Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/d02a52e5-2b71-4124-bd29-60e90e59f47d/2b25c4ea-3c39-374d-a823-2d9361d79fe6.roa
File:                     2b25c4ea-3c39-374d-a823-2d9361d79fe6.roa (download)
Hash identifier:          nVtyZ9bmFGaNjD4aG46qHWvtCB6KLNb2bNUVoKHvEio=
Subject key identifier:   9B:21:A7:77:70:15:18:A6:1A:94:6D:55:75:58:10:56:96:90:41:24
Certificate issuer:       /CN=d02a52e5-2b71-4124-bd29-60e90e59f47d
Certificate serial:       010D0C9F4328576D51CC73C042CFC1713024699A
Authority key identifier: 6A:E5:9B:C3:03:E7:53:F0:08:74:CD:E2:23:96:C3:24:7E:39:E7:B1
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/d02a52e5-2b71-4124-bd29-60e90e59f47d.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/d02a52e5-2b71-4124-bd29-60e90e59f47d/2b25c4ea-3c39-374d-a823-2d9361d79fe6.roa
ROA valid until:          Mar 11 04:00:00 2030 GMT
asID:                     20473
IP address blocks:
    1: 136.228.0.0/19 maxlen: 32
    2: 139.60.200.0/21 maxlen: 32

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:57:6d:51:cc:73:c0:42:cf:c1:71:30:24:69:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d02a52e5-2b71-4124-bd29-60e90e59f47d
        Validity
            Not Before: Mar 11 04:00:00 2020 GMT
            Not After : Mar 11 04:00:00 2030 GMT
        Subject: CN=bbc43c8a-79f9-4f22-8ce1-26211f60a6ce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:85:44:e1:df:ac:6e:b6:f6:14:ff:2e:8c:01:
                    1d:df:2b:b6:16:c7:aa:70:04:cc:0d:4d:8c:33:43:
                    42:b8:5a:83:e7:00:80:2e:0c:f6:20:a9:ed:a4:15:
                    09:6b:bb:65:9e:cc:3e:80:ca:c7:6a:f3:21:ef:6d:
                    88:22:e1:29:6e:9b:4f:57:9c:42:20:5d:35:12:e4:
                    f1:3d:08:15:26:5c:99:97:21:1b:85:a0:e3:25:2d:
                    80:69:4a:b7:9b:af:32:10:f2:6a:91:3c:c7:16:a3:
                    30:8a:e5:63:90:05:bc:61:9e:7a:d5:31:75:67:d7:
                    76:49:aa:1d:35:bc:4d:d1:72:8f:ee:00:80:cc:4c:
                    c7:83:71:da:6e:fd:08:90:62:cd:ab:13:a2:bc:cc:
                    c4:6f:56:49:59:10:9e:0e:9a:50:03:5f:c8:ab:71:
                    c9:7c:a0:6d:f6:79:9a:0b:1b:58:eb:50:aa:60:67:
                    eb:1a:a1:79:63:5a:88:3a:13:76:98:c4:a9:35:48:
                    31:ad:4e:2f:d7:d3:74:11:e7:7f:e0:75:5c:68:39:
                    e0:88:c1:bb:33:7d:54:a1:7d:07:76:e3:76:45:df:
                    83:fd:58:f0:09:32:8b:9c:5a:6b:29:30:7d:76:4e:
                    a4:e5:96:d9:0d:63:56:30:de:b6:8a:cf:19:7f:89:
                    b6:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                9B:21:A7:77:70:15:18:A6:1A:94:6D:55:75:58:10:56:96:90:41:24
            Subject Information Access: 
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/d02a52e5-2b71-4124-bd29-60e90e59f47d/2b25c4ea-3c39-374d-a823-2d9361d79fe6.roa

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/d02a52e5-2b71-4124-bd29-60e90e59f47d/d02a52e5-2b71-4124-bd29-60e90e59f47d.crl

            X509v3 Authority Key Identifier: 
                keyid:6A:E5:9B:C3:03:E7:53:F0:08:74:CD:E2:23:96:C3:24:7E:39:E7:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/d02a52e5-2b71-4124-bd29-60e90e59f47d.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  136.228.0.0/19
                  139.60.200.0/21

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         61:22:ce:1f:c1:70:6c:03:a9:87:a7:11:28:20:83:b9:dd:6d:
         74:07:9c:00:5d:66:a6:d2:9a:ac:02:a8:5e:74:8d:b5:48:74:
         9b:12:a9:c1:5f:57:73:e6:1b:30:73:f4:a2:59:f2:d4:e8:01:
         22:7a:84:1c:7e:d3:28:65:50:51:60:17:64:61:c1:27:77:80:
         da:98:1b:10:a8:1e:18:43:56:2b:65:09:44:70:de:e0:da:84:
         f2:cb:79:05:6d:5a:45:10:b7:6c:a2:a9:a0:52:73:a7:d9:eb:
         31:c5:81:5f:24:12:6a:63:d0:70:e3:5e:7e:d8:e2:40:70:de:
         c2:33:9a:6b:a1:35:ba:12:8e:7c:82:7d:30:aa:b1:ec:11:03:
         8a:55:e7:09:ba:c7:4e:57:95:57:0f:5b:b9:8b:48:f8:8b:bd:
         8b:48:d9:15:56:3e:a0:e6:a8:25:22:d5:55:aa:e9:97:c9:f8:
         d9:cd:42:a8:df:73:7c:eb:60:a9:bd:78:ca:0c:60:3a:b7:2a:
         e6:96:53:71:1e:50:2b:8d:b4:25:af:bf:fd:6b:1d:26:b7:7e:
         7a:3d:4a:05:e9:29:7d:0b:f2:b9:69:30:1e:b4:2e:21:7d:e0:
         9a:9a:29:ed:55:51:dc:6a:72:08:7f:8e:f4:83:7e:a6:1b:a3:
         0f:83:e8:97
-----BEGIN CERTIFICATE-----
MIIGRTCCBS+gAwIBAgIUAQ0Mn0MoV21RzHPAQs/BcTAkaZowCwYJKoZIhvcNAQEL
MC8xLTArBgNVBAMTJGQwMmE1MmU1LTJiNzEtNDEyNC1iZDI5LTYwZTkwZTU5ZjQ3
ZDAeFw0yMDAzMTEwNDAwMDBaFw0zMDAzMTEwNDAwMDBaMC8xLTArBgNVBAMTJGJi
YzQzYzhhLTc5ZjktNGYyMi04Y2UxLTI2MjExZjYwYTZjZTCCASIwDQYJKoZIhvcN
AQEBBQADggEPADCCAQoCggEBAMeFROHfrG629hT/LowBHd8rthbHqnAEzA1NjDND
Qrhag+cAgC4M9iCp7aQVCWu7ZZ7MPoDKx2rzIe9tiCLhKW6bT1ecQiBdNRLk8T0I
FSZcmZchG4Wg4yUtgGlKt5uvMhDyapE8xxajMIrlY5AFvGGeetUxdWfXdkmqHTW8
TdFyj+4AgMxMx4Nx2m79CJBizasTorzMxG9WSVkQng6aUANfyKtxyXygbfZ5mgsb
WOtQqmBn6xqheWNaiDoTdpjEqTVIMa1OL9fTdBHnf+B1XGg54IjBuzN9VKF9B3bj
dkXfg/1Y8Akyi5xaaykwfXZOpOWW2Q1jVjDetorPGX+JtkkCAwEAAaOCA1swggNX
MB0GA1UdDgQWBBSbIad3cBUYphqUbVV1WBBWlpBBJDCB5QYIKwYBBQUHAQsEgdgw
gdUwgdIGCCsGAQUFBzALhoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRv
cnkvYXJpbi1ycGtpLXRhLzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIx
NTdkMy9mNjBjOWYzMi1hODdjLTQzMzktYTJmMy02Mjk5YTNiMDJlMjkvZDAyYTUy
ZTUtMmI3MS00MTI0LWJkMjktNjBlOTBlNTlmNDdkLzJiMjVjNGVhLTNjMzktMzc0
ZC1hODIzLTJkOTM2MWQ3OWZlNi5yb2EwgdwGA1UdHwSB1DCB0TCBzqCBy6CByIaB
xXJzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4tcnBraS10YS81
ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvZjYwYzlmMzItYTg3
Yy00MzM5LWEyZjMtNjI5OWEzYjAyZTI5L2QwMmE1MmU1LTJiNzEtNDEyNC1iZDI5
LTYwZTkwZTU5ZjQ3ZC9kMDJhNTJlNS0yYjcxLTQxMjQtYmQyOS02MGU5MGU1OWY0
N2QuY3JsMB8GA1UdIwQYMBaAFGrlm8MD51PwCHTN4iOWwyR+OeexMA4GA1UdDwEB
/wQEAwIHgDCBwAYIKwYBBQUHAQEEgbMwgbAwga0GCCsGAQUFBzAChoGgcnN5bmM6
Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRhLzVlNGEyM2Vh
LWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy9mNjBjOWYzMi1hODdjLTQzMzkt
YTJmMy02Mjk5YTNiMDJlMjkvZDAyYTUyZTUtMmI3MS00MTI0LWJkMjktNjBlOTBl
NTlmNDdkLmNlcjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEBYjkAAMEA4s8
yDBUBgNVHSABAf8ESjBIMEYGCCsGAQUFBw4CMDowOAYIKwYBBQUHAgEWLGh0dHBz
Oi8vd3d3LmFyaW4ubmV0L3Jlc291cmNlcy9ycGtpL2Nwcy5odG1sMAsGCSqGSIb3
DQEBCwOCAQEAYSLOH8FwbAOph6cRKCCDud1tdAecAF1mptKarAKoXnSNtUh0mxKp
wV9Xc+YbMHP0olny1OgBInqEHH7TKGVQUWAXZGHBJ3eA2pgbEKgeGENWK2UJRHDe
4NqE8st5BW1aRRC3bKKpoFJzp9nrMcWBXyQSamPQcONeftjiQHDewjOaa6E1uhKO
fIJ9MKqx7BEDilXnCbrHTleVVw9buYtI+Iu9i0jZFVY+oOaoJSLVVarpl8n42c1C
qN9zfOtgqb14ygxgOrcq5pZTcR5QK420Ja+//WsdJrd+ej1KBekpfQvyuWkwHrQu
IX3gmpop7VVR3GpyCH+O9IN+phujD4Polw==
-----END CERTIFICATE-----
Generated at Fri Dec 9 02:14:16 2022 by rpki-client.