Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/326130303a643165303a3a2f33322d3332203d3e203132383433.roa
File:                     326130303a643165303a3a2f33322d3332203d3e203132383433.roa (raw, json)
Hash identifier:          TdfGiaqBNxGxzKRFkzJYbE5M3O1UOFluv8wMXI2w4cE=
Subject key identifier:   74:8D:26:81:DA:AD:8F:BD:D9:F6:8F:4A:78:06:C5:7B:28:1E:2B:03
Certificate issuer:       /CN=eb2c7e62503b0634eb4ab53f88c06950ac76dcd1
Certificate serial:       798440DECABF81E4C2CDA8F2FDFDA7C4A7E980F6
Authority key identifier: EB:2C:7E:62:50:3B:06:34:EB:4A:B5:3F:88:C0:69:50:AC:76:DC:D1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6yx-YlA7BjTrSrU_iMBpUKx23NE.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/326130303a643165303a3a2f33322d3332203d3e203132383433.roa
Signing time:             Thu 21 Sep 2023 18:51:05 +0000
ROA not before:           Thu 21 Sep 2023 18:46:05 +0000
ROA not after:            Thu 19 Sep 2024 18:51:05 +0000
asID:                     12843
IP address blocks:        2a00:d1e0::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/EB2C7E62503B0634EB4AB53F88C06950AC76DCD1.crl
                          rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/EB2C7E62503B0634EB4AB53F88C06950AC76DCD1.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6yx-YlA7BjTrSrU_iMBpUKx23NE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 19 May 2024 11:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            79:84:40:de:ca:bf:81:e4:c2:cd:a8:f2:fd:fd:a7:c4:a7:e9:80:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eb2c7e62503b0634eb4ab53f88c06950ac76dcd1
        Validity
            Not Before: Sep 21 18:46:05 2023 GMT
            Not After : Sep 19 18:51:05 2024 GMT
        Subject: CN=748D2681DAAD8FBDD9F68F4A7806C57B281E2B03
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:c7:ac:2e:46:9c:a5:aa:c4:12:b0:2e:56:b2:
                    4c:af:59:0b:63:d5:60:97:ed:74:d1:79:7a:be:04:
                    46:71:1a:de:cf:28:52:c5:71:25:ab:c1:2e:b2:20:
                    ac:87:61:55:fc:a9:95:11:98:bb:02:b9:3d:26:d0:
                    82:7c:b6:2b:62:81:51:f6:63:a0:e5:bc:e2:d9:d5:
                    52:7f:1f:84:3b:24:ea:36:e2:ba:ce:70:3f:ee:c8:
                    94:0d:2c:fe:d5:27:65:d0:f4:01:48:5f:94:cb:e0:
                    5f:6f:a9:2f:f6:51:73:19:33:e3:07:ea:76:32:2c:
                    a9:44:e2:6a:19:f0:d0:e3:eb:cf:dd:d0:0e:04:a9:
                    22:db:5e:2e:89:68:67:90:1d:62:3c:6b:2d:29:c1:
                    c9:d4:c5:0d:e3:6f:68:b0:14:05:16:99:59:3d:7e:
                    23:b9:c2:6a:38:d1:3c:67:23:fe:56:06:5f:bf:42:
                    6d:a7:2c:db:37:11:3f:77:f7:31:93:5e:69:93:f4:
                    c5:52:ec:09:39:a6:24:44:f1:df:d1:fd:6c:a2:23:
                    18:9a:f3:c0:c2:9c:67:e7:d1:7a:15:c0:22:d5:b9:
                    80:5d:d5:d9:b7:56:bf:76:a6:66:b3:49:e4:03:3e:
                    c7:98:83:70:bb:87:76:03:84:b6:05:3b:c9:1b:f4:
                    72:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:8D:26:81:DA:AD:8F:BD:D9:F6:8F:4A:78:06:C5:7B:28:1E:2B:03
            X509v3 Authority Key Identifier:
                keyid:EB:2C:7E:62:50:3B:06:34:EB:4A:B5:3F:88:C0:69:50:AC:76:DC:D1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/EB2C7E62503B0634EB4AB53F88C06950AC76DCD1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6yx-YlA7BjTrSrU_iMBpUKx23NE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/326130303a643165303a3a2f33322d3332203d3e203132383433.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a00:d1e0::/32

    Signature Algorithm: sha256WithRSAEncryption
         88:0d:37:d0:91:ad:59:30:4f:21:99:15:81:3c:69:b3:db:8d:
         57:9f:36:c5:b7:6e:f4:06:f5:69:b5:18:5e:1e:68:30:de:21:
         05:3a:41:2c:53:ec:74:26:36:e4:ae:23:8e:99:ea:10:8a:3c:
         aa:a3:d5:b5:47:11:a7:e8:89:28:c8:d5:24:84:88:ac:f2:2a:
         e0:85:8c:46:1c:58:0d:76:9d:7a:7c:b9:45:68:5d:a2:c2:c1:
         b5:04:84:0b:91:a9:c5:2a:60:2e:91:78:cd:d0:b0:db:8e:34:
         23:10:35:1b:82:43:04:0e:24:6a:a9:a8:be:30:65:3b:bd:19:
         39:25:a8:43:04:2f:42:56:6f:33:cb:94:cc:de:5f:30:83:b7:
         f5:f5:03:23:03:15:89:ed:b7:59:4f:c8:b6:a1:2b:75:ef:c7:
         c3:1d:2a:1f:88:ba:51:49:78:5c:09:28:b3:8e:74:f7:7d:3f:
         8a:3f:78:7a:7a:ba:29:47:da:a8:16:f5:dc:a1:37:03:a7:86:
         da:c2:a8:1d:1e:2f:9e:65:64:de:15:5a:34:7d:6e:87:ca:94:
         8a:25:97:62:7e:05:d8:59:31:e6:09:0b:18:30:f1:16:08:1c:
         e3:ed:2c:86:ad:ec:26:8d:99:9d:a5:1b:41:74:7a:fb:98:9d:
         60:5c:00:64
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIUeYRA3sq/geTCzajy/f2nxKfpgPYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZWIyYzdlNjI1MDNiMDYzNGViNGFiNTNmODhjMDY5NTBh
Yzc2ZGNkMTAeFw0yMzA5MjExODQ2MDVaFw0yNDA5MTkxODUxMDVaMDMxMTAvBgNV
BAMTKDc0OEQyNjgxREFBRDhGQkREOUY2OEY0QTc4MDZDNTdCMjgxRTJCMDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3x6wuRpylqsQSsC5WskyvWQtj
1WCX7XTReXq+BEZxGt7PKFLFcSWrwS6yIKyHYVX8qZURmLsCuT0m0IJ8titigVH2
Y6DlvOLZ1VJ/H4Q7JOo24rrOcD/uyJQNLP7VJ2XQ9AFIX5TL4F9vqS/2UXMZM+MH
6nYyLKlE4moZ8NDj68/d0A4EqSLbXi6JaGeQHWI8ay0pwcnUxQ3jb2iwFAUWmVk9
fiO5wmo40TxnI/5WBl+/Qm2nLNs3ET939zGTXmmT9MVS7Ak5piRE8d/R/WyiIxia
88DCnGfn0XoVwCLVuYBd1dm3Vr92pmazSeQDPseYg3C7h3YDhLYFO8kb9HKLAgMB
AAGjggIhMIICHTAdBgNVHQ4EFgQUdI0mgdqtj73Z9o9KeAbFeygeKwMwHwYDVR0j
BBgwFoAU6yx+YlA7BjTrSrU/iMBpUKx23NEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGU4MmQ1ZGU0MTAxODNmNjg2NjEwODRiODYvMS9FQjJDN0U2MjUw
M0IwNjM0RUI0QUI1M0Y4OEMwNjk1MEFDNzZEQ0QxLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNnl4LVlsQTdCalRyU3JVX2lNQnBVS3gyM05FLmNlcjCBoAYIKwYB
BQUHAQsEgZMwgZAwgY0GCCsGAQUFBzALhoGAcnN5bmM6Ly9ycGtpLXJwcy5hcmlu
Lm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRlODJkNWRlNDEwMTgzZjY4NjYxMDg0Yjg2
LzEvMzI2MTMwMzAzYTY0MzE2NTMwM2EzYTJmMzMzMjJkMzMzMjIwM2QzZTIwMzEz
MjM4MzQzMy5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcB
BwEB/wQRMA8wDQQCAAIwBwMFACoA0eAwDQYJKoZIhvcNAQELBQADggEBAIgNN9CR
rVkwTyGZFYE8abPbjVefNsW3bvQG9Wm1GF4eaDDeIQU6QSxT7HQmNuSuI46Z6hCK
PKqj1bVHEafoiSjI1SSEiKzyKuCFjEYcWA12nXp8uUVoXaLCwbUEhAuRqcUqYC6R
eM3QsNuONCMQNRuCQwQOJGqpqL4wZTu9GTklqEMEL0JWbzPLlMzeXzCDt/X1AyMD
FYntt1lPyLahK3Xvx8MdKh+IulFJeFwJKLOOdPd9P4o/eHp6uilH2qgW9dyhNwOn
htrCqB0eL55lZN4VWjR9bofKlIoll2J+BdhZMeYJCxgw8RYIHOPtLIat7CaNmZ2l
G0F0evuYnWBcAGQ=
-----END CERTIFICATE-----