Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/68b287f4-51cf-421c-923b-f0e384de5eea/2040fb79-7dc8-3434-ae0f-4850948ea219.roa
File:                     2040fb79-7dc8-3434-ae0f-4850948ea219.roa (raw, json)
Hash identifier:          faVyhwktglPT1hEHlsAJ1GS8X8X8GBpufNX2fmYl084=
Subject key identifier:   10:B7:11:45:26:B6:E6:8C:22:C8:F0:00:C1:DB:3C:C6:85:C1:C4:13
Certificate issuer:       /CN=68b287f4-51cf-421c-923b-f0e384de5eea
Certificate serial:       010D0C9F4328584A9E966358EB23858657C9C400
Authority key identifier: 35:7E:4F:98:41:25:A3:72:03:F5:E2:BA:41:43:AE:4A:FA:E0:BC:1D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/68b287f4-51cf-421c-923b-f0e384de5eea.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/68b287f4-51cf-421c-923b-f0e384de5eea/2040fb79-7dc8-3434-ae0f-4850948ea219.roa
Signing time:             Thu 24 Jul 2025 01:00:50 +0000
ROA not before:           Thu 24 Jul 2025 01:00:50 +0000
ROA not after:            Wed 22 Oct 2025 01:00:50 +0000
asID:                     8069
IP address blocks:        20.153.12.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/68b287f4-51cf-421c-923b-f0e384de5eea/68b287f4-51cf-421c-923b-f0e384de5eea.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/68b287f4-51cf-421c-923b-f0e384de5eea/68b287f4-51cf-421c-923b-f0e384de5eea.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/68b287f4-51cf-421c-923b-f0e384de5eea.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Thu 07 Aug 2025 21:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:4a:9e:96:63:58:eb:23:85:86:57:c9:c4:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=68b287f4-51cf-421c-923b-f0e384de5eea
        Validity
            Not Before: Jul 24 01:00:50 2025 GMT
            Not After : Oct 22 01:00:50 2025 GMT
        Subject: CN=704c346f-0990-4fce-911d-2d55c452209d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:ef:75:f5:db:a7:5a:0a:64:c8:5b:ed:5e:10:
                    f4:e2:10:05:09:c0:83:59:4d:bb:4a:f4:70:31:99:
                    59:63:2e:25:87:93:55:17:bb:95:a7:f4:bd:3a:fb:
                    92:e8:fa:e1:e2:9e:bc:1f:4d:cb:90:05:ff:8d:f1:
                    76:bb:8c:1c:e9:8a:89:44:ca:0a:7f:eb:9a:d1:bf:
                    7f:2f:b1:12:6d:85:6c:c4:aa:29:0a:e6:c6:c8:81:
                    81:1e:de:a5:d6:36:72:5a:03:4e:de:38:75:18:64:
                    f1:c7:8c:b5:c9:63:cc:a8:f0:50:f0:14:f6:f2:a5:
                    8c:2f:a9:75:a1:86:c0:3d:a2:7c:97:97:86:3e:ff:
                    11:8d:17:48:81:8c:7c:94:ae:5b:e9:dc:8a:88:14:
                    59:1c:6c:21:b2:b6:a1:12:90:56:5e:a8:e6:6b:d8:
                    69:ea:4e:c6:fe:56:84:90:60:85:29:42:a3:f2:e1:
                    b3:0e:c4:e7:4a:09:11:80:1e:9e:90:eb:2d:8a:8d:
                    17:61:cb:4e:38:5b:66:6f:64:62:0f:ed:8d:6a:60:
                    3e:c3:eb:7b:b0:bf:d5:8c:ba:9c:4c:29:55:d6:70:
                    2e:cc:d9:91:f4:42:f2:2c:95:a9:9e:b3:42:45:be:
                    36:28:ea:56:62:cc:64:d9:52:63:77:cc:90:16:7c:
                    7b:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:B7:11:45:26:B6:E6:8C:22:C8:F0:00:C1:DB:3C:C6:85:C1:C4:13
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/68b287f4-51cf-421c-923b-f0e384de5eea/2040fb79-7dc8-3434-ae0f-4850948ea219.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/68b287f4-51cf-421c-923b-f0e384de5eea/68b287f4-51cf-421c-923b-f0e384de5eea.crl

            X509v3 Authority Key Identifier:
                keyid:35:7E:4F:98:41:25:A3:72:03:F5:E2:BA:41:43:AE:4A:FA:E0:BC:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/68b287f4-51cf-421c-923b-f0e384de5eea.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  20.153.12.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         09:ca:ec:1d:da:9d:f2:70:31:47:b2:cb:fe:4c:f5:04:86:0b:
         e4:54:83:2e:a2:76:86:f1:27:21:62:cb:92:eb:2b:f5:c2:00:
         b5:5a:46:c2:af:40:c4:89:cd:70:5b:f8:40:98:38:87:21:cc:
         f2:1b:ae:db:fb:62:05:e0:7b:77:06:75:8c:97:91:11:f7:49:
         98:20:4e:ad:3a:37:ab:dd:71:7e:9d:47:db:00:65:d7:9d:ab:
         38:3b:dd:e1:96:4b:35:1a:f4:54:73:da:f6:1b:a4:3c:b8:17:
         bd:06:7e:0e:2e:fc:e2:de:8c:8c:f2:cf:be:90:ff:dd:a5:89:
         85:1c:67:c6:8f:6e:20:04:41:b6:35:2f:36:8f:81:5c:6a:89:
         c1:f8:ac:dd:78:64:2c:9e:44:0e:6f:22:6e:c4:c7:ab:1a:4c:
         7d:88:e4:76:3b:dc:e0:2b:dc:b9:bd:d3:41:b9:36:ba:56:ab:
         f7:ba:40:37:78:a4:0d:41:f4:3d:5b:9a:d0:06:eb:79:51:67:
         70:4f:2c:56:9e:a5:42:c1:7e:8f:96:21:85:75:29:11:3e:41:
         07:6b:af:bc:f2:0d:cf:58:7c:8d:ea:42:8e:10:dc:d9:ff:dc:
         ac:b1:8d:c5:6a:bd:f0:56:52:3b:96:ce:89:a7:ed:26:90:dc:
         a7:1e:54:f9
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEqelmNY6yOFhlfJxAAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNjhiMjg3ZjQtNTFjZi00MjFjLTkyM2ItZjBlMzg0ZGU1
ZWVhMB4XDTI1MDcyNDAxMDA1MFoXDTI1MTAyMjAxMDA1MFowLzEtMCsGA1UEAxMk
NzA0YzM0NmYtMDk5MC00ZmNlLTkxMWQtMmQ1NWM0NTIyMDlkMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtu919dunWgpkyFvtXhD04hAFCcCDWU27SvRw
MZlZYy4lh5NVF7uVp/S9OvuS6Prh4p68H03LkAX/jfF2u4wc6YqJRMoKf+ua0b9/
L7ESbYVsxKopCubGyIGBHt6l1jZyWgNO3jh1GGTxx4y1yWPMqPBQ8BT28qWML6l1
oYbAPaJ8l5eGPv8RjRdIgYx8lK5b6dyKiBRZHGwhsrahEpBWXqjma9hp6k7G/laE
kGCFKUKj8uGzDsTnSgkRgB6ekOstio0XYctOOFtmb2RiD+2NamA+w+t7sL/VjLqc
TClV1nAuzNmR9ELyLJWpnrNCRb42KOpWYsxk2VJjd8yQFnx7wwIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFBC3EUUmtuaMIsjwAMHbPMaFwcQTMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzL2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS82OGIy
ODdmNC01MWNmLTQyMWMtOTIzYi1mMGUzODRkZTVlZWEvMjA0MGZiNzktN2RjOC0z
NDM0LWFlMGYtNDg1MDk0OGVhMjE5LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy9mNjBjOWYzMi1h
ODdjLTQzMzktYTJmMy02Mjk5YTNiMDJlMjkvNjhiMjg3ZjQtNTFjZi00MjFjLTky
M2ItZjBlMzg0ZGU1ZWVhLzY4YjI4N2Y0LTUxY2YtNDIxYy05MjNiLWYwZTM4NGRl
NWVlYS5jcmwwHwYDVR0jBBgwFoAUNX5PmEElo3ID9eK6QUOuSvrgvB0wDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzL2Y2MGM5ZjMyLWE4N2MtNDMz
OS1hMmYzLTYyOTlhM2IwMmUyOS82OGIyODdmNC01MWNmLTQyMWMtOTIzYi1mMGUz
ODRkZTVlZWEuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAFJkMMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAAnK7B3anfJwMUeyy/5M9QSGC+RUgy6idobxJyFiy5LrK/XCALVaRsKv
QMSJzXBb+ECYOIchzPIbrtv7YgXge3cGdYyXkRH3SZggTq06N6vdcX6dR9sAZded
qzg73eGWSzUa9FRz2vYbpDy4F70Gfg4u/OLejIzyz76Q/92liYUcZ8aPbiAEQbY1
LzaPgVxqicH4rN14ZCyeRA5vIm7Ex6saTH2I5HY73OAr3Lm900G5NrpWq/e6QDd4
pA1B9D1bmtAG63lRZ3BPLFaepULBfo+WIYV1KRE+QQdrr7zyDc9YfI3qQo4Q3Nn/
3KyxjcVqvfBWUjuWzomn7SaQ3KceVPk=
-----END CERTIFICATE-----
Generated at Tue Aug 5 20:21:14 2025 by rpki-client