Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/81a44566458e4578b67eed3053f820f5/1/326130623a346530373a6265633a3a2f34372d3438203d3e203131393637.roa
File:                     326130623a346530373a6265633a3a2f34372d3438203d3e203131393637.roa (raw, json)
Hash identifier:          pgiftRtP60jU4GNed4+FTVS/Z7WDGAE4ZVDNCqo+zfA=
Subject key identifier:   9E:3E:79:0A:76:18:F8:FE:7D:28:E8:0A:B0:3B:CF:FD:3C:C7:23:06
Certificate issuer:       /CN=5124C31FCFA4E82C4D0F6E09A30A04A55C9778BF
Certificate serial:       0C7A9DACA9637F137FD8A5D64FFFD8D1E8D6902D
Authority key identifier: 51:24:C3:1F:CF:A4:E8:2C:4D:0F:6E:09:A3:0A:04:A5:5C:97:78:BF
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/5124C31FCFA4E82C4D0F6E09A30A04A55C9778BF.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/81a44566458e4578b67eed3053f820f5/1/326130623a346530373a6265633a3a2f34372d3438203d3e203131393637.roa
Signing time:             Tue 15 Jul 2025 12:33:14 +0000
ROA not before:           Tue 15 Jul 2025 12:28:14 +0000
ROA not after:            Tue 14 Jul 2026 12:33:14 +0000
asID:                     11967
IP address blocks:        2a0b:4e07:bec::/47 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/81a44566458e4578b67eed3053f820f5/1/5124C31FCFA4E82C4D0F6E09A30A04A55C9778BF.crl
                          rsync://rpki-rps.arin.net/repository/81a44566458e4578b67eed3053f820f5/1/5124C31FCFA4E82C4D0F6E09A30A04A55C9778BF.mft
                          rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/5124C31FCFA4E82C4D0F6E09A30A04A55C9778BF.cer
                          rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/42E508FBA8960F48071B119ACCBF57BDBF3A8057.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/42E508FBA8960F48071B119ACCBF57BDBF3A8057.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QuUI-6iWD0gHGxGazL9Xvb86gFc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 23 Jul 2025 16:57:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0c:7a:9d:ac:a9:63:7f:13:7f:d8:a5:d6:4f:ff:d8:d1:e8:d6:90:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5124C31FCFA4E82C4D0F6E09A30A04A55C9778BF
        Validity
            Not Before: Jul 15 12:28:14 2025 GMT
            Not After : Jul 14 12:33:14 2026 GMT
        Subject: CN=9E3E790A7618F8FE7D28E80AB03BCFFD3CC72306
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:91:4a:0d:6a:0f:23:09:fc:86:a4:dc:6f:91:
                    ed:0c:5b:86:67:c0:45:55:f0:a7:76:51:28:af:3b:
                    ab:e8:11:d5:87:07:2f:5c:16:d2:87:1d:95:81:7d:
                    4b:28:ef:83:31:6b:1f:77:b8:60:8e:3b:4d:19:18:
                    d8:e2:a4:8e:9d:eb:7d:72:2e:ba:86:f6:2d:e1:1f:
                    3c:bd:74:5c:8f:bd:c1:4b:9d:7f:3d:a8:00:9f:26:
                    df:fd:a6:0f:66:1e:f5:fd:b2:ff:bb:0d:69:23:c5:
                    a1:11:89:b6:35:d5:3d:af:c7:c0:4c:b2:2e:9c:84:
                    ac:53:2b:d2:cd:ec:32:91:b8:19:67:fb:9b:44:31:
                    b8:df:b1:46:eb:80:91:21:98:c7:e4:b1:ef:76:17:
                    cf:e1:0a:c2:4c:ef:aa:3e:74:52:6b:02:58:40:e7:
                    4b:b5:e5:17:ad:4b:c9:12:82:11:e7:d6:38:c4:47:
                    2c:db:98:53:c8:b4:4e:19:b8:2a:a8:d4:85:65:6b:
                    2c:07:be:8b:38:11:d1:75:b3:64:fa:ed:b2:fe:29:
                    c3:2d:5b:69:53:c9:fa:7c:cb:4b:07:ea:a8:64:26:
                    ef:9b:a3:44:fb:ed:85:48:16:0b:3c:56:01:19:75:
                    b8:96:b4:fb:14:41:b1:92:56:29:2a:4a:cd:61:6d:
                    26:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:3E:79:0A:76:18:F8:FE:7D:28:E8:0A:B0:3B:CF:FD:3C:C7:23:06
            X509v3 Authority Key Identifier:
                keyid:51:24:C3:1F:CF:A4:E8:2C:4D:0F:6E:09:A3:0A:04:A5:5C:97:78:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/81a44566458e4578b67eed3053f820f5/1/5124C31FCFA4E82C4D0F6E09A30A04A55C9778BF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/5124C31FCFA4E82C4D0F6E09A30A04A55C9778BF.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/81a44566458e4578b67eed3053f820f5/1/326130623a346530373a6265633a3a2f34372d3438203d3e203131393637.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0b:4e07:bec::/47

    Signature Algorithm: sha256WithRSAEncryption
         1e:ad:d1:0c:04:46:87:64:29:6b:82:3c:80:38:59:fe:66:4b:
         f0:e2:f4:f2:d2:e9:6e:23:37:18:d4:bf:f7:d7:1f:1c:9c:61:
         2d:3a:da:6e:96:30:c1:77:46:db:ad:9c:d0:ec:55:4a:13:76:
         ee:f3:ef:f4:e5:34:72:1f:02:cb:42:f9:c1:c9:d0:2b:47:0c:
         95:35:b4:64:c6:5c:6f:56:f7:d2:69:f2:cb:37:67:5f:eb:0c:
         cc:12:e4:d3:f8:6e:80:f2:22:86:8a:71:1e:ec:75:f4:1b:08:
         3a:1d:62:5f:51:2e:5c:4b:d4:d6:d2:77:d6:50:b9:77:b4:69:
         98:d0:91:2a:fc:86:05:e5:21:0b:8d:56:9d:42:24:94:60:99:
         9e:9a:46:93:c6:64:63:9b:99:56:5d:a2:4e:9a:d0:ee:d0:3f:
         17:d5:25:01:71:7d:fd:38:87:9e:30:fe:fe:1f:97:11:82:bf:
         1b:97:a3:29:70:05:07:21:29:78:8b:01:1e:ca:a3:bf:89:c1:
         fd:07:bc:d4:66:de:ce:3f:eb:65:80:81:f7:c9:78:bd:2c:6f:
         83:dd:f1:c4:7e:96:c4:ae:b8:ab:62:c7:06:e1:40:ab:9b:85:
         58:af:73:82:91:0d:1c:8e:e1:d4:c7:8f:c6:f5:a2:c7:22:37:
         0a:29:9c:8a
-----BEGIN CERTIFICATE-----
MIIFXDCCBESgAwIBAgIUDHqdrKljfxN/2KXWT//Y0ejWkC0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTEyNEMzMUZDRkE0RTgyQzREMEY2RTA5QTMwQTA0QTU1
Qzk3NzhCRjAeFw0yNTA3MTUxMjI4MTRaFw0yNjA3MTQxMjMzMTRaMDMxMTAvBgNV
BAMTKDlFM0U3OTBBNzYxOEY4RkU3RDI4RTgwQUIwM0JDRkZEM0NDNzIzMDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3kUoNag8jCfyGpNxvke0MW4Zn
wEVV8Kd2USivO6voEdWHBy9cFtKHHZWBfUso74Mxax93uGCOO00ZGNjipI6d631y
LrqG9i3hHzy9dFyPvcFLnX89qACfJt/9pg9mHvX9sv+7DWkjxaERibY11T2vx8BM
si6chKxTK9LN7DKRuBln+5tEMbjfsUbrgJEhmMfkse92F8/hCsJM76o+dFJrAlhA
50u15RetS8kSghHn1jjERyzbmFPItE4ZuCqo1IVlaywHvos4EdF1s2T67bL+KcMt
W2lTyfp8y0sH6qhkJu+bo0T77YVIFgs8VgEZdbiWtPsUQbGSVikqSs1hbSa7AgMB
AAGjggJmMIICYjAdBgNVHQ4EFgQUnj55CnYY+P59KOgKsDvP/TzHIwYwHwYDVR0j
BBgwFoAUUSTDH8+k6CxND24JowoEpVyXeL8wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvODFhNDQ1NjY0NThlNDU3OGI2N2VlZDMwNTNmODIwZjUvMS81MTI0QzMxRkNG
QTRFODJDNEQwRjZFMDlBMzBBMDRBNTVDOTc3OEJGLmNybDCBngYIKwYBBQUHAQEE
gZEwgY4wgYsGCCsGAQUFBzAChn9yc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5LzczYjhlYzAxLThiYTUtNDc5Zi1hMjI5LTBhYjcwZTQ4
MTViYi8wLzUxMjRDMzFGQ0ZBNEU4MkM0RDBGNkUwOUEzMEEwNEE1NUM5Nzc4QkYu
Y2VyMIGoBggrBgEFBQcBCwSBmzCBmDCBlQYIKwYBBQUHMAuGgYhyc3luYzovL3Jw
a2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRvcnkvODFhNDQ1NjY0NThlNDU3OGI2N2Vl
ZDMwNTNmODIwZjUvMS8zMjYxMzA2MjNhMzQ2NTMwMzczYTYyNjU2MzNhM2EyZjM0
MzcyZDM0MzgyMDNkM2UyMDMxMzEzOTM2Mzcucm9hMBgGA1UdIAEB/wQOMAwwCgYI
KwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwEqC04HC+wwDQYJ
KoZIhvcNAQELBQADggEBAB6t0QwERodkKWuCPIA4Wf5mS/Di9PLS6W4jNxjUv/fX
HxycYS062m6WMMF3RtutnNDsVUoTdu7z7/TlNHIfAstC+cHJ0CtHDJU1tGTGXG9W
99Jp8ss3Z1/rDMwS5NP4boDyIoaKcR7sdfQbCDodYl9RLlxL1NbSd9ZQuXe0aZjQ
kSr8hgXlIQuNVp1CJJRgmZ6aRpPGZGObmVZdok6a0O7QPxfVJQFxff04h54w/v4f
lxGCvxuXoylwBQchKXiLAR7Ko7+Jwf0HvNRm3s4/62WAgffJeL0sb4Pd8cR+lsSu
uKtixwbhQKubhVivc4KRDRyO4dTHj8b1osciNwopnIo=
-----END CERTIFICATE-----
Generated at Wed Jul 23 01:55:37 2025 by rpki-client