Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/326130303a643165303a3a2f33322d3332203d3e203132383433.roa
File:                     326130303a643165303a3a2f33322d3332203d3e203132383433.roa (raw, json)
Hash identifier:          eTqWa3mXnCagsmRXIQ2svhQfQVgPaOEQd4pArqwMYog=
Subject key identifier:   ED:B6:98:16:B7:98:2C:8D:5A:D9:38:E2:93:BC:89:F0:98:2D:A3:14
Certificate issuer:       /CN=eb2c7e62503b0634eb4ab53f88c06950ac76dcd1
Certificate serial:       281D1F4EC1F9F9B761CF89EEC7EBA3062E7E16DF
Authority key identifier: EB:2C:7E:62:50:3B:06:34:EB:4A:B5:3F:88:C0:69:50:AC:76:DC:D1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6yx-YlA7BjTrSrU_iMBpUKx23NE.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/326130303a643165303a3a2f33322d3332203d3e203132383433.roa
Signing time:             Thu 24 Jul 2025 19:13:48 +0000
ROA not before:           Thu 24 Jul 2025 19:08:48 +0000
ROA not after:            Thu 23 Jul 2026 19:13:48 +0000
asID:                     12843
IP address blocks:        2a00:d1e0::/32 maxlen: 32
Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/EB2C7E62503B0634EB4AB53F88C06950AC76DCD1.crl
                          rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/EB2C7E62503B0634EB4AB53F88C06950AC76DCD1.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6yx-YlA7BjTrSrU_iMBpUKx23NE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 29 Jul 2025 04:16:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            28:1d:1f:4e:c1:f9:f9:b7:61:cf:89:ee:c7:eb:a3:06:2e:7e:16:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eb2c7e62503b0634eb4ab53f88c06950ac76dcd1
        Validity
            Not Before: Jul 24 19:08:48 2025 GMT
            Not After : Jul 23 19:13:48 2026 GMT
        Subject: CN=EDB69816B7982C8D5AD938E293BC89F0982DA314
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:ed:48:bb:2c:d8:21:44:55:bf:3c:47:5f:5d:
                    6b:63:e7:39:c3:83:3f:be:2f:f9:33:82:2d:44:8b:
                    c6:e7:89:3a:95:f1:6f:eb:37:3a:98:5d:f3:b2:5d:
                    4d:99:77:aa:ad:27:ca:d0:37:db:ed:12:43:ec:48:
                    f4:1c:f7:86:54:72:a9:e1:59:0e:ec:95:a2:25:a8:
                    fc:1a:08:c8:f0:04:9f:9c:d6:d6:65:23:46:1e:9d:
                    65:eb:3a:c3:a2:9e:88:15:9f:f8:e0:31:60:72:42:
                    74:57:53:c7:a7:7c:17:66:e4:6d:ab:bb:d1:3e:60:
                    44:b5:70:2b:bd:6f:1f:4e:26:39:c0:79:a4:00:0d:
                    5f:c8:1d:51:ec:b4:4c:a0:3e:57:0c:21:39:a5:e7:
                    f7:51:52:87:f4:73:14:d6:1b:07:8c:1b:b6:04:ad:
                    b1:f1:fc:96:0a:ba:2a:1f:4b:55:52:33:bd:35:12:
                    00:25:94:f1:0e:8a:78:b6:bb:7b:60:ba:96:20:dd:
                    73:47:fc:b9:08:a4:da:79:f7:1b:c7:20:39:30:0e:
                    cc:81:1d:0b:30:ff:5e:13:97:84:b8:f8:d9:5a:0c:
                    d4:4e:ae:86:c8:41:9c:06:58:c1:86:9d:17:13:53:
                    98:70:4a:23:17:32:27:b5:ad:3f:db:21:fc:52:93:
                    a5:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:B6:98:16:B7:98:2C:8D:5A:D9:38:E2:93:BC:89:F0:98:2D:A3:14
            X509v3 Authority Key Identifier:
                keyid:EB:2C:7E:62:50:3B:06:34:EB:4A:B5:3F:88:C0:69:50:AC:76:DC:D1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/EB2C7E62503B0634EB4AB53F88C06950AC76DCD1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6yx-YlA7BjTrSrU_iMBpUKx23NE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/326130303a643165303a3a2f33322d3332203d3e203132383433.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a00:d1e0::/32

    Signature Algorithm: sha256WithRSAEncryption
         2b:b6:50:10:f2:9b:ac:22:a6:2f:50:9b:f3:e9:d2:88:45:b9:
         b0:80:09:a5:cf:9b:db:49:c6:dc:bf:9e:5c:04:fc:4e:95:36:
         cf:aa:66:df:16:24:da:da:be:6f:7d:c3:c4:98:01:22:82:53:
         9b:c4:6e:05:93:2c:c8:94:69:18:e5:ab:94:fc:89:3f:06:c6:
         28:7b:72:aa:24:32:f2:61:29:0d:ed:c9:c3:bc:a2:91:30:90:
         3d:08:b5:52:7c:de:73:a8:7f:06:b8:5e:c9:33:2e:48:37:b2:
         93:4c:80:93:c0:81:af:4d:6f:f1:64:c2:ce:d3:cb:35:8a:98:
         12:80:9a:e8:7d:f3:c6:bb:05:64:48:1d:c4:c4:13:d6:9d:50:
         79:70:d5:4c:ff:5d:eb:e0:03:63:2b:e6:c6:99:16:89:96:67:
         20:76:91:79:e9:9f:4b:1e:3a:98:b9:e3:06:6d:16:07:a8:5e:
         25:d2:5b:1b:4c:ec:c1:b5:19:1a:9f:c8:8b:76:32:eb:b8:3a:
         4f:31:3b:54:5c:0d:aa:09:ca:b9:86:c2:ef:d3:28:87:e7:c0:
         c3:cf:cd:b4:fe:97:f8:90:46:a1:86:ae:ea:0c:6a:dd:26:c7:
         5b:78:c9:8e:fb:f7:31:66:38:73:b1:aa:70:7a:2d:e4:17:01:
         b8:ff:d8:4e
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIUKB0fTsH5+bdhz4nux+ujBi5+Ft8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZWIyYzdlNjI1MDNiMDYzNGViNGFiNTNmODhjMDY5NTBh
Yzc2ZGNkMTAeFw0yNTA3MjQxOTA4NDhaFw0yNjA3MjMxOTEzNDhaMDMxMTAvBgNV
BAMTKEVEQjY5ODE2Qjc5ODJDOEQ1QUQ5MzhFMjkzQkM4OUYwOTgyREEzMTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA7Ui7LNghRFW/PEdfXWtj5znD
gz++L/kzgi1Ei8bniTqV8W/rNzqYXfOyXU2Zd6qtJ8rQN9vtEkPsSPQc94ZUcqnh
WQ7slaIlqPwaCMjwBJ+c1tZlI0YenWXrOsOinogVn/jgMWByQnRXU8enfBdm5G2r
u9E+YES1cCu9bx9OJjnAeaQADV/IHVHstEygPlcMITml5/dRUof0cxTWGweMG7YE
rbHx/JYKuiofS1VSM701EgAllPEOini2u3tgupYg3XNH/LkIpNp59xvHIDkwDsyB
HQsw/14Tl4S4+NlaDNROrobIQZwGWMGGnRcTU5hwSiMXMie1rT/bIfxSk6VXAgMB
AAGjggIhMIICHTAdBgNVHQ4EFgQU7baYFreYLI1a2Tjik7yJ8JgtoxQwHwYDVR0j
BBgwFoAU6yx+YlA7BjTrSrU/iMBpUKx23NEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGU4MmQ1ZGU0MTAxODNmNjg2NjEwODRiODYvMS9FQjJDN0U2MjUw
M0IwNjM0RUI0QUI1M0Y4OEMwNjk1MEFDNzZEQ0QxLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNnl4LVlsQTdCalRyU3JVX2lNQnBVS3gyM05FLmNlcjCBoAYIKwYB
BQUHAQsEgZMwgZAwgY0GCCsGAQUFBzALhoGAcnN5bmM6Ly9ycGtpLXJwcy5hcmlu
Lm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRlODJkNWRlNDEwMTgzZjY4NjYxMDg0Yjg2
LzEvMzI2MTMwMzAzYTY0MzE2NTMwM2EzYTJmMzMzMjJkMzMzMjIwM2QzZTIwMzEz
MjM4MzQzMy5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcB
BwEB/wQRMA8wDQQCAAIwBwMFACoA0eAwDQYJKoZIhvcNAQELBQADggEBACu2UBDy
m6wipi9Qm/Pp0ohFubCACaXPm9tJxty/nlwE/E6VNs+qZt8WJNravm99w8SYASKC
U5vEbgWTLMiUaRjlq5T8iT8Gxih7cqokMvJhKQ3tycO8opEwkD0ItVJ83nOofwa4
XskzLkg3spNMgJPAga9Nb/Fkws7TyzWKmBKAmuh988a7BWRIHcTEE9adUHlw1Uz/
XevgA2Mr5saZFomWZyB2kXnpn0seOpi54wZtFgeoXiXSWxtM7MG1GRqfyIt2Muu4
Ok8xO1RcDaoJyrmGwu/TKIfnwMPPzbT+l/iQRqGGruoMat0mx1t4yY779zFmOHOx
qnB6LeQXAbj/2E4=
-----END CERTIFICATE-----