Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/b8fa95ca-aa42-4b86-891b-7be12d533da7/f157d5a8-1f48-3fa1-a5c4-fd3f8b8206a4.roa
File:                     f157d5a8-1f48-3fa1-a5c4-fd3f8b8206a4.roa (raw, json)
Hash identifier:          oLgKcFC3CucUxORDITRfGqivuYeGIysLoBcpLAgUgkk=
Subject key identifier:   3F:A8:97:9D:64:79:14:C5:1D:B6:C8:E6:F0:B1:7B:83:3D:76:80:F7
Certificate issuer:       /CN=b8fa95ca-aa42-4b86-891b-7be12d533da7
Certificate serial:       010D0C9F4328584940394DCC71735DD5D4DAA740
Authority key identifier: EE:C3:A3:27:2D:C4:BD:B3:60:BD:9A:79:33:99:80:FD:CD:91:D7:FD
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/b8fa95ca-aa42-4b86-891b-7be12d533da7.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/b8fa95ca-aa42-4b86-891b-7be12d533da7/f157d5a8-1f48-3fa1-a5c4-fd3f8b8206a4.roa
Signing time:             Thu 20 Mar 2025 13:00:53 +0000
ROA not before:           Thu 20 Mar 2025 13:00:53 +0000
ROA not after:            Wed 18 Jun 2025 13:00:53 +0000
asID:                     16509
IP address blocks:        198.160.143.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/b8fa95ca-aa42-4b86-891b-7be12d533da7/b8fa95ca-aa42-4b86-891b-7be12d533da7.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/b8fa95ca-aa42-4b86-891b-7be12d533da7/b8fa95ca-aa42-4b86-891b-7be12d533da7.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/b8fa95ca-aa42-4b86-891b-7be12d533da7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 28 Apr 2025 01:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:49:40:39:4d:cc:71:73:5d:d5:d4:da:a7:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b8fa95ca-aa42-4b86-891b-7be12d533da7
        Validity
            Not Before: Mar 20 13:00:53 2025 GMT
            Not After : Jun 18 13:00:53 2025 GMT
        Subject: CN=c9a9fb9c-eb71-4056-8d1a-ef9407463243
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:cb:7e:db:04:5e:ca:b6:b2:ac:2f:17:e8:7f:
                    f4:31:49:84:87:1b:a3:aa:86:45:ff:47:f4:1f:6b:
                    ec:00:41:18:20:ce:48:bb:6b:9c:0b:2c:41:0a:59:
                    2c:7d:b5:fb:41:03:8e:26:4a:32:53:7d:0a:26:e1:
                    da:b2:20:f4:42:e0:de:b9:ca:da:a9:31:ac:1a:5e:
                    98:38:f1:50:ba:0e:8a:36:68:0f:1c:c7:bf:0b:2c:
                    0a:73:a3:16:dc:25:3a:9c:59:45:65:4e:94:07:02:
                    34:f4:11:60:6b:d2:d0:ce:b5:2e:01:eb:01:ee:3d:
                    5f:30:a3:2e:dd:f3:00:ef:38:08:77:15:51:ac:a2:
                    29:ce:c0:02:a1:3d:e4:9e:06:5d:32:8f:23:27:a6:
                    04:09:0b:0d:b8:2c:bd:fe:a6:0e:22:77:12:72:17:
                    6a:20:42:90:c2:db:5e:aa:e7:9b:ce:c8:1d:aa:69:
                    23:82:1d:0e:81:37:48:7c:85:97:e4:06:b5:8b:b6:
                    d5:f3:ea:92:c3:1a:63:d0:ab:ce:87:93:a5:be:76:
                    e0:fd:d1:01:30:4b:bf:e1:69:c8:ac:79:d8:65:cd:
                    6d:2c:a4:39:ca:d6:5f:e2:6b:89:b1:d3:04:89:66:
                    dd:58:82:2b:73:6e:6c:4c:69:ef:29:0f:6f:9d:25:
                    b9:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:A8:97:9D:64:79:14:C5:1D:B6:C8:E6:F0:B1:7B:83:3D:76:80:F7
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/b8fa95ca-aa42-4b86-891b-7be12d533da7/f157d5a8-1f48-3fa1-a5c4-fd3f8b8206a4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/b8fa95ca-aa42-4b86-891b-7be12d533da7/b8fa95ca-aa42-4b86-891b-7be12d533da7.crl

            X509v3 Authority Key Identifier:
                keyid:EE:C3:A3:27:2D:C4:BD:B3:60:BD:9A:79:33:99:80:FD:CD:91:D7:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/b8fa95ca-aa42-4b86-891b-7be12d533da7.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  198.160.143.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         0e:47:ec:e5:b8:d3:04:77:4e:0d:62:80:f8:47:a3:e6:a6:49:
         9a:5b:ac:05:0a:98:fe:ce:6d:d2:d8:56:ee:84:2c:ec:c7:40:
         12:63:80:b0:4f:51:7f:ec:fe:bd:76:21:8e:2c:7c:3b:2d:43:
         71:6e:df:eb:d4:b6:6d:3a:06:19:22:54:68:59:cd:be:e4:b5:
         0d:a4:5b:93:09:fe:e2:a9:11:e3:6c:56:a7:2b:f3:ed:03:dd:
         fe:d1:61:7d:25:2c:20:db:34:32:b3:94:51:a1:4d:8d:2e:dc:
         c0:81:6c:39:2a:34:a4:4c:e9:d2:f0:64:fa:a8:fa:34:01:ce:
         41:af:4d:df:2a:9c:aa:9b:aa:48:b6:31:87:ec:4b:77:ae:41:
         a3:9c:45:4f:a0:14:f4:9d:d1:2e:43:c7:37:8a:42:ea:0a:90:
         73:d6:49:ce:f3:ae:d5:d8:a8:d3:31:35:a6:ca:55:be:45:72:
         80:d1:7a:b7:2e:c4:51:87:4f:54:51:91:ee:a6:8e:cf:35:53:
         1d:81:51:32:08:ac:a8:50:a8:60:46:f3:37:79:98:4c:01:0d:
         01:1a:2a:0c:58:06:27:de:3e:50:07:7c:b1:1b:fd:f2:b5:97:
         b7:9a:51:aa:3c:1e:ff:db:95:35:d8:97:ec:35:1e:10:16:ec:
         61:7a:a3:7e
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWElAOU3McXNd1dTap0AwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkYjhmYTk1Y2EtYWE0Mi00Yjg2LTg5MWItN2JlMTJkNTMz
ZGE3MB4XDTI1MDMyMDEzMDA1M1oXDTI1MDYxODEzMDA1M1owLzEtMCsGA1UEAxMk
YzlhOWZiOWMtZWI3MS00MDU2LThkMWEtZWY5NDA3NDYzMjQzMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzst+2wReyrayrC8X6H/0MUmEhxujqoZF/0f0
H2vsAEEYIM5Iu2ucCyxBClksfbX7QQOOJkoyU30KJuHasiD0QuDeucraqTGsGl6Y
OPFQug6KNmgPHMe/CywKc6MW3CU6nFlFZU6UBwI09BFga9LQzrUuAesB7j1fMKMu
3fMA7zgIdxVRrKIpzsACoT3kngZdMo8jJ6YECQsNuCy9/qYOIncSchdqIEKQwtte
quebzsgdqmkjgh0OgTdIfIWX5Aa1i7bV8+qSwxpj0KvOh5Olvnbg/dEBMEu/4WnI
rHnYZc1tLKQ5ytZf4muJsdMEiWbdWIIrc25sTGnvKQ9vnSW5hQIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFD+ol51keRTFHbbI5vCxe4M9doD3MIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9iOGZh
OTVjYS1hYTQyLTRiODYtODkxYi03YmUxMmQ1MzNkYTcvZjE1N2Q1YTgtMWY0OC0z
ZmExLWE1YzQtZmQzZjhiODIwNmE0LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy8wMzU3MjcyYy1h
NzlhLTQ1YmYtOTU4Ni05MmRkNDllZjMyMjMvYjhmYTk1Y2EtYWE0Mi00Yjg2LTg5
MWItN2JlMTJkNTMzZGE3L2I4ZmE5NWNhLWFhNDItNGI4Ni04OTFiLTdiZTEyZDUz
M2RhNy5jcmwwHwYDVR0jBBgwFoAU7sOjJy3EvbNgvZp5M5mA/c2R1/0wDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzAzNTcyNzJjLWE3OWEtNDVi
Zi05NTg2LTkyZGQ0OWVmMzIyMy9iOGZhOTVjYS1hYTQyLTRiODYtODkxYi03YmUx
MmQ1MzNkYTcuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAxqCPMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAA5H7OW40wR3Tg1igPhHo+amSZpbrAUKmP7ObdLYVu6ELOzHQBJjgLBP
UX/s/r12IY4sfDstQ3Fu3+vUtm06BhkiVGhZzb7ktQ2kW5MJ/uKpEeNsVqcr8+0D
3f7RYX0lLCDbNDKzlFGhTY0u3MCBbDkqNKRM6dLwZPqo+jQBzkGvTd8qnKqbqki2
MYfsS3euQaOcRU+gFPSd0S5DxzeKQuoKkHPWSc7zrtXYqNMxNabKVb5FcoDRercu
xFGHT1RRke6mjs81Ux2BUTIIrKhQqGBG8zd5mEwBDQEaKgxYBifePlAHfLEb/fK1
l7eaUao8Hv/blTXYl+w1HhAW7GF6o34=
-----END CERTIFICATE-----