Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS36832.roa
File:                     AS36832.roa (raw, json)
Hash identifier:          u9StGUm3skmQ/xF/QmtwNpIyPu46jcUefVxBZ1mgzt8=
Subject key identifier:   1C:90:27:23:86:8E:1A:49:55:2E:B5:3D:59:09:CE:D8:9A:08:25:50
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       2926991D1BCD1A5E82D32DF1DBF9DBFA019CF524
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS36832.roa
Signing time:             Mon 16 Sep 2024 08:51:04 +0000
ROA not before:           Mon 16 Sep 2024 08:46:04 +0000
ROA not after:            Mon 15 Sep 2025 08:51:04 +0000
asID:                     36832
IP address blocks:        2a06:9f40::/32 maxlen: 48
                          2a09:54c0::/32 maxlen: 48
                          2a09:54c4::/32 maxlen: 48
                          2a0a:6047::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 26 Nov 2024 16:12:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            29:26:99:1d:1b:cd:1a:5e:82:d3:2d:f1:db:f9:db:fa:01:9c:f5:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Sep 16 08:46:04 2024 GMT
            Not After : Sep 15 08:51:04 2025 GMT
        Subject: CN=1C902723868E1A49552EB53D5909CED89A082550
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:a4:d7:76:2d:93:95:b2:d7:ce:dd:1f:24:5e:
                    ec:da:5f:41:2b:4d:3b:af:37:68:61:81:43:e8:1c:
                    50:bc:1d:2f:87:63:26:90:0f:f7:cb:cd:a9:c7:32:
                    d4:5c:e1:ea:cf:d2:2f:98:f8:d7:15:ed:14:e1:2b:
                    cf:78:d7:4a:58:22:0d:69:b1:08:4b:99:68:97:9f:
                    38:4a:19:da:45:27:b3:9c:4e:88:74:69:7a:96:8f:
                    66:ae:a1:08:6e:fe:5c:93:82:65:9e:38:f5:25:09:
                    5c:3f:60:9b:d4:11:34:97:c0:b8:e1:9b:fd:69:f8:
                    fa:53:e8:ea:9f:4d:3a:e0:58:8c:72:26:65:7a:1d:
                    89:38:a9:bc:2f:7c:41:5d:18:09:93:56:38:15:cb:
                    e2:87:57:8a:0a:af:f0:23:a4:1b:31:22:12:23:80:
                    dc:cc:80:fb:3e:c1:c9:a4:e6:14:78:cb:de:f2:c9:
                    7e:79:8a:df:f7:5d:05:7d:8f:4b:52:e5:b4:5d:81:
                    7a:ed:b2:23:6d:c4:08:64:83:c6:0c:8f:18:6b:10:
                    c7:b9:69:1e:d2:26:e8:be:4c:27:12:85:f6:de:1d:
                    15:ca:c8:ef:ef:49:02:d1:e4:83:4b:9d:80:5a:c8:
                    d4:0a:62:f8:80:bb:48:bd:ae:75:25:06:b7:e7:e4:
                    8c:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:90:27:23:86:8E:1A:49:55:2E:B5:3D:59:09:CE:D8:9A:08:25:50
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS36832.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:9f40::/32
                  2a09:54c0::/32
                  2a09:54c4::/32
                  2a0a:6047::/32

    Signature Algorithm: sha256WithRSAEncryption
         19:0d:6a:db:7a:ef:6c:ba:7e:98:f3:6e:b6:50:80:fe:d4:97:
         eb:3e:ff:95:aa:8c:cb:09:3e:17:62:62:ff:76:d6:ba:f0:87:
         ca:62:a0:b6:c4:ef:06:b5:25:a5:cb:a6:b2:ee:b2:6c:cd:3b:
         53:5d:d6:e3:d8:8e:4f:8f:1c:63:72:df:40:03:2e:5d:b0:4e:
         2f:e5:c5:38:58:af:91:aa:bd:e8:4a:4d:cf:0b:06:9a:c8:93:
         29:f1:c7:b5:8e:74:35:05:1a:61:9a:bf:97:2d:f9:79:43:44:
         1b:f1:de:ce:ff:49:f9:c8:94:f3:95:60:0c:02:9c:93:cc:46:
         19:66:be:1c:ef:8a:7d:37:80:c1:ae:43:39:5e:44:1f:57:f5:
         00:a5:c3:d8:4e:64:1e:12:c6:1c:35:9a:66:00:16:02:3b:3c:
         1f:40:c6:04:52:b9:a5:75:37:b7:ad:e4:d4:15:3b:16:b8:75:
         95:8d:a9:6c:26:c9:d8:0a:5b:ab:7a:95:22:83:cc:31:eb:8b:
         ea:ed:a1:26:18:91:f1:3d:b2:6e:80:65:fd:b3:6b:e4:e6:5c:
         5d:2d:32:68:e0:70:cf:2d:57:ea:b6:88:8d:2d:9f:47:34:73:
         75:ef:eb:59:ed:87:0a:f4:d9:b3:98:be:f7:0c:43:d1:90:9c:
         2c:15:0e:59
-----BEGIN CERTIFICATE-----
MIIE+jCCA+KgAwIBAgIUKSaZHRvNGl6C0y3x2/nb+gGc9SQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDA5MTYwODQ2MDRaFw0yNTA5MTUwODUxMDRaMDMxMTAvBgNV
BAMTKDFDOTAyNzIzODY4RTFBNDk1NTJFQjUzRDU5MDlDRUQ4OUEwODI1NTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxpNd2LZOVstfO3R8kXuzaX0Er
TTuvN2hhgUPoHFC8HS+HYyaQD/fLzanHMtRc4erP0i+Y+NcV7RThK89410pYIg1p
sQhLmWiXnzhKGdpFJ7OcToh0aXqWj2auoQhu/lyTgmWeOPUlCVw/YJvUETSXwLjh
m/1p+PpT6OqfTTrgWIxyJmV6HYk4qbwvfEFdGAmTVjgVy+KHV4oKr/AjpBsxIhIj
gNzMgPs+wcmk5hR4y97yyX55it/3XQV9j0tS5bRdgXrtsiNtxAhkg8YMjxhrEMe5
aR7SJui+TCcShfbeHRXKyO/vSQLR5INLnYBayNQKYviAu0i9rnUlBrfn5IylAgMB
AAGjggIEMIICADAdBgNVHQ4EFgQUHJAnI4aOGklVLrU9WQnO2JoIJVAwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBvBggrBgEF
BQcBCwRjMGEwXwYIKwYBBQUHMAuGU3JzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MzY4MzIucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwNQYIKwYBBQUHAQcB
Af8EJjAkMCIEAgACMBwDBQAqBp9AAwUAKglUwAMFACoJVMQDBQAqCmBHMA0GCSqG
SIb3DQEBCwUAA4IBAQAZDWrbeu9sun6Y8262UID+1JfrPv+VqozLCT4XYmL/dta6
8IfKYqC2xO8GtSWly6ay7rJszTtTXdbj2I5Pjxxjct9AAy5dsE4v5cU4WK+Rqr3o
Sk3PCwaayJMp8ce1jnQ1BRphmr+XLfl5Q0Qb8d7O/0n5yJTzlWAMApyTzEYZZr4c
74p9N4DBrkM5XkQfV/UApcPYTmQeEsYcNZpmABYCOzwfQMYEUrmldTe3reTUFTsW
uHWVjalsJsnYClurepUig8wx64vq7aEmGJHxPbJugGX9s2vk5lxdLTJo4HDPLVfq
toiNLZ9HNHN17+tZ7YcK9NmzmL73DEPRkJwsFQ5Z
-----END CERTIFICATE-----