Autonomous System Provider Authorization

$ rpki-client -vvf repo.kagl.me/rpki/KeatonAGLair-TEST/0/AS50555.asa
File:                     AS50555.asa (raw, json)
Hash identifier:          du1FwMPDorF9Afp1VAqBBIVGHI6hf5WFaUnpPtylbYc=
Subject key identifier:   1C:E9:2D:14:01:EF:CD:0A:77:3C:72:B3:C8:63:69:77:CA:F5:DF:8B
Certificate issuer:       /CN=0d10e8a763bf8babe96be7ab47f9db59d9d95232
Certificate serial:       310DCCF2D1203E645C85DA50C098AC15BF96181B
Authority key identifier: 0D:10:E8:A7:63:BF:8B:AB:E9:6B:E7:AB:47:F9:DB:59:D9:D9:52:32
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DRDop2O_i6vpa-erR_nbWdnZUjI.cer
Subject info access:      rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/0/AS50555.asa
Signing time:             Sun 09 Apr 2023 17:35:08 +0000
ASPA not before:          Sun 09 Apr 2023 17:30:08 +0000
ASPA not after:           Sun 07 Apr 2024 17:35:08 +0000
Customer ASID:            50555
Provider set:             AS: 970

Validation:               OK
Signature path:           rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/0/0D10E8A763BF8BABE96BE7AB47F9DB59D9D95232.crl
                          rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/0/0D10E8A763BF8BABE96BE7AB47F9DB59D9D95232.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DRDop2O_i6vpa-erR_nbWdnZUjI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
                          rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
                          rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 04 May 2023 06:17:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            31:0d:cc:f2:d1:20:3e:64:5c:85:da:50:c0:98:ac:15:bf:96:18:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d10e8a763bf8babe96be7ab47f9db59d9d95232
        Validity
            Not Before: Apr  9 17:30:08 2023 GMT
            Not After : Apr  7 17:35:08 2024 GMT
        Subject: CN=1CE92D1401EFCD0A773C72B3C8636977CAF5DF8B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:3f:98:ba:b6:04:cb:a8:52:30:81:ac:73:7c:
                    76:06:05:17:0c:fd:86:78:c9:be:cf:14:fc:4b:6b:
                    ce:6d:1b:63:61:ed:54:ae:80:74:0e:80:12:d8:18:
                    6c:ef:6c:e0:a7:43:40:97:89:08:26:82:b7:bb:f8:
                    d3:64:c3:37:e7:75:29:f1:c9:46:31:0b:33:2a:c8:
                    d2:03:36:44:be:05:07:7a:90:71:50:ae:09:a4:6c:
                    92:ff:aa:71:ab:f7:ae:75:14:8a:d5:00:2d:96:84:
                    4f:40:25:19:67:4b:62:be:65:f5:ec:e6:e6:be:03:
                    af:06:f7:8f:e1:26:26:f0:1e:11:06:af:66:55:99:
                    c5:73:fb:65:74:71:c4:b8:2b:1e:35:cf:66:92:8a:
                    37:9c:9b:c2:ee:a7:78:6a:a7:19:52:cf:e1:47:ee:
                    dc:c4:0a:99:ca:57:23:33:fd:45:57:ed:d2:71:ec:
                    43:fc:03:e0:4c:b5:19:57:45:2c:7c:d0:e3:a5:58:
                    92:45:8c:35:4c:80:ad:aa:24:5c:39:b0:1d:59:e7:
                    a5:60:93:91:6c:d5:20:f9:b6:9d:b7:00:ea:fd:c4:
                    8a:9a:c8:92:3d:2a:c0:0e:64:24:76:6b:34:93:90:
                    f0:b8:4f:0b:d4:e9:0d:14:36:77:05:58:5a:f7:41:
                    be:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                1C:E9:2D:14:01:EF:CD:0A:77:3C:72:B3:C8:63:69:77:CA:F5:DF:8B
            X509v3 Authority Key Identifier: 
                keyid:0D:10:E8:A7:63:BF:8B:AB:E9:6B:E7:AB:47:F9:DB:59:D9:D9:52:32

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/0/0D10E8A763BF8BABE96BE7AB47F9DB59D9D95232.crl

            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DRDop2O_i6vpa-erR_nbWdnZUjI.cer

            Subject Information Access: 
                Signed Object - URI:rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/0/AS50555.asa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  50555

    Signature Algorithm: sha256WithRSAEncryption
         3e:89:41:fd:ae:18:b8:7d:24:40:b3:ab:dd:b4:e3:6e:64:55:
         9a:19:c2:17:9d:e3:ab:68:cb:01:30:14:50:7e:8e:d7:bf:8b:
         f0:3a:fa:89:fa:fa:40:41:23:c1:34:80:ba:2c:9a:59:1c:ba:
         d9:41:d9:9f:0a:b6:1d:30:d1:d2:19:b2:63:41:1b:2d:58:b6:
         6f:55:f3:76:25:1f:49:9c:88:81:d9:ff:b6:36:3c:36:a7:0c:
         af:a5:76:e0:a6:15:b2:03:45:66:b4:03:f2:81:d1:fe:40:f2:
         b1:04:1a:2d:8f:2a:36:79:dc:be:5b:6e:27:59:8e:78:79:4d:
         c5:c4:cf:d7:6a:ba:ab:d7:4d:a6:0a:17:c5:76:5f:af:07:09:
         36:ea:86:55:64:21:b6:97:71:fc:47:59:db:2a:59:92:af:5d:
         47:a5:23:f4:7c:92:f7:1f:a5:04:09:03:b8:ef:64:d4:d5:96:
         81:42:d8:11:a2:01:d0:22:11:49:38:85:1b:ba:63:ff:0c:1d:
         8e:f2:42:c9:11:0d:a5:6e:8e:c8:ed:85:b4:ce:a5:00:d8:5b:
         13:86:6a:2c:3e:19:71:d8:f4:0b:dc:40:e4:7f:79:40:56:aa:
         73:89:7b:f2:04:d7:c9:7e:81:b2:43:0c:06:3b:f4:d0:d3:92:
         93:74:dd:3a
-----BEGIN CERTIFICATE-----
MIIEqjCCA5KgAwIBAgIUMQ3M8tEgPmRchdpQwJisFb+WGBswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQxMGU4YTc2M2JmOGJhYmU5NmJlN2FiNDdmOWRiNTlk
OWQ5NTIzMjAeFw0yMzA0MDkxNzMwMDhaFw0yNDA0MDcxNzM1MDhaMDMxMTAvBgNV
BAMTKDFDRTkyRDE0MDFFRkNEMEE3NzNDNzJCM0M4NjM2OTc3Q0FGNURGOEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChP5i6tgTLqFIwgaxzfHYGBRcM
/YZ4yb7PFPxLa85tG2Nh7VSugHQOgBLYGGzvbOCnQ0CXiQgmgre7+NNkwzfndSnx
yUYxCzMqyNIDNkS+BQd6kHFQrgmkbJL/qnGr9651FIrVAC2WhE9AJRlnS2K+ZfXs
5ua+A68G94/hJibwHhEGr2ZVmcVz+2V0ccS4Kx41z2aSijecm8Lup3hqpxlSz+FH
7tzECpnKVyMz/UVX7dJx7EP8A+BMtRlXRSx80OOlWJJFjDVMgK2qJFw5sB1Z56Vg
k5Fs1SD5tp23AOr9xIqayJI9KsAOZCR2azSTkPC4TwvU6Q0UNncFWFr3Qb7jAgMB
AAGjggG0MIIBsDAdBgNVHQ4EFgQUHOktFAHvzQp3PHKzyGNpd8r134swHwYDVR0j
BBgwFoAUDRDop2O/i6vpa+erR/nbWdnZUjIwDgYDVR0PAQH/BAQDAgeAMGsGA1Ud
HwRkMGIwYKBeoFyGWnJzeW5jOi8vcmVwby5rYWdsLm1lL3Jwa2kvS2VhdG9uQUdM
YWlyLVRFU1QvMC8wRDEwRThBNzYzQkY4QkFCRTk2QkU3QUI0N0Y5REI1OUQ5RDk1
MjMyLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvRFJEb3AyT19pNnZwYS1lclJf
bmJXZG5aVWpJLmNlcjBVBggrBgEFBQcBCwRJMEcwRQYIKwYBBQUHMAuGOXJzeW5j
Oi8vcmVwby5rYWdsLm1lL3Jwa2kvS2VhdG9uQUdMYWlyLVRFU1QvMC9BUzUwNTU1
LmFzYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUFBwEIAQH/BAsw
CaAHMAUCAwDFezANBgkqhkiG9w0BAQsFAAOCAQEAPolB/a4YuH0kQLOr3bTjbmRV
mhnCF53jq2jLATAUUH6O17+L8Dr6ifr6QEEjwTSAuiyaWRy62UHZnwq2HTDR0hmy
Y0EbLVi2b1XzdiUfSZyIgdn/tjY8NqcMr6V24KYVsgNFZrQD8oHR/kDysQQaLY8q
NnncvltuJ1mOeHlNxcTP12q6q9dNpgoXxXZfrwcJNuqGVWQhtpdx/EdZ2ypZkq9d
R6Uj9HyS9x+lBAkDuO9k1NWWgULYEaIB0CIRSTiFG7pj/wwdjvJCyRENpW6OyO2F
tM6lANhbE4ZqLD4Zcdj0C9xA5H95QFaqc4l78gTXyX6BskMMBjv00NOSk3TdOg==
-----END CERTIFICATE-----