Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/326130303a646438303a34303a3a2f34382d3438203d3e203336323336.roa
File:                     326130303a646438303a34303a3a2f34382d3438203d3e203336323336.roa (raw, json)
Hash identifier:          rDebicY0XyZncjnB+0QOyn30+FO8eiKfTojf2ocfsZg=
Subject key identifier:   8F:05:0A:F4:B5:84:26:C0:A4:38:0B:B3:5C:25:D6:C1:FA:34:FB:96
Certificate issuer:       /CN=eb2c7e62503b0634eb4ab53f88c06950ac76dcd1
Certificate serial:       0318711AEDA3D2AA09A197FFDA4F18048B671EB5
Authority key identifier: EB:2C:7E:62:50:3B:06:34:EB:4A:B5:3F:88:C0:69:50:AC:76:DC:D1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6yx-YlA7BjTrSrU_iMBpUKx23NE.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/326130303a646438303a34303a3a2f34382d3438203d3e203336323336.roa
Signing time:             Mon 02 Oct 2023 19:55:32 +0000
ROA not before:           Mon 02 Oct 2023 19:50:32 +0000
ROA not after:            Mon 30 Sep 2024 19:55:32 +0000
asID:                     36236
IP address blocks:        2a00:dd80:40::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/EB2C7E62503B0634EB4AB53F88C06950AC76DCD1.crl
                          rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/EB2C7E62503B0634EB4AB53F88C06950AC76DCD1.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6yx-YlA7BjTrSrU_iMBpUKx23NE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:46:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:18:71:1a:ed:a3:d2:aa:09:a1:97:ff:da:4f:18:04:8b:67:1e:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eb2c7e62503b0634eb4ab53f88c06950ac76dcd1
        Validity
            Not Before: Oct  2 19:50:32 2023 GMT
            Not After : Sep 30 19:55:32 2024 GMT
        Subject: CN=8F050AF4B58426C0A4380BB35C25D6C1FA34FB96
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:89:0a:72:5f:a5:2c:8a:d2:bd:70:05:a7:84:
                    c5:d6:d0:4e:3d:f8:f5:3d:06:ed:2c:dc:3c:54:c0:
                    43:ad:35:5d:e8:76:63:3e:a7:f7:a3:cd:c3:6c:1f:
                    ca:73:74:c8:1c:fa:fe:c0:e0:65:f5:87:ba:f8:f9:
                    21:f9:72:c7:91:d7:fc:44:0b:6b:57:ac:46:dd:95:
                    ee:32:46:59:7a:0e:91:4e:7f:6b:da:33:3b:f6:d7:
                    e1:47:3b:35:e0:6a:24:c6:ef:a9:8a:b6:bb:4b:54:
                    de:01:ea:6a:dd:34:41:97:92:ee:bb:3f:04:a7:5f:
                    35:2a:9d:39:1d:b9:7b:f8:66:44:72:a3:c7:8f:13:
                    45:dc:ef:48:1c:1d:fa:71:72:56:6e:59:39:d0:d6:
                    d6:f0:f3:b1:45:33:2f:fc:64:73:09:a6:19:fc:28:
                    15:b6:84:eb:31:4c:d5:d8:21:88:f9:d6:80:1e:08:
                    8b:ae:39:f8:1a:6c:d0:9f:c1:cc:a7:e7:53:60:f3:
                    78:40:b9:d0:1b:02:00:c1:1f:52:b6:53:0d:0b:47:
                    de:6d:1e:2a:61:ee:6b:81:c9:47:d6:a3:a2:e6:a0:
                    19:80:ae:1b:df:62:01:59:a8:6f:f0:94:28:6c:0e:
                    28:00:c0:ca:5b:49:c9:a4:d1:6a:6a:d3:35:1e:9e:
                    95:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:05:0A:F4:B5:84:26:C0:A4:38:0B:B3:5C:25:D6:C1:FA:34:FB:96
            X509v3 Authority Key Identifier:
                keyid:EB:2C:7E:62:50:3B:06:34:EB:4A:B5:3F:88:C0:69:50:AC:76:DC:D1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/EB2C7E62503B0634EB4AB53F88C06950AC76DCD1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6yx-YlA7BjTrSrU_iMBpUKx23NE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/326130303a646438303a34303a3a2f34382d3438203d3e203336323336.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a00:dd80:40::/48

    Signature Algorithm: sha256WithRSAEncryption
         57:1d:3c:6b:d9:88:eb:dc:0f:1f:05:cb:c7:de:25:25:f1:7a:
         c8:b1:88:1a:10:aa:af:23:86:d2:a3:70:5d:f7:5e:5f:04:b7:
         c1:56:bf:4d:c5:bf:6a:4a:19:50:5b:83:6a:1e:72:22:03:5a:
         04:8a:3c:03:10:1c:fe:c5:3b:02:c4:57:85:46:37:44:48:0e:
         11:3b:69:9e:14:20:09:81:ad:b0:a0:af:29:c1:19:1f:f0:89:
         5d:79:54:65:6a:bc:ca:84:43:8b:30:c4:a8:c5:e1:4c:32:d3:
         b0:ca:ff:8f:c1:ca:6d:92:9f:1e:b1:d1:e2:fc:5f:28:25:ea:
         70:4a:ad:63:78:3f:b7:06:08:b2:90:67:5d:4b:03:2a:6a:0d:
         38:b5:4c:13:44:53:56:41:96:39:09:30:6a:e0:65:71:60:00:
         81:10:64:59:ca:d3:fe:db:c0:65:58:e3:05:06:61:5c:e3:37:
         49:28:7d:42:bf:bf:4f:2b:f3:56:ce:2f:6e:a9:3d:44:77:f4:
         63:f8:7a:8a:46:52:08:ea:dd:c5:6c:32:a9:c0:80:db:b2:fd:
         3f:73:ec:91:5b:ed:7e:07:eb:4a:2b:f0:1c:5b:fc:53:d2:8c:
         49:5d:4b:df:aa:94:04:fa:34:fd:37:4a:c8:23:6f:2b:b8:69:
         c7:92:9f:21
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgIUAxhxGu2j0qoJoZf/2k8YBItnHrUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZWIyYzdlNjI1MDNiMDYzNGViNGFiNTNmODhjMDY5NTBh
Yzc2ZGNkMTAeFw0yMzEwMDIxOTUwMzJaFw0yNDA5MzAxOTU1MzJaMDMxMTAvBgNV
BAMTKDhGMDUwQUY0QjU4NDI2QzBBNDM4MEJCMzVDMjVENkMxRkEzNEZCOTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDmiQpyX6UsitK9cAWnhMXW0E49
+PU9Bu0s3DxUwEOtNV3odmM+p/ejzcNsH8pzdMgc+v7A4GX1h7r4+SH5cseR1/xE
C2tXrEbdle4yRll6DpFOf2vaMzv21+FHOzXgaiTG76mKtrtLVN4B6mrdNEGXku67
PwSnXzUqnTkduXv4ZkRyo8ePE0Xc70gcHfpxclZuWTnQ1tbw87FFMy/8ZHMJphn8
KBW2hOsxTNXYIYj51oAeCIuuOfgabNCfwcyn51Ng83hAudAbAgDBH1K2Uw0LR95t
Hiph7muByUfWo6LmoBmArhvfYgFZqG/wlChsDigAwMpbScmk0Wpq0zUenpVZAgMB
AAGjggIpMIICJTAdBgNVHQ4EFgQUjwUK9LWEJsCkOAuzXCXWwfo0+5YwHwYDVR0j
BBgwFoAU6yx+YlA7BjTrSrU/iMBpUKx23NEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGU4MmQ1ZGU0MTAxODNmNjg2NjEwODRiODYvMS9FQjJDN0U2MjUw
M0IwNjM0RUI0QUI1M0Y4OEMwNjk1MEFDNzZEQ0QxLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNnl4LVlsQTdCalRyU3JVX2lNQnBVS3gyM05FLmNlcjCBpgYIKwYB
BQUHAQsEgZkwgZYwgZMGCCsGAQUFBzALhoGGcnN5bmM6Ly9ycGtpLXJwcy5hcmlu
Lm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRlODJkNWRlNDEwMTgzZjY4NjYxMDg0Yjg2
LzEvMzI2MTMwMzAzYTY0NjQzODMwM2EzNDMwM2EzYTJmMzQzODJkMzQzODIwM2Qz
ZTIwMzMzNjMyMzMzNi5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggr
BgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoA3YAAQDANBgkqhkiG9w0BAQsFAAOC
AQEAVx08a9mI69wPHwXLx94lJfF6yLGIGhCqryOG0qNwXfdeXwS3wVa/TcW/akoZ
UFuDah5yIgNaBIo8AxAc/sU7AsRXhUY3REgOETtpnhQgCYGtsKCvKcEZH/CJXXlU
ZWq8yoRDizDEqMXhTDLTsMr/j8HKbZKfHrHR4vxfKCXqcEqtY3g/twYIspBnXUsD
KmoNOLVME0RTVkGWOQkwauBlcWAAgRBkWcrT/tvAZVjjBQZhXOM3SSh9Qr+/Tyvz
Vs4vbqk9RHf0Y/h6ikZSCOrdxWwyqcCA27L9P3PskVvtfgfrSivwHFv8U9KMSV1L
36qUBPo0/TdKyCNvK7hpx5KfIQ==
-----END CERTIFICATE-----