Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/34352e3135392e39382e302f32342d3234203d3e203336323336.roa
File:                     34352e3135392e39382e302f32342d3234203d3e203336323336.roa (raw, json)
Hash identifier:          1ROwCqtbAqMKJwF/uBIiVGMeQf1RFXUT4pLNf/7j4uY=
Subject key identifier:   EF:92:9F:FB:33:66:7E:88:B4:5E:BF:6E:D8:3D:64:A9:57:2A:62:59
Certificate issuer:       /CN=eb2c7e62503b0634eb4ab53f88c06950ac76dcd1
Certificate serial:       7F16CDE08768CF42A3ABCDF6EB25444B74293CA3
Authority key identifier: EB:2C:7E:62:50:3B:06:34:EB:4A:B5:3F:88:C0:69:50:AC:76:DC:D1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6yx-YlA7BjTrSrU_iMBpUKx23NE.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/34352e3135392e39382e302f32342d3234203d3e203336323336.roa
Signing time:             Mon 02 Oct 2023 21:55:39 +0000
ROA not before:           Mon 02 Oct 2023 21:50:39 +0000
ROA not after:            Mon 30 Sep 2024 21:55:39 +0000
asID:                     36236
IP address blocks:        45.159.98.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/EB2C7E62503B0634EB4AB53F88C06950AC76DCD1.crl
                          rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/EB2C7E62503B0634EB4AB53F88C06950AC76DCD1.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6yx-YlA7BjTrSrU_iMBpUKx23NE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 May 2024 19:23:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7f:16:cd:e0:87:68:cf:42:a3:ab:cd:f6:eb:25:44:4b:74:29:3c:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eb2c7e62503b0634eb4ab53f88c06950ac76dcd1
        Validity
            Not Before: Oct  2 21:50:39 2023 GMT
            Not After : Sep 30 21:55:39 2024 GMT
        Subject: CN=EF929FFB33667E88B45EBF6ED83D64A9572A6259
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:78:d6:6b:f2:87:95:bd:1e:e7:e3:7f:5d:08:
                    c0:cc:ee:ea:66:a9:93:a7:f6:3d:4d:94:c0:b9:82:
                    47:29:c5:74:58:ab:02:7f:d3:1e:4f:6b:6a:06:1f:
                    d4:fd:8d:94:f4:5e:7c:32:4f:91:3c:84:57:f1:28:
                    8e:4a:75:fb:f7:fb:fa:29:7b:0f:be:42:53:c9:59:
                    31:fc:e3:25:bb:1d:4b:52:2d:ac:bf:0d:0b:b6:7e:
                    05:f1:90:8b:d7:ef:08:5b:bc:b9:33:98:2f:65:0a:
                    09:cf:8d:e5:23:96:aa:2e:8e:16:01:7b:cc:f0:60:
                    fb:82:2b:e4:aa:7d:4b:a5:d0:26:df:8c:5a:0c:6e:
                    a5:33:1e:27:54:f7:bb:14:02:71:d6:58:ab:91:84:
                    6f:e0:62:95:56:9f:35:82:b1:00:a7:5c:ab:69:77:
                    08:de:bf:fd:42:66:02:b4:40:c7:5f:53:6a:87:bb:
                    b3:2a:cc:b3:cf:b4:3f:63:fa:dc:52:85:9a:ee:8c:
                    ef:65:04:37:fe:a5:f8:08:60:55:05:1e:69:83:ce:
                    b7:7c:96:cc:5a:93:06:4f:28:09:7d:a6:39:a9:3f:
                    d9:ee:45:f4:00:a4:b7:05:db:06:47:29:d2:fa:91:
                    2e:f0:81:ab:08:f3:db:79:07:fc:91:92:d0:b8:74:
                    89:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:92:9F:FB:33:66:7E:88:B4:5E:BF:6E:D8:3D:64:A9:57:2A:62:59
            X509v3 Authority Key Identifier:
                keyid:EB:2C:7E:62:50:3B:06:34:EB:4A:B5:3F:88:C0:69:50:AC:76:DC:D1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/EB2C7E62503B0634EB4AB53F88C06950AC76DCD1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6yx-YlA7BjTrSrU_iMBpUKx23NE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/34352e3135392e39382e302f32342d3234203d3e203336323336.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.159.98.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0b:75:6e:17:06:cc:42:e9:db:5c:7f:41:c7:f5:3f:b0:27:3c:
         a1:3e:c0:07:15:25:59:dd:9f:75:59:a1:85:59:77:3a:7a:ed:
         85:12:f7:9a:1f:57:3c:29:bd:61:a4:12:d1:87:42:eb:e3:5d:
         90:83:54:52:ef:c4:6a:f3:2d:94:d0:8c:29:c6:57:18:35:84:
         f8:ec:5f:1f:cd:22:f2:65:93:a8:3f:cc:59:f1:f5:b1:7f:9c:
         48:16:e1:88:8e:72:d8:0e:11:7e:ad:39:84:ab:7f:22:b0:41:
         47:ee:0f:09:7f:d8:3c:27:2c:42:d0:46:e7:45:a4:3e:b0:55:
         81:f4:88:ff:9a:4f:ed:d1:83:ed:49:0b:79:c8:9f:81:fd:c1:
         1c:0b:7f:c5:15:82:67:3c:2d:12:b5:30:fd:2b:0b:41:bc:e9:
         db:12:70:61:13:0f:89:98:d2:47:84:e4:9a:cb:cf:b6:db:65:
         de:fc:35:9d:2f:17:90:da:e1:95:a9:02:b3:fc:c2:00:6f:45:
         83:e8:d1:4c:cc:03:ce:cf:e0:69:bb:42:5e:81:40:f3:0e:52:
         ca:01:1c:d2:c8:d0:37:a2:a2:81:ce:00:a5:e9:00:ed:0d:2f:
         7c:27:e4:b2:5b:d1:f5:16:e5:ad:77:a9:3b:23:b9:cb:00:62:
         50:34:0f:d0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIUfxbN4Idoz0Kjq8326yVES3QpPKMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZWIyYzdlNjI1MDNiMDYzNGViNGFiNTNmODhjMDY5NTBh
Yzc2ZGNkMTAeFw0yMzEwMDIyMTUwMzlaFw0yNDA5MzAyMTU1MzlaMDMxMTAvBgNV
BAMTKEVGOTI5RkZCMzM2NjdFODhCNDVFQkY2RUQ4M0Q2NEE5NTcyQTYyNTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjeNZr8oeVvR7n439dCMDM7upm
qZOn9j1NlMC5gkcpxXRYqwJ/0x5Pa2oGH9T9jZT0XnwyT5E8hFfxKI5Kdfv3+/op
ew++QlPJWTH84yW7HUtSLay/DQu2fgXxkIvX7whbvLkzmC9lCgnPjeUjlqoujhYB
e8zwYPuCK+SqfUul0CbfjFoMbqUzHidU97sUAnHWWKuRhG/gYpVWnzWCsQCnXKtp
dwjev/1CZgK0QMdfU2qHu7MqzLPPtD9j+txShZrujO9lBDf+pfgIYFUFHmmDzrd8
lsxakwZPKAl9pjmpP9nuRfQApLcF2wZHKdL6kS7wgasI89t5B/yRktC4dIkJAgMB
AAGjggIgMIICHDAdBgNVHQ4EFgQU75Kf+zNmfoi0Xr9u2D1kqVcqYlkwHwYDVR0j
BBgwFoAU6yx+YlA7BjTrSrU/iMBpUKx23NEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGU4MmQ1ZGU0MTAxODNmNjg2NjEwODRiODYvMS9FQjJDN0U2MjUw
M0IwNjM0RUI0QUI1M0Y4OEMwNjk1MEFDNzZEQ0QxLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNnl4LVlsQTdCalRyU3JVX2lNQnBVS3gyM05FLmNlcjCBoAYIKwYB
BQUHAQsEgZMwgZAwgY0GCCsGAQUFBzALhoGAcnN5bmM6Ly9ycGtpLXJwcy5hcmlu
Lm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRlODJkNWRlNDEwMTgzZjY4NjYxMDg0Yjg2
LzEvMzQzNTJlMzEzNTM5MmUzOTM4MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzMz
NjMyMzMzNi5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcB
BwEB/wQQMA4wDAQCAAEwBgMEAC2fYjANBgkqhkiG9w0BAQsFAAOCAQEAC3VuFwbM
QunbXH9Bx/U/sCc8oT7ABxUlWd2fdVmhhVl3OnrthRL3mh9XPCm9YaQS0YdC6+Nd
kINUUu/EavMtlNCMKcZXGDWE+OxfH80i8mWTqD/MWfH1sX+cSBbhiI5y2A4Rfq05
hKt/IrBBR+4PCX/YPCcsQtBG50WkPrBVgfSI/5pP7dGD7UkLecifgf3BHAt/xRWC
ZzwtErUw/SsLQbzp2xJwYRMPiZjSR4TkmsvPtttl3vw1nS8XkNrhlakCs/zCAG9F
g+jRTMwDzs/gabtCXoFA8w5SygEc0sjQN6Kigc4ApekA7Q0vfCfkslvR9RblrXep
OyO5ywBiUDQP0A==
-----END CERTIFICATE-----