Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/81a44566458e4578b67eed3053f820f5/1/326130623a346530373a61653a3a2f34382d3438203d3e20333937363538.roa
File:                     326130623a346530373a61653a3a2f34382d3438203d3e20333937363538.roa (raw, json)
Hash identifier:          nbk0dhd40pTcfxCQH0VMvwu+ictKuaPvHy47m77P0U4=
Subject key identifier:   38:DA:BF:43:9A:4C:05:27:F0:10:D4:A8:59:55:AE:31:AC:B8:26:F3
Certificate issuer:       /CN=5124C31FCFA4E82C4D0F6E09A30A04A55C9778BF
Certificate serial:       0152D498EA6CDD05BF3984F8F0A3872A0F0C6CA1
Authority key identifier: 51:24:C3:1F:CF:A4:E8:2C:4D:0F:6E:09:A3:0A:04:A5:5C:97:78:BF
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/5124C31FCFA4E82C4D0F6E09A30A04A55C9778BF.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/81a44566458e4578b67eed3053f820f5/1/326130623a346530373a61653a3a2f34382d3438203d3e20333937363538.roa
Signing time:             Fri 11 Jul 2025 19:56:17 +0000
ROA not before:           Fri 11 Jul 2025 19:51:17 +0000
ROA not after:            Fri 10 Jul 2026 19:56:17 +0000
asID:                     397658
IP address blocks:        2a0b:4e07:ae::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/81a44566458e4578b67eed3053f820f5/1/5124C31FCFA4E82C4D0F6E09A30A04A55C9778BF.crl
                          rsync://rpki-rps.arin.net/repository/81a44566458e4578b67eed3053f820f5/1/5124C31FCFA4E82C4D0F6E09A30A04A55C9778BF.mft
                          rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/5124C31FCFA4E82C4D0F6E09A30A04A55C9778BF.cer
                          rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/42E508FBA8960F48071B119ACCBF57BDBF3A8057.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/42E508FBA8960F48071B119ACCBF57BDBF3A8057.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QuUI-6iWD0gHGxGazL9Xvb86gFc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 23 Jul 2025 16:57:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:52:d4:98:ea:6c:dd:05:bf:39:84:f8:f0:a3:87:2a:0f:0c:6c:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5124C31FCFA4E82C4D0F6E09A30A04A55C9778BF
        Validity
            Not Before: Jul 11 19:51:17 2025 GMT
            Not After : Jul 10 19:56:17 2026 GMT
        Subject: CN=38DABF439A4C0527F010D4A85955AE31ACB826F3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:b5:da:e0:a2:29:88:d5:5f:4d:01:2c:45:36:
                    f7:69:fb:ab:04:73:01:bf:c2:40:63:03:c5:b8:98:
                    33:ea:0e:ca:6a:99:25:73:95:a1:61:3b:12:bf:25:
                    25:bd:28:32:17:60:cc:b8:4a:0f:43:39:89:91:82:
                    88:f8:91:bc:dd:82:7f:0b:dc:73:45:8a:69:b6:37:
                    29:df:41:8d:55:45:21:95:d3:c5:bd:ea:f9:c6:2f:
                    77:fa:ed:3d:01:f3:1f:c8:8b:6a:79:fc:47:2c:0b:
                    9c:9c:e5:54:0e:66:5f:65:dd:f3:c7:d6:fd:bf:65:
                    28:a0:5d:1d:78:29:01:00:8a:40:dc:fd:ce:25:08:
                    b0:72:99:1a:25:99:2a:a9:30:58:dd:70:74:7a:26:
                    bc:58:8b:af:7c:0a:e4:ec:83:2c:48:4e:07:2b:ee:
                    31:62:2a:f5:ed:12:06:d3:8c:d5:1a:9f:3a:28:ae:
                    f3:cc:17:38:3d:f0:31:b4:f2:61:c2:2a:fc:39:f1:
                    5d:a4:ec:0e:50:7c:6b:c2:ec:3c:32:0e:bf:3c:76:
                    2f:aa:2f:cc:9a:20:e1:dd:7d:a3:34:2c:86:f8:15:
                    23:ee:6d:33:4f:f1:0d:2d:0e:e1:ab:87:37:91:50:
                    21:5f:59:58:f8:4e:a2:36:60:e2:ef:eb:d4:93:16:
                    ed:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:DA:BF:43:9A:4C:05:27:F0:10:D4:A8:59:55:AE:31:AC:B8:26:F3
            X509v3 Authority Key Identifier:
                keyid:51:24:C3:1F:CF:A4:E8:2C:4D:0F:6E:09:A3:0A:04:A5:5C:97:78:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/81a44566458e4578b67eed3053f820f5/1/5124C31FCFA4E82C4D0F6E09A30A04A55C9778BF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/5124C31FCFA4E82C4D0F6E09A30A04A55C9778BF.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/81a44566458e4578b67eed3053f820f5/1/326130623a346530373a61653a3a2f34382d3438203d3e20333937363538.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0b:4e07:ae::/48

    Signature Algorithm: sha256WithRSAEncryption
         6b:27:ac:a4:ce:e2:e1:82:69:c9:ad:92:73:ce:dc:a2:31:04:
         25:a7:d2:1b:a0:31:45:de:5b:78:ab:8f:6d:a2:0c:5d:62:f6:
         9b:a1:59:86:0b:60:de:d4:96:0c:75:e2:48:14:8a:05:13:9a:
         73:14:9b:af:a2:42:47:27:62:a5:7e:dd:f8:b8:31:4b:be:cf:
         50:a9:b3:75:31:c0:cb:ed:2f:4b:4f:be:77:e8:e3:09:1d:37:
         f3:ed:83:47:66:4d:ba:cf:5b:4e:e6:a6:88:c8:c2:f3:65:be:
         15:78:92:30:5d:43:8b:a6:14:64:07:67:15:84:2e:c6:4d:50:
         fc:61:12:16:e0:59:d1:7e:2c:e6:d7:98:71:ee:76:06:23:8b:
         d6:b0:1b:b1:66:82:7d:e0:74:8d:a8:76:6f:e7:e7:24:78:fa:
         8a:73:e1:52:6f:8e:1c:48:50:52:7a:ca:87:de:f5:80:bc:f9:
         8e:93:31:bb:2e:15:01:7f:b9:22:75:e4:39:2d:6b:1e:c9:70:
         6b:20:f0:91:94:48:f4:de:72:6c:04:17:59:a7:6e:25:7c:92:
         f3:36:a2:b1:63:5a:0e:c3:aa:d5:0e:dd:d1:47:f2:9f:88:dc:
         af:e8:67:f9:65:e7:4c:2d:63:01:ee:ef:11:6b:7c:87:01:19:
         e6:c3:4c:97
-----BEGIN CERTIFICATE-----
MIIFXDCCBESgAwIBAgIUAVLUmOps3QW/OYT48KOHKg8MbKEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTEyNEMzMUZDRkE0RTgyQzREMEY2RTA5QTMwQTA0QTU1
Qzk3NzhCRjAeFw0yNTA3MTExOTUxMTdaFw0yNjA3MTAxOTU2MTdaMDMxMTAvBgNV
BAMTKDM4REFCRjQzOUE0QzA1MjdGMDEwRDRBODU5NTVBRTMxQUNCODI2RjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDqtdrgoimI1V9NASxFNvdp+6sE
cwG/wkBjA8W4mDPqDspqmSVzlaFhOxK/JSW9KDIXYMy4Sg9DOYmRgoj4kbzdgn8L
3HNFimm2NynfQY1VRSGV08W96vnGL3f67T0B8x/Ii2p5/EcsC5yc5VQOZl9l3fPH
1v2/ZSigXR14KQEAikDc/c4lCLBymRolmSqpMFjdcHR6JrxYi698CuTsgyxITgcr
7jFiKvXtEgbTjNUanzoorvPMFzg98DG08mHCKvw58V2k7A5QfGvC7DwyDr88di+q
L8yaIOHdfaM0LIb4FSPubTNP8Q0tDuGrhzeRUCFfWVj4TqI2YOLv69STFu0JAgMB
AAGjggJmMIICYjAdBgNVHQ4EFgQUONq/Q5pMBSfwENSoWVWuMay4JvMwHwYDVR0j
BBgwFoAUUSTDH8+k6CxND24JowoEpVyXeL8wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvODFhNDQ1NjY0NThlNDU3OGI2N2VlZDMwNTNmODIwZjUvMS81MTI0QzMxRkNG
QTRFODJDNEQwRjZFMDlBMzBBMDRBNTVDOTc3OEJGLmNybDCBngYIKwYBBQUHAQEE
gZEwgY4wgYsGCCsGAQUFBzAChn9yc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5LzczYjhlYzAxLThiYTUtNDc5Zi1hMjI5LTBhYjcwZTQ4
MTViYi8wLzUxMjRDMzFGQ0ZBNEU4MkM0RDBGNkUwOUEzMEEwNEE1NUM5Nzc4QkYu
Y2VyMIGoBggrBgEFBQcBCwSBmzCBmDCBlQYIKwYBBQUHMAuGgYhyc3luYzovL3Jw
a2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRvcnkvODFhNDQ1NjY0NThlNDU3OGI2N2Vl
ZDMwNTNmODIwZjUvMS8zMjYxMzA2MjNhMzQ2NTMwMzczYTYxNjUzYTNhMmYzNDM4
MmQzNDM4MjAzZDNlMjAzMzM5MzczNjM1Mzgucm9hMBgGA1UdIAEB/wQOMAwwCgYI
KwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAqC04HAK4wDQYJ
KoZIhvcNAQELBQADggEBAGsnrKTO4uGCacmtknPO3KIxBCWn0hugMUXeW3irj22i
DF1i9puhWYYLYN7Ulgx14kgUigUTmnMUm6+iQkcnYqV+3fi4MUu+z1Cps3UxwMvt
L0tPvnfo4wkdN/Ptg0dmTbrPW07mpojIwvNlvhV4kjBdQ4umFGQHZxWELsZNUPxh
EhbgWdF+LObXmHHudgYji9awG7Fmgn3gdI2odm/n5yR4+opz4VJvjhxIUFJ6yofe
9YC8+Y6TMbsuFQF/uSJ15Dktax7JcGsg8JGUSPTecmwEF1mnbiV8kvM2orFjWg7D
qtUO3dFH8p+I3K/oZ/ll50wtYwHu7xFrfIcBGebDTJc=
-----END CERTIFICATE-----
Generated at Wed Jul 23 01:58:13 2025 by rpki-client