Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS58132.roa
File:                     AS58132.roa (raw, json)
Hash identifier:          SIJAn+EmZdIwHSFAFNG7AJLQmCdO65PXJzO6JcIU5WE=
Subject key identifier:   09:A9:42:AC:E8:A4:72:47:75:F0:E3:77:8A:1B:5C:7A:7B:50:A3:F0
Certificate issuer:       /CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Certificate serial:       39F97D2707DEFED88A7513644D3123CA2F5272D4
Authority key identifier: D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS58132.roa
Signing time:             Thu 03 Jul 2025 15:52:36 +0000
ROA not before:           Thu 03 Jul 2025 15:47:36 +0000
ROA not after:            Thu 02 Jul 2026 15:52:36 +0000
asID:                     58132
IP address blocks:        2a06:a005:2d9::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 05 Jul 2025 17:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            39:f9:7d:27:07:de:fe:d8:8a:75:13:64:4d:31:23:ca:2f:52:72:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
        Validity
            Not Before: Jul  3 15:47:36 2025 GMT
            Not After : Jul  2 15:52:36 2026 GMT
        Subject: CN=09A942ACE8A4724775F0E3778A1B5C7A7B50A3F0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:75:13:ac:91:b1:6d:4c:6f:3b:32:87:29:8a:
                    39:fa:12:d9:b4:34:a6:4f:5f:c6:86:e0:f2:86:e6:
                    5e:1e:98:5a:b1:3b:4b:2a:e2:bd:96:e5:ac:7f:ae:
                    10:0d:ed:30:45:fe:b1:80:e1:98:eb:e0:a4:be:29:
                    52:a5:09:3f:5a:9c:3d:c8:3e:ca:70:e0:47:8e:8c:
                    7a:f0:08:27:33:25:43:92:78:c5:78:f6:a0:95:00:
                    f7:a6:c7:ee:30:74:08:95:86:8a:99:e0:83:8a:d0:
                    01:06:ce:a7:1b:60:c6:8a:5d:a3:2c:fc:a0:c2:cb:
                    7a:4b:ff:65:8d:77:96:dd:f1:f6:62:9c:22:15:6a:
                    a6:f4:c8:08:26:c6:75:12:ec:d7:32:26:61:a5:f0:
                    1a:bf:d4:bd:8f:d1:d2:b5:03:b5:58:13:b7:08:cf:
                    03:69:81:49:57:35:de:61:9d:d0:29:d5:1e:8e:39:
                    7c:64:17:dd:f5:8b:14:a3:b1:61:24:50:18:9f:b4:
                    09:fb:40:a4:51:32:37:82:ac:96:b4:4c:f9:0a:5e:
                    01:ab:c5:41:e1:98:e6:66:16:6a:32:64:70:2d:d1:
                    37:f5:05:55:1e:e3:27:5b:1c:d3:7e:ca:71:30:44:
                    5f:30:5a:ce:ac:8c:d0:66:ab:7c:f8:ba:c8:be:7a:
                    51:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:A9:42:AC:E8:A4:72:47:75:F0:E3:77:8A:1B:5C:7A:7B:50:A3:F0
            X509v3 Authority Key Identifier:
                keyid:D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS58132.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:2d9::/48

    Signature Algorithm: sha256WithRSAEncryption
         11:76:f1:85:6c:f3:4e:e6:10:44:83:45:ed:55:e5:71:b1:e6:
         d2:63:f8:fb:db:28:3f:0f:24:34:a9:6e:f1:d9:a7:f3:2f:d2:
         86:5d:f8:91:98:5d:a8:e4:9c:a3:6e:db:a0:c1:39:d7:56:75:
         c1:6a:60:7e:b7:ee:b2:2e:44:06:a9:34:8a:8c:34:d1:06:60:
         66:e4:c1:7c:35:6a:9d:3a:af:1b:e4:28:e6:a3:44:17:47:c3:
         9b:9b:bf:7e:29:97:79:2e:d8:78:8e:fd:52:5c:12:44:a3:9f:
         1d:d9:90:3a:2a:08:1b:a5:72:f9:a1:8d:49:84:97:c9:97:b9:
         80:23:f0:c0:2d:4d:aa:e9:5b:84:62:75:4f:10:1c:09:bb:00:
         76:32:da:b8:66:71:22:53:58:47:a2:62:43:36:81:07:33:2e:
         e3:5a:d8:08:f5:40:ff:1f:24:9d:46:6e:15:33:f5:e6:0f:fb:
         bf:bd:70:6d:fc:35:0e:29:63:78:df:c5:65:31:2d:77:11:34:
         24:c6:73:8a:f3:6a:f9:96:e0:40:fe:35:a7:c5:8c:9a:78:1d:
         ce:ec:35:f5:88:af:2e:c2:76:5c:cf:cc:38:b0:cb:c4:be:bb:
         2f:15:8b:4a:80:37:80:0c:0a:57:22:71:e6:2c:b1:c6:14:8c:
         91:47:d0:47
-----BEGIN CERTIFICATE-----
MIIE5zCCA8+gAwIBAgIUOfl9Jwfe/tiKdRNkTTEjyi9SctQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDE0YjZmY2YyYjJjNjliZTA4NWU5Zjk1OTg3MmRjYmU4
ZWE1NDE3NzAeFw0yNTA3MDMxNTQ3MzZaFw0yNjA3MDIxNTUyMzZaMDMxMTAvBgNV
BAMTKDA5QTk0MkFDRThBNDcyNDc3NUYwRTM3NzhBMUI1QzdBN0I1MEEzRjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCndROskbFtTG87Mocpijn6Etm0
NKZPX8aG4PKG5l4emFqxO0sq4r2W5ax/rhAN7TBF/rGA4Zjr4KS+KVKlCT9anD3I
Pspw4EeOjHrwCCczJUOSeMV49qCVAPemx+4wdAiVhoqZ4IOK0AEGzqcbYMaKXaMs
/KDCy3pL/2WNd5bd8fZinCIVaqb0yAgmxnUS7NcyJmGl8Bq/1L2P0dK1A7VYE7cI
zwNpgUlXNd5hndAp1R6OOXxkF931ixSjsWEkUBiftAn7QKRRMjeCrJa0TPkKXgGr
xUHhmOZmFmoyZHAt0Tf1BVUe4ydbHNN+ynEwRF8wWs6sjNBmq3z4usi+elFRAgMB
AAGjggHxMIIB7TAdBgNVHQ4EFgQUCalCrOikckd18ON3ihtcentQo/AwHwYDVR0j
BBgwFoAU0Utvzyssab4IXp+VmHLcvo6lQXcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvNy9EMTRCNkZDRjJC
MkM2OUJFMDg1RTlGOTU5ODcyRENCRThFQTU0MTc3LmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMFV0dnp5c3NhYjRJWHAtVm1ITGN2bzZsUVhjLmNlcjBvBggrBgEF
BQcBCwRjMGEwXwYIKwYBBQUHMAuGU3JzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC83L0FT
NTgxMzIucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcB
Af8EEzARMA8EAgACMAkDBwAqBqAFAtkwDQYJKoZIhvcNAQELBQADggEBABF28YVs
807mEESDRe1V5XGx5tJj+PvbKD8PJDSpbvHZp/Mv0oZd+JGYXajknKNu26DBOddW
dcFqYH637rIuRAapNIqMNNEGYGbkwXw1ap06rxvkKOajRBdHw5ubv34pl3ku2HiO
/VJcEkSjnx3ZkDoqCBulcvmhjUmEl8mXuYAj8MAtTarpW4RidU8QHAm7AHYy2rhm
cSJTWEeiYkM2gQczLuNa2Aj1QP8fJJ1GbhUz9eYP+7+9cG38NQ4pY3jfxWUxLXcR
NCTGc4rzavmW4ED+NafFjJp4Hc7sNfWIry7CdlzPzDiwy8S+uy8Vi0qAN4AMClci
ceYsscYUjJFH0Ec=
-----END CERTIFICATE-----