Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/d02a52e5-2b71-4124-bd29-60e90e59f47d/2b25c4ea-3c39-374d-a823-2d9361d79fe6.roa
File:                     2b25c4ea-3c39-374d-a823-2d9361d79fe6.roa (raw, json)
Hash identifier:          t7dJcLjxaCDVtAFQygSahydQwAm0bh6ai0AfeFeuYNM=
Subject key identifier:   1A:C2:0E:E9:BC:BF:CD:97:AB:1F:FD:84:3F:D1:AC:41:4D:DE:C7:D2
Certificate issuer:       /CN=d02a52e5-2b71-4124-bd29-60e90e59f47d
Certificate serial:       010D0C9F43285841ED92A68F8E454B189DF93680
Authority key identifier: 6A:E5:9B:C3:03:E7:53:F0:08:74:CD:E2:23:96:C3:24:7E:39:E7:B1
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/d02a52e5-2b71-4124-bd29-60e90e59f47d.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/d02a52e5-2b71-4124-bd29-60e90e59f47d/2b25c4ea-3c39-374d-a823-2d9361d79fe6.roa
Signing time:             Fri 19 May 2023 01:00:16 +0000
ROA not before:           Fri 19 May 2023 01:00:16 +0000
ROA not after:            Thu 17 Aug 2023 01:00:16 +0000
asID:                     20473
IP address blocks:        136.228.0.0/19 maxlen: 32
                          139.60.200.0/21 maxlen: 32

Validation:               OK
Signature path:           rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/d02a52e5-2b71-4124-bd29-60e90e59f47d/d02a52e5-2b71-4124-bd29-60e90e59f47d.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/d02a52e5-2b71-4124-bd29-60e90e59f47d/d02a52e5-2b71-4124-bd29-60e90e59f47d.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/d02a52e5-2b71-4124-bd29-60e90e59f47d.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 20 May 2023 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:41:ed:92:a6:8f:8e:45:4b:18:9d:f9:36:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d02a52e5-2b71-4124-bd29-60e90e59f47d
        Validity
            Not Before: May 19 01:00:16 2023 GMT
            Not After : Aug 17 01:00:16 2023 GMT
        Subject: CN=12b23092-3993-4b38-9294-2e87f24150da
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:29:45:08:10:20:e7:c0:a1:f2:64:05:a1:2e:
                    3d:43:d6:72:25:c1:f6:77:fc:5f:93:67:e4:13:71:
                    38:0a:02:40:73:33:6d:db:0b:25:d4:b5:69:06:72:
                    5b:d1:94:28:9a:29:2b:65:59:56:54:d2:cd:7b:d4:
                    21:e3:76:69:b4:1f:74:8d:c5:2d:7c:ba:41:7a:7f:
                    be:ab:10:33:58:ec:1e:77:8e:fc:6c:64:19:dc:c4:
                    66:10:5d:85:a8:7f:84:2a:74:c9:10:ca:53:1c:ce:
                    75:94:d7:46:3b:03:a4:87:89:6f:15:28:2c:f7:67:
                    c5:f8:23:92:fe:45:7c:bc:80:d9:25:0b:4e:be:b7:
                    f2:1b:47:e3:2e:f3:c2:38:c5:a7:23:41:ec:ff:40:
                    4f:e6:f0:0a:f4:ef:8f:68:e0:2e:1b:f9:b2:a7:5f:
                    3a:ac:97:2a:3f:38:95:15:15:c5:f5:cb:26:03:85:
                    d9:05:c8:20:d0:de:94:29:0b:f5:c7:71:43:50:20:
                    58:78:8f:47:a7:91:38:e9:4a:9d:d2:49:85:81:6f:
                    b2:df:7f:92:a1:63:a6:03:b6:56:8a:63:dd:ca:c0:
                    d5:7a:a5:b3:f7:5d:62:98:30:16:e7:01:3d:a8:86:
                    3c:05:2e:15:7f:b9:a1:54:1b:97:e0:b3:27:84:89:
                    ab:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                1A:C2:0E:E9:BC:BF:CD:97:AB:1F:FD:84:3F:D1:AC:41:4D:DE:C7:D2
            Subject Information Access: 
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/d02a52e5-2b71-4124-bd29-60e90e59f47d/2b25c4ea-3c39-374d-a823-2d9361d79fe6.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/d02a52e5-2b71-4124-bd29-60e90e59f47d/d02a52e5-2b71-4124-bd29-60e90e59f47d.crl

            X509v3 Authority Key Identifier: 
                keyid:6A:E5:9B:C3:03:E7:53:F0:08:74:CD:E2:23:96:C3:24:7E:39:E7:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/d02a52e5-2b71-4124-bd29-60e90e59f47d.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  136.228.0.0/19
                  139.60.200.0/21

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         c0:db:0a:73:29:94:71:1c:7f:c4:b1:1a:24:6b:07:86:97:31:
         3d:64:e7:0d:d5:e9:e5:ac:8e:b7:0a:8d:68:d8:83:86:03:bf:
         12:8d:bd:bc:ca:23:20:df:c5:e8:be:da:08:09:a5:43:d4:77:
         68:58:3e:8f:f5:be:a7:fc:98:8e:a8:d7:63:2c:2d:26:cf:60:
         1d:ae:a3:5f:33:aa:13:fe:f8:2c:be:07:8d:40:06:24:d2:ef:
         2b:76:d3:31:e4:b7:35:de:23:ae:1a:cd:17:23:b2:17:ef:c6:
         b3:42:9d:9e:75:ea:2c:e3:72:ea:13:4d:8f:cb:40:65:61:60:
         ae:e5:34:70:bf:d5:0b:6e:64:8c:16:c3:16:ae:e6:a4:1d:b2:
         84:09:ea:6e:d8:5c:00:b9:90:20:9d:53:41:6a:78:18:f7:38:
         20:c7:e2:06:23:4d:65:d4:e6:25:88:11:61:ab:c1:3c:49:96:
         4c:e5:68:46:e6:72:ac:de:b7:d2:be:8d:73:37:dd:3f:56:06:
         0e:d9:fd:76:c2:67:ca:d9:a6:e9:e2:e0:5c:54:0d:eb:5c:32:
         39:46:62:b9:01:14:2b:56:ad:a9:1f:11:b3:56:b8:ec:15:a1:
         0c:b9:26:63:95:20:c7:10:a0:81:46:c7:e9:cb:68:b7:dc:db:
         14:1f:04:30
-----BEGIN CERTIFICATE-----
MIIGSTCCBTGgAwIBAgIUAQ0Mn0MoWEHtkqaPjkVLGJ35NoAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkZDAyYTUyZTUtMmI3MS00MTI0LWJkMjktNjBlOTBlNTlm
NDdkMB4XDTIzMDUxOTAxMDAxNloXDTIzMDgxNzAxMDAxNlowLzEtMCsGA1UEAxMk
MTJiMjMwOTItMzk5My00YjM4LTkyOTQtMmU4N2YyNDE1MGRhMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmylFCBAg58Ch8mQFoS49Q9ZyJcH2d/xfk2fk
E3E4CgJAczNt2wsl1LVpBnJb0ZQomikrZVlWVNLNe9Qh43ZptB90jcUtfLpBen++
qxAzWOwed478bGQZ3MRmEF2FqH+EKnTJEMpTHM51lNdGOwOkh4lvFSgs92fF+COS
/kV8vIDZJQtOvrfyG0fjLvPCOMWnI0Hs/0BP5vAK9O+PaOAuG/myp186rJcqPziV
FRXF9csmA4XZBcgg0N6UKQv1x3FDUCBYeI9Hp5E46Uqd0kmFgW+y33+SoWOmA7ZW
imPdysDVeqWz911imDAW5wE9qIY8BS4Vf7mhVBuX4LMnhImr1wIDAQABo4IDWzCC
A1cwHQYDVR0OBBYEFBrCDum8v82Xqx/9hD/RrEFN3sfSMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzL2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS9kMDJh
NTJlNS0yYjcxLTQxMjQtYmQyOS02MGU5MGU1OWY0N2QvMmIyNWM0ZWEtM2MzOS0z
NzRkLWE4MjMtMmQ5MzYxZDc5ZmU2LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy9mNjBjOWYzMi1h
ODdjLTQzMzktYTJmMy02Mjk5YTNiMDJlMjkvZDAyYTUyZTUtMmI3MS00MTI0LWJk
MjktNjBlOTBlNTlmNDdkL2QwMmE1MmU1LTJiNzEtNDEyNC1iZDI5LTYwZTkwZTU5
ZjQ3ZC5jcmwwHwYDVR0jBBgwFoAUauWbwwPnU/AIdM3iI5bDJH4557EwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzL2Y2MGM5ZjMyLWE4N2MtNDMz
OS1hMmYzLTYyOTlhM2IwMmUyOS9kMDJhNTJlNS0yYjcxLTQxMjQtYmQyOS02MGU5
MGU1OWY0N2QuY2VyMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFiOQAAwQD
izzIMFQGA1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0
cHM6Ly93d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZI
hvcNAQELBQADggEBAMDbCnMplHEcf8SxGiRrB4aXMT1k5w3V6eWsjrcKjWjYg4YD
vxKNvbzKIyDfxei+2ggJpUPUd2hYPo/1vqf8mI6o12MsLSbPYB2uo18zqhP++Cy+
B41ABiTS7yt20zHktzXeI64azRcjshfvxrNCnZ516izjcuoTTY/LQGVhYK7lNHC/
1QtuZIwWwxau5qQdsoQJ6m7YXAC5kCCdU0FqeBj3OCDH4gYjTWXU5iWIEWGrwTxJ
lkzlaEbmcqzet9K+jXM33T9WBg7Z/XbCZ8rZpuni4FxUDetcMjlGYrkBFCtWrakf
EbNWuOwVoQy5JmOVIMcQoIFGx+nLaLfc2xQfBDA=
-----END CERTIFICATE-----
Generated at Fri May 19 01:44:52 2023 by rpki-client on console-ams.rpki-client.org