Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/68b287f4-51cf-421c-923b-f0e384de5eea/2040fb79-7dc8-3434-ae0f-4850948ea219.roa
File:                     2040fb79-7dc8-3434-ae0f-4850948ea219.roa (raw, json)
Hash identifier:          su0K9dF8JlpldWeM/bHbzqJMC9KRpy8CeGiuZk8aveU=
Subject key identifier:   2E:BF:E2:4B:1F:98:A2:CC:CB:25:0C:B7:81:14:E4:42:9C:F3:82:9A
Certificate issuer:       /CN=68b287f4-51cf-421c-923b-f0e384de5eea
Certificate serial:       010D0C9F43285849BF3FA6F12969279D850B6C00
Authority key identifier: 35:7E:4F:98:41:25:A3:72:03:F5:E2:BA:41:43:AE:4A:FA:E0:BC:1D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/68b287f4-51cf-421c-923b-f0e384de5eea.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/68b287f4-51cf-421c-923b-f0e384de5eea/2040fb79-7dc8-3434-ae0f-4850948ea219.roa
Signing time:             Mon 05 May 2025 01:00:49 +0000
ROA not before:           Mon 05 May 2025 01:00:49 +0000
ROA not after:            Sun 03 Aug 2025 01:00:49 +0000
asID:                     8069
IP address blocks:        20.153.12.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/68b287f4-51cf-421c-923b-f0e384de5eea/68b287f4-51cf-421c-923b-f0e384de5eea.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/68b287f4-51cf-421c-923b-f0e384de5eea/68b287f4-51cf-421c-923b-f0e384de5eea.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/68b287f4-51cf-421c-923b-f0e384de5eea.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 17 Jun 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:49:bf:3f:a6:f1:29:69:27:9d:85:0b:6c:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=68b287f4-51cf-421c-923b-f0e384de5eea
        Validity
            Not Before: May  5 01:00:49 2025 GMT
            Not After : Aug  3 01:00:49 2025 GMT
        Subject: CN=432aedb7-e697-4e63-b40d-8ba45a6e45ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:8b:7b:f4:de:bd:3d:6b:b7:86:15:49:c5:49:
                    aa:00:65:85:c9:75:7b:dd:16:68:99:49:99:ce:a1:
                    2c:cc:3a:ac:94:f7:ff:35:60:f2:fe:70:cb:d5:f8:
                    3b:b0:86:17:d7:d6:3e:d2:7f:f7:a0:f4:5f:9d:7b:
                    33:c8:2e:5d:1d:39:0a:b1:21:e6:a0:d7:e5:12:99:
                    ae:6c:6a:8a:fa:72:5a:01:f8:90:92:35:59:4c:63:
                    80:6d:5c:6b:d7:c5:d6:a0:3c:cb:8d:f7:80:e5:d5:
                    47:9c:e5:0f:9c:f3:8e:8c:91:04:2e:a8:1e:3a:ad:
                    b3:da:ba:72:3f:8e:d5:b1:3f:67:be:e0:6d:00:be:
                    1e:47:2c:d3:47:42:c0:bc:6f:6e:54:15:46:11:38:
                    eb:3c:e4:be:b4:17:1c:a9:b8:1a:b6:f3:b5:d3:92:
                    d0:78:9a:43:1f:c8:1b:89:b7:77:79:83:ef:de:c4:
                    bf:c3:23:f5:f2:a0:9e:1e:c8:ea:5c:47:39:c0:4d:
                    09:78:59:86:18:cb:3c:32:d4:43:05:d9:55:ca:e5:
                    8d:f3:bb:0c:cd:4b:4d:bd:25:74:a2:22:a5:32:80:
                    d0:0e:fb:d9:ef:e2:44:f1:76:a7:e3:ef:8f:1d:34:
                    65:a2:9d:cd:7e:b1:78:83:32:23:92:ae:1c:6d:cc:
                    df:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:BF:E2:4B:1F:98:A2:CC:CB:25:0C:B7:81:14:E4:42:9C:F3:82:9A
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/68b287f4-51cf-421c-923b-f0e384de5eea/2040fb79-7dc8-3434-ae0f-4850948ea219.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/68b287f4-51cf-421c-923b-f0e384de5eea/68b287f4-51cf-421c-923b-f0e384de5eea.crl

            X509v3 Authority Key Identifier:
                keyid:35:7E:4F:98:41:25:A3:72:03:F5:E2:BA:41:43:AE:4A:FA:E0:BC:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/68b287f4-51cf-421c-923b-f0e384de5eea.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  20.153.12.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         92:b7:bd:9a:18:06:53:27:b0:36:59:b1:93:72:29:24:a3:f4:
         b5:4e:6c:17:2a:cc:23:08:01:33:3e:9f:96:ff:c3:45:67:ac:
         ef:c7:c6:9c:cc:0a:c8:35:70:4b:79:57:a8:5c:0b:3a:a2:9a:
         d0:f9:1c:f6:a4:9a:07:d6:d6:19:52:1e:05:08:f2:e9:7d:aa:
         10:d5:8f:38:9f:7a:ed:63:e5:ff:07:24:e8:e4:4d:77:fd:4c:
         3e:59:95:2e:80:fd:f2:62:ab:3d:f0:49:e5:b7:3a:59:14:8d:
         9c:c3:e0:07:68:2e:a0:82:53:12:b7:06:36:43:ba:60:65:07:
         0f:4e:5e:c7:ff:f2:16:b0:93:58:28:2e:8c:6d:ea:33:8d:e5:
         21:ba:80:cc:6f:b2:b0:24:08:b0:8a:c5:f8:0f:a8:29:6e:71:
         1a:6e:fb:12:18:37:96:81:dd:88:cb:2f:16:e4:f0:22:3d:e4:
         ac:25:88:c9:26:00:db:f9:dc:fc:64:06:c2:52:39:25:c1:26:
         cc:0d:0f:11:cc:ca:4b:ef:d4:a8:22:18:dd:81:e7:5b:49:6f:
         22:ee:09:fd:b8:3c:62:a0:bf:b0:ee:17:bc:53:79:9f:e0:89:
         df:17:49:ec:1e:11:d5:49:d7:9d:58:c7:5b:16:4f:4e:f3:82:
         b5:e8:0f:dc
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEm/P6bxKWknnYULbAAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNjhiMjg3ZjQtNTFjZi00MjFjLTkyM2ItZjBlMzg0ZGU1
ZWVhMB4XDTI1MDUwNTAxMDA0OVoXDTI1MDgwMzAxMDA0OVowLzEtMCsGA1UEAxMk
NDMyYWVkYjctZTY5Ny00ZTYzLWI0MGQtOGJhNDVhNmU0NWZmMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh4t79N69PWu3hhVJxUmqAGWFyXV73RZomUmZ
zqEszDqslPf/NWDy/nDL1fg7sIYX19Y+0n/3oPRfnXszyC5dHTkKsSHmoNflEpmu
bGqK+nJaAfiQkjVZTGOAbVxr18XWoDzLjfeA5dVHnOUPnPOOjJEELqgeOq2z2rpy
P47VsT9nvuBtAL4eRyzTR0LAvG9uVBVGETjrPOS+tBccqbgatvO105LQeJpDH8gb
ibd3eYPv3sS/wyP18qCeHsjqXEc5wE0JeFmGGMs8MtRDBdlVyuWN87sMzUtNvSV0
oiKlMoDQDvvZ7+JE8Xan4++PHTRlop3NfrF4gzIjkq4cbczfyQIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFC6/4ksfmKLMyyUMt4EU5EKc84KaMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzL2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS82OGIy
ODdmNC01MWNmLTQyMWMtOTIzYi1mMGUzODRkZTVlZWEvMjA0MGZiNzktN2RjOC0z
NDM0LWFlMGYtNDg1MDk0OGVhMjE5LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy9mNjBjOWYzMi1h
ODdjLTQzMzktYTJmMy02Mjk5YTNiMDJlMjkvNjhiMjg3ZjQtNTFjZi00MjFjLTky
M2ItZjBlMzg0ZGU1ZWVhLzY4YjI4N2Y0LTUxY2YtNDIxYy05MjNiLWYwZTM4NGRl
NWVlYS5jcmwwHwYDVR0jBBgwFoAUNX5PmEElo3ID9eK6QUOuSvrgvB0wDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzL2Y2MGM5ZjMyLWE4N2MtNDMz
OS1hMmYzLTYyOTlhM2IwMmUyOS82OGIyODdmNC01MWNmLTQyMWMtOTIzYi1mMGUz
ODRkZTVlZWEuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAFJkMMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAJK3vZoYBlMnsDZZsZNyKSSj9LVObBcqzCMIATM+n5b/w0VnrO/HxpzM
Csg1cEt5V6hcCzqimtD5HPakmgfW1hlSHgUI8ul9qhDVjzifeu1j5f8HJOjkTXf9
TD5ZlS6A/fJiqz3wSeW3OlkUjZzD4AdoLqCCUxK3BjZDumBlBw9OXsf/8hawk1go
Loxt6jON5SG6gMxvsrAkCLCKxfgPqClucRpu+xIYN5aB3YjLLxbk8CI95KwliMkm
ANv53PxkBsJSOSXBJswNDxHMykvv1KgiGN2B51tJbyLuCf24PGKgv7DuF7xTeZ/g
id8XSeweEdVJ151Yx1sWT07zgrXoD9w=
-----END CERTIFICATE-----
Generated at Mon Jun 16 12:07:03 2025 by rpki-client