Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/81a44566458e4578b67eed3053f820f5/1/326130623a346530373a33613a3a2f34382d3438203d3e20323134333639.roa
File:                     326130623a346530373a33613a3a2f34382d3438203d3e20323134333639.roa (raw, json)
Hash identifier:          Gh8yek4cgBUiapt14w5NNqUAFim190dYNFmoIe5jdzU=
Subject key identifier:   8A:41:D0:9A:0F:F0:91:8F:20:DA:AA:BE:97:2E:34:FA:11:8E:2A:24
Certificate issuer:       /CN=5124C31FCFA4E82C4D0F6E09A30A04A55C9778BF
Certificate serial:       39812E308593C2F3DC308820D3DB0C5E7DFF27E7
Authority key identifier: 51:24:C3:1F:CF:A4:E8:2C:4D:0F:6E:09:A3:0A:04:A5:5C:97:78:BF
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/5124C31FCFA4E82C4D0F6E09A30A04A55C9778BF.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/81a44566458e4578b67eed3053f820f5/1/326130623a346530373a33613a3a2f34382d3438203d3e20323134333639.roa
Signing time:             Wed 09 Jul 2025 19:38:45 +0000
ROA not before:           Wed 09 Jul 2025 19:33:45 +0000
ROA not after:            Wed 08 Jul 2026 19:38:45 +0000
asID:                     214369
IP address blocks:        2a0b:4e07:3a::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/81a44566458e4578b67eed3053f820f5/1/5124C31FCFA4E82C4D0F6E09A30A04A55C9778BF.crl
                          rsync://rpki-rps.arin.net/repository/81a44566458e4578b67eed3053f820f5/1/5124C31FCFA4E82C4D0F6E09A30A04A55C9778BF.mft
                          rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/5124C31FCFA4E82C4D0F6E09A30A04A55C9778BF.cer
                          rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/42E508FBA8960F48071B119ACCBF57BDBF3A8057.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/42E508FBA8960F48071B119ACCBF57BDBF3A8057.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QuUI-6iWD0gHGxGazL9Xvb86gFc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 23 Jul 2025 16:57:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            39:81:2e:30:85:93:c2:f3:dc:30:88:20:d3:db:0c:5e:7d:ff:27:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5124C31FCFA4E82C4D0F6E09A30A04A55C9778BF
        Validity
            Not Before: Jul  9 19:33:45 2025 GMT
            Not After : Jul  8 19:38:45 2026 GMT
        Subject: CN=8A41D09A0FF0918F20DAAABE972E34FA118E2A24
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:27:7c:8a:54:5c:76:0a:e3:3f:67:c3:27:cc:
                    30:07:09:a3:84:aa:f4:d0:d9:06:d8:ae:a0:48:a3:
                    23:ae:50:32:94:9c:05:48:07:22:de:8d:cf:99:50:
                    30:38:9b:a2:43:8a:f6:cb:69:6d:83:4a:21:2c:9d:
                    aa:b7:2e:89:1c:3e:fb:be:b3:2b:82:ea:02:3e:80:
                    2d:ae:39:51:77:3c:3a:73:a3:1d:fe:d8:d2:16:ab:
                    ad:59:84:68:0e:de:31:9f:51:f9:bb:b0:05:67:77:
                    23:f7:b0:ed:7e:d6:79:93:9c:83:fd:3e:93:c7:08:
                    13:79:84:4d:79:6d:b8:66:e2:5d:6f:f7:0d:02:5c:
                    6b:4e:13:7f:fd:a5:a3:bc:a1:60:36:28:85:4a:cc:
                    41:dc:a0:72:e0:4e:70:85:bb:ac:d1:b8:81:72:93:
                    a4:b3:7a:b2:78:db:b6:8e:6e:3e:9f:a7:f6:5f:77:
                    e8:e1:33:c8:bd:64:7b:7f:e1:0a:e0:42:50:69:b4:
                    bd:98:5f:5d:ab:73:9d:dd:52:4d:24:33:e3:ae:99:
                    43:d6:68:0a:df:fc:12:3b:65:6e:9b:4a:20:aa:1a:
                    12:9a:95:bc:0d:65:3f:e4:42:58:de:0a:9b:be:e3:
                    76:0a:88:83:33:77:31:ec:83:22:56:6a:59:8a:d8:
                    01:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:41:D0:9A:0F:F0:91:8F:20:DA:AA:BE:97:2E:34:FA:11:8E:2A:24
            X509v3 Authority Key Identifier:
                keyid:51:24:C3:1F:CF:A4:E8:2C:4D:0F:6E:09:A3:0A:04:A5:5C:97:78:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/81a44566458e4578b67eed3053f820f5/1/5124C31FCFA4E82C4D0F6E09A30A04A55C9778BF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/5124C31FCFA4E82C4D0F6E09A30A04A55C9778BF.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/81a44566458e4578b67eed3053f820f5/1/326130623a346530373a33613a3a2f34382d3438203d3e20323134333639.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0b:4e07:3a::/48

    Signature Algorithm: sha256WithRSAEncryption
         34:84:42:c9:e8:2c:f7:7a:52:c2:d8:ae:7d:ec:36:12:ff:d7:
         1c:00:0c:b8:63:ed:a1:ba:e0:0c:cf:18:4f:c0:32:c1:41:71:
         8b:92:bc:1a:84:d0:bd:3e:bd:45:29:c3:81:da:59:40:05:b5:
         1b:71:6b:b2:88:a6:5f:e2:c0:dc:db:9f:1f:a0:18:98:09:15:
         59:c2:14:a1:d1:b1:8f:09:bf:1c:0e:87:f9:fd:35:68:8c:af:
         34:04:e8:be:61:be:74:c3:31:a6:b7:a0:71:d0:c0:c2:ec:04:
         16:e0:a4:a4:a5:05:7e:7b:5e:58:ce:89:85:e8:61:2c:72:03:
         cc:b4:00:87:bd:42:2b:f1:7a:73:31:3e:1b:b3:9c:5d:e0:1d:
         23:be:a4:47:68:c7:60:e7:24:cd:a5:3f:3a:42:92:b2:61:f2:
         34:df:11:50:54:31:e7:1d:5c:2a:64:ed:61:4b:5c:d6:33:d3:
         e7:1c:40:87:c7:de:02:5b:cc:07:3b:2e:5f:df:94:de:2a:2e:
         9c:21:2c:96:3b:dd:0f:c5:9d:f7:ba:25:07:34:de:36:72:cf:
         7e:86:06:b2:6f:84:02:a7:40:fa:f7:24:a9:9b:9e:7f:e5:44:
         db:5d:2a:af:a6:6c:b1:48:de:50:f1:b8:e0:bf:b5:63:6f:fa:
         a2:0e:49:dc
-----BEGIN CERTIFICATE-----
MIIFXDCCBESgAwIBAgIUOYEuMIWTwvPcMIgg09sMXn3/J+cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTEyNEMzMUZDRkE0RTgyQzREMEY2RTA5QTMwQTA0QTU1
Qzk3NzhCRjAeFw0yNTA3MDkxOTMzNDVaFw0yNjA3MDgxOTM4NDVaMDMxMTAvBgNV
BAMTKDhBNDFEMDlBMEZGMDkxOEYyMERBQUFCRTk3MkUzNEZBMTE4RTJBMjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVJ3yKVFx2CuM/Z8MnzDAHCaOE
qvTQ2QbYrqBIoyOuUDKUnAVIByLejc+ZUDA4m6JDivbLaW2DSiEsnaq3LokcPvu+
syuC6gI+gC2uOVF3PDpzox3+2NIWq61ZhGgO3jGfUfm7sAVndyP3sO1+1nmTnIP9
PpPHCBN5hE15bbhm4l1v9w0CXGtOE3/9paO8oWA2KIVKzEHcoHLgTnCFu6zRuIFy
k6SzerJ427aObj6fp/Zfd+jhM8i9ZHt/4QrgQlBptL2YX12rc53dUk0kM+OumUPW
aArf/BI7ZW6bSiCqGhKalbwNZT/kQljeCpu+43YKiIMzdzHsgyJWalmK2AE/AgMB
AAGjggJmMIICYjAdBgNVHQ4EFgQUikHQmg/wkY8g2qq+ly40+hGOKiQwHwYDVR0j
BBgwFoAUUSTDH8+k6CxND24JowoEpVyXeL8wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvODFhNDQ1NjY0NThlNDU3OGI2N2VlZDMwNTNmODIwZjUvMS81MTI0QzMxRkNG
QTRFODJDNEQwRjZFMDlBMzBBMDRBNTVDOTc3OEJGLmNybDCBngYIKwYBBQUHAQEE
gZEwgY4wgYsGCCsGAQUFBzAChn9yc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5LzczYjhlYzAxLThiYTUtNDc5Zi1hMjI5LTBhYjcwZTQ4
MTViYi8wLzUxMjRDMzFGQ0ZBNEU4MkM0RDBGNkUwOUEzMEEwNEE1NUM5Nzc4QkYu
Y2VyMIGoBggrBgEFBQcBCwSBmzCBmDCBlQYIKwYBBQUHMAuGgYhyc3luYzovL3Jw
a2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRvcnkvODFhNDQ1NjY0NThlNDU3OGI2N2Vl
ZDMwNTNmODIwZjUvMS8zMjYxMzA2MjNhMzQ2NTMwMzczYTMzNjEzYTNhMmYzNDM4
MmQzNDM4MjAzZDNlMjAzMjMxMzQzMzM2Mzkucm9hMBgGA1UdIAEB/wQOMAwwCgYI
KwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAqC04HADowDQYJ
KoZIhvcNAQELBQADggEBADSEQsnoLPd6UsLYrn3sNhL/1xwADLhj7aG64AzPGE/A
MsFBcYuSvBqE0L0+vUUpw4HaWUAFtRtxa7KIpl/iwNzbnx+gGJgJFVnCFKHRsY8J
vxwOh/n9NWiMrzQE6L5hvnTDMaa3oHHQwMLsBBbgpKSlBX57XljOiYXoYSxyA8y0
AIe9QivxenMxPhuznF3gHSO+pEdox2DnJM2lPzpCkrJh8jTfEVBUMecdXCpk7WFL
XNYz0+ccQIfH3gJbzAc7Ll/flN4qLpwhLJY73Q/Fnfe6JQc03jZyz36GBrJvhAKn
QPr3JKmbnn/lRNtdKq+mbLFI3lDxuOC/tWNv+qIOSdw=
-----END CERTIFICATE-----
Generated at Wed Jul 23 01:53:06 2025 by rpki-client