Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/326130303a646438303a33653a353a3a2f36342d3634203d3e20333939313630.roa
File:                     326130303a646438303a33653a353a3a2f36342d3634203d3e20333939313630.roa (raw, json)
Hash identifier:          9TM41H8Df1aQlgi81APhT4u7HDlOL7rpM9EOQ3iJepc=
Subject key identifier:   60:36:58:1D:F7:EC:38:86:24:A0:E8:2E:9A:21:4E:F7:E7:5C:3F:08
Certificate issuer:       /CN=eb2c7e62503b0634eb4ab53f88c06950ac76dcd1
Certificate serial:       35FA8D95E2D0AEE8757A3A756571B0B5E50E86C2
Authority key identifier: EB:2C:7E:62:50:3B:06:34:EB:4A:B5:3F:88:C0:69:50:AC:76:DC:D1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6yx-YlA7BjTrSrU_iMBpUKx23NE.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/326130303a646438303a33653a353a3a2f36342d3634203d3e20333939313630.roa
Signing time:             Sat 06 Jan 2024 11:34:17 +0000
ROA not before:           Sat 06 Jan 2024 11:29:17 +0000
ROA not after:            Sat 04 Jan 2025 11:34:17 +0000
asID:                     399160
IP address blocks:        2a00:dd80:3e:5::/64 maxlen: 64

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/EB2C7E62503B0634EB4AB53F88C06950AC76DCD1.crl
                          rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/EB2C7E62503B0634EB4AB53F88C06950AC76DCD1.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6yx-YlA7BjTrSrU_iMBpUKx23NE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 12:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            35:fa:8d:95:e2:d0:ae:e8:75:7a:3a:75:65:71:b0:b5:e5:0e:86:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eb2c7e62503b0634eb4ab53f88c06950ac76dcd1
        Validity
            Not Before: Jan  6 11:29:17 2024 GMT
            Not After : Jan  4 11:34:17 2025 GMT
        Subject: CN=6036581DF7EC388624A0E82E9A214EF7E75C3F08
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:aa:af:0b:fe:2a:9c:c4:b9:3f:17:47:38:51:
                    ab:f1:11:80:72:cb:e7:53:86:2c:36:c2:00:f2:08:
                    a1:40:21:18:f7:ab:c0:37:80:97:c3:92:f2:bb:06:
                    bf:93:5d:82:93:e8:c5:b9:95:09:22:d8:d8:98:d4:
                    f3:43:47:be:16:2d:5d:31:b6:04:18:2a:3b:e1:c9:
                    67:1a:37:50:b0:e6:fa:d5:99:6f:53:b4:65:6a:0c:
                    29:ae:ef:c7:91:c5:47:fc:ff:45:14:58:00:4d:dd:
                    f2:7c:c6:39:ca:60:4c:be:b4:d5:d1:4d:4b:5d:83:
                    29:c1:83:59:39:c2:a6:e9:4c:54:fc:66:4a:22:16:
                    da:17:dc:71:8b:ae:93:b1:87:e0:e9:cc:c1:22:e1:
                    4a:35:8a:f8:a9:75:c7:d3:68:3f:d2:3e:55:5c:10:
                    51:38:e8:2c:5c:6d:36:3f:fb:d5:80:81:1b:38:55:
                    b8:ba:21:1c:56:fb:89:fe:31:5c:f1:3c:d0:4a:ed:
                    07:39:8a:ad:99:23:2e:ea:07:0a:d4:73:db:83:c5:
                    f3:c1:8d:05:fa:da:1a:e9:e9:9e:ea:b3:88:b5:19:
                    12:03:57:bd:b0:7b:b8:11:8d:54:55:23:c5:a6:aa:
                    09:50:1b:96:b3:1c:19:6f:80:e0:1e:fb:d5:54:58:
                    65:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:36:58:1D:F7:EC:38:86:24:A0:E8:2E:9A:21:4E:F7:E7:5C:3F:08
            X509v3 Authority Key Identifier:
                keyid:EB:2C:7E:62:50:3B:06:34:EB:4A:B5:3F:88:C0:69:50:AC:76:DC:D1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/EB2C7E62503B0634EB4AB53F88C06950AC76DCD1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6yx-YlA7BjTrSrU_iMBpUKx23NE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/326130303a646438303a33653a353a3a2f36342d3634203d3e20333939313630.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a00:dd80:3e:5::/64

    Signature Algorithm: sha256WithRSAEncryption
         96:fa:d3:83:0d:a7:26:72:1b:eb:02:1b:5b:6c:82:7b:54:51:
         02:15:80:ef:e5:99:85:58:49:a9:16:7a:3a:91:4b:0f:91:77:
         8b:d9:29:ad:f9:22:e6:0f:cd:7d:60:7e:f9:3e:f3:5e:31:64:
         2e:65:dd:67:c0:de:1e:58:59:34:4a:96:38:47:46:f4:a1:73:
         eb:3f:1d:f7:22:8b:a1:49:42:1d:49:17:16:87:14:81:d7:da:
         e6:e9:fc:4c:72:91:77:b5:b5:0d:71:0b:9f:a3:00:3f:ec:23:
         ba:17:1e:1a:95:bc:b2:43:65:1f:04:03:b3:e0:6b:c7:af:68:
         1e:27:4f:54:b2:98:01:bc:e5:36:38:f1:55:ed:82:1d:04:8e:
         94:1f:3d:d9:da:70:06:79:52:24:dd:c8:93:be:f2:25:4b:19:
         97:00:0c:39:f8:e8:90:20:db:ab:37:80:0e:69:2e:a9:33:88:
         65:19:52:d6:b6:36:e6:57:c9:0f:ad:3d:05:31:e2:fe:95:ba:
         2d:23:b3:ca:54:fd:1e:7f:03:2b:38:eb:da:22:87:89:b7:b6:
         5e:fa:ff:b1:27:db:a8:a5:20:10:d7:2d:11:d8:76:55:d6:aa:
         7d:1f:35:3a:dc:dd:37:a5:69:58:68:d9:2a:6d:d8:e4:25:e3:
         3d:cb:06:e4
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgIUNfqNleLQruh1ejp1ZXGwteUOhsIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZWIyYzdlNjI1MDNiMDYzNGViNGFiNTNmODhjMDY5NTBh
Yzc2ZGNkMTAeFw0yNDAxMDYxMTI5MTdaFw0yNTAxMDQxMTM0MTdaMDMxMTAvBgNV
BAMTKDYwMzY1ODFERjdFQzM4ODYyNEEwRTgyRTlBMjE0RUY3RTc1QzNGMDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9qq8L/iqcxLk/F0c4UavxEYBy
y+dThiw2wgDyCKFAIRj3q8A3gJfDkvK7Br+TXYKT6MW5lQki2NiY1PNDR74WLV0x
tgQYKjvhyWcaN1Cw5vrVmW9TtGVqDCmu78eRxUf8/0UUWABN3fJ8xjnKYEy+tNXR
TUtdgynBg1k5wqbpTFT8ZkoiFtoX3HGLrpOxh+DpzMEi4Uo1ivipdcfTaD/SPlVc
EFE46CxcbTY/+9WAgRs4Vbi6IRxW+4n+MVzxPNBK7Qc5iq2ZIy7qBwrUc9uDxfPB
jQX62hrp6Z7qs4i1GRIDV72we7gRjVRVI8WmqglQG5azHBlvgOAe+9VUWGW/AgMB
AAGjggIxMIICLTAdBgNVHQ4EFgQUYDZYHffsOIYkoOgumiFO9+dcPwgwHwYDVR0j
BBgwFoAU6yx+YlA7BjTrSrU/iMBpUKx23NEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGU4MmQ1ZGU0MTAxODNmNjg2NjEwODRiODYvMS9FQjJDN0U2MjUw
M0IwNjM0RUI0QUI1M0Y4OEMwNjk1MEFDNzZEQ0QxLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNnl4LVlsQTdCalRyU3JVX2lNQnBVS3gyM05FLmNlcjCBrAYIKwYB
BQUHAQsEgZ8wgZwwgZkGCCsGAQUFBzALhoGMcnN5bmM6Ly9ycGtpLXJwcy5hcmlu
Lm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRlODJkNWRlNDEwMTgzZjY4NjYxMDg0Yjg2
LzEvMzI2MTMwMzAzYTY0NjQzODMwM2EzMzY1M2EzNTNhM2EyZjM2MzQyZDM2MzQy
MDNkM2UyMDMzMzkzOTMxMzYzMC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcO
AjAkBggrBgEFBQcBBwEB/wQVMBMwEQQCAAIwCwMJACoA3YAAPgAFMA0GCSqGSIb3
DQEBCwUAA4IBAQCW+tODDacmchvrAhtbbIJ7VFECFYDv5ZmFWEmpFno6kUsPkXeL
2Smt+SLmD819YH75PvNeMWQuZd1nwN4eWFk0SpY4R0b0oXPrPx33IouhSUIdSRcW
hxSB19rm6fxMcpF3tbUNcQufowA/7CO6Fx4albyyQ2UfBAOz4GvHr2geJ09UspgB
vOU2OPFV7YIdBI6UHz3Z2nAGeVIk3ciTvvIlSxmXAAw5+OiQINurN4AOaS6pM4hl
GVLWtjbmV8kPrT0FMeL+lbotI7PKVP0efwMrOOvaIoeJt7Ze+v+xJ9uopSAQ1y0R
2HZV1qp9HzU63N03pWlYaNkqbdjkJeM9ywbk
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:43:47 2024 by rpki-client on console-fra.rpki-client.org