Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/326130303a646438303a34323a3a2f34382d3438203d3e203336323336.roa
File:                     326130303a646438303a34323a3a2f34382d3438203d3e203336323336.roa (raw, json)
Hash identifier:          vcQge8PeVhDhr+obwc+rIplKa4W1NGkirA7H0AjVcFs=
Subject key identifier:   C0:47:60:C6:55:B8:38:C7:28:C9:C0:C7:3E:D8:95:F0:37:FC:DD:B2
Certificate issuer:       /CN=eb2c7e62503b0634eb4ab53f88c06950ac76dcd1
Certificate serial:       03152F3E6E975C5614E5547E72E21B0D40FCF718
Authority key identifier: EB:2C:7E:62:50:3B:06:34:EB:4A:B5:3F:88:C0:69:50:AC:76:DC:D1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6yx-YlA7BjTrSrU_iMBpUKx23NE.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/326130303a646438303a34323a3a2f34382d3438203d3e203336323336.roa
Signing time:             Mon 02 Sep 2024 20:13:07 +0000
ROA not before:           Mon 02 Sep 2024 20:08:07 +0000
ROA not after:            Mon 01 Sep 2025 20:13:07 +0000
asID:                     36236
IP address blocks:        2a00:dd80:42::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/EB2C7E62503B0634EB4AB53F88C06950AC76DCD1.crl
                          rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/EB2C7E62503B0634EB4AB53F88C06950AC76DCD1.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6yx-YlA7BjTrSrU_iMBpUKx23NE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 14:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:15:2f:3e:6e:97:5c:56:14:e5:54:7e:72:e2:1b:0d:40:fc:f7:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eb2c7e62503b0634eb4ab53f88c06950ac76dcd1
        Validity
            Not Before: Sep  2 20:08:07 2024 GMT
            Not After : Sep  1 20:13:07 2025 GMT
        Subject: CN=C04760C655B838C728C9C0C73ED895F037FCDDB2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:a9:b5:a0:46:7a:df:45:c6:d3:f2:11:3d:66:
                    a1:a2:60:1f:83:32:97:3b:e4:3a:a3:df:68:35:94:
                    07:77:29:28:b4:a5:13:47:71:90:e8:13:5e:1b:53:
                    7a:b4:66:6c:4e:cd:5d:85:b5:90:04:25:b9:63:24:
                    fc:a0:0c:25:df:ec:55:db:da:e1:14:9c:24:ed:7f:
                    a6:4e:76:a8:c0:6b:1e:77:61:45:0d:42:22:5b:b9:
                    e3:d4:7d:36:cf:e9:0d:4f:dd:13:f0:33:49:9a:82:
                    a9:0f:c8:75:d8:77:52:71:fb:f4:2d:9f:f0:05:e3:
                    e5:4a:3c:ad:35:7a:fc:12:ba:4b:fc:94:68:ca:1d:
                    33:84:72:fd:b6:da:f1:5e:d6:7b:60:70:65:6a:c7:
                    93:3c:76:9f:1a:c6:3d:be:f5:c0:9a:d8:cd:3c:1f:
                    3e:87:b5:51:82:43:71:18:b1:68:7a:cd:eb:99:89:
                    3c:18:fe:42:2b:af:79:1f:83:d8:0f:6f:ae:3f:3c:
                    a9:20:72:a4:fc:58:71:3d:dc:93:1f:ef:81:a6:1d:
                    9d:31:d5:fe:2b:d8:8b:89:5a:de:24:ff:c3:80:75:
                    c1:44:9e:7a:b0:10:8c:e8:44:0f:25:6b:6f:9f:92:
                    d0:a7:75:a7:9b:46:4c:9c:97:ed:f8:6e:f6:ee:ef:
                    cd:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:47:60:C6:55:B8:38:C7:28:C9:C0:C7:3E:D8:95:F0:37:FC:DD:B2
            X509v3 Authority Key Identifier:
                keyid:EB:2C:7E:62:50:3B:06:34:EB:4A:B5:3F:88:C0:69:50:AC:76:DC:D1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/EB2C7E62503B0634EB4AB53F88C06950AC76DCD1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6yx-YlA7BjTrSrU_iMBpUKx23NE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/326130303a646438303a34323a3a2f34382d3438203d3e203336323336.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a00:dd80:42::/48

    Signature Algorithm: sha256WithRSAEncryption
         4c:cb:e8:9c:e0:e6:db:e0:3b:9e:c7:87:ae:dc:87:68:75:e8:
         7c:92:92:21:20:b4:e5:af:8b:42:db:47:43:7a:07:1d:4f:44:
         2e:f9:0c:77:7d:47:3c:2a:d4:61:a0:97:1a:92:11:8e:15:81:
         c8:85:87:7c:92:1c:cf:65:69:a5:d3:a4:7f:29:ca:03:67:a2:
         60:8c:7a:16:9b:6a:66:70:a1:0e:c5:18:63:bc:81:50:cb:a1:
         4d:e7:3c:c7:df:31:ba:92:de:86:bc:66:47:f0:f0:ad:24:e0:
         7c:64:b9:a5:26:fd:90:e6:18:9b:f1:37:c2:4c:af:e5:33:f2:
         7d:2d:49:ee:40:25:c7:7a:55:02:09:b8:7c:f0:9d:e1:de:20:
         a5:af:90:b2:f0:ef:e6:95:ac:81:2d:f2:17:e5:cd:df:9a:87:
         de:a5:a5:3e:15:f9:ab:64:47:3e:d7:85:e4:74:3b:47:70:4b:
         6f:99:c1:b2:6f:7f:6c:29:c7:ca:50:cd:a0:05:d2:fb:db:8c:
         63:94:cc:83:6b:64:c4:8e:92:54:86:42:27:0e:b9:b4:f9:4b:
         32:bd:af:2e:6e:c6:d7:0c:b3:cb:e7:db:fb:c8:5a:31:9c:36:
         02:a8:6b:ab:07:06:f2:c6:c2:8c:0f:b0:04:0e:60:7f:fd:17:
         e9:e3:c1:d3
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgIUAxUvPm6XXFYU5VR+cuIbDUD89xgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZWIyYzdlNjI1MDNiMDYzNGViNGFiNTNmODhjMDY5NTBh
Yzc2ZGNkMTAeFw0yNDA5MDIyMDA4MDdaFw0yNTA5MDEyMDEzMDdaMDMxMTAvBgNV
BAMTKEMwNDc2MEM2NTVCODM4QzcyOEM5QzBDNzNFRDg5NUYwMzdGQ0REQjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDcqbWgRnrfRcbT8hE9ZqGiYB+D
Mpc75Dqj32g1lAd3KSi0pRNHcZDoE14bU3q0ZmxOzV2FtZAEJbljJPygDCXf7FXb
2uEUnCTtf6ZOdqjAax53YUUNQiJbuePUfTbP6Q1P3RPwM0magqkPyHXYd1Jx+/Qt
n/AF4+VKPK01evwSukv8lGjKHTOEcv222vFe1ntgcGVqx5M8dp8axj2+9cCa2M08
Hz6HtVGCQ3EYsWh6zeuZiTwY/kIrr3kfg9gPb64/PKkgcqT8WHE93JMf74GmHZ0x
1f4r2IuJWt4k/8OAdcFEnnqwEIzoRA8la2+fktCndaebRkycl+34bvbu780nAgMB
AAGjggIpMIICJTAdBgNVHQ4EFgQUwEdgxlW4OMcoycDHPtiV8Df83bIwHwYDVR0j
BBgwFoAU6yx+YlA7BjTrSrU/iMBpUKx23NEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGU4MmQ1ZGU0MTAxODNmNjg2NjEwODRiODYvMS9FQjJDN0U2MjUw
M0IwNjM0RUI0QUI1M0Y4OEMwNjk1MEFDNzZEQ0QxLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNnl4LVlsQTdCalRyU3JVX2lNQnBVS3gyM05FLmNlcjCBpgYIKwYB
BQUHAQsEgZkwgZYwgZMGCCsGAQUFBzALhoGGcnN5bmM6Ly9ycGtpLXJwcy5hcmlu
Lm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRlODJkNWRlNDEwMTgzZjY4NjYxMDg0Yjg2
LzEvMzI2MTMwMzAzYTY0NjQzODMwM2EzNDMyM2EzYTJmMzQzODJkMzQzODIwM2Qz
ZTIwMzMzNjMyMzMzNi5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggr
BgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoA3YAAQjANBgkqhkiG9w0BAQsFAAOC
AQEATMvonODm2+A7nseHrtyHaHXofJKSISC05a+LQttHQ3oHHU9ELvkMd31HPCrU
YaCXGpIRjhWByIWHfJIcz2VppdOkfynKA2eiYIx6FptqZnChDsUYY7yBUMuhTec8
x98xupLehrxmR/DwrSTgfGS5pSb9kOYYm/E3wkyv5TPyfS1J7kAlx3pVAgm4fPCd
4d4gpa+QsvDv5pWsgS3yF+XN35qH3qWlPhX5q2RHPteF5HQ7R3BLb5nBsm9/bCnH
ylDNoAXS+9uMY5TMg2tkxI6SVIZCJw65tPlLMr2vLm7G1wyzy+fb+8haMZw2Aqhr
qwcG8sbCjA+wBA5gf/0X6ePB0w==
-----END CERTIFICATE-----