Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/34352e3135392e39392e302f32342d3234203d3e203336323336.roa
File:                     34352e3135392e39392e302f32342d3234203d3e203336323336.roa (raw, json)
Hash identifier:          0okuwqYskMJNPYM+f4lnBT3ZoJHTZb9YNdP1ZOU1830=
Subject key identifier:   E0:57:E5:BD:B8:09:A7:9B:BE:21:78:37:22:63:B3:2D:B6:E1:B7:3A
Certificate issuer:       /CN=eb2c7e62503b0634eb4ab53f88c06950ac76dcd1
Certificate serial:       1D40572AFAB81D04BA9122313F151ECDE0B7D393
Authority key identifier: EB:2C:7E:62:50:3B:06:34:EB:4A:B5:3F:88:C0:69:50:AC:76:DC:D1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6yx-YlA7BjTrSrU_iMBpUKx23NE.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/34352e3135392e39392e302f32342d3234203d3e203336323336.roa
Signing time:             Mon 02 Sep 2024 22:13:10 +0000
ROA not before:           Mon 02 Sep 2024 22:08:10 +0000
ROA not after:            Mon 01 Sep 2025 22:13:10 +0000
asID:                     36236
IP address blocks:        45.159.99.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/EB2C7E62503B0634EB4AB53F88C06950AC76DCD1.crl
                          rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/EB2C7E62503B0634EB4AB53F88C06950AC76DCD1.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6yx-YlA7BjTrSrU_iMBpUKx23NE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 18:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1d:40:57:2a:fa:b8:1d:04:ba:91:22:31:3f:15:1e:cd:e0:b7:d3:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eb2c7e62503b0634eb4ab53f88c06950ac76dcd1
        Validity
            Not Before: Sep  2 22:08:10 2024 GMT
            Not After : Sep  1 22:13:10 2025 GMT
        Subject: CN=E057E5BDB809A79BBE2178372263B32DB6E1B73A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:7a:b7:fd:fe:66:96:63:ed:96:00:57:65:fe:
                    98:2f:a2:8e:44:58:9c:ea:9b:19:05:6a:b1:d9:f9:
                    be:97:97:d2:b3:61:2f:af:67:e2:f9:5f:16:45:0d:
                    7d:f0:ca:ab:ae:91:cf:17:2b:81:5f:e9:52:34:50:
                    af:54:b6:43:c1:4e:f6:ea:fa:21:77:a6:6f:1e:46:
                    32:d0:77:58:7e:ff:be:b5:44:d0:6a:6f:23:d8:1f:
                    05:19:bf:0e:47:5c:9b:bc:1c:a6:fc:54:f8:48:5f:
                    e0:e1:ef:f0:c0:05:7d:9a:89:26:16:35:37:eb:71:
                    58:9b:0e:db:c4:6f:20:7a:ac:f6:af:59:cb:98:5f:
                    1d:a3:0d:41:e9:00:1f:2c:07:db:9f:93:92:a0:f8:
                    58:6d:d8:03:92:1e:0e:c4:83:45:eb:41:52:46:32:
                    ce:05:f2:27:6e:b0:fc:4c:9f:97:fc:4b:6b:bb:3f:
                    a8:c1:6d:19:76:7c:fb:69:0e:89:7e:90:b0:e9:99:
                    ec:4f:9c:17:66:eb:97:88:05:39:b1:7a:3a:80:15:
                    05:d8:51:4e:c7:5c:49:74:f5:65:9e:48:50:bd:4e:
                    6c:a3:ef:12:a9:ec:78:55:16:8e:ff:dc:5c:76:07:
                    6a:94:c8:f6:15:a7:e6:ff:48:9a:59:5f:15:aa:73:
                    5c:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:57:E5:BD:B8:09:A7:9B:BE:21:78:37:22:63:B3:2D:B6:E1:B7:3A
            X509v3 Authority Key Identifier:
                keyid:EB:2C:7E:62:50:3B:06:34:EB:4A:B5:3F:88:C0:69:50:AC:76:DC:D1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/EB2C7E62503B0634EB4AB53F88C06950AC76DCD1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6yx-YlA7BjTrSrU_iMBpUKx23NE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/34352e3135392e39392e302f32342d3234203d3e203336323336.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.159.99.0/24

    Signature Algorithm: sha256WithRSAEncryption
         01:1a:db:22:b3:75:9a:bb:f9:2b:98:36:8b:6a:a3:82:56:7a:
         9f:30:89:ab:bb:b1:0f:b7:db:be:46:86:34:65:ab:7a:93:4b:
         d5:a0:08:3e:7c:8f:32:aa:a3:40:7d:5e:b1:2c:95:d5:1e:b0:
         04:b0:1c:d5:a7:6f:70:c3:da:4b:bb:5f:5a:b9:5c:af:bb:89:
         d2:f2:3a:62:15:f8:ec:49:2a:33:a8:2a:29:02:86:03:25:77:
         84:d0:53:d0:ec:d0:17:63:78:36:65:e2:84:f3:37:8a:fa:c1:
         c4:3a:01:77:4e:a6:c6:6c:e3:f4:79:b4:9b:9f:49:3a:a5:6f:
         af:79:ec:c3:f7:34:80:04:0e:b4:48:62:03:ab:2b:63:43:1a:
         67:c0:ad:da:a8:9f:30:43:1c:de:4f:97:03:2c:0e:c7:b2:76:
         9b:78:35:b1:37:0b:45:27:2f:51:26:9d:80:2e:29:f2:e7:02:
         1b:93:8a:c9:ab:5b:d9:1f:ac:31:15:33:d2:16:df:f8:04:81:
         52:6f:6e:c5:ba:20:25:c9:33:42:dd:a6:67:b1:25:6a:ce:92:
         30:40:d4:4c:32:8e:e7:2e:87:ee:dc:e5:3b:db:b0:a4:82:68:
         b1:38:f5:e0:f6:40:9d:1a:72:98:8e:b1:75:05:4d:b7:ea:14:
         f6:c9:ef:7c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIUHUBXKvq4HQS6kSIxPxUezeC305MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZWIyYzdlNjI1MDNiMDYzNGViNGFiNTNmODhjMDY5NTBh
Yzc2ZGNkMTAeFw0yNDA5MDIyMjA4MTBaFw0yNTA5MDEyMjEzMTBaMDMxMTAvBgNV
BAMTKEUwNTdFNUJEQjgwOUE3OUJCRTIxNzgzNzIyNjNCMzJEQjZFMUI3M0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCoerf9/maWY+2WAFdl/pgvoo5E
WJzqmxkFarHZ+b6Xl9KzYS+vZ+L5XxZFDX3wyquukc8XK4Ff6VI0UK9UtkPBTvbq
+iF3pm8eRjLQd1h+/761RNBqbyPYHwUZvw5HXJu8HKb8VPhIX+Dh7/DABX2aiSYW
NTfrcVibDtvEbyB6rPavWcuYXx2jDUHpAB8sB9ufk5Kg+Fht2AOSHg7Eg0XrQVJG
Ms4F8idusPxMn5f8S2u7P6jBbRl2fPtpDol+kLDpmexPnBdm65eIBTmxejqAFQXY
UU7HXEl09WWeSFC9Tmyj7xKp7HhVFo7/3Fx2B2qUyPYVp+b/SJpZXxWqc1y5AgMB
AAGjggIgMIICHDAdBgNVHQ4EFgQU4FflvbgJp5u+IXg3ImOzLbbhtzowHwYDVR0j
BBgwFoAU6yx+YlA7BjTrSrU/iMBpUKx23NEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGU4MmQ1ZGU0MTAxODNmNjg2NjEwODRiODYvMS9FQjJDN0U2MjUw
M0IwNjM0RUI0QUI1M0Y4OEMwNjk1MEFDNzZEQ0QxLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNnl4LVlsQTdCalRyU3JVX2lNQnBVS3gyM05FLmNlcjCBoAYIKwYB
BQUHAQsEgZMwgZAwgY0GCCsGAQUFBzALhoGAcnN5bmM6Ly9ycGtpLXJwcy5hcmlu
Lm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRlODJkNWRlNDEwMTgzZjY4NjYxMDg0Yjg2
LzEvMzQzNTJlMzEzNTM5MmUzOTM5MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzMz
NjMyMzMzNi5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcB
BwEB/wQQMA4wDAQCAAEwBgMEAC2fYzANBgkqhkiG9w0BAQsFAAOCAQEAARrbIrN1
mrv5K5g2i2qjglZ6nzCJq7uxD7fbvkaGNGWrepNL1aAIPnyPMqqjQH1esSyV1R6w
BLAc1advcMPaS7tfWrlcr7uJ0vI6YhX47EkqM6gqKQKGAyV3hNBT0OzQF2N4NmXi
hPM3ivrBxDoBd06mxmzj9Hm0m59JOqVvr3nsw/c0gAQOtEhiA6srY0MaZ8Ct2qif
MEMc3k+XAywOx7J2m3g1sTcLRScvUSadgC4p8ucCG5OKyatb2R+sMRUz0hbf+ASB
Um9uxbogJckzQt2mZ7Elas6SMEDUTDKO5y6H7tzlO9uwpIJosTj14PZAnRpymI6x
dQVNt+oU9snvfA==
-----END CERTIFICATE-----