Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/68b287f4-51cf-421c-923b-f0e384de5eea/294e9347-de22-31e7-bfc5-75bd383b4a41.roa
File:                     294e9347-de22-31e7-bfc5-75bd383b4a41.roa (raw, json)
Hash identifier:          h8f4s9KEo8YpjxTVQrEOSgCwx0uKQTzJctfntxq4Ne8=
Subject key identifier:   9B:34:59:F9:37:52:C0:0D:92:D8:79:8B:1A:E2:40:F7:E0:77:DB:44
Certificate issuer:       /CN=68b287f4-51cf-421c-923b-f0e384de5eea
Certificate serial:       010D0C9F432858485A057A01F92060C7C9F8F540
Authority key identifier: 35:7E:4F:98:41:25:A3:72:03:F5:E2:BA:41:43:AE:4A:FA:E0:BC:1D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/68b287f4-51cf-421c-923b-f0e384de5eea.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/68b287f4-51cf-421c-923b-f0e384de5eea/294e9347-de22-31e7-bfc5-75bd383b4a41.roa
Signing time:             Sat 28 Dec 2024 02:00:38 +0000
ROA not before:           Sat 28 Dec 2024 02:00:38 +0000
ROA not after:            Fri 28 Mar 2025 01:00:38 +0000
asID:                     8069
IP address blocks:        20.33.109.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/68b287f4-51cf-421c-923b-f0e384de5eea/68b287f4-51cf-421c-923b-f0e384de5eea.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/68b287f4-51cf-421c-923b-f0e384de5eea/68b287f4-51cf-421c-923b-f0e384de5eea.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/68b287f4-51cf-421c-923b-f0e384de5eea.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 17 Feb 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:48:5a:05:7a:01:f9:20:60:c7:c9:f8:f5:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=68b287f4-51cf-421c-923b-f0e384de5eea
        Validity
            Not Before: Dec 28 02:00:38 2024 GMT
            Not After : Mar 28 01:00:38 2025 GMT
        Subject: CN=3680d85e-002a-4d89-97b0-661012fd1527
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:a9:d1:81:1b:46:44:2b:bc:ce:1d:63:33:3f:
                    a7:47:c4:c8:12:42:79:73:1e:cb:ff:17:91:15:3c:
                    17:40:2e:95:eb:76:10:11:ed:25:fb:74:ad:ed:54:
                    0a:fd:6e:ad:12:8f:29:44:42:5a:5b:83:aa:5c:23:
                    5d:2d:b7:88:83:db:88:e1:43:4d:e8:3d:8c:09:db:
                    4e:38:a5:99:c0:94:d6:e4:eb:53:b3:8b:e3:e0:14:
                    b0:4d:b2:05:91:e0:9a:83:54:05:08:c0:16:ab:bc:
                    07:9c:fe:ec:b9:b3:8c:2e:71:7f:27:bb:d8:ad:cd:
                    69:71:78:5c:f1:45:f4:17:38:cf:bd:fb:08:bd:aa:
                    eb:4d:c7:4a:fb:47:db:12:d8:b2:fe:6b:1b:7b:54:
                    2b:72:d6:eb:c0:67:3a:89:50:97:ef:15:3f:b4:4f:
                    9d:31:82:9d:20:62:a8:56:e7:2a:31:8e:29:5a:0e:
                    67:f5:ac:6a:17:eb:20:a3:f5:fd:53:36:be:92:6a:
                    64:e8:6a:b9:e8:cb:99:1a:4b:1f:1b:2b:01:da:79:
                    22:1a:67:19:84:05:88:f7:f6:c4:03:e0:6f:4d:b8:
                    a6:cc:dc:a0:48:ce:18:c4:20:ff:32:d5:6d:9d:f5:
                    87:ee:a1:3a:ea:92:d7:73:d9:80:61:eb:f5:d3:8c:
                    4f:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:34:59:F9:37:52:C0:0D:92:D8:79:8B:1A:E2:40:F7:E0:77:DB:44
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/68b287f4-51cf-421c-923b-f0e384de5eea/294e9347-de22-31e7-bfc5-75bd383b4a41.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/68b287f4-51cf-421c-923b-f0e384de5eea/68b287f4-51cf-421c-923b-f0e384de5eea.crl

            X509v3 Authority Key Identifier:
                keyid:35:7E:4F:98:41:25:A3:72:03:F5:E2:BA:41:43:AE:4A:FA:E0:BC:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/68b287f4-51cf-421c-923b-f0e384de5eea.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  20.33.109.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         0d:b5:46:2e:bd:e6:5a:82:31:e1:ca:d6:c5:40:bf:f8:97:d0:
         6a:48:d5:12:f3:44:fd:88:6c:00:49:39:c3:f6:c2:4f:78:a5:
         21:9e:46:07:9c:33:e2:f7:72:39:5d:80:59:2d:60:f0:93:82:
         62:b8:2c:0d:3e:fe:49:c1:e1:6e:14:1c:2e:1c:f7:47:6c:91:
         5c:a6:29:db:45:39:85:37:58:fc:56:2f:db:2f:4f:3d:97:0a:
         b0:2a:31:88:9b:69:aa:d6:bd:ca:7a:e3:69:80:8a:7e:d9:7e:
         3c:7e:cb:dc:65:5f:7c:96:ab:b9:0a:c6:cf:b0:36:23:81:38:
         7b:31:c5:c9:34:0d:35:a0:30:78:a6:94:3e:b1:68:d8:cb:b8:
         e7:dd:87:4b:56:54:69:b9:71:ca:04:b4:96:9a:45:2a:f2:ab:
         d0:80:fe:cb:74:a6:69:7f:f1:90:e5:06:16:7b:fd:5d:eb:1e:
         04:1e:b7:3d:ac:ed:dc:18:72:39:1d:71:9f:79:84:fe:8b:2f:
         5a:75:56:c6:04:5e:45:52:9c:2e:ee:0f:8c:43:1b:c5:3d:a1:
         7f:58:21:ef:76:d9:4b:a6:91:ce:10:bd:fb:89:e1:94:d2:2b:
         a6:a5:33:a9:f1:59:e3:b0:a7:a2:19:48:db:3f:bd:7e:aa:b8:
         c3:35:79:c4
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEhaBXoB+SBgx8n49UAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNjhiMjg3ZjQtNTFjZi00MjFjLTkyM2ItZjBlMzg0ZGU1
ZWVhMB4XDTI0MTIyODAyMDAzOFoXDTI1MDMyODAxMDAzOFowLzEtMCsGA1UEAxMk
MzY4MGQ4NWUtMDAyYS00ZDg5LTk3YjAtNjYxMDEyZmQxNTI3MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlKnRgRtGRCu8zh1jMz+nR8TIEkJ5cx7L/xeR
FTwXQC6V63YQEe0l+3St7VQK/W6tEo8pREJaW4OqXCNdLbeIg9uI4UNN6D2MCdtO
OKWZwJTW5OtTs4vj4BSwTbIFkeCag1QFCMAWq7wHnP7subOMLnF/J7vYrc1pcXhc
8UX0FzjPvfsIvarrTcdK+0fbEtiy/msbe1QrctbrwGc6iVCX7xU/tE+dMYKdIGKo
VucqMY4pWg5n9axqF+sgo/X9Uza+kmpk6Gq56MuZGksfGysB2nkiGmcZhAWI9/bE
A+BvTbimzNygSM4YxCD/MtVtnfWH7qE66pLXc9mAYev104xPgwIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFJs0Wfk3UsANkth5ixriQPfgd9tEMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzL2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS82OGIy
ODdmNC01MWNmLTQyMWMtOTIzYi1mMGUzODRkZTVlZWEvMjk0ZTkzNDctZGUyMi0z
MWU3LWJmYzUtNzViZDM4M2I0YTQxLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy9mNjBjOWYzMi1h
ODdjLTQzMzktYTJmMy02Mjk5YTNiMDJlMjkvNjhiMjg3ZjQtNTFjZi00MjFjLTky
M2ItZjBlMzg0ZGU1ZWVhLzY4YjI4N2Y0LTUxY2YtNDIxYy05MjNiLWYwZTM4NGRl
NWVlYS5jcmwwHwYDVR0jBBgwFoAUNX5PmEElo3ID9eK6QUOuSvrgvB0wDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzL2Y2MGM5ZjMyLWE4N2MtNDMz
OS1hMmYzLTYyOTlhM2IwMmUyOS82OGIyODdmNC01MWNmLTQyMWMtOTIzYi1mMGUz
ODRkZTVlZWEuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAFCFtMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAA21Ri695lqCMeHK1sVAv/iX0GpI1RLzRP2IbABJOcP2wk94pSGeRgec
M+L3cjldgFktYPCTgmK4LA0+/knB4W4UHC4c90dskVymKdtFOYU3WPxWL9svTz2X
CrAqMYibaarWvcp642mAin7Zfjx+y9xlX3yWq7kKxs+wNiOBOHsxxck0DTWgMHim
lD6xaNjLuOfdh0tWVGm5ccoEtJaaRSryq9CA/st0pml/8ZDlBhZ7/V3rHgQetz2s
7dwYcjkdcZ95hP6LL1p1VsYEXkVSnC7uD4xDG8U9oX9YIe922Uumkc4QvfuJ4ZTS
K6alM6nxWeOwp6IZSNs/vX6quMM1ecQ=
-----END CERTIFICATE-----