Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848ade88e39bfa01890c9feec1249e/2/326130373a353463303a666665653a3a2f34382d3438203d3e203630393030.roa
File:                     326130373a353463303a666665653a3a2f34382d3438203d3e203630393030.roa (raw, json)
Hash identifier:          ZBzgZuSZ9VMzK4viJ1RsGqwI+sH4iPuiglNMuGwHWs8=
Subject key identifier:   34:E9:97:AC:57:B9:55:CE:9C:CD:ED:64:AD:6B:FF:90:6A:3A:35:C6
Certificate issuer:       /CN=892843788777A43273322096510EA10880E7E5EA
Certificate serial:       651E7B48370D36D0B65B910B637664AF86F8D019
Authority key identifier: 89:28:43:78:87:77:A4:32:73:32:20:96:51:0E:A1:08:80:E7:E5:EA
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/892843788777A43273322096510EA10880E7E5EA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848ade88e39bfa01890c9feec1249e/2/326130373a353463303a666665653a3a2f34382d3438203d3e203630393030.roa
Signing time:             Mon 26 Feb 2024 12:08:46 +0000
ROA not before:           Mon 26 Feb 2024 12:03:46 +0000
ROA not after:            Mon 24 Feb 2025 12:08:46 +0000
asID:                     60900
IP address blocks:        2a07:54c0:ffee::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848ade88e39bfa01890c9feec1249e/2/892843788777A43273322096510EA10880E7E5EA.crl
                          rsync://rpki-rps.arin.net/repository/8a848ade88e39bfa01890c9feec1249e/2/892843788777A43273322096510EA10880E7E5EA.mft
                          rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/892843788777A43273322096510EA10880E7E5EA.cer
                          rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 25 Nov 2024 03:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            65:1e:7b:48:37:0d:36:d0:b6:5b:91:0b:63:76:64:af:86:f8:d0:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=892843788777A43273322096510EA10880E7E5EA
        Validity
            Not Before: Feb 26 12:03:46 2024 GMT
            Not After : Feb 24 12:08:46 2025 GMT
        Subject: CN=34E997AC57B955CE9CCDED64AD6BFF906A3A35C6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:21:3f:de:ca:97:7e:9e:43:96:12:87:1c:8b:
                    d1:41:ba:f8:4e:dd:ff:8e:e0:69:20:62:98:37:54:
                    ef:ea:a1:71:5a:81:98:d2:c7:2f:b7:b0:50:48:d6:
                    4a:0d:e6:25:cb:55:6a:d1:d9:55:86:39:b2:bb:5e:
                    be:23:75:5f:ac:11:a2:7d:17:d2:cb:8a:68:a1:83:
                    2b:5a:3c:a4:11:12:96:2a:42:98:b1:3e:c2:c7:0f:
                    4b:6d:2f:a6:56:19:7f:3a:6d:b2:38:14:73:94:36:
                    8e:5d:66:1a:e5:ee:52:e0:09:2a:02:5f:1f:a9:79:
                    9a:27:a0:25:c3:7d:b8:c9:0d:ab:46:6f:e8:39:7a:
                    33:4a:66:50:79:f0:a4:40:7a:94:97:fd:e5:4d:2d:
                    51:3d:b4:c0:0c:53:20:5c:91:fc:35:29:8e:f7:5c:
                    20:80:7b:29:29:28:b3:c1:12:0a:07:22:90:e6:db:
                    0e:33:b5:32:9e:1c:05:b0:12:e2:a0:a9:70:4d:a3:
                    05:b2:e0:98:a3:ad:4e:75:4f:16:86:db:1c:78:68:
                    5a:aa:f1:6b:79:df:e4:60:4f:c3:33:96:0b:09:66:
                    4c:a0:8b:4a:d3:d8:8d:7c:20:48:02:eb:6e:06:28:
                    fb:4f:d2:37:6b:ca:f1:1a:bb:74:c7:35:a9:be:9a:
                    bc:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:E9:97:AC:57:B9:55:CE:9C:CD:ED:64:AD:6B:FF:90:6A:3A:35:C6
            X509v3 Authority Key Identifier:
                keyid:89:28:43:78:87:77:A4:32:73:32:20:96:51:0E:A1:08:80:E7:E5:EA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848ade88e39bfa01890c9feec1249e/2/892843788777A43273322096510EA10880E7E5EA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/892843788777A43273322096510EA10880E7E5EA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848ade88e39bfa01890c9feec1249e/2/326130373a353463303a666665653a3a2f34382d3438203d3e203630393030.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a07:54c0:ffee::/48

    Signature Algorithm: sha256WithRSAEncryption
         24:6d:87:68:91:c0:3b:62:89:00:2a:d0:36:53:8c:0a:4b:79:
         3e:54:e2:8e:ef:45:9d:14:c5:63:5e:93:90:b9:63:d2:68:3e:
         7f:85:7a:07:7e:a0:6d:e9:f6:c0:60:79:63:b0:7f:da:ce:14:
         e1:1a:6e:e6:10:06:b7:0f:d2:27:b9:e6:bc:02:b6:e1:cf:b3:
         52:73:63:64:61:08:b6:59:38:03:08:d2:fb:2b:f1:6c:0b:2e:
         c4:94:61:fa:31:14:a0:d7:b7:20:1a:a0:f1:1b:1e:43:01:a5:
         c9:94:23:e1:9a:da:75:ae:6f:b9:e7:f7:8b:92:54:01:2e:12:
         74:df:b1:72:55:f8:09:65:0c:49:28:42:8c:90:a4:2e:3a:3a:
         cc:de:0f:c8:c7:82:7b:2c:5a:64:61:3c:7e:f8:2b:20:9e:7a:
         7b:3c:27:95:e8:35:4e:34:98:31:69:a6:92:37:02:e5:60:5e:
         e3:14:13:6a:5a:c8:f9:14:b9:fe:24:6b:b9:27:ea:31:ed:4d:
         98:84:79:97:49:fa:fe:5a:1b:13:36:cd:5e:bc:3e:23:06:5e:
         29:49:a2:22:0d:bc:ec:40:5b:b8:ab:c1:05:c8:99:a8:73:aa:
         13:ab:9d:0d:2a:86:99:10:83:bc:b8:be:87:a3:4e:2d:e3:2d:
         0b:d3:37:f2
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUZR57SDcNNtC2W5ELY3Zkr4b40BkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODkyODQzNzg4Nzc3QTQzMjczMzIyMDk2NTEwRUExMDg4
MEU3RTVFQTAeFw0yNDAyMjYxMjAzNDZaFw0yNTAyMjQxMjA4NDZaMDMxMTAvBgNV
BAMTKDM0RTk5N0FDNTdCOTU1Q0U5Q0NERUQ2NEFENkJGRjkwNkEzQTM1QzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNIT/eypd+nkOWEocci9FBuvhO
3f+O4GkgYpg3VO/qoXFagZjSxy+3sFBI1koN5iXLVWrR2VWGObK7Xr4jdV+sEaJ9
F9LLimihgytaPKQREpYqQpixPsLHD0ttL6ZWGX86bbI4FHOUNo5dZhrl7lLgCSoC
Xx+peZonoCXDfbjJDatGb+g5ejNKZlB58KRAepSX/eVNLVE9tMAMUyBckfw1KY73
XCCAeykpKLPBEgoHIpDm2w4ztTKeHAWwEuKgqXBNowWy4JijrU51TxaG2xx4aFqq
8Wt53+RgT8MzlgsJZkygi0rT2I18IEgC624GKPtP0jdryvEau3THNam+mrwxAgMB
AAGjggJoMIICZDAdBgNVHQ4EFgQUNOmXrFe5Vc6cze1krWv/kGo6NcYwHwYDVR0j
BBgwFoAUiShDeId3pDJzMiCWUQ6hCIDn5eowDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGU4OGUzOWJmYTAxODkwYzlmZWVjMTI0OWUvMi84OTI4NDM3ODg3
NzdBNDMyNzMzMjIwOTY1MTBFQTEwODgwRTdFNUVBLmNybDCBngYIKwYBBQUHAQEE
gZEwgY4wgYsGCCsGAQUFBzAChn9yc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWItNGRiNS1iYmQzLTVjY2E2MzNj
YWUzZi8wLzg5Mjg0Mzc4ODc3N0E0MzI3MzMyMjA5NjUxMEVBMTA4ODBFN0U1RUEu
Y2VyMIGqBggrBgEFBQcBCwSBnTCBmjCBlwYIKwYBBQUHMAuGgYpyc3luYzovL3Jw
a2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRvcnkvOGE4NDhhZGU4OGUzOWJmYTAxODkw
YzlmZWVjMTI0OWUvMi8zMjYxMzAzNzNhMzUzNDYzMzAzYTY2NjY2NTY1M2EzYTJm
MzQzODJkMzQzODIwM2QzZTIwMzYzMDM5MzAzMC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoHVMD/7jAN
BgkqhkiG9w0BAQsFAAOCAQEAJG2HaJHAO2KJACrQNlOMCkt5PlTiju9FnRTFY16T
kLlj0mg+f4V6B36gben2wGB5Y7B/2s4U4Rpu5hAGtw/SJ7nmvAK24c+zUnNjZGEI
tlk4AwjS+yvxbAsuxJRh+jEUoNe3IBqg8RseQwGlyZQj4Zrada5vuef3i5JUAS4S
dN+xclX4CWUMSShCjJCkLjo6zN4PyMeCeyxaZGE8fvgrIJ56ezwnleg1TjSYMWmm
kjcC5WBe4xQTalrI+RS5/iRruSfqMe1NmIR5l0n6/lobEzbNXrw+IwZeKUmiIg28
7EBbuKvBBciZqHOqE6udDSqGmRCDvLi+h6NOLeMtC9M38g==
-----END CERTIFICATE-----
Generated at Sun Nov 24 09:53:44 2024 by rpki-client on console-ams.rpki-client.org