Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/3137362e35382e39352e302f32342d3234203d3e203336323336.roa
File:                     3137362e35382e39352e302f32342d3234203d3e203336323336.roa (raw, json)
Hash identifier:          N6rYZsJG1kRaW1h/jZQbHCbHTxLIxBmuS7x13v528sk=
Subject key identifier:   58:FF:4B:02:80:68:5C:BE:FC:74:03:94:36:48:84:01:32:2E:FB:63
Certificate issuer:       /CN=eb2c7e62503b0634eb4ab53f88c06950ac76dcd1
Certificate serial:       461193DD3082E6A4A8087BABB9C103FC1B7B1494
Authority key identifier: EB:2C:7E:62:50:3B:06:34:EB:4A:B5:3F:88:C0:69:50:AC:76:DC:D1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6yx-YlA7BjTrSrU_iMBpUKx23NE.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/3137362e35382e39352e302f32342d3234203d3e203336323336.roa
Signing time:             Mon 02 Oct 2023 22:55:41 +0000
ROA not before:           Mon 02 Oct 2023 22:50:41 +0000
ROA not after:            Mon 30 Sep 2024 22:55:41 +0000
asID:                     36236
IP address blocks:        176.58.95.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/EB2C7E62503B0634EB4AB53F88C06950AC76DCD1.crl
                          rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/EB2C7E62503B0634EB4AB53F88C06950AC76DCD1.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6yx-YlA7BjTrSrU_iMBpUKx23NE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 19 May 2024 11:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            46:11:93:dd:30:82:e6:a4:a8:08:7b:ab:b9:c1:03:fc:1b:7b:14:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eb2c7e62503b0634eb4ab53f88c06950ac76dcd1
        Validity
            Not Before: Oct  2 22:50:41 2023 GMT
            Not After : Sep 30 22:55:41 2024 GMT
        Subject: CN=58FF4B0280685CBEFC74039436488401322EFB63
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:65:a2:ee:37:85:dc:82:2c:4b:d5:5a:3a:ab:
                    e0:76:6d:ee:0b:ec:ac:4f:b9:6e:af:f7:62:ce:d0:
                    ca:5d:84:33:2a:b8:07:f7:23:e2:00:4d:4c:c0:60:
                    a0:ae:05:d1:71:59:84:14:38:d3:c7:66:d1:61:fa:
                    54:e2:d1:3c:31:1b:d7:cb:0c:6f:6e:dd:8b:0f:18:
                    36:f6:da:3d:29:1f:14:55:13:19:2e:a4:c7:12:ca:
                    37:7e:2b:5b:c8:a0:bc:02:40:01:1d:d7:c5:3b:bd:
                    84:e7:d9:e7:01:98:f6:cd:ee:c1:1f:b9:b4:de:d7:
                    2a:63:75:88:c8:98:f5:c7:ad:bc:9e:03:ae:68:93:
                    e0:a6:17:c1:7d:11:cc:41:60:f8:76:48:aa:ef:5d:
                    88:a9:5b:15:a8:b1:2c:7e:f3:d2:f4:86:e9:bb:21:
                    c4:8f:d8:ea:ee:10:d7:fb:15:48:b7:0e:56:01:e3:
                    04:cf:2d:7a:10:47:3f:f4:37:fb:7e:7e:94:99:75:
                    94:4c:a3:bb:2f:93:8d:d3:23:35:c3:68:da:40:40:
                    18:58:98:19:5c:7f:38:34:f2:f9:8f:8a:a6:b1:7d:
                    2d:b8:aa:e7:d0:97:82:91:d1:03:ee:2e:b1:f7:8d:
                    74:d1:ab:b0:c0:a6:af:01:00:ab:f4:bb:16:0b:a1:
                    b1:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:FF:4B:02:80:68:5C:BE:FC:74:03:94:36:48:84:01:32:2E:FB:63
            X509v3 Authority Key Identifier:
                keyid:EB:2C:7E:62:50:3B:06:34:EB:4A:B5:3F:88:C0:69:50:AC:76:DC:D1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/EB2C7E62503B0634EB4AB53F88C06950AC76DCD1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6yx-YlA7BjTrSrU_iMBpUKx23NE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/3137362e35382e39352e302f32342d3234203d3e203336323336.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.58.95.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7e:51:cb:bb:6d:7e:04:81:45:68:f4:26:03:88:22:d3:05:c5:
         3f:13:6b:72:f3:28:ea:d9:bc:61:c7:e6:10:e8:56:64:af:8e:
         21:37:12:a9:8f:50:36:98:b2:a5:f0:ca:ad:81:2f:23:e9:83:
         ba:d9:f2:1e:63:be:7a:bf:a7:3a:4d:74:fc:9c:64:ba:19:2d:
         19:b1:01:9d:11:03:4b:92:81:7f:f2:c0:48:84:89:c4:ba:ca:
         a6:b6:b2:6b:2e:c2:98:92:81:bd:a5:e2:42:8a:21:6c:7f:18:
         16:97:21:79:a9:3a:95:33:0a:74:6f:a9:8a:5c:a6:02:63:56:
         89:98:1f:2a:6e:a0:02:a1:46:28:d3:b4:48:31:db:3c:fd:13:
         67:ee:12:59:26:43:fd:89:9f:96:65:79:f6:dc:49:6b:5e:f7:
         d4:cb:9d:18:07:b8:78:ef:79:53:34:2a:57:2b:b4:b8:7f:2d:
         fd:90:b5:4f:56:37:2e:d0:a8:0d:2a:94:89:93:2e:df:64:a8:
         36:05:ed:50:62:01:7b:6e:92:f2:2b:cc:dd:81:94:cd:37:a6:
         81:94:0a:f0:b6:c1:db:33:19:39:3e:5f:16:44:b2:ab:84:0e:
         2c:c8:5f:f4:fb:65:ba:67:db:cc:ed:eb:de:8d:15:06:f1:36:
         14:30:b4:86
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIURhGT3TCC5qSoCHurucED/Bt7FJQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZWIyYzdlNjI1MDNiMDYzNGViNGFiNTNmODhjMDY5NTBh
Yzc2ZGNkMTAeFw0yMzEwMDIyMjUwNDFaFw0yNDA5MzAyMjU1NDFaMDMxMTAvBgNV
BAMTKDU4RkY0QjAyODA2ODVDQkVGQzc0MDM5NDM2NDg4NDAxMzIyRUZCNjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4ZaLuN4XcgixL1Vo6q+B2be4L
7KxPuW6v92LO0MpdhDMquAf3I+IATUzAYKCuBdFxWYQUONPHZtFh+lTi0TwxG9fL
DG9u3YsPGDb22j0pHxRVExkupMcSyjd+K1vIoLwCQAEd18U7vYTn2ecBmPbN7sEf
ubTe1ypjdYjImPXHrbyeA65ok+CmF8F9EcxBYPh2SKrvXYipWxWosSx+89L0hum7
IcSP2OruENf7FUi3DlYB4wTPLXoQRz/0N/t+fpSZdZRMo7svk43TIzXDaNpAQBhY
mBlcfzg08vmPiqaxfS24qufQl4KR0QPuLrH3jXTRq7DApq8BAKv0uxYLobHBAgMB
AAGjggIgMIICHDAdBgNVHQ4EFgQUWP9LAoBoXL78dAOUNkiEATIu+2MwHwYDVR0j
BBgwFoAU6yx+YlA7BjTrSrU/iMBpUKx23NEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGU4MmQ1ZGU0MTAxODNmNjg2NjEwODRiODYvMS9FQjJDN0U2MjUw
M0IwNjM0RUI0QUI1M0Y4OEMwNjk1MEFDNzZEQ0QxLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNnl4LVlsQTdCalRyU3JVX2lNQnBVS3gyM05FLmNlcjCBoAYIKwYB
BQUHAQsEgZMwgZAwgY0GCCsGAQUFBzALhoGAcnN5bmM6Ly9ycGtpLXJwcy5hcmlu
Lm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRlODJkNWRlNDEwMTgzZjY4NjYxMDg0Yjg2
LzEvMzEzNzM2MmUzNTM4MmUzOTM1MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzMz
NjMyMzMzNi5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcB
BwEB/wQQMA4wDAQCAAEwBgMEALA6XzANBgkqhkiG9w0BAQsFAAOCAQEAflHLu21+
BIFFaPQmA4gi0wXFPxNrcvMo6tm8YcfmEOhWZK+OITcSqY9QNpiypfDKrYEvI+mD
utnyHmO+er+nOk10/JxkuhktGbEBnREDS5KBf/LASISJxLrKprayay7CmJKBvaXi
QoohbH8YFpcheak6lTMKdG+pilymAmNWiZgfKm6gAqFGKNO0SDHbPP0TZ+4SWSZD
/YmflmV59txJa1731MudGAe4eO95UzQqVyu0uH8t/ZC1T1Y3LtCoDSqUiZMu32So
NgXtUGIBe26S8ivM3YGUzTemgZQK8LbB2zMZOT5fFkSyq4QOLMhf9PtlumfbzO3r
3o0VBvE2FDC0hg==
-----END CERTIFICATE-----