Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2bc601f7-daff-4d8b-8556-b61503268309/8aa0414c-8126-3e49-be44-eb2af2892430.roa
File:                     8aa0414c-8126-3e49-be44-eb2af2892430.roa (raw, json)
Hash identifier:          fyUK6OdDxCfFIFaVmNSG+EcqmI8PBzbmw1UGuJGPOHc=
Subject key identifier:   A6:7E:CF:DE:02:7E:E4:EE:5A:A7:B1:58:22:94:58:4D:42:D0:27:B2
Certificate issuer:       /CN=2bc601f7-daff-4d8b-8556-b61503268309
Certificate serial:       010D0C9F43285849A4BA5DB8E379F5E924F5BD80
Authority key identifier: DA:C8:EF:29:AA:E9:B3:92:63:83:42:2B:DF:24:7A:85:A5:4E:83:17
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2bc601f7-daff-4d8b-8556-b61503268309.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2bc601f7-daff-4d8b-8556-b61503268309/8aa0414c-8126-3e49-be44-eb2af2892430.roa
Signing time:             Fri 25 Apr 2025 13:01:00 +0000
ROA not before:           Fri 25 Apr 2025 13:01:00 +0000
ROA not after:            Thu 24 Jul 2025 13:01:00 +0000
asID:                     7155
IP address blocks:        72.173.42.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2bc601f7-daff-4d8b-8556-b61503268309/2bc601f7-daff-4d8b-8556-b61503268309.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2bc601f7-daff-4d8b-8556-b61503268309/2bc601f7-daff-4d8b-8556-b61503268309.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2bc601f7-daff-4d8b-8556-b61503268309.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 28 Apr 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:49:a4:ba:5d:b8:e3:79:f5:e9:24:f5:bd:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2bc601f7-daff-4d8b-8556-b61503268309
        Validity
            Not Before: Apr 25 13:01:00 2025 GMT
            Not After : Jul 24 13:01:00 2025 GMT
        Subject: CN=41fc2e22-52e4-4ddc-8dc4-45a48e94be9c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:54:12:93:40:c4:81:8f:53:b4:cc:39:2c:ca:
                    01:58:c9:c7:53:0b:d4:36:6c:24:b8:2e:22:b5:b0:
                    4c:e8:c5:98:48:d0:96:99:ea:d5:64:f3:7e:54:ad:
                    af:5f:e1:a9:fb:2c:cb:44:30:10:62:69:92:e6:ea:
                    5c:41:1c:3d:a8:2c:af:37:08:af:b1:e5:34:04:9e:
                    6c:02:a3:5d:54:1c:7d:32:0d:07:af:dc:f3:35:21:
                    90:1a:fb:14:ba:1c:15:ab:f0:d5:dd:a5:62:ce:2c:
                    d5:29:de:af:18:c3:de:a0:8f:99:01:f5:6f:55:09:
                    c5:d0:40:cc:2f:29:25:25:1e:77:a3:43:c2:cc:f4:
                    60:88:7b:0e:43:e8:54:c4:b6:c4:8c:59:1b:44:31:
                    9e:1f:ba:d9:f5:52:d5:56:4c:54:3b:35:08:5e:18:
                    b0:ad:68:c7:c7:9d:09:de:12:c7:cf:fd:34:b6:c6:
                    1a:eb:ed:b8:1d:a2:da:ea:0c:09:f7:fb:0d:cc:6b:
                    d4:90:fa:27:e3:db:5c:1f:d3:90:50:60:2a:55:f1:
                    97:1d:8d:e2:3d:e5:72:42:79:01:53:0d:5a:3e:39:
                    32:ce:83:2f:07:7a:2b:17:00:e2:1d:bb:bb:b3:ec:
                    50:cc:86:b7:a1:db:a4:15:6c:7a:36:00:83:32:b0:
                    ca:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:7E:CF:DE:02:7E:E4:EE:5A:A7:B1:58:22:94:58:4D:42:D0:27:B2
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2bc601f7-daff-4d8b-8556-b61503268309/8aa0414c-8126-3e49-be44-eb2af2892430.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2bc601f7-daff-4d8b-8556-b61503268309/2bc601f7-daff-4d8b-8556-b61503268309.crl

            X509v3 Authority Key Identifier:
                keyid:DA:C8:EF:29:AA:E9:B3:92:63:83:42:2B:DF:24:7A:85:A5:4E:83:17

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2bc601f7-daff-4d8b-8556-b61503268309.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  72.173.42.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         ba:87:56:ac:b2:9c:53:f1:89:ca:7e:72:61:52:b3:f8:b0:d9:
         cf:57:48:ca:ba:b9:5e:3d:71:a6:ea:76:1a:ec:87:17:bc:e1:
         ed:99:91:78:ad:b5:a9:7c:c6:a0:eb:a3:10:8b:68:7b:b0:18:
         cc:ad:5f:2c:88:3a:6a:fd:d4:46:aa:bb:55:25:16:29:d5:ec:
         db:bf:a9:87:cd:9f:e9:94:f5:79:1d:84:27:de:0a:bb:31:d1:
         e9:dc:35:6c:c0:86:f7:6e:92:76:1c:1b:46:e1:61:9f:39:92:
         6f:16:2c:12:60:9e:47:2c:b4:ef:5e:38:5b:15:41:26:58:88:
         e6:3d:5f:04:45:b9:39:8c:ee:cc:d1:e2:61:63:35:7f:c2:94:
         52:48:6d:06:b9:0e:f5:7d:ab:2d:e7:80:13:b2:57:37:57:1e:
         fd:2a:2e:b1:72:9f:28:5e:61:0e:5d:b3:be:07:74:70:d4:1f:
         37:bd:11:97:e6:48:c1:15:5e:a5:4f:d8:03:89:a5:32:11:13:
         21:82:d9:0d:d8:26:4f:95:63:03:b3:21:96:8e:bb:38:f6:da:
         bc:85:e6:f7:76:52:b3:31:5f:f7:ed:67:0a:cd:fc:ea:ac:21:
         82:fc:bd:b2:0e:72:85:5e:f8:2c:c8:90:6e:59:39:03:be:d1:
         9e:6e:ba:66
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEmkul2443n16ST1vYAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkMmJjNjAxZjctZGFmZi00ZDhiLTg1NTYtYjYxNTAzMjY4
MzA5MB4XDTI1MDQyNTEzMDEwMFoXDTI1MDcyNDEzMDEwMFowLzEtMCsGA1UEAxMk
NDFmYzJlMjItNTJlNC00ZGRjLThkYzQtNDVhNDhlOTRiZTljMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnlQSk0DEgY9TtMw5LMoBWMnHUwvUNmwkuC4i
tbBM6MWYSNCWmerVZPN+VK2vX+Gp+yzLRDAQYmmS5upcQRw9qCyvNwivseU0BJ5s
AqNdVBx9Mg0Hr9zzNSGQGvsUuhwVq/DV3aVizizVKd6vGMPeoI+ZAfVvVQnF0EDM
LyklJR53o0PCzPRgiHsOQ+hUxLbEjFkbRDGeH7rZ9VLVVkxUOzUIXhiwrWjHx50J
3hLHz/00tsYa6+24HaLa6gwJ9/sNzGvUkPon49tcH9OQUGAqVfGXHY3iPeVyQnkB
Uw1aPjkyzoMvB3orFwDiHbu7s+xQzIa3odukFWx6NgCDMrDKYwIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFKZ+z94CfuTuWqexWCKUWE1C0CeyMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8yYmM2
MDFmNy1kYWZmLTRkOGItODU1Ni1iNjE1MDMyNjgzMDkvOGFhMDQxNGMtODEyNi0z
ZTQ5LWJlNDQtZWIyYWYyODkyNDMwLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy8yYTI0Njk0Ny0y
ZDYyLTRhNmMtYmEwNS04NzE4N2YwMDk5YjIvMmJjNjAxZjctZGFmZi00ZDhiLTg1
NTYtYjYxNTAzMjY4MzA5LzJiYzYwMWY3LWRhZmYtNGQ4Yi04NTU2LWI2MTUwMzI2
ODMwOS5jcmwwHwYDVR0jBBgwFoAU2sjvKarps5Jjg0Ir3yR6haVOgxcwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2
Yy1iYTA1LTg3MTg3ZjAwOTliMi8yYmM2MDFmNy1kYWZmLTRkOGItODU1Ni1iNjE1
MDMyNjgzMDkuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQASK0qMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBALqHVqyynFPxicp+cmFSs/iw2c9XSMq6uV49cabqdhrshxe84e2ZkXit
tal8xqDroxCLaHuwGMytXyyIOmr91Eaqu1UlFinV7Nu/qYfNn+mU9XkdhCfeCrsx
0encNWzAhvduknYcG0bhYZ85km8WLBJgnkcstO9eOFsVQSZYiOY9XwRFuTmM7szR
4mFjNX/ClFJIbQa5DvV9qy3ngBOyVzdXHv0qLrFynyheYQ5ds74HdHDUHze9EZfm
SMEVXqVP2AOJpTIREyGC2Q3YJk+VYwOzIZaOuzj22ryF5vd2UrMxX/ftZwrN/Oqs
IYL8vbIOcoVe+CzIkG5ZOQO+0Z5uumY=
-----END CERTIFICATE-----
Generated at Sun Apr 27 00:20:39 2025 by rpki-client