Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf914e0aa6019159f2fb270ca8/1/323430373a636463303a656666303a3a2f34382d3438203d3e20313532373034.roa
File:                     323430373a636463303a656666303a3a2f34382d3438203d3e20313532373034.roa (raw, json)
Hash identifier:          Is/6ISKCNtpu/mZDQ1ORoTZIfXd4t1+AUjoh95BopnU=
Subject key identifier:   53:8E:25:A5:08:13:D2:9D:15:9E:58:29:67:12:1B:DE:8B:50:5E:C4
Certificate issuer:       /CN=A916C75D0000/serialNumber=ADBE1A0F46F9C77B0D249FD6A438B48B7FB21BCF
Certificate serial:       1306B06D3EAF2D9267F0476D82E9332AF59AF409
Authority key identifier: AD:BE:1A:0F:46:F9:C7:7B:0D:24:9F:D6:A4:38:B4:8B:7F:B2:1B:CF
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rb4aD0b5x3sNJJ_WpDi0i3-yG88.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf914e0aa6019159f2fb270ca8/1/323430373a636463303a656666303a3a2f34382d3438203d3e20313532373034.roa
Signing time:             Fri 16 Aug 2024 07:02:17 +0000
ROA not before:           Fri 16 Aug 2024 06:57:17 +0000
ROA not after:            Fri 15 Aug 2025 07:02:17 +0000
asID:                     152704
IP address blocks:        2407:cdc0:eff0::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf914e0aa6019159f2fb270ca8/1/ADBE1A0F46F9C77B0D249FD6A438B48B7FB21BCF.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf914e0aa6019159f2fb270ca8/1/ADBE1A0F46F9C77B0D249FD6A438B48B7FB21BCF.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rb4aD0b5x3sNJJ_WpDi0i3-yG88.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 24 Nov 2024 03:10:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            13:06:b0:6d:3e:af:2d:92:67:f0:47:6d:82:e9:33:2a:f5:9a:f4:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A916C75D0000/serialNumber=ADBE1A0F46F9C77B0D249FD6A438B48B7FB21BCF
        Validity
            Not Before: Aug 16 06:57:17 2024 GMT
            Not After : Aug 15 07:02:17 2025 GMT
        Subject: CN=538E25A50813D29D159E582967121BDE8B505EC4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f2:b4:cd:29:71:d7:d0:4a:fb:b8:be:29:8f:45:
                    56:29:8f:a3:b8:84:9b:78:f9:c1:a0:34:49:f1:1a:
                    f8:53:52:09:7e:0d:38:1b:75:c4:1e:df:a0:1b:34:
                    f7:fe:b6:ce:b3:58:68:43:31:2b:b5:48:9d:dc:75:
                    81:45:b1:41:76:71:63:6c:12:e8:b8:bf:b9:84:08:
                    fe:a7:31:8e:49:b3:21:be:3d:4d:d6:51:a4:26:12:
                    7c:18:a9:a0:b9:cd:aa:8d:23:18:0d:01:ee:4e:43:
                    a3:ff:b6:90:4f:8e:ac:d1:b5:05:5e:dd:8b:67:17:
                    9b:6c:4b:b8:10:5f:53:13:5e:c6:36:9d:c1:a9:f7:
                    ed:9e:f4:d0:1c:3b:e3:7a:ef:2c:3e:ba:7e:49:87:
                    95:00:10:0f:62:97:98:11:9f:88:36:21:9a:5a:6b:
                    52:df:7e:11:ca:a4:07:ac:e0:2f:51:e9:97:d3:c7:
                    42:6e:a0:e5:09:51:a3:41:e1:86:de:b4:73:25:ad:
                    7b:b8:96:9a:ad:7b:c7:54:eb:fc:7f:a8:2d:89:ce:
                    3c:74:e1:e7:27:31:52:92:61:74:9a:47:0b:27:ae:
                    12:8b:eb:da:e2:47:26:df:a2:05:ab:92:70:a3:52:
                    9d:79:ab:3b:52:a6:8b:f3:fd:1c:68:85:9e:21:35:
                    66:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:8E:25:A5:08:13:D2:9D:15:9E:58:29:67:12:1B:DE:8B:50:5E:C4
            X509v3 Authority Key Identifier:
                keyid:AD:BE:1A:0F:46:F9:C7:7B:0D:24:9F:D6:A4:38:B4:8B:7F:B2:1B:CF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf914e0aa6019159f2fb270ca8/1/ADBE1A0F46F9C77B0D249FD6A438B48B7FB21BCF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rb4aD0b5x3sNJJ_WpDi0i3-yG88.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf914e0aa6019159f2fb270ca8/1/323430373a636463303a656666303a3a2f34382d3438203d3e20313532373034.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2407:cdc0:eff0::/48

    Signature Algorithm: sha256WithRSAEncryption
         90:48:e0:7b:b4:04:38:31:56:5d:65:3b:79:ec:39:53:62:23:
         fd:6e:83:49:6b:80:3a:0e:bb:5b:64:62:f6:5e:c1:9c:fa:0f:
         5a:d1:fb:08:a5:36:48:0f:09:0a:7c:f5:83:ff:d0:55:25:34:
         61:ff:85:1a:ef:d7:a7:55:37:02:b1:47:db:6f:10:69:66:f5:
         65:9e:1f:ef:92:fa:38:80:41:ed:86:1f:0e:ef:87:9d:7e:19:
         94:85:6b:75:8a:e0:8b:54:84:9f:96:3a:77:4d:0a:a2:69:89:
         37:99:ba:53:57:99:0e:f8:d8:5b:bd:af:ed:b2:e3:da:75:9f:
         ce:c4:6c:0c:84:6f:82:5d:53:8d:bd:d7:cd:cc:71:53:5c:02:
         5e:34:1a:70:7f:9d:18:a2:0c:a3:33:99:41:e9:f1:ea:40:2c:
         24:02:2f:4f:f2:95:8e:65:74:1f:43:41:e4:3e:95:89:f7:12:
         86:d6:bf:40:b9:92:d9:e0:49:5b:4a:f1:04:e7:b8:a2:0b:37:
         79:e0:8c:55:c6:43:4a:ae:30:59:a6:c9:3c:a6:f6:55:ef:0c:
         28:af:b0:fb:e6:32:52:27:ac:f9:9c:f6:3a:d7:62:7b:00:08:
         b6:be:cf:65:4b:d2:6c:d4:c1:b5:b8:33:ce:22:9e:f3:9d:c9:
         13:cb:a4:83
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgIUEwawbT6vLZJn8EdtgukzKvWa9AkwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNkM3NUQwMDAwMTEwLwYDVQQFEyhBREJFMUEwRjQ2
RjlDNzdCMEQyNDlGRDZBNDM4QjQ4QjdGQjIxQkNGMB4XDTI0MDgxNjA2NTcxN1oX
DTI1MDgxNTA3MDIxN1owMzExMC8GA1UEAxMoNTM4RTI1QTUwODEzRDI5RDE1OUU1
ODI5NjcxMjFCREU4QjUwNUVDNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPK0zSlx19BK+7i+KY9FVimPo7iEm3j5waA0SfEa+FNSCX4NOBt1xB7foBs0
9/62zrNYaEMxK7VIndx1gUWxQXZxY2wS6Li/uYQI/qcxjkmzIb49TdZRpCYSfBip
oLnNqo0jGA0B7k5Do/+2kE+OrNG1BV7di2cXm2xLuBBfUxNexjadwan37Z700Bw7
43rvLD66fkmHlQAQD2KXmBGfiDYhmlprUt9+EcqkB6zgL1Hpl9PHQm6g5QlRo0Hh
ht60cyWte7iWmq17x1Tr/H+oLYnOPHTh5ycxUpJhdJpHCyeuEovr2uJHJt+iBauS
cKNSnXmrO1Kmi/P9HGiFniE1Zi0CAwEAAaOCAkkwggJFMB0GA1UdDgQWBBRTjiWl
CBPSnRWeWClnEhvei1BexDAfBgNVHSMEGDAWgBStvhoPRvnHew0kn9akOLSLf7Ib
zzAOBgNVHQ8BAf8EBAMCB4AwgYUGA1UdHwR+MHwweqB4oHaGdHJzeW5jOi8vcnBr
aS1ycHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjkxNGUwYWE2MDE5MTU5
ZjJmYjI3MGNhOC8xL0FEQkUxQTBGNDZGOUM3N0IwRDI0OUZENkE0MzhCNDhCN0ZC
MjFCQ0YuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9y
cGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3
QzcyRkQxRkYyL3JiNGFEMGI1eDNzTkpKX1dwRGkwaTMteUc4OC5jZXIwgawGCCsG
AQUFBwELBIGfMIGcMIGZBggrBgEFBQcwC4aBjHJzeW5jOi8vcnBraS1ycHMuYXJp
bi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjkxNGUwYWE2MDE5MTU5ZjJmYjI3MGNh
OC8xLzMyMzQzMDM3M2E2MzY0NjMzMDNhNjU2NjY2MzAzYTNhMmYzNDM4MmQzNDM4
MjAzZDNlMjAzMTM1MzIzNzMwMzQucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUH
DgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAkB83A7/AwDQYJKoZIhvcN
AQELBQADggEBAJBI4Hu0BDgxVl1lO3nsOVNiI/1ug0lrgDoOu1tkYvZewZz6D1rR
+wilNkgPCQp89YP/0FUlNGH/hRrv16dVNwKxR9tvEGlm9WWeH++S+jiAQe2GHw7v
h51+GZSFa3WK4ItUhJ+WOndNCqJpiTeZulNXmQ742Fu9r+2y49p1n87EbAyEb4Jd
U429183McVNcAl40GnB/nRiiDKMzmUHp8epALCQCL0/ylY5ldB9DQeQ+lYn3EobW
v0C5ktngSVtK8QTnuKILN3ngjFXGQ0quMFmmyTym9lXvDCivsPvmMlInrPmc9jrX
YnsACLa+z2VL0mzUwbW4M84invOdyRPLpIM=
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:02:32 2024 by rpki-client on console-fra.rpki-client.org