Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/c5da413e44384d7b87e0a74b42ca1867/0/323630343a6361303a3830303a3a2f34302d3430203d3e20343031363832.roa
File:                     323630343a6361303a3830303a3a2f34302d3430203d3e20343031363832.roa (raw, json)
Hash identifier:          2cgtiA+RHJK2/MR6Fl9mXJQ8K7yXuuKlZojDDtZjG2s=
Subject key identifier:   2D:C2:36:DC:6A:0B:8E:AA:AB:F2:81:A2:02:05:07:70:AC:51:F1:49
Certificate issuer:       /CN=e8741ac4f1ff9a0688f1b5bf1355e57883742534612356d959
Certificate serial:       58AF576BCE72B85E9C5CC56119A4CF9D7FC24FB3
Authority key identifier: 3B:A3:FB:89:3D:83:8A:15:71:8A:5B:C7:15:75:0C:ED:89:9E:FD:1F
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/4e962717-1138-4d2b-9442-0332e9060132/e8741ac4f1ff9a0688f1b5bf1355e57883742534612356d959.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/c5da413e44384d7b87e0a74b42ca1867/0/323630343a6361303a3830303a3a2f34302d3430203d3e20343031363832.roa
Signing time:             Mon 28 Apr 2025 01:48:42 +0000
ROA not before:           Mon 28 Apr 2025 01:43:42 +0000
ROA not after:            Mon 27 Apr 2026 01:48:42 +0000
asID:                     401682
IP address blocks:        2604:ca0:800::/40 maxlen: 40
Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/c5da413e44384d7b87e0a74b42ca1867/0/3BA3FB893D838A15718A5BC715750CED899EFD1F.crl
                          rsync://rpki-rps.arin.net/repository/c5da413e44384d7b87e0a74b42ca1867/0/3BA3FB893D838A15718A5BC715750CED899EFD1F.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/4e962717-1138-4d2b-9442-0332e9060132/e8741ac4f1ff9a0688f1b5bf1355e57883742534612356d959.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/4e962717-1138-4d2b-9442-0332e9060132/4e962717-1138-4d2b-9442-0332e9060132.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/4e962717-1138-4d2b-9442-0332e9060132/4e962717-1138-4d2b-9442-0332e9060132.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/4e962717-1138-4d2b-9442-0332e9060132.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/d6b5ad28-1cbc-47ab-904e-45361a5487c3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/d6b5ad28-1cbc-47ab-904e-45361a5487c3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 30 Apr 2025 18:27:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            58:af:57:6b:ce:72:b8:5e:9c:5c:c5:61:19:a4:cf:9d:7f:c2:4f:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e8741ac4f1ff9a0688f1b5bf1355e57883742534612356d959
        Validity
            Not Before: Apr 28 01:43:42 2025 GMT
            Not After : Apr 27 01:48:42 2026 GMT
        Subject: CN=2DC236DC6A0B8EAAABF281A202050770AC51F149
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:e4:70:1d:c7:be:e1:dc:63:e1:ba:40:64:39:
                    44:ff:7b:9b:f6:3b:80:1b:ef:95:2f:0f:74:05:5f:
                    7e:9b:9f:49:79:03:73:0d:02:f0:24:cc:02:7d:2b:
                    ab:e8:20:ad:36:6b:12:3e:b6:b3:fb:48:ea:6c:5d:
                    c8:8d:23:09:3e:6b:e3:d0:b7:89:13:e8:62:d6:11:
                    02:18:83:dd:2e:fa:4b:95:02:12:50:0b:ac:46:35:
                    9f:cc:55:28:d9:a5:14:b7:4c:8e:a0:e0:68:f4:80:
                    ce:cc:57:c5:53:1e:86:b0:07:78:67:64:89:a9:cf:
                    9e:22:88:18:7b:86:7a:1a:a1:f7:9e:8b:c7:cb:97:
                    0d:f7:03:28:b0:d0:5b:ce:e7:45:3f:31:d7:51:96:
                    3e:be:cf:b7:83:57:a7:05:f4:86:74:f4:5f:25:02:
                    de:7d:9d:4b:93:cc:f7:16:9e:84:3b:7e:1a:2f:4a:
                    b7:6e:64:38:4c:fa:ba:7e:54:1e:02:1d:c1:ca:04:
                    fc:22:6e:25:c9:25:20:89:2e:f6:27:e6:66:25:c4:
                    ef:8f:e5:2a:71:50:2d:f4:17:da:16:db:a6:54:0a:
                    0d:21:5e:f9:a6:07:24:80:a8:97:b5:4d:62:a6:a4:
                    81:62:ac:2a:4f:3d:aa:ca:3d:31:d8:ad:50:2e:11:
                    6d:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:C2:36:DC:6A:0B:8E:AA:AB:F2:81:A2:02:05:07:70:AC:51:F1:49
            X509v3 Authority Key Identifier:
                keyid:3B:A3:FB:89:3D:83:8A:15:71:8A:5B:C7:15:75:0C:ED:89:9E:FD:1F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/c5da413e44384d7b87e0a74b42ca1867/0/3BA3FB893D838A15718A5BC715750CED899EFD1F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/4e962717-1138-4d2b-9442-0332e9060132/e8741ac4f1ff9a0688f1b5bf1355e57883742534612356d959.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/c5da413e44384d7b87e0a74b42ca1867/0/323630343a6361303a3830303a3a2f34302d3430203d3e20343031363832.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2604:ca0:800::/40

    Signature Algorithm: sha256WithRSAEncryption
         59:35:ba:22:60:d9:75:b7:96:97:f0:a2:0a:43:0b:62:a5:c7:
         5b:df:da:7f:26:af:af:72:bc:f6:b4:c1:1a:c8:ca:be:d8:51:
         c3:8a:9a:c0:7c:69:6d:1a:f5:e0:89:88:62:24:91:98:e3:3b:
         1a:e8:2b:d8:8c:a6:98:b5:0b:76:30:62:69:9f:e2:62:aa:d6:
         6d:72:16:32:2d:fb:13:92:06:90:65:4d:df:43:25:9e:7f:cd:
         13:b6:94:6d:66:ea:28:9b:fd:fd:17:76:22:29:69:97:05:62:
         e6:44:3c:1c:ad:21:d9:b0:91:8e:5b:84:61:63:72:e2:56:62:
         9f:fc:20:c3:d5:2e:97:e4:17:af:71:cc:96:d6:9a:86:e1:ef:
         b8:de:2c:00:9e:a4:5e:06:61:36:46:56:dc:ea:5b:9f:ad:dc:
         50:99:aa:13:b9:39:f7:9a:8e:24:6e:3e:87:9c:fa:9a:0d:70:
         e5:8c:85:04:1d:de:d3:cf:e5:ce:15:2a:a2:2a:ec:fa:ff:1f:
         28:e6:cf:22:d6:e8:a4:89:a4:39:f8:70:08:3a:f3:c6:43:4b:
         a4:d9:f1:a4:05:9b:f0:10:6d:29:67:6c:56:23:e5:aa:a0:f1:
         2e:12:c0:45:91:5b:09:b8:a0:21:f0:7e:f1:1d:c7:93:77:1e:
         73:a3:6c:74
-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgIUWK9Xa85yuF6cXMVhGaTPnX/CT7MwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZTg3NDFhYzRmMWZmOWEwNjg4ZjFiNWJmMTM1NWU1Nzg4
Mzc0MjUzNDYxMjM1NmQ5NTkwHhcNMjUwNDI4MDE0MzQyWhcNMjYwNDI3MDE0ODQy
WjAzMTEwLwYDVQQDEygyREMyMzZEQzZBMEI4RUFBQUJGMjgxQTIwMjA1MDc3MEFD
NTFGMTQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsORwHce+4dxj
4bpAZDlE/3ub9juAG++VLw90BV9+m59JeQNzDQLwJMwCfSur6CCtNmsSPraz+0jq
bF3IjSMJPmvj0LeJE+hi1hECGIPdLvpLlQISUAusRjWfzFUo2aUUt0yOoOBo9IDO
zFfFUx6GsAd4Z2SJqc+eIogYe4Z6GqH3novHy5cN9wMosNBbzudFPzHXUZY+vs+3
g1enBfSGdPRfJQLefZ1Lk8z3Fp6EO34aL0q3bmQ4TPq6flQeAh3BygT8Im4lySUg
iS72J+ZmJcTvj+UqcVAt9BfaFtumVAoNIV75pgckgKiXtU1ipqSBYqwqTz2qyj0x
2K1QLhFtkwIDAQABo4ICujCCArYwHQYDVR0OBBYEFC3CNtxqC46qq/KBogIFB3Cs
UfFJMB8GA1UdIwQYMBaAFDuj+4k9g4oVcYpbxxV1DO2Jnv0fMA4GA1UdDwEB/wQE
AwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6Ly9ycGtpLXJwcy5hcmluLm5l
dC9yZXBvc2l0b3J5L2M1ZGE0MTNlNDQzODRkN2I4N2UwYTc0YjQyY2ExODY3LzAv
M0JBM0ZCODkzRDgzOEExNTcxOEE1QkM3MTU3NTBDRUQ4OTlFRkQxRi5jcmwwgfMG
CCsGAQUFBwEBBIHmMIHjMIHgBggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmlu
Lm5ldC9yZXBvc2l0b3J5L2FyaW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2Ut
YjA4Yy0yMTcxZGEyMTU3ZDMvZDZiNWFkMjgtMWNiYy00N2FiLTkwNGUtNDUzNjFh
NTQ4N2MzLzRlOTYyNzE3LTExMzgtNGQyYi05NDQyLTAzMzJlOTA2MDEzMi9lODc0
MWFjNGYxZmY5YTA2ODhmMWI1YmYxMzU1ZTU3ODgzNzQyNTM0NjEyMzU2ZDk1OS5j
ZXIwgagGCCsGAQUFBwELBIGbMIGYMIGVBggrBgEFBQcwC4aBiHJzeW5jOi8vcnBr
aS1ycHMuYXJpbi5uZXQvcmVwb3NpdG9yeS9jNWRhNDEzZTQ0Mzg0ZDdiODdlMGE3
NGI0MmNhMTg2Ny8wLzMyMzYzMDM0M2E2MzYxMzAzYTM4MzAzMDNhM2EyZjM0MzAy
ZDM0MzAyMDNkM2UyMDM0MzAzMTM2MzgzMi5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACYEDKAIMA0GCSqG
SIb3DQEBCwUAA4IBAQBZNboiYNl1t5aX8KIKQwtipcdb39p/Jq+vcrz2tMEayMq+
2FHDiprAfGltGvXgiYhiJJGY4zsa6CvYjKaYtQt2MGJpn+JiqtZtchYyLfsTkgaQ
ZU3fQyWef80TtpRtZuoom/39F3YiKWmXBWLmRDwcrSHZsJGOW4RhY3LiVmKf/CDD
1S6X5BevccyW1pqG4e+43iwAnqReBmE2Rlbc6lufrdxQmaoTuTn3mo4kbj6HnPqa
DXDljIUEHd7Tz+XOFSqiKuz6/x8o5s8i1uikiaQ5+HAIOvPGQ0uk2fGkBZvwEG0p
Z2xWI+WqoPEuEsBFkVsJuKAh8H7xHceTdx5zo2x0
-----END CERTIFICATE-----
Generated at Tue Apr 29 22:09:49 2025 by rpki-client