Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS16276.roa
File:                     AS16276.roa (raw, json)
Hash identifier:          /3jxHJlbFgWzePoE0JDjpU3yUxxKyZx00oaSLJY848g=
Subject key identifier:   7A:9C:EC:10:7A:EF:F2:2A:91:D9:DE:B4:A5:30:A3:71:1D:C0:C9:3D
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       473126D0D9A2BCE44F77860298EC04EC1EE184A6
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS16276.roa
Signing time:             Thu 28 Dec 2023 19:12:53 +0000
ROA not before:           Thu 28 Dec 2023 19:07:53 +0000
ROA not after:            Thu 26 Dec 2024 19:12:53 +0000
asID:                     16276
IP address blocks:        104.167.16.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 23:17:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            47:31:26:d0:d9:a2:bc:e4:4f:77:86:02:98:ec:04:ec:1e:e1:84:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Dec 28 19:07:53 2023 GMT
            Not After : Dec 26 19:12:53 2024 GMT
        Subject: CN=7A9CEC107AEFF22A91D9DEB4A530A3711DC0C93D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:36:4c:36:db:d0:54:09:37:ef:aa:a3:9e:20:
                    6a:4b:ae:8c:0e:57:57:25:41:35:3e:c1:7b:3f:7e:
                    31:13:92:3f:34:db:9a:cc:48:79:11:33:d8:a5:dc:
                    b9:e1:59:b7:0e:8d:a9:d4:8f:76:b5:a5:fc:8f:ee:
                    32:7c:67:5e:e8:62:c7:ef:ad:cc:65:d8:9a:ef:7e:
                    d9:0e:01:78:f6:73:92:b2:44:bb:9b:de:5f:da:1e:
                    e1:98:5c:e1:7d:fa:0b:cc:3a:d1:97:7b:e8:56:31:
                    de:67:59:a1:b0:9b:fe:8d:31:a8:43:a2:86:ab:6f:
                    ed:77:00:bf:68:7b:11:83:7e:e8:11:00:fe:9c:a3:
                    eb:b6:aa:68:df:3a:e8:71:f5:02:ce:85:e9:b0:f4:
                    9d:db:b8:8a:95:bc:c5:c3:50:dc:e0:52:3c:93:e9:
                    85:71:55:8a:9d:59:d3:02:dd:4a:d1:11:7d:34:3c:
                    c3:22:92:cd:ca:00:7e:5f:15:f7:fb:b0:16:bd:c0:
                    ac:b2:a8:af:a0:ed:8f:d4:b6:68:c6:f8:ca:59:80:
                    5d:ca:c0:0c:d8:a2:e6:07:fb:d6:6b:74:33:a5:06:
                    b3:a6:c8:50:0c:b3:f5:9e:9c:c2:1c:81:0c:7d:91:
                    bd:57:4c:d3:fc:b2:32:af:57:99:76:44:2d:e1:1d:
                    04:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:9C:EC:10:7A:EF:F2:2A:91:D9:DE:B4:A5:30:A3:71:1D:C0:C9:3D
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS16276.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  104.167.16.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5b:28:65:26:89:7e:87:c6:90:e8:41:ab:07:b6:f0:56:3f:49:
         67:9f:4c:59:36:e0:aa:4f:a7:41:34:6a:97:ce:64:b4:d7:33:
         47:70:07:9f:ad:70:33:4e:ac:f6:84:b2:7b:7b:26:34:5c:93:
         4d:ab:91:c5:05:4d:7d:27:97:0f:99:95:46:fa:50:77:51:92:
         da:5f:ea:05:38:62:e2:09:20:85:1b:f0:b6:6c:ec:0c:53:b7:
         e1:27:94:cf:39:77:ee:52:3c:69:f4:30:b1:a9:f3:2c:90:9a:
         71:37:97:04:46:3e:29:40:46:a5:9f:fa:97:ea:70:79:57:af:
         32:7b:d7:7d:2a:1d:21:6a:26:9c:f0:de:bf:f7:7f:3b:26:5f:
         76:ed:9a:8a:bd:bc:53:d1:94:39:c5:0a:a7:17:8d:0a:f7:8c:
         c4:2f:87:ba:d5:6d:65:db:bd:72:cd:e2:39:0b:dd:c3:2e:db:
         8e:43:e0:b9:d0:b3:f7:aa:31:71:1d:83:c5:de:1a:e5:5c:48:
         85:d1:ff:99:3f:4b:31:97:80:57:2f:e5:61:8d:ac:11:dc:f9:
         d1:16:ab:75:12:99:30:57:79:25:56:7f:23:5a:4c:d4:17:0e:
         ef:e2:73:be:53:a9:27:3f:f8:6b:6f:bd:55:0f:35:69:15:4a:
         ac:49:10:ee
-----BEGIN CERTIFICATE-----
MIIE5DCCA8ygAwIBAgIURzEm0NmivORPd4YCmOwE7B7hhKYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzEyMjgxOTA3NTNaFw0yNDEyMjYxOTEyNTNaMDMxMTAvBgNV
BAMTKDdBOUNFQzEwN0FFRkYyMkE5MUQ5REVCNEE1MzBBMzcxMURDMEM5M0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCTNkw229BUCTfvqqOeIGpLrowO
V1clQTU+wXs/fjETkj8025rMSHkRM9il3LnhWbcOjanUj3a1pfyP7jJ8Z17oYsfv
rcxl2JrvftkOAXj2c5KyRLub3l/aHuGYXOF9+gvMOtGXe+hWMd5nWaGwm/6NMahD
ooarb+13AL9oexGDfugRAP6co+u2qmjfOuhx9QLOhemw9J3buIqVvMXDUNzgUjyT
6YVxVYqdWdMC3UrREX00PMMiks3KAH5fFff7sBa9wKyyqK+g7Y/UtmjG+MpZgF3K
wAzYouYH+9ZrdDOlBrOmyFAMs/WenMIcgQx9kb1XTNP8sjKvV5l2RC3hHQStAgMB
AAGjggHuMIIB6jAdBgNVHQ4EFgQUepzsEHrv8iqR2d60pTCjcR3AyT0wHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBvBggrBgEF
BQcBCwRjMGEwXwYIKwYBBQUHMAuGU3JzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MTYyNzYucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcB
Af8EEDAOMAwEAgABMAYDBABopxAwDQYJKoZIhvcNAQELBQADggEBAFsoZSaJfofG
kOhBqwe28FY/SWefTFk24KpPp0E0apfOZLTXM0dwB5+tcDNOrPaEsnt7JjRck02r
kcUFTX0nlw+ZlUb6UHdRktpf6gU4YuIJIIUb8LZs7AxTt+EnlM85d+5SPGn0MLGp
8yyQmnE3lwRGPilARqWf+pfqcHlXrzJ7130qHSFqJpzw3r/3fzsmX3btmoq9vFPR
lDnFCqcXjQr3jMQvh7rVbWXbvXLN4jkL3cMu245D4LnQs/eqMXEdg8XeGuVcSIXR
/5k/SzGXgFcv5WGNrBHc+dEWq3USmTBXeSVWfyNaTNQXDu/ic75TqSc/+GtvvVUP
NWkVSqxJEO4=
-----END CERTIFICATE-----
Generated at Fri Nov 22 08:01:54 2024 by rpki-client on console-ams.rpki-client.org