Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS36832.roa
File:                     AS36832.roa (raw, json)
Hash identifier:          7KJTDIxgsAkjk1VEM6uKRO8L4B5WjzKCmxumXRapiUw=
Subject key identifier:   6C:02:35:87:11:74:33:EB:4F:D5:C6:DA:B0:C0:D9:58:C0:EA:99:38
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       0EA7715A5766B0182C4DC134A60F12896C6D3159
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS36832.roa
Signing time:             Sun 01 Sep 2024 01:39:39 +0000
ROA not before:           Sun 01 Sep 2024 01:34:39 +0000
ROA not after:            Sun 31 Aug 2025 01:39:39 +0000
asID:                     36832
IP address blocks:        2a06:9f40::/32 maxlen: 48
                          2a09:54c0::/32 maxlen: 48
                          2a0a:6047::/32 maxlen: 48
                          2a0d:d905::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Sep 2024 02:53:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0e:a7:71:5a:57:66:b0:18:2c:4d:c1:34:a6:0f:12:89:6c:6d:31:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Sep  1 01:34:39 2024 GMT
            Not After : Aug 31 01:39:39 2025 GMT
        Subject: CN=6C023587117433EB4FD5C6DAB0C0D958C0EA9938
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:b2:8d:fc:5c:3c:79:31:b4:48:74:76:14:89:
                    c3:fd:4b:82:06:be:7a:06:85:24:d2:c6:2c:89:a7:
                    ef:23:39:be:36:3e:f3:be:28:d1:ce:84:42:17:e2:
                    f1:b2:42:f8:9e:d2:2e:dc:95:36:3b:8c:0b:87:29:
                    59:9b:f5:cf:8b:a6:0e:c6:c6:f0:5c:6f:c3:eb:de:
                    31:ca:94:2b:db:eb:8a:63:b3:1f:95:31:17:23:cc:
                    4a:9a:b5:80:42:a3:b2:01:e8:7e:b1:38:5e:bd:00:
                    f7:59:cb:f6:f2:4e:3c:45:17:2f:f9:97:64:0b:5b:
                    85:68:36:40:cc:ef:92:01:21:79:53:fa:d6:5d:b6:
                    70:cb:31:aa:fe:47:7a:e0:19:7c:b0:fc:d7:6c:bb:
                    cf:f6:21:95:bd:f7:15:7d:81:f0:53:2c:00:f6:d7:
                    d1:0b:75:dd:40:40:64:df:03:bf:fe:96:8d:35:37:
                    20:7f:c5:f3:e5:6a:0b:95:a5:92:7d:30:8f:59:df:
                    b5:d5:e5:52:dd:67:a0:ad:ae:56:4d:4c:15:c4:ed:
                    e2:ad:48:b1:97:87:8c:d4:2f:84:2e:ed:44:94:a0:
                    f0:97:df:e6:9e:8f:00:a5:2e:f7:55:7d:c3:dd:f8:
                    d6:e0:f2:6e:ca:69:9b:b5:57:1a:b2:e8:10:1a:8d:
                    8b:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:02:35:87:11:74:33:EB:4F:D5:C6:DA:B0:C0:D9:58:C0:EA:99:38
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS36832.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:9f40::/32
                  2a09:54c0::/32
                  2a0a:6047::/32
                  2a0d:d905::/32

    Signature Algorithm: sha256WithRSAEncryption
         76:20:a2:d8:98:99:f5:09:5c:52:90:11:3d:45:38:59:0a:e3:
         2b:d9:e8:36:53:ad:03:61:78:20:df:f1:b4:5e:96:b0:c8:29:
         4c:17:53:94:6d:24:4d:09:75:52:27:cf:92:57:86:60:11:95:
         aa:fd:a0:bd:e8:45:78:81:af:69:9e:29:82:2c:dd:74:a2:ec:
         bc:43:b7:6d:a1:56:a4:55:e1:a4:84:69:f3:37:5f:1a:3e:ac:
         b1:c2:ba:b3:0d:2c:be:57:8c:88:a7:0b:c6:04:81:4d:5a:e4:
         6e:6b:10:4a:e3:27:cd:5f:e0:ec:4e:f4:83:b5:5f:e4:38:87:
         33:f8:7f:90:a0:37:68:3f:ed:f0:c7:af:f6:5a:56:90:89:09:
         2d:b0:5f:20:44:fc:00:47:fc:eb:c5:45:01:f7:93:e1:2c:13:
         c9:98:78:1a:ec:f3:fe:67:69:88:28:b3:48:d9:a8:c5:67:63:
         c1:0d:fb:3d:65:33:8b:49:0b:58:f2:60:1a:58:19:a3:2d:6a:
         0d:91:bf:a8:f9:8d:33:ad:b6:67:e7:73:64:82:f9:26:94:fc:
         55:d5:4e:73:2f:52:e8:3c:3d:2c:4f:7a:de:11:b7:22:a0:58:
         d0:5b:d4:34:1e:0b:47:f1:bf:df:4a:c4:05:7c:d7:9e:89:25:
         a6:7c:2b:a7
-----BEGIN CERTIFICATE-----
MIIE+jCCA+KgAwIBAgIUDqdxWldmsBgsTcE0pg8SiWxtMVkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDA5MDEwMTM0MzlaFw0yNTA4MzEwMTM5MzlaMDMxMTAvBgNV
BAMTKDZDMDIzNTg3MTE3NDMzRUI0RkQ1QzZEQUIwQzBEOTU4QzBFQTk5MzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEso38XDx5MbRIdHYUicP9S4IG
vnoGhSTSxiyJp+8jOb42PvO+KNHOhEIX4vGyQvie0i7clTY7jAuHKVmb9c+Lpg7G
xvBcb8Pr3jHKlCvb64pjsx+VMRcjzEqatYBCo7IB6H6xOF69APdZy/byTjxFFy/5
l2QLW4VoNkDM75IBIXlT+tZdtnDLMar+R3rgGXyw/Ndsu8/2IZW99xV9gfBTLAD2
19ELdd1AQGTfA7/+lo01NyB/xfPlaguVpZJ9MI9Z37XV5VLdZ6CtrlZNTBXE7eKt
SLGXh4zUL4Qu7USUoPCX3+aejwClLvdVfcPd+Nbg8m7KaZu1Vxqy6BAajYvRAgMB
AAGjggIEMIICADAdBgNVHQ4EFgQUbAI1hxF0M+tP1cbasMDZWMDqmTgwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBvBggrBgEF
BQcBCwRjMGEwXwYIKwYBBQUHMAuGU3JzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MzY4MzIucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwNQYIKwYBBQUHAQcB
Af8EJjAkMCIEAgACMBwDBQAqBp9AAwUAKglUwAMFACoKYEcDBQAqDdkFMA0GCSqG
SIb3DQEBCwUAA4IBAQB2IKLYmJn1CVxSkBE9RThZCuMr2eg2U60DYXgg3/G0Xpaw
yClMF1OUbSRNCXVSJ8+SV4ZgEZWq/aC96EV4ga9pnimCLN10ouy8Q7dtoVakVeGk
hGnzN18aPqyxwrqzDSy+V4yIpwvGBIFNWuRuaxBK4yfNX+DsTvSDtV/kOIcz+H+Q
oDdoP+3wx6/2WlaQiQktsF8gRPwAR/zrxUUB95PhLBPJmHga7PP+Z2mIKLNI2ajF
Z2PBDfs9ZTOLSQtY8mAaWBmjLWoNkb+o+Y0zrbZn53NkgvkmlPxV1U5zL1LoPD0s
T3reEbcioFjQW9Q0HgtH8b/fSsQFfNeeiSWmfCun
-----END CERTIFICATE-----