Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/3137362e35382e39302e302f32342d3234203d3e203336323336.roa
File:                     3137362e35382e39302e302f32342d3234203d3e203336323336.roa (raw, json)
Hash identifier:          aCq/js5FF2K/FEKPF+1giDSXDCo1lM2RRVOnkucecek=
Subject key identifier:   7B:08:B6:8F:54:98:AD:69:1B:B0:F3:17:07:B0:01:CF:3A:C8:44:3D
Certificate issuer:       /CN=eb2c7e62503b0634eb4ab53f88c06950ac76dcd1
Certificate serial:       4A99AC02A25936BFA17A095B08C7FD5B14698A7C
Authority key identifier: EB:2C:7E:62:50:3B:06:34:EB:4A:B5:3F:88:C0:69:50:AC:76:DC:D1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6yx-YlA7BjTrSrU_iMBpUKx23NE.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/3137362e35382e39302e302f32342d3234203d3e203336323336.roa
Signing time:             Mon 02 Oct 2023 22:55:41 +0000
ROA not before:           Mon 02 Oct 2023 22:50:41 +0000
ROA not after:            Mon 30 Sep 2024 22:55:41 +0000
asID:                     36236
IP address blocks:        176.58.90.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/EB2C7E62503B0634EB4AB53F88C06950AC76DCD1.crl
                          rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/EB2C7E62503B0634EB4AB53F88C06950AC76DCD1.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6yx-YlA7BjTrSrU_iMBpUKx23NE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 19 May 2024 11:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4a:99:ac:02:a2:59:36:bf:a1:7a:09:5b:08:c7:fd:5b:14:69:8a:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eb2c7e62503b0634eb4ab53f88c06950ac76dcd1
        Validity
            Not Before: Oct  2 22:50:41 2023 GMT
            Not After : Sep 30 22:55:41 2024 GMT
        Subject: CN=7B08B68F5498AD691BB0F31707B001CF3AC8443D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:10:69:3f:aa:66:07:8d:cf:8e:7d:76:a9:6a:
                    78:66:40:7e:2d:47:f2:a2:43:1e:7b:76:c8:f9:d1:
                    d0:8b:af:27:50:cc:1a:3f:87:34:d9:48:16:9b:d8:
                    04:dc:d4:63:ea:63:68:c6:ce:f7:a7:95:bd:c1:d2:
                    1f:6b:bd:03:f1:96:56:78:cc:ad:e7:4a:ad:4c:9c:
                    2f:65:64:43:71:ce:fb:b5:3c:a5:64:74:20:60:f1:
                    39:6c:42:a3:9d:90:e5:4e:54:c0:06:49:d8:0f:c3:
                    62:09:5c:95:90:8b:7c:2e:8c:38:f7:b4:98:cf:c6:
                    6f:51:2e:db:86:bf:43:18:59:3f:60:ec:e8:ca:24:
                    94:99:cd:6d:60:41:3f:49:67:1d:28:29:93:aa:2f:
                    61:96:9b:c2:b4:fe:9e:85:88:71:41:47:f4:bb:d0:
                    21:b8:2e:5d:06:67:cc:5d:05:94:0f:57:fc:fb:d8:
                    9f:42:32:97:e2:f3:4f:aa:a3:18:76:15:9e:c3:35:
                    1f:d3:61:06:d9:b9:b7:b0:95:0d:49:c5:b5:ab:54:
                    59:57:33:91:55:cc:9f:af:19:34:20:d3:f4:ac:08:
                    46:35:aa:d0:42:2e:3a:9b:7c:a6:b7:68:3b:f3:c8:
                    df:89:fb:56:07:f9:61:b1:cb:11:9c:da:8a:b1:60:
                    6a:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:08:B6:8F:54:98:AD:69:1B:B0:F3:17:07:B0:01:CF:3A:C8:44:3D
            X509v3 Authority Key Identifier:
                keyid:EB:2C:7E:62:50:3B:06:34:EB:4A:B5:3F:88:C0:69:50:AC:76:DC:D1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/EB2C7E62503B0634EB4AB53F88C06950AC76DCD1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6yx-YlA7BjTrSrU_iMBpUKx23NE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/3137362e35382e39302e302f32342d3234203d3e203336323336.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.58.90.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2b:6c:89:33:e3:72:ab:65:77:10:41:14:ab:af:8b:97:5c:f2:
         6c:5e:0d:80:5b:1c:fb:b6:dc:ac:9b:05:63:e0:47:92:7c:76:
         9c:1f:35:d2:d7:e9:45:5f:58:36:c4:5e:6f:aa:8a:fa:32:84:
         b1:57:61:27:ff:66:5f:4c:0e:ba:9d:9a:4d:8f:aa:c1:97:6d:
         63:78:6e:1c:a3:5b:ce:4e:97:fe:c5:44:a6:39:9e:eb:8c:d1:
         36:74:6a:f6:a0:2e:ff:29:45:8c:68:85:37:b4:7b:bc:02:98:
         60:64:21:c5:08:65:77:5f:f7:7a:31:02:1f:95:f4:e1:ad:f4:
         a0:bf:e6:bc:1e:fb:f9:7f:c0:27:05:52:ac:f1:f3:6f:a2:5b:
         32:b1:93:f3:1f:46:98:45:e8:11:f0:89:52:58:ba:bd:19:23:
         8e:64:81:8b:29:0e:e8:5e:26:8d:8c:84:02:78:59:3a:e4:41:
         3e:af:ac:17:92:cf:5d:fc:ca:89:6f:20:94:9a:7a:d0:29:8d:
         0b:0d:e8:e3:44:61:a5:3f:b4:4b:df:dd:0d:02:72:32:fa:3b:
         0f:21:32:96:84:d0:07:60:3a:da:9c:04:d6:66:56:99:26:b9:
         0b:e8:ac:2b:9a:d6:46:98:48:20:b2:c3:de:4b:f4:1a:2c:94:
         a2:10:33:4f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIUSpmsAqJZNr+heglbCMf9WxRpinwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZWIyYzdlNjI1MDNiMDYzNGViNGFiNTNmODhjMDY5NTBh
Yzc2ZGNkMTAeFw0yMzEwMDIyMjUwNDFaFw0yNDA5MzAyMjU1NDFaMDMxMTAvBgNV
BAMTKDdCMDhCNjhGNTQ5OEFENjkxQkIwRjMxNzA3QjAwMUNGM0FDODQ0M0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUEGk/qmYHjc+OfXapanhmQH4t
R/KiQx57dsj50dCLrydQzBo/hzTZSBab2ATc1GPqY2jGzvenlb3B0h9rvQPxllZ4
zK3nSq1MnC9lZENxzvu1PKVkdCBg8TlsQqOdkOVOVMAGSdgPw2IJXJWQi3wujDj3
tJjPxm9RLtuGv0MYWT9g7OjKJJSZzW1gQT9JZx0oKZOqL2GWm8K0/p6FiHFBR/S7
0CG4Ll0GZ8xdBZQPV/z72J9CMpfi80+qoxh2FZ7DNR/TYQbZubewlQ1JxbWrVFlX
M5FVzJ+vGTQg0/SsCEY1qtBCLjqbfKa3aDvzyN+J+1YH+WGxyxGc2oqxYGqrAgMB
AAGjggIgMIICHDAdBgNVHQ4EFgQUewi2j1SYrWkbsPMXB7ABzzrIRD0wHwYDVR0j
BBgwFoAU6yx+YlA7BjTrSrU/iMBpUKx23NEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGU4MmQ1ZGU0MTAxODNmNjg2NjEwODRiODYvMS9FQjJDN0U2MjUw
M0IwNjM0RUI0QUI1M0Y4OEMwNjk1MEFDNzZEQ0QxLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNnl4LVlsQTdCalRyU3JVX2lNQnBVS3gyM05FLmNlcjCBoAYIKwYB
BQUHAQsEgZMwgZAwgY0GCCsGAQUFBzALhoGAcnN5bmM6Ly9ycGtpLXJwcy5hcmlu
Lm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRlODJkNWRlNDEwMTgzZjY4NjYxMDg0Yjg2
LzEvMzEzNzM2MmUzNTM4MmUzOTMwMmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzMz
NjMyMzMzNi5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcB
BwEB/wQQMA4wDAQCAAEwBgMEALA6WjANBgkqhkiG9w0BAQsFAAOCAQEAK2yJM+Ny
q2V3EEEUq6+Ll1zybF4NgFsc+7bcrJsFY+BHknx2nB810tfpRV9YNsReb6qK+jKE
sVdhJ/9mX0wOup2aTY+qwZdtY3huHKNbzk6X/sVEpjme64zRNnRq9qAu/ylFjGiF
N7R7vAKYYGQhxQhld1/3ejECH5X04a30oL/mvB77+X/AJwVSrPHzb6JbMrGT8x9G
mEXoEfCJUli6vRkjjmSBiykO6F4mjYyEAnhZOuRBPq+sF5LPXfzKiW8glJp60CmN
Cw3o40RhpT+0S9/dDQJyMvo7DyEyloTQB2A62pwE1mZWmSa5C+isK5rWRphIILLD
3kv0GiyUohAzTw==
-----END CERTIFICATE-----