Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848ade8587fa200185c5cb9bcb2bac/0/AS834.roa
File:                     AS834.roa (raw, json)
Hash identifier:          sZga6p7f2xdHpXx5FFxmAVgD5i7Mai9pRNZriqG0Op4=
Subject key identifier:   AA:C2:31:F1:57:FC:98:3B:EB:B0:35:A5:E5:D6:41:19:2B:DA:D7:86
Certificate issuer:       /CN=72cc1fd28d4a04c8473c3ac0b19940270cbbf123f3c0b1f7f9
Certificate serial:       0271291DC692DB91A8573BF789F69078D23A9FFB
Authority key identifier: AB:5C:AF:A9:57:06:33:73:38:93:D9:1E:E4:B0:5A:1F:0E:CC:D0:6B
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/3f5e2e5b-c731-4db8-9b87-af9f8e58a1c6/72cc1fd28d4a04c8473c3ac0b19940270cbbf123f3c0b1f7f9.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848ade8587fa200185c5cb9bcb2bac/0/AS834.roa
Signing time:             Sat 18 Oct 2025 09:16:08 +0000
ROA not before:           Sat 18 Oct 2025 09:11:08 +0000
ROA not after:            Sat 17 Oct 2026 09:16:08 +0000
asID:                     834
IP address blocks:        104.234.40.0/23 maxlen: 24
                          104.234.136.0/24 maxlen: 24
                          104.234.192.0/24 maxlen: 24
                          104.234.194.0/24 maxlen: 24
                          104.234.201.0/24 maxlen: 24
                          104.234.202.0/23 maxlen: 24
                          104.234.206.0/23 maxlen: 24
                          104.234.209.0/24 maxlen: 24
                          206.53.63.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848ade8587fa200185c5cb9bcb2bac/0/AB5CAFA9570633733893D91EE4B05A1F0ECCD06B.crl
                          rsync://rpki-rps.arin.net/repository/8a848ade8587fa200185c5cb9bcb2bac/0/AB5CAFA9570633733893D91EE4B05A1F0ECCD06B.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/3f5e2e5b-c731-4db8-9b87-af9f8e58a1c6/72cc1fd28d4a04c8473c3ac0b19940270cbbf123f3c0b1f7f9.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/3f5e2e5b-c731-4db8-9b87-af9f8e58a1c6/3f5e2e5b-c731-4db8-9b87-af9f8e58a1c6.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/3f5e2e5b-c731-4db8-9b87-af9f8e58a1c6/3f5e2e5b-c731-4db8-9b87-af9f8e58a1c6.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/3f5e2e5b-c731-4db8-9b87-af9f8e58a1c6.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/76fe11d4-d352-4994-8f6c-d6c91b0b8415.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/76fe11d4-d352-4994-8f6c-d6c91b0b8415.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Mon 20 Oct 2025 07:47:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            02:71:29:1d:c6:92:db:91:a8:57:3b:f7:89:f6:90:78:d2:3a:9f:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72cc1fd28d4a04c8473c3ac0b19940270cbbf123f3c0b1f7f9
        Validity
            Not Before: Oct 18 09:11:08 2025 GMT
            Not After : Oct 17 09:16:08 2026 GMT
        Subject: CN=AAC231F157FC983BEBB035A5E5D641192BDAD786
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:a6:4b:24:84:22:f2:58:aa:1f:ef:f3:24:bc:
                    a3:70:f8:ef:fd:ef:46:9a:2a:8e:74:e0:26:d7:68:
                    de:4e:82:f5:e5:65:97:8e:94:e9:df:08:13:c3:88:
                    ce:88:17:65:c8:a4:4f:79:d9:64:f7:5f:25:3c:ed:
                    32:4f:96:d0:c8:00:c0:df:57:cc:d0:16:49:2e:fc:
                    04:a9:93:bb:10:e2:3c:2c:24:be:cf:83:2e:a5:2d:
                    39:2b:f6:76:58:50:09:7c:69:3e:23:1c:dd:f5:bc:
                    f1:e9:88:20:74:34:fa:69:2d:e8:a2:87:18:b1:1d:
                    2d:86:aa:fd:91:2e:d5:95:8a:75:b1:df:71:d9:92:
                    a2:99:41:94:cc:55:33:d6:a7:34:ff:d5:b6:f6:eb:
                    d1:98:99:d3:e4:82:a9:51:31:61:96:e1:2b:bf:b6:
                    12:6b:ac:eb:38:45:87:16:4d:de:5f:00:86:26:9d:
                    dd:e0:78:c6:88:bf:82:ee:23:59:70:51:5b:8f:e9:
                    d9:3f:c3:ae:e2:b5:57:5c:61:c7:e0:34:20:49:9e:
                    c5:f5:be:64:6e:cf:bf:dc:36:c9:43:fb:f2:5f:1e:
                    91:e6:09:ae:f8:47:0d:73:b5:0d:a5:64:79:14:86:
                    62:f4:e0:70:61:89:1d:70:91:4d:fc:a0:72:5c:b5:
                    ae:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:C2:31:F1:57:FC:98:3B:EB:B0:35:A5:E5:D6:41:19:2B:DA:D7:86
            X509v3 Authority Key Identifier:
                keyid:AB:5C:AF:A9:57:06:33:73:38:93:D9:1E:E4:B0:5A:1F:0E:CC:D0:6B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848ade8587fa200185c5cb9bcb2bac/0/AB5CAFA9570633733893D91EE4B05A1F0ECCD06B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/3f5e2e5b-c731-4db8-9b87-af9f8e58a1c6/72cc1fd28d4a04c8473c3ac0b19940270cbbf123f3c0b1f7f9.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848ade8587fa200185c5cb9bcb2bac/0/AS834.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  104.234.40.0/23
                  104.234.136.0/24
                  104.234.192.0/24
                  104.234.194.0/24
                  104.234.201.0-104.234.203.255
                  104.234.206.0/23
                  104.234.209.0/24
                  206.53.63.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8d:9d:b6:f8:09:9c:fc:71:52:81:4a:72:ec:00:64:87:4a:45:
         2e:da:93:3f:95:3c:a5:cf:57:42:1f:35:b1:30:ee:36:20:23:
         91:1e:b8:1c:e9:45:fb:f9:d3:ce:35:a0:4f:89:e1:e7:b7:67:
         5c:cb:d5:b3:63:03:49:04:ee:51:a6:42:84:f1:46:cd:73:1c:
         1e:00:a5:99:0c:6d:50:60:95:d1:61:5c:f0:aa:e0:f7:49:0c:
         0f:2e:8a:bb:f7:b5:2c:5a:87:5f:f0:94:e6:a2:2c:6c:d7:00:
         2b:c3:c1:4c:54:b0:fe:63:0b:2a:43:20:89:80:e5:47:64:41:
         c0:5a:8a:f2:0d:e2:97:49:d6:24:ef:44:c4:a7:9d:42:a5:75:
         93:3b:c2:58:74:2d:0d:66:ad:9d:92:02:9d:f5:87:8a:5a:67:
         e3:1a:80:dc:7c:c9:e1:cc:85:45:9a:4c:73:5e:b5:0c:d9:23:
         cc:83:14:16:d9:85:7d:e2:10:f0:da:8b:d0:2e:82:8b:88:86:
         af:64:65:a0:d3:6b:73:ea:84:39:34:be:86:a4:ba:45:37:e3:
         63:77:7a:5e:b4:44:af:8a:ba:2c:e6:58:93:c0:a0:56:b1:a9:
         03:a5:49:a9:ee:ed:5f:fe:f9:54:af:cb:8f:4b:93:0c:73:ca:
         af:d2:3e:da
-----BEGIN CERTIFICATE-----
MIIFrjCCBJagAwIBAgIUAnEpHcaS25GoVzv3ifaQeNI6n/swDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNzJjYzFmZDI4ZDRhMDRjODQ3M2MzYWMwYjE5OTQwMjcw
Y2JiZjEyM2YzYzBiMWY3ZjkwHhcNMjUxMDE4MDkxMTA4WhcNMjYxMDE3MDkxNjA4
WjAzMTEwLwYDVQQDEyhBQUMyMzFGMTU3RkM5ODNCRUJCMDM1QTVFNUQ2NDExOTJC
REFENzg2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwaZLJIQi8liq
H+/zJLyjcPjv/e9GmiqOdOAm12jeToL15WWXjpTp3wgTw4jOiBdlyKRPedlk918l
PO0yT5bQyADA31fM0BZJLvwEqZO7EOI8LCS+z4MupS05K/Z2WFAJfGk+Ixzd9bzx
6YggdDT6aS3ooocYsR0thqr9kS7VlYp1sd9x2ZKimUGUzFUz1qc0/9W29uvRmJnT
5IKpUTFhluErv7YSa6zrOEWHFk3eXwCGJp3d4HjGiL+C7iNZcFFbj+nZP8Ou4rVX
XGHH4DQgSZ7F9b5kbs+/3DbJQ/vyXx6R5gmu+EcNc7UNpWR5FIZi9OBwYYkdcJFN
/KByXLWuwwIDAQABo4ICrjCCAqowHQYDVR0OBBYEFKrCMfFX/Jg767A1peXWQRkr
2teGMB8GA1UdIwQYMBaAFKtcr6lXBjNzOJPZHuSwWh8OzNBrMA4GA1UdDwEB/wQE
AwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6Ly9ycGtpLXJwcy5hcmluLm5l
dC9yZXBvc2l0b3J5LzhhODQ4YWRlODU4N2ZhMjAwMTg1YzVjYjliY2IyYmFjLzAv
QUI1Q0FGQTk1NzA2MzM3MzM4OTNEOTFFRTRCMDVBMUYwRUNDRDA2Qi5jcmwwgfMG
CCsGAQUFBwEBBIHmMIHjMIHgBggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmlu
Lm5ldC9yZXBvc2l0b3J5L2FyaW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2Ut
YjA4Yy0yMTcxZGEyMTU3ZDMvNzZmZTExZDQtZDM1Mi00OTk0LThmNmMtZDZjOTFi
MGI4NDE1LzNmNWUyZTViLWM3MzEtNGRiOC05Yjg3LWFmOWY4ZTU4YTFjNi83MmNj
MWZkMjhkNGEwNGM4NDczYzNhYzBiMTk5NDAyNzBjYmJmMTIzZjNjMGIxZjdmOS5j
ZXIwbQYIKwYBBQUHAQsEYTBfMF0GCCsGAQUFBzALhlFyc3luYzovL3Jwa2ktcnBz
LmFyaW4ubmV0L3JlcG9zaXRvcnkvOGE4NDhhZGU4NTg3ZmEyMDAxODVjNWNiOWJj
YjJiYWMvMC9BUzgzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBRBggr
BgEFBQcBBwEB/wRCMEAwPgQCAAEwOAMEAWjqKAMEAGjqiAMEAGjqwAMEAGjqwjAM
AwQAaOrJAwQCaOrIAwQBaOrOAwQAaOrRAwQAzjU/MA0GCSqGSIb3DQEBCwUAA4IB
AQCNnbb4CZz8cVKBSnLsAGSHSkUu2pM/lTylz1dCHzWxMO42ICORHrgc6UX7+dPO
NaBPieHnt2dcy9WzYwNJBO5RpkKE8UbNcxweAKWZDG1QYJXRYVzwquD3SQwPLoq7
97UsWodf8JTmoixs1wArw8FMVLD+YwsqQyCJgOVHZEHAWoryDeKXSdYk70TEp51C
pXWTO8JYdC0NZq2dkgKd9YeKWmfjGoDcfMnhzIVFmkxzXrUM2SPMgxQW2YV94hDw
2ovQLoKLiIavZGWg02tz6oQ5NL6GpLpFN+Njd3petESviros5liTwKBWsakDpUmp
7u1f/vlUr8uPS5MMc8qv0j7a
-----END CERTIFICATE-----
Generated at Sun Oct 19 14:43:30 2025 by rpki-client