Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/326130303a646438303a33623a3a2f34382d3438203d3e203336323336.roa
File:                     326130303a646438303a33623a3a2f34382d3438203d3e203336323336.roa (raw, json)
Hash identifier:          PicLQSysoonz404GhC2ewIidovrdSBaEK5BjL1adrKw=
Subject key identifier:   49:2D:AC:E6:1D:42:09:35:B8:72:2F:A7:DB:47:AF:F3:40:5C:31:F1
Certificate issuer:       /CN=eb2c7e62503b0634eb4ab53f88c06950ac76dcd1
Certificate serial:       4C2B0D5C9EB25112D4064C031546FAC224624306
Authority key identifier: EB:2C:7E:62:50:3B:06:34:EB:4A:B5:3F:88:C0:69:50:AC:76:DC:D1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6yx-YlA7BjTrSrU_iMBpUKx23NE.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/326130303a646438303a33623a3a2f34382d3438203d3e203336323336.roa
Signing time:             Mon 02 Sep 2024 20:13:07 +0000
ROA not before:           Mon 02 Sep 2024 20:08:07 +0000
ROA not after:            Mon 01 Sep 2025 20:13:07 +0000
asID:                     36236
IP address blocks:        2a00:dd80:3b::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/EB2C7E62503B0634EB4AB53F88C06950AC76DCD1.crl
                          rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/EB2C7E62503B0634EB4AB53F88C06950AC76DCD1.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6yx-YlA7BjTrSrU_iMBpUKx23NE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 14:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4c:2b:0d:5c:9e:b2:51:12:d4:06:4c:03:15:46:fa:c2:24:62:43:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eb2c7e62503b0634eb4ab53f88c06950ac76dcd1
        Validity
            Not Before: Sep  2 20:08:07 2024 GMT
            Not After : Sep  1 20:13:07 2025 GMT
        Subject: CN=492DACE61D420935B8722FA7DB47AFF3405C31F1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:04:4a:54:f4:33:39:64:94:f1:b6:90:87:88:
                    56:f7:82:dd:07:78:bc:86:f2:61:3b:17:2e:a9:9b:
                    56:23:3a:26:2f:99:3e:76:06:41:4c:34:32:b6:19:
                    bf:fe:83:fd:52:d1:32:bb:5d:18:67:4c:51:8c:1b:
                    5b:e3:a8:f3:3e:69:b6:05:0a:9d:a9:e0:aa:d4:4c:
                    01:af:7e:23:1d:7f:12:e5:a8:ea:d8:e9:79:89:a4:
                    61:e2:b3:14:d7:47:ac:7e:33:90:a0:b1:6f:08:2f:
                    cd:6d:dc:50:a5:37:b8:2b:f8:49:1b:ff:91:67:eb:
                    d3:b5:c8:8a:cf:f7:f1:5c:29:1a:24:37:18:4f:5b:
                    76:2b:4b:eb:a7:40:b0:7b:4a:0f:0d:77:0c:1d:fd:
                    e9:a9:ca:0c:25:2d:86:f7:73:ec:c7:c3:18:0a:d6:
                    59:8e:03:cb:ba:9c:b7:66:c7:74:2b:b7:30:3d:87:
                    fc:96:c1:ec:13:33:fe:38:c5:63:d2:a3:a5:b2:ae:
                    05:99:f2:a0:0c:a0:cf:90:f0:1c:e3:6f:02:d7:b6:
                    b6:7a:5b:9e:40:7c:02:25:e9:03:5d:4b:06:20:3a:
                    e4:af:d8:77:08:8f:45:5f:72:7e:1d:cc:0f:28:4d:
                    89:20:99:8a:b6:de:40:69:83:81:cf:59:02:d6:7b:
                    17:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:2D:AC:E6:1D:42:09:35:B8:72:2F:A7:DB:47:AF:F3:40:5C:31:F1
            X509v3 Authority Key Identifier:
                keyid:EB:2C:7E:62:50:3B:06:34:EB:4A:B5:3F:88:C0:69:50:AC:76:DC:D1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/EB2C7E62503B0634EB4AB53F88C06950AC76DCD1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6yx-YlA7BjTrSrU_iMBpUKx23NE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/326130303a646438303a33623a3a2f34382d3438203d3e203336323336.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a00:dd80:3b::/48

    Signature Algorithm: sha256WithRSAEncryption
         af:09:f3:81:ce:aa:b9:38:b9:c7:14:e7:7a:cd:55:72:7c:b0:
         5a:73:c7:41:c6:ee:0a:75:3e:ee:74:d5:85:f1:c3:08:a4:29:
         38:99:7a:d5:f6:9b:53:ba:d2:52:3f:dc:7a:6f:5d:04:f1:30:
         7d:be:f9:65:c1:30:66:dd:26:dc:86:fa:10:3a:2d:cc:5a:a6:
         dd:73:68:71:cc:a4:b9:1d:37:91:43:54:f8:08:7e:1f:18:1c:
         8e:b7:83:99:a6:0a:49:ed:39:91:c0:85:b6:6a:17:e3:0f:02:
         d4:54:2e:e2:90:55:21:e6:82:10:ba:1d:8f:3d:13:97:67:c9:
         f2:c7:7d:47:f5:5b:7f:8d:d5:07:72:d6:c3:7e:83:71:8f:44:
         18:04:76:2b:be:41:f5:45:87:dd:7c:99:6e:50:ca:50:81:73:
         06:43:9e:13:2b:37:48:a2:4f:8c:54:d4:c9:67:cb:0b:5b:e4:
         2f:b8:3b:46:17:ce:10:c8:37:f1:54:85:10:ac:a9:97:e7:59:
         d1:7a:5d:2b:33:28:5a:1a:2c:e8:23:ef:f0:a7:fc:36:77:21:
         2d:66:60:3f:9c:f2:5d:8d:e0:d6:ac:aa:53:7d:0d:79:e9:a6:
         ce:79:e5:80:e4:a0:b6:9a:98:e7:f7:55:0a:13:ff:79:94:03:
         ed:cb:16:45
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgIUTCsNXJ6yURLUBkwDFUb6wiRiQwYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZWIyYzdlNjI1MDNiMDYzNGViNGFiNTNmODhjMDY5NTBh
Yzc2ZGNkMTAeFw0yNDA5MDIyMDA4MDdaFw0yNTA5MDEyMDEzMDdaMDMxMTAvBgNV
BAMTKDQ5MkRBQ0U2MUQ0MjA5MzVCODcyMkZBN0RCNDdBRkYzNDA1QzMxRjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9BEpU9DM5ZJTxtpCHiFb3gt0H
eLyG8mE7Fy6pm1YjOiYvmT52BkFMNDK2Gb/+g/1S0TK7XRhnTFGMG1vjqPM+abYF
Cp2p4KrUTAGvfiMdfxLlqOrY6XmJpGHisxTXR6x+M5CgsW8IL81t3FClN7gr+Ekb
/5Fn69O1yIrP9/FcKRokNxhPW3YrS+unQLB7Sg8Ndwwd/empygwlLYb3c+zHwxgK
1lmOA8u6nLdmx3QrtzA9h/yWwewTM/44xWPSo6WyrgWZ8qAMoM+Q8BzjbwLXtrZ6
W55AfAIl6QNdSwYgOuSv2HcIj0Vfcn4dzA8oTYkgmYq23kBpg4HPWQLWexfJAgMB
AAGjggIpMIICJTAdBgNVHQ4EFgQUSS2s5h1CCTW4ci+n20ev80BcMfEwHwYDVR0j
BBgwFoAU6yx+YlA7BjTrSrU/iMBpUKx23NEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGU4MmQ1ZGU0MTAxODNmNjg2NjEwODRiODYvMS9FQjJDN0U2MjUw
M0IwNjM0RUI0QUI1M0Y4OEMwNjk1MEFDNzZEQ0QxLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNnl4LVlsQTdCalRyU3JVX2lNQnBVS3gyM05FLmNlcjCBpgYIKwYB
BQUHAQsEgZkwgZYwgZMGCCsGAQUFBzALhoGGcnN5bmM6Ly9ycGtpLXJwcy5hcmlu
Lm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRlODJkNWRlNDEwMTgzZjY4NjYxMDg0Yjg2
LzEvMzI2MTMwMzAzYTY0NjQzODMwM2EzMzYyM2EzYTJmMzQzODJkMzQzODIwM2Qz
ZTIwMzMzNjMyMzMzNi5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggr
BgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoA3YAAOzANBgkqhkiG9w0BAQsFAAOC
AQEArwnzgc6quTi5xxTnes1VcnywWnPHQcbuCnU+7nTVhfHDCKQpOJl61fabU7rS
Uj/cem9dBPEwfb75ZcEwZt0m3Ib6EDotzFqm3XNoccykuR03kUNU+Ah+HxgcjreD
maYKSe05kcCFtmoX4w8C1FQu4pBVIeaCELodjz0Tl2fJ8sd9R/Vbf43VB3LWw36D
cY9EGAR2K75B9UWH3XyZblDKUIFzBkOeEys3SKJPjFTUyWfLC1vkL7g7RhfOEMg3
8VSFEKypl+dZ0XpdKzMoWhos6CPv8Kf8NnchLWZgP5zyXY3g1qyqU30Neemmznnl
gOSgtpqY5/dVChP/eZQD7csWRQ==
-----END CERTIFICATE-----