Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/326130303a646438303a33653a3a2f34382d3438203d3e203336323336.roa
File:                     326130303a646438303a33653a3a2f34382d3438203d3e203336323336.roa (raw, json)
Hash identifier:          AyfK4ULlm1LPN8RFTMLGACZ2dMg81C2fGqWfoXEl8p4=
Subject key identifier:   8F:18:74:C3:99:D4:2A:40:23:1B:65:18:37:1B:26:AA:18:12:51:65
Certificate issuer:       /CN=eb2c7e62503b0634eb4ab53f88c06950ac76dcd1
Certificate serial:       6A552E44630D32155068287710CDA5EC8C6202C3
Authority key identifier: EB:2C:7E:62:50:3B:06:34:EB:4A:B5:3F:88:C0:69:50:AC:76:DC:D1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6yx-YlA7BjTrSrU_iMBpUKx23NE.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/326130303a646438303a33653a3a2f34382d3438203d3e203336323336.roa
Signing time:             Mon 02 Sep 2024 20:13:07 +0000
ROA not before:           Mon 02 Sep 2024 20:08:07 +0000
ROA not after:            Mon 01 Sep 2025 20:13:07 +0000
asID:                     36236
IP address blocks:        2a00:dd80:3e::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/EB2C7E62503B0634EB4AB53F88C06950AC76DCD1.crl
                          rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/EB2C7E62503B0634EB4AB53F88C06950AC76DCD1.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6yx-YlA7BjTrSrU_iMBpUKx23NE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 26 Nov 2024 16:12:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6a:55:2e:44:63:0d:32:15:50:68:28:77:10:cd:a5:ec:8c:62:02:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eb2c7e62503b0634eb4ab53f88c06950ac76dcd1
        Validity
            Not Before: Sep  2 20:08:07 2024 GMT
            Not After : Sep  1 20:13:07 2025 GMT
        Subject: CN=8F1874C399D42A40231B6518371B26AA18125165
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:60:01:da:f2:5a:99:a1:02:43:3a:f4:ac:1a:
                    a3:cc:45:f6:8d:d4:71:ae:a0:71:0c:e7:30:fe:2c:
                    7c:75:25:d7:69:85:f1:19:8f:2f:37:ff:fb:94:65:
                    92:78:71:93:21:f1:f7:26:41:ab:c7:fd:28:72:2d:
                    12:ad:5a:e9:01:07:60:a1:8e:1a:18:b5:86:83:41:
                    78:64:1f:cf:d3:4c:69:16:c4:62:00:30:ca:52:74:
                    43:86:a8:37:11:83:c5:7d:dd:89:af:ac:4d:2e:70:
                    b7:32:ae:3c:6e:77:76:08:fe:17:8c:7d:6f:c4:d9:
                    03:bd:50:d8:14:35:09:2b:0d:3d:77:30:da:14:35:
                    06:82:da:f2:df:94:0a:63:7e:c1:2b:30:10:8e:38:
                    eb:f3:ad:82:fc:99:c1:f3:d9:b9:7a:7e:09:4e:49:
                    b1:72:11:8b:dc:4d:96:9f:f0:3c:79:64:46:10:35:
                    bd:48:0b:37:fd:b2:3c:a6:af:2d:05:d3:2b:9b:86:
                    39:dd:03:0c:b4:01:6d:02:22:51:04:5e:0b:ed:f5:
                    e8:ef:78:ec:47:c5:73:a8:20:dc:33:f2:8f:23:b0:
                    d0:ca:3c:26:e5:06:af:cb:31:e3:0e:52:60:34:c6:
                    bb:3a:60:e4:26:46:64:3b:28:14:ab:df:42:b4:0a:
                    e5:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:18:74:C3:99:D4:2A:40:23:1B:65:18:37:1B:26:AA:18:12:51:65
            X509v3 Authority Key Identifier:
                keyid:EB:2C:7E:62:50:3B:06:34:EB:4A:B5:3F:88:C0:69:50:AC:76:DC:D1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/EB2C7E62503B0634EB4AB53F88C06950AC76DCD1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6yx-YlA7BjTrSrU_iMBpUKx23NE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/326130303a646438303a33653a3a2f34382d3438203d3e203336323336.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a00:dd80:3e::/48

    Signature Algorithm: sha256WithRSAEncryption
         85:1d:0d:63:fe:ce:27:02:f1:e1:79:1b:90:61:34:8f:4f:36:
         88:ad:a5:a7:12:47:f2:d9:b3:76:13:87:93:d3:fa:95:32:87:
         c0:15:b7:60:c9:e2:e4:55:fd:7d:65:6b:57:79:c8:a8:77:93:
         9e:ba:4b:90:e8:bd:88:bb:e8:6b:f9:09:fd:5b:c0:f6:66:21:
         47:6b:5a:ca:5f:2a:52:68:dd:4c:50:7d:9a:f0:75:3c:6e:49:
         55:d9:16:34:36:cb:3d:60:08:3e:d7:42:83:81:a9:14:e3:ad:
         e5:1e:06:09:4e:71:1a:05:a5:b2:b4:67:17:ca:bb:a8:61:e0:
         d9:47:7d:f6:1a:e1:ad:46:ca:01:da:4a:cc:71:ea:b0:c8:df:
         f6:b6:6b:d6:b3:6b:44:df:a9:42:7e:b8:db:2b:de:79:43:49:
         d0:68:c0:c4:48:3c:2a:9f:94:a9:7d:b9:49:16:09:ba:45:8e:
         d9:e3:2a:bd:c7:5b:54:ed:8c:ed:d3:36:13:76:9f:90:48:46:
         66:97:ae:33:46:f1:d1:2e:15:0a:71:bd:3c:c7:31:70:14:c6:
         12:cf:7a:75:f2:fd:a0:4e:39:11:58:b7:fb:d7:b9:4e:37:40:
         ec:1f:77:1b:b9:d2:07:a2:50:d5:a9:29:e0:e1:ed:5b:56:6f:
         17:2f:d7:fc
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgIUalUuRGMNMhVQaCh3EM2l7IxiAsMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZWIyYzdlNjI1MDNiMDYzNGViNGFiNTNmODhjMDY5NTBh
Yzc2ZGNkMTAeFw0yNDA5MDIyMDA4MDdaFw0yNTA5MDEyMDEzMDdaMDMxMTAvBgNV
BAMTKDhGMTg3NEMzOTlENDJBNDAyMzFCNjUxODM3MUIyNkFBMTgxMjUxNjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxYAHa8lqZoQJDOvSsGqPMRfaN
1HGuoHEM5zD+LHx1JddphfEZjy83//uUZZJ4cZMh8fcmQavH/ShyLRKtWukBB2Ch
jhoYtYaDQXhkH8/TTGkWxGIAMMpSdEOGqDcRg8V93YmvrE0ucLcyrjxud3YI/heM
fW/E2QO9UNgUNQkrDT13MNoUNQaC2vLflApjfsErMBCOOOvzrYL8mcHz2bl6fglO
SbFyEYvcTZaf8Dx5ZEYQNb1ICzf9sjymry0F0yubhjndAwy0AW0CIlEEXgvt9ejv
eOxHxXOoINwz8o8jsNDKPCblBq/LMeMOUmA0xrs6YOQmRmQ7KBSr30K0CuURAgMB
AAGjggIpMIICJTAdBgNVHQ4EFgQUjxh0w5nUKkAjG2UYNxsmqhgSUWUwHwYDVR0j
BBgwFoAU6yx+YlA7BjTrSrU/iMBpUKx23NEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGU4MmQ1ZGU0MTAxODNmNjg2NjEwODRiODYvMS9FQjJDN0U2MjUw
M0IwNjM0RUI0QUI1M0Y4OEMwNjk1MEFDNzZEQ0QxLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNnl4LVlsQTdCalRyU3JVX2lNQnBVS3gyM05FLmNlcjCBpgYIKwYB
BQUHAQsEgZkwgZYwgZMGCCsGAQUFBzALhoGGcnN5bmM6Ly9ycGtpLXJwcy5hcmlu
Lm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRlODJkNWRlNDEwMTgzZjY4NjYxMDg0Yjg2
LzEvMzI2MTMwMzAzYTY0NjQzODMwM2EzMzY1M2EzYTJmMzQzODJkMzQzODIwM2Qz
ZTIwMzMzNjMyMzMzNi5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggr
BgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoA3YAAPjANBgkqhkiG9w0BAQsFAAOC
AQEAhR0NY/7OJwLx4XkbkGE0j082iK2lpxJH8tmzdhOHk9P6lTKHwBW3YMni5FX9
fWVrV3nIqHeTnrpLkOi9iLvoa/kJ/VvA9mYhR2tayl8qUmjdTFB9mvB1PG5JVdkW
NDbLPWAIPtdCg4GpFOOt5R4GCU5xGgWlsrRnF8q7qGHg2Ud99hrhrUbKAdpKzHHq
sMjf9rZr1rNrRN+pQn642yveeUNJ0GjAxEg8Kp+UqX25SRYJukWO2eMqvcdbVO2M
7dM2E3afkEhGZpeuM0bx0S4VCnG9PMcxcBTGEs96dfL9oE45EVi3+9e5TjdA7B93
G7nSB6JQ1akp4OHtW1ZvFy/X/A==
-----END CERTIFICATE-----