM1boXrAwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzL2Y2MGM5ZjMyLWE4N2MtNDMz
OS1hMmYzLTYyOTlhM2IwMmUyOS8yYWE0MzhjOS0wY2JiLTQzNjQtOTQ2ZC05NzE0
MjQ5YTgyMjIuY2VyMIIBLwYIKwYBBQUHAQcBAf8EggEeMIIBGjCB/QQCAAEwgfYD
BABFq+8DBABFq/oDBABFq/8wDAMEAIGGGQMEAYGGHAMEAIGGfwMEAZ3wAAMEAJ3w
AwMEAJ3wBTAMAwQAnfAHAwQBnfAIMAwDBACd8AsDBAGd8BADBACd8BMwDAMEAZ3w
FgMEAp3wGDAMAwQAnfAdAwQFnfAAAwQAnfDAMAwDBACd8MMDBAGd8MwwDAMEAJ3w
zwMEAJ3w1DAMAwQBnfDWAwQAnfDaMAwDBACd8N0DBAKd8OADBACd8OUDBACd8Ocw
DAMEAJ3w6QMEBJ3w4DAMAwQAnfDxAwQBnfD0AwQAnfD3AwQAnfD5MAwDBACd8PsD
BACd8P4wGAQCAAIwEgMHACYgAAAc+gMHACYgAAAc/zBUBgNVHSABAf8ESjBIMEYG
CCsGAQUFBw4CMDowOAYIKwYBBQUHAgEWLGh0dHBzOi8vd3d3LmFyaW4ubmV0L3Jl
c291cmNlcy9ycGtpL2Nwcy5odG1sMA0GCSqGSIb3DQEBCwUAA4IBAQCLDzZ50665
8se6CmeGakVcOyg07BtRGC+jA0/7LcjRzAZ7YHVZbAv1wmWgJeRN6BBXZeLcgWhO
v0liUuWCyeobB+CFeNeoqNcP6G+3dIgEilu4jbMrHfk7GCDGhdZG8oh5l0+iQDQp
qjte2CROiWvCMOn/JqSYbXQNerpP4e2tCiELzT8I4bx4aeuvf34rK0b7Jg1zjJWE
xqyQJswv7Tn1oNINbOjqDv3wy+u4I8VVAJq2ynC+3QKoYYcpHgI2WrPwfG6THG6J
IdTmHfLPhdQhXwd7n3ceMNHQdCfqcHFsCm1YOOWBkLXk5IRhqgn4r3ixFyPhOY8t
aEQPWip68MvT
-----END CERTIFICATE-----
Generated at Thu Jul 18 18:55:49 2024 by rpki-client on console-ams.rpki-client.org