Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848ade8587fa200185c5cb9bcb2bac/0/AS834.roa
File:                     AS834.roa (raw, json)
Hash identifier:          VNImQczshu6unwai3Xjoq+yUWhXMt/vAD3jFH+qCEWc=
Subject key identifier:   F6:2D:DB:77:D2:D0:5C:16:E5:E5:14:53:1A:54:B2:43:02:04:AA:3E
Certificate issuer:       /CN=72cc1fd28d4a04c8473c3ac0b19940270cbbf123f3c0b1f7f9
Certificate serial:       6A7566105B74106CCBE3FC4DB2DB6729EE59DB61
Authority key identifier: AB:5C:AF:A9:57:06:33:73:38:93:D9:1E:E4:B0:5A:1F:0E:CC:D0:6B
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/3f5e2e5b-c731-4db8-9b87-af9f8e58a1c6/72cc1fd28d4a04c8473c3ac0b19940270cbbf123f3c0b1f7f9.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848ade8587fa200185c5cb9bcb2bac/0/AS834.roa
Signing time:             Thu 01 May 2025 04:32:57 +0000
ROA not before:           Thu 01 May 2025 04:27:57 +0000
ROA not after:            Thu 30 Apr 2026 04:32:57 +0000
asID:                     834
IP address blocks:        104.234.104.0/24 maxlen: 24
                          104.234.136.0/24 maxlen: 24
                          104.234.192.0/24 maxlen: 24
                          104.234.202.0/23 maxlen: 24
                          104.234.206.0/23 maxlen: 24
                          104.234.209.0/24 maxlen: 24
                          206.53.63.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848ade8587fa200185c5cb9bcb2bac/0/AB5CAFA9570633733893D91EE4B05A1F0ECCD06B.crl
                          rsync://rpki-rps.arin.net/repository/8a848ade8587fa200185c5cb9bcb2bac/0/AB5CAFA9570633733893D91EE4B05A1F0ECCD06B.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/3f5e2e5b-c731-4db8-9b87-af9f8e58a1c6/72cc1fd28d4a04c8473c3ac0b19940270cbbf123f3c0b1f7f9.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/3f5e2e5b-c731-4db8-9b87-af9f8e58a1c6/3f5e2e5b-c731-4db8-9b87-af9f8e58a1c6.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/3f5e2e5b-c731-4db8-9b87-af9f8e58a1c6/3f5e2e5b-c731-4db8-9b87-af9f8e58a1c6.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/3f5e2e5b-c731-4db8-9b87-af9f8e58a1c6.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/76fe11d4-d352-4994-8f6c-d6c91b0b8415.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/76fe11d4-d352-4994-8f6c-d6c91b0b8415.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 07 May 2025 03:41:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6a:75:66:10:5b:74:10:6c:cb:e3:fc:4d:b2:db:67:29:ee:59:db:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72cc1fd28d4a04c8473c3ac0b19940270cbbf123f3c0b1f7f9
        Validity
            Not Before: May  1 04:27:57 2025 GMT
            Not After : Apr 30 04:32:57 2026 GMT
        Subject: CN=F62DDB77D2D05C16E5E514531A54B2430204AA3E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:6c:81:ab:db:d6:fd:cf:7b:57:8f:bb:51:0e:
                    44:99:d7:c2:77:23:6c:be:86:92:96:0a:f4:17:6c:
                    8e:a5:f6:51:ba:8d:be:91:64:7e:ee:46:61:2b:26:
                    27:e7:4b:24:50:7d:5f:82:b1:bb:cf:b6:d2:59:e2:
                    ea:97:99:be:5d:21:e0:06:0f:95:92:f4:ff:55:41:
                    e5:c7:d0:f4:e8:36:70:ca:b9:cd:c6:ff:f1:ff:01:
                    1b:3c:45:74:4a:b0:98:8d:6f:c7:e7:cf:99:41:29:
                    eb:0b:50:9d:46:54:75:16:84:0c:c6:19:f3:2c:50:
                    17:16:00:9b:58:61:72:69:85:92:8c:9f:d8:6c:ad:
                    78:da:6a:9a:f3:c2:c1:5f:c7:e1:7a:14:f7:94:0c:
                    ad:e0:01:8c:7b:bd:b5:56:96:ec:16:6b:fc:3a:a0:
                    16:64:f8:3e:19:bc:b6:7f:f6:6e:6f:0b:3e:49:4f:
                    78:b7:a1:5d:9c:a6:21:e9:21:40:0e:ea:e6:5a:17:
                    52:d4:ef:6f:3d:f2:6e:2f:2c:5a:d4:3b:c5:dc:80:
                    78:f3:23:fb:0d:2a:27:59:47:8d:c3:6e:ed:47:ba:
                    a2:04:55:56:fc:57:de:b3:28:8a:3c:ab:4e:37:42:
                    37:f9:d5:7b:bf:00:66:3c:24:13:08:e2:1e:bb:1b:
                    12:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:2D:DB:77:D2:D0:5C:16:E5:E5:14:53:1A:54:B2:43:02:04:AA:3E
            X509v3 Authority Key Identifier:
                keyid:AB:5C:AF:A9:57:06:33:73:38:93:D9:1E:E4:B0:5A:1F:0E:CC:D0:6B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848ade8587fa200185c5cb9bcb2bac/0/AB5CAFA9570633733893D91EE4B05A1F0ECCD06B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/3f5e2e5b-c731-4db8-9b87-af9f8e58a1c6/72cc1fd28d4a04c8473c3ac0b19940270cbbf123f3c0b1f7f9.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848ade8587fa200185c5cb9bcb2bac/0/AS834.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  104.234.104.0/24
                  104.234.136.0/24
                  104.234.192.0/24
                  104.234.202.0/23
                  104.234.206.0/23
                  104.234.209.0/24
                  206.53.63.0/24

    Signature Algorithm: sha256WithRSAEncryption
         40:e9:20:cc:2c:fa:39:48:f2:0b:d9:8f:58:61:92:5c:2b:34:
         9c:cc:4b:5d:dc:5d:0a:a3:10:d5:c7:b3:02:e2:b4:3d:e1:4c:
         e3:2d:79:69:07:5e:fd:28:d5:00:34:c3:a8:2b:36:25:99:f1:
         44:67:f2:e2:9b:49:6c:ac:85:bb:7d:18:9e:10:67:3a:6b:43:
         bf:35:58:d8:28:60:d6:73:44:b4:06:f1:6c:ba:da:62:4a:3a:
         17:b6:4e:eb:13:63:79:bd:55:1c:3f:a4:d3:b9:be:04:87:d8:
         ca:e8:2d:35:d3:93:d3:12:a6:f5:e0:12:f0:34:82:df:43:05:
         fd:02:5d:81:a3:c7:d6:79:17:98:d8:72:ce:c1:9d:c2:d8:9a:
         e7:d2:c4:91:ff:d2:13:63:99:c4:71:b0:70:29:04:4b:bf:23:
         13:b7:6c:ce:78:9b:63:4a:d9:a2:57:f5:08:29:a0:99:54:08:
         b5:9e:ac:5e:3f:3f:44:96:9c:f8:6c:ac:c8:ac:82:d1:b4:df:
         1d:bd:d1:8e:a1:2f:a2:aa:07:a0:9a:75:de:05:ac:f1:32:79:
         3d:2a:6d:00:11:4a:1e:bd:1b:14:4d:0f:66:b0:26:e1:7e:47:
         5b:b7:9f:da:38:b3:fc:61:d7:f3:da:65:c6:83:63:6b:38:54:
         f0:fd:bd:0b
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgIUanVmEFt0EGzL4/xNsttnKe5Z22EwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNzJjYzFmZDI4ZDRhMDRjODQ3M2MzYWMwYjE5OTQwMjcw
Y2JiZjEyM2YzYzBiMWY3ZjkwHhcNMjUwNTAxMDQyNzU3WhcNMjYwNDMwMDQzMjU3
WjAzMTEwLwYDVQQDEyhGNjJEREI3N0QyRDA1QzE2RTVFNTE0NTMxQTU0QjI0MzAy
MDRBQTNFMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2yBq9vW/c97
V4+7UQ5EmdfCdyNsvoaSlgr0F2yOpfZRuo2+kWR+7kZhKyYn50skUH1fgrG7z7bS
WeLql5m+XSHgBg+VkvT/VUHlx9D06DZwyrnNxv/x/wEbPEV0SrCYjW/H58+ZQSnr
C1CdRlR1FoQMxhnzLFAXFgCbWGFyaYWSjJ/YbK142mqa88LBX8fhehT3lAyt4AGM
e721VpbsFmv8OqAWZPg+Gby2f/Zubws+SU94t6FdnKYh6SFADurmWhdS1O9vPfJu
Lyxa1DvF3IB48yP7DSonWUeNw27tR7qiBFVW/FfesyiKPKtON0I3+dV7vwBmPCQT
COIeuxsSfwIDAQABo4ICoDCCApwwHQYDVR0OBBYEFPYt23fS0FwW5eUUUxpUskMC
BKo+MB8GA1UdIwQYMBaAFKtcr6lXBjNzOJPZHuSwWh8OzNBrMA4GA1UdDwEB/wQE
AwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6Ly9ycGtpLXJwcy5hcmluLm5l
dC9yZXBvc2l0b3J5LzhhODQ4YWRlODU4N2ZhMjAwMTg1YzVjYjliY2IyYmFjLzAv
QUI1Q0FGQTk1NzA2MzM3MzM4OTNEOTFFRTRCMDVBMUYwRUNDRDA2Qi5jcmwwgfMG
CCsGAQUFBwEBBIHmMIHjMIHgBggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmlu
Lm5ldC9yZXBvc2l0b3J5L2FyaW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2Ut
YjA4Yy0yMTcxZGEyMTU3ZDMvNzZmZTExZDQtZDM1Mi00OTk0LThmNmMtZDZjOTFi
MGI4NDE1LzNmNWUyZTViLWM3MzEtNGRiOC05Yjg3LWFmOWY4ZTU4YTFjNi83MmNj
MWZkMjhkNGEwNGM4NDczYzNhYzBiMTk5NDAyNzBjYmJmMTIzZjNjMGIxZjdmOS5j
ZXIwbQYIKwYBBQUHAQsEYTBfMF0GCCsGAQUFBzALhlFyc3luYzovL3Jwa2ktcnBz
LmFyaW4ubmV0L3JlcG9zaXRvcnkvOGE4NDhhZGU4NTg3ZmEyMDAxODVjNWNiOWJj
YjJiYWMvMC9BUzgzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBDBggr
BgEFBQcBBwEB/wQ0MDIwMAQCAAEwKgMEAGjqaAMEAGjqiAMEAGjqwAMEAWjqygME
AWjqzgMEAGjq0QMEAM41PzANBgkqhkiG9w0BAQsFAAOCAQEAQOkgzCz6OUjyC9mP
WGGSXCs0nMxLXdxdCqMQ1cezAuK0PeFM4y15aQde/SjVADTDqCs2JZnxRGfy4ptJ
bKyFu30YnhBnOmtDvzVY2Chg1nNEtAbxbLraYko6F7ZO6xNjeb1VHD+k07m+BIfY
yugtNdOT0xKm9eAS8DSC30MF/QJdgaPH1nkXmNhyzsGdwtia59LEkf/SE2OZxHGw
cCkES78jE7dsznibY0rZolf1CCmgmVQItZ6sXj8/RJac+GysyKyC0bTfHb3RjqEv
oqoHoJp13gWs8TJ5PSptABFKHr0bFE0PZrAm4X5HW7ef2jiz/GHX89plxoNjazhU
8P29Cw==
-----END CERTIFICATE-----