Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/3137362e35382e39312e302f32342d3234203d3e203336323336.roa
File:                     3137362e35382e39312e302f32342d3234203d3e203336323336.roa (raw, json)
Hash identifier:          3k1r0aSJbmMBKFI7KPQkc5byIoI1KoO8QWDXh9hinxo=
Subject key identifier:   98:4B:70:AF:4B:DC:F5:F2:28:D9:2D:69:3A:22:59:9B:D5:B6:E3:E6
Certificate issuer:       /CN=eb2c7e62503b0634eb4ab53f88c06950ac76dcd1
Certificate serial:       6F253AD6129F4601D8516018F95360800C7C7559
Authority key identifier: EB:2C:7E:62:50:3B:06:34:EB:4A:B5:3F:88:C0:69:50:AC:76:DC:D1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6yx-YlA7BjTrSrU_iMBpUKx23NE.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/3137362e35382e39312e302f32342d3234203d3e203336323336.roa
Signing time:             Mon 02 Oct 2023 22:55:40 +0000
ROA not before:           Mon 02 Oct 2023 22:50:40 +0000
ROA not after:            Mon 30 Sep 2024 22:55:40 +0000
asID:                     36236
IP address blocks:        176.58.91.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/EB2C7E62503B0634EB4AB53F88C06950AC76DCD1.crl
                          rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/EB2C7E62503B0634EB4AB53F88C06950AC76DCD1.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6yx-YlA7BjTrSrU_iMBpUKx23NE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 May 2024 04:53:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6f:25:3a:d6:12:9f:46:01:d8:51:60:18:f9:53:60:80:0c:7c:75:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eb2c7e62503b0634eb4ab53f88c06950ac76dcd1
        Validity
            Not Before: Oct  2 22:50:40 2023 GMT
            Not After : Sep 30 22:55:40 2024 GMT
        Subject: CN=984B70AF4BDCF5F228D92D693A22599BD5B6E3E6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:f8:01:25:b8:b3:f3:16:2e:83:8a:44:e4:88:
                    1b:20:fb:29:0b:bc:40:4c:31:26:db:2b:10:d5:30:
                    11:21:8f:1b:55:6a:af:4f:23:70:0f:ac:aa:96:a1:
                    76:ab:9a:fd:77:9a:79:a5:53:f3:d0:95:5c:04:0b:
                    58:93:fd:35:f3:e3:2e:48:e0:b1:f3:38:61:f6:d8:
                    ae:98:90:6a:b4:da:73:47:94:0d:26:13:4f:70:6f:
                    39:94:13:49:85:b2:40:ac:3c:2d:73:b8:84:7e:4a:
                    55:de:b9:ef:fd:a2:b1:1e:76:87:ab:4f:54:69:a4:
                    89:64:b4:40:e4:d6:01:37:78:da:81:c9:c0:c8:d7:
                    6a:fa:5b:67:1a:51:27:e5:34:e7:cd:af:fa:56:29:
                    49:4d:e2:dd:78:19:f8:17:a8:bd:67:b2:d7:1c:31:
                    6c:8a:98:e4:ad:60:2c:d8:16:83:bb:99:4d:87:72:
                    57:31:58:51:fb:9a:7f:b3:4d:10:02:b5:ea:56:e0:
                    26:78:fa:14:18:71:11:14:13:8d:4e:59:5a:d2:6d:
                    59:82:ac:d2:7e:1b:26:3d:45:d3:e9:95:e6:6d:13:
                    78:7f:9e:eb:01:df:20:f1:7d:e0:4f:fd:7a:90:43:
                    06:eb:61:67:6a:a3:99:c0:0d:2b:1c:8a:20:44:3d:
                    2f:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:4B:70:AF:4B:DC:F5:F2:28:D9:2D:69:3A:22:59:9B:D5:B6:E3:E6
            X509v3 Authority Key Identifier:
                keyid:EB:2C:7E:62:50:3B:06:34:EB:4A:B5:3F:88:C0:69:50:AC:76:DC:D1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/EB2C7E62503B0634EB4AB53F88C06950AC76DCD1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6yx-YlA7BjTrSrU_iMBpUKx23NE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/3137362e35382e39312e302f32342d3234203d3e203336323336.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.58.91.0/24

    Signature Algorithm: sha256WithRSAEncryption
         38:4e:3e:cf:20:61:e8:06:66:02:e4:a8:86:a5:38:83:f5:9b:
         30:a4:35:a9:95:89:8b:c1:c8:7b:f0:61:3a:3d:76:5e:13:b4:
         1e:79:1d:a3:ab:a1:9a:e9:4f:4f:3a:44:44:8f:78:23:62:39:
         df:7f:62:8b:43:5c:7b:e1:46:ca:23:7c:8d:e4:fe:25:ef:60:
         fa:47:dd:09:37:7b:d9:fe:61:ca:d9:73:34:b5:9c:f1:25:cd:
         c6:d3:e3:47:21:50:d8:b8:19:95:80:e0:99:18:bb:98:64:58:
         36:eb:f7:1a:3c:a0:74:67:70:ba:a4:8f:fb:59:2f:02:91:20:
         10:27:0b:fc:1d:11:16:99:31:28:9e:7b:ff:ef:7c:c6:79:30:
         9b:00:b7:72:bd:8f:6d:38:2f:5b:76:a8:38:5b:9c:56:4d:67:
         26:24:70:7d:4d:92:ec:28:21:6a:b3:56:12:3a:57:9b:0b:21:
         0f:ca:22:bd:d6:af:0c:c8:39:a5:7b:9d:8a:00:1f:46:a4:a2:
         c8:d8:31:b8:29:dd:60:ba:17:f4:b3:5c:03:18:77:af:45:1d:
         c6:b1:18:0e:9d:cd:40:33:b4:d5:08:49:3c:48:fe:e8:b2:1f:
         08:c2:90:c5:02:38:91:21:a5:27:e6:4e:42:80:c7:7d:6c:39:
         b8:3f:23:6b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIUbyU61hKfRgHYUWAY+VNggAx8dVkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZWIyYzdlNjI1MDNiMDYzNGViNGFiNTNmODhjMDY5NTBh
Yzc2ZGNkMTAeFw0yMzEwMDIyMjUwNDBaFw0yNDA5MzAyMjU1NDBaMDMxMTAvBgNV
BAMTKDk4NEI3MEFGNEJEQ0Y1RjIyOEQ5MkQ2OTNBMjI1OTlCRDVCNkUzRTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDj+AEluLPzFi6DikTkiBsg+ykL
vEBMMSbbKxDVMBEhjxtVaq9PI3APrKqWoXarmv13mnmlU/PQlVwEC1iT/TXz4y5I
4LHzOGH22K6YkGq02nNHlA0mE09wbzmUE0mFskCsPC1zuIR+SlXeue/9orEedoer
T1RppIlktEDk1gE3eNqBycDI12r6W2caUSflNOfNr/pWKUlN4t14GfgXqL1nstcc
MWyKmOStYCzYFoO7mU2HclcxWFH7mn+zTRACtepW4CZ4+hQYcREUE41OWVrSbVmC
rNJ+GyY9RdPpleZtE3h/nusB3yDxfeBP/XqQQwbrYWdqo5nADSsciiBEPS+XAgMB
AAGjggIgMIICHDAdBgNVHQ4EFgQUmEtwr0vc9fIo2S1pOiJZm9W24+YwHwYDVR0j
BBgwFoAU6yx+YlA7BjTrSrU/iMBpUKx23NEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGU4MmQ1ZGU0MTAxODNmNjg2NjEwODRiODYvMS9FQjJDN0U2MjUw
M0IwNjM0RUI0QUI1M0Y4OEMwNjk1MEFDNzZEQ0QxLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNnl4LVlsQTdCalRyU3JVX2lNQnBVS3gyM05FLmNlcjCBoAYIKwYB
BQUHAQsEgZMwgZAwgY0GCCsGAQUFBzALhoGAcnN5bmM6Ly9ycGtpLXJwcy5hcmlu
Lm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRlODJkNWRlNDEwMTgzZjY4NjYxMDg0Yjg2
LzEvMzEzNzM2MmUzNTM4MmUzOTMxMmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzMz
NjMyMzMzNi5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcB
BwEB/wQQMA4wDAQCAAEwBgMEALA6WzANBgkqhkiG9w0BAQsFAAOCAQEAOE4+zyBh
6AZmAuSohqU4g/WbMKQ1qZWJi8HIe/BhOj12XhO0Hnkdo6uhmulPTzpERI94I2I5
339ii0Nce+FGyiN8jeT+Je9g+kfdCTd72f5hytlzNLWc8SXNxtPjRyFQ2LgZlYDg
mRi7mGRYNuv3GjygdGdwuqSP+1kvApEgECcL/B0RFpkxKJ57/+98xnkwmwC3cr2P
bTgvW3aoOFucVk1nJiRwfU2S7CgharNWEjpXmwshD8oivdavDMg5pXudigAfRqSi
yNgxuCndYLoX9LNcAxh3r0UdxrEYDp3NQDO01QhJPEj+6LIfCMKQxQI4kSGlJ+ZO
QoDHfWw5uD8jaw==
-----END CERTIFICATE-----