Autonomous System Provider Authorization

$ rpki-client -vvf repo.kagl.me/rpki/KeatonAGLair-TEST/0/AS50555.asa
File:                     AS50555.asa (raw, json)
Hash identifier:          ePbN1DlpdRtTCyHy7vKgv2r+VmvNe3gE71pPOx01D1U=
Subject key identifier:   84:F7:7E:C4:B4:83:09:E8:F0:A0:86:00:45:F2:30:45:C3:B2:28:26
Certificate issuer:       /CN=0d10e8a763bf8babe96be7ab47f9db59d9d95232
Certificate serial:       3963F8928B62BC39BBDC17C59CFF05785B508315
Authority key identifier: 0D:10:E8:A7:63:BF:8B:AB:E9:6B:E7:AB:47:F9:DB:59:D9:D9:52:32
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DRDop2O_i6vpa-erR_nbWdnZUjI.cer
Subject info access:      rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/0/AS50555.asa
Signing time:             Sat 28 Oct 2023 19:09:53 +0000
ASPA not before:          Sat 28 Oct 2023 19:04:53 +0000
ASPA not after:           Sat 26 Oct 2024 19:09:53 +0000
Customer ASID:            50555
Providers:                AS: 970

Validation:               OK
Signature path:           rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/0/0D10E8A763BF8BABE96BE7AB47F9DB59D9D95232.crl
                          rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/0/0D10E8A763BF8BABE96BE7AB47F9DB59D9D95232.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DRDop2O_i6vpa-erR_nbWdnZUjI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 19 Apr 2024 05:00:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            39:63:f8:92:8b:62:bc:39:bb:dc:17:c5:9c:ff:05:78:5b:50:83:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d10e8a763bf8babe96be7ab47f9db59d9d95232
        Validity
            Not Before: Oct 28 19:04:53 2023 GMT
            Not After : Oct 26 19:09:53 2024 GMT
        Subject: CN=84F77EC4B48309E8F0A0860045F23045C3B22826
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:99:43:0e:53:26:d9:31:a3:f3:ac:5d:75:f8:
                    8d:0b:3e:31:d7:46:62:7f:41:9b:c2:de:44:c6:f0:
                    bb:cd:29:a7:02:22:25:a4:31:a0:f5:5d:08:f0:dc:
                    37:b9:8d:1d:b4:d0:0d:d5:a3:ed:c2:80:be:a4:43:
                    73:6c:a1:31:93:8a:36:ec:7f:c7:b9:52:03:6e:9b:
                    59:9c:e1:2f:44:b2:ec:fc:6c:ab:ab:c7:9b:48:d3:
                    d7:1b:8e:f8:ac:f3:d4:3e:b8:00:2f:90:9f:52:22:
                    d7:9b:58:9b:70:bf:94:3d:cf:d3:c3:b5:6c:c1:dc:
                    71:ec:6c:21:01:db:d7:ca:d0:9b:5a:6a:96:ba:b2:
                    14:cb:83:19:ee:d3:18:01:4c:3a:b6:c1:7a:2a:84:
                    d6:a3:0e:07:e4:d4:db:23:e6:5b:a1:d2:85:ab:f5:
                    cc:8d:c9:78:5f:8c:88:ca:73:82:fe:7b:db:03:0d:
                    96:00:c8:8c:f3:a4:2c:81:14:4b:44:69:c0:fb:b4:
                    36:e7:9d:ac:76:f6:25:ac:68:90:0d:9e:0a:4f:b6:
                    ac:2c:04:0c:43:a7:87:21:4f:a5:5d:ff:9c:49:41:
                    97:bf:71:38:7a:21:3f:89:1a:a7:fd:fd:5b:8c:13:
                    37:ac:49:f2:f4:bf:58:fd:d7:6f:0d:54:2e:aa:e7:
                    ea:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:F7:7E:C4:B4:83:09:E8:F0:A0:86:00:45:F2:30:45:C3:B2:28:26
            X509v3 Authority Key Identifier:
                keyid:0D:10:E8:A7:63:BF:8B:AB:E9:6B:E7:AB:47:F9:DB:59:D9:D9:52:32

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/0/0D10E8A763BF8BABE96BE7AB47F9DB59D9D95232.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DRDop2O_i6vpa-erR_nbWdnZUjI.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/0/AS50555.asa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  50555

    Signature Algorithm: sha256WithRSAEncryption
         2b:44:5c:8c:f5:62:02:e8:6a:e0:18:fa:73:c6:07:b0:e2:44:
         2e:a1:1b:c6:78:83:70:90:e1:2f:6c:4f:80:b6:71:2b:b1:ed:
         8d:41:3a:c7:c0:d9:15:7f:ac:29:1b:68:db:12:ec:5e:ef:86:
         ca:ee:d4:f6:c7:88:7e:11:6d:f6:a0:8a:3c:f8:1a:ff:61:97:
         4d:03:3a:60:fe:c4:db:9e:67:e4:b0:db:74:1f:cf:02:ae:30:
         eb:20:fb:42:3b:08:37:64:f3:13:87:3b:b3:3e:4a:85:1f:1b:
         a1:02:1d:12:ff:43:b4:03:ef:ad:f7:af:58:b4:f3:be:54:44:
         0b:26:fa:5b:82:05:d6:3e:d0:5d:a7:08:fa:0d:63:d7:38:0e:
         d1:6a:48:68:68:c2:80:f7:e4:1a:3f:e9:2b:35:b7:8e:55:55:
         b2:51:dd:bf:94:86:fe:1e:50:60:2e:0b:94:ce:f3:ee:f8:f8:
         d3:d3:b6:5c:55:fe:f4:8d:64:c8:5f:30:43:7b:7b:35:b0:a6:
         1c:e3:0b:e8:e5:47:7d:be:15:0a:a2:af:ee:cd:45:3d:d8:24:
         86:87:42:e4:60:17:ec:af:d3:1f:19:72:b5:d4:5c:1f:ea:27:
         42:84:6a:37:a9:5d:bb:04:d4:59:20:a8:8b:b2:78:88:cc:e7:
         12:e3:99:35
-----BEGIN CERTIFICATE-----
MIIEqjCCA5KgAwIBAgIUOWP4kotivDm73BfFnP8FeFtQgxUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQxMGU4YTc2M2JmOGJhYmU5NmJlN2FiNDdmOWRiNTlk
OWQ5NTIzMjAeFw0yMzEwMjgxOTA0NTNaFw0yNDEwMjYxOTA5NTNaMDMxMTAvBgNV
BAMTKDg0Rjc3RUM0QjQ4MzA5RThGMEEwODYwMDQ1RjIzMDQ1QzNCMjI4MjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCUmUMOUybZMaPzrF11+I0LPjHX
RmJ/QZvC3kTG8LvNKacCIiWkMaD1XQjw3De5jR200A3Vo+3CgL6kQ3NsoTGTijbs
f8e5UgNum1mc4S9Esuz8bKurx5tI09cbjvis89Q+uAAvkJ9SItebWJtwv5Q9z9PD
tWzB3HHsbCEB29fK0Jtaapa6shTLgxnu0xgBTDq2wXoqhNajDgfk1Nsj5luh0oWr
9cyNyXhfjIjKc4L+e9sDDZYAyIzzpCyBFEtEacD7tDbnnax29iWsaJANngpPtqws
BAxDp4chT6Vd/5xJQZe/cTh6IT+JGqf9/VuMEzesSfL0v1j9128NVC6q5+rpAgMB
AAGjggG0MIIBsDAdBgNVHQ4EFgQUhPd+xLSDCejwoIYARfIwRcOyKCYwHwYDVR0j
BBgwFoAUDRDop2O/i6vpa+erR/nbWdnZUjIwDgYDVR0PAQH/BAQDAgeAMGsGA1Ud
HwRkMGIwYKBeoFyGWnJzeW5jOi8vcmVwby5rYWdsLm1lL3Jwa2kvS2VhdG9uQUdM
YWlyLVRFU1QvMC8wRDEwRThBNzYzQkY4QkFCRTk2QkU3QUI0N0Y5REI1OUQ5RDk1
MjMyLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvRFJEb3AyT19pNnZwYS1lclJf
bmJXZG5aVWpJLmNlcjBVBggrBgEFBQcBCwRJMEcwRQYIKwYBBQUHMAuGOXJzeW5j
Oi8vcmVwby5rYWdsLm1lL3Jwa2kvS2VhdG9uQUdMYWlyLVRFU1QvMC9BUzUwNTU1
LmFzYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMBoGCCsGAQUFBwEIAQH/BAsw
CaAHMAUCAwDFezANBgkqhkiG9w0BAQsFAAOCAQEAK0RcjPViAuhq4Bj6c8YHsOJE
LqEbxniDcJDhL2xPgLZxK7HtjUE6x8DZFX+sKRto2xLsXu+Gyu7U9seIfhFt9qCK
PPga/2GXTQM6YP7E255n5LDbdB/PAq4w6yD7QjsIN2TzE4c7sz5KhR8boQIdEv9D
tAPvrfevWLTzvlRECyb6W4IF1j7QXacI+g1j1zgO0WpIaGjCgPfkGj/pKzW3jlVV
slHdv5SG/h5QYC4LlM7z7vj409O2XFX+9I1kyF8wQ3t7NbCmHOML6OVHfb4VCqKv
7s1FPdgkhodC5GAX7K/THxlytdRcH+onQoRqN6lduwTUWSCoi7J4iMznEuOZNQ==
-----END CERTIFICATE-----
Generated at Thu Apr 18 14:05:49 2024 by rpki-client on console-ams.rpki-client.org