Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf914e0aa6019159f2fb270ca8/3/323430313a323132303a3a2f33322d3438203d3e203338313336.roa
File:                     323430313a323132303a3a2f33322d3438203d3e203338313336.roa (raw, json)
Hash identifier:          vK0Q4zNrk9bXgKdQTEa0+OUHIVjhEbNcDt+OzisVQMk=
Subject key identifier:   A2:7B:92:84:14:CC:4D:3E:10:76:F9:6C:11:F8:38:6C:E0:3F:6F:B8
Certificate issuer:       /CN=A91130000000/serialNumber=9118E5A6BE5E82AE50A9BFA071975F66EC59170F
Certificate serial:       61E564F51ABB753582E10F359BE1E7162E32A4E9
Authority key identifier: 91:18:E5:A6:BE:5E:82:AE:50:A9:BF:A0:71:97:5F:66:EC:59:17:0F
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kRjlpr5egq5Qqb-gcZdfZuxZFw8.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf914e0aa6019159f2fb270ca8/3/323430313a323132303a3a2f33322d3438203d3e203338313336.roa
Signing time:             Fri 16 Aug 2024 07:17:02 +0000
ROA not before:           Fri 16 Aug 2024 07:12:02 +0000
ROA not after:            Fri 15 Aug 2025 07:17:02 +0000
asID:                     38136
IP address blocks:        2401:2120::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf914e0aa6019159f2fb270ca8/3/9118E5A6BE5E82AE50A9BFA071975F66EC59170F.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf914e0aa6019159f2fb270ca8/3/9118E5A6BE5E82AE50A9BFA071975F66EC59170F.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kRjlpr5egq5Qqb-gcZdfZuxZFw8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 27 Nov 2024 00:16:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            61:e5:64:f5:1a:bb:75:35:82:e1:0f:35:9b:e1:e7:16:2e:32:a4:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91130000000/serialNumber=9118E5A6BE5E82AE50A9BFA071975F66EC59170F
        Validity
            Not Before: Aug 16 07:12:02 2024 GMT
            Not After : Aug 15 07:17:02 2025 GMT
        Subject: CN=A27B928414CC4D3E1076F96C11F8386CE03F6FB8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:54:3e:bc:2d:1a:43:1a:be:9d:06:f1:34:15:
                    b9:5a:7c:57:04:b2:1e:d5:86:1d:ff:75:c1:ad:19:
                    83:77:83:74:37:65:93:4d:64:ec:14:a6:c8:c4:06:
                    42:95:c6:05:26:82:cb:3c:ad:d8:bd:aa:1a:9d:22:
                    71:c5:82:03:3d:3b:e7:fb:03:4c:97:55:ab:f3:7a:
                    32:e8:3c:d1:eb:28:35:ef:ba:40:92:65:14:2e:15:
                    5c:32:0b:c3:33:88:93:4b:76:5b:db:5a:e9:7a:30:
                    0d:ca:c0:7e:7a:84:dd:e4:71:fe:b4:34:0c:e8:2b:
                    9d:ff:96:03:17:2a:ad:72:89:55:ca:41:52:4a:ef:
                    da:f2:00:65:ad:16:e1:fe:ee:ee:5b:87:b6:fd:cb:
                    e5:7c:b1:bf:2a:04:94:48:84:24:e9:e8:83:2d:1b:
                    b7:2e:b4:af:70:0d:ac:68:da:e2:fa:be:83:73:6f:
                    eb:b0:b0:a4:54:b4:99:1e:3b:e8:00:d6:8a:e2:ba:
                    3e:d9:30:aa:0e:16:bb:10:86:e6:fb:e0:98:42:38:
                    b2:a6:44:71:e7:d0:f3:9a:18:07:38:03:b6:04:d7:
                    1b:a9:40:84:03:14:78:9c:94:56:f1:88:78:fa:74:
                    76:f9:c9:3c:26:6c:3f:cd:ae:09:b0:07:60:a1:e1:
                    9f:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:7B:92:84:14:CC:4D:3E:10:76:F9:6C:11:F8:38:6C:E0:3F:6F:B8
            X509v3 Authority Key Identifier:
                keyid:91:18:E5:A6:BE:5E:82:AE:50:A9:BF:A0:71:97:5F:66:EC:59:17:0F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf914e0aa6019159f2fb270ca8/3/9118E5A6BE5E82AE50A9BFA071975F66EC59170F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kRjlpr5egq5Qqb-gcZdfZuxZFw8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf914e0aa6019159f2fb270ca8/3/323430313a323132303a3a2f33322d3438203d3e203338313336.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2401:2120::/32

    Signature Algorithm: sha256WithRSAEncryption
         af:fb:dd:ae:1d:dc:59:63:3d:e0:0c:d3:ae:96:12:b1:75:a8:
         5c:4f:7c:28:e2:ed:2d:8c:5c:b6:1b:d2:20:9b:6b:6b:61:0c:
         1d:28:1b:e3:61:f8:72:00:2a:a6:b6:08:f0:de:80:44:d3:61:
         38:4a:b7:07:ec:56:e5:d4:a4:e4:61:3b:ff:63:53:4f:92:e1:
         3f:b7:ad:c6:bd:bb:61:5f:3c:c6:08:20:d6:de:d6:7b:69:00:
         3f:f9:82:6a:b5:5d:95:b3:1d:a0:0a:13:09:57:37:55:17:38:
         87:7f:30:e3:c2:26:bb:72:ea:6b:75:2e:5e:6e:82:2d:68:13:
         15:97:ab:98:21:e0:21:6a:5d:fd:41:2e:3a:92:77:85:1d:e8:
         ef:50:9e:ac:2c:fd:d2:6b:a9:36:e7:64:8c:79:d7:b1:a7:00:
         4d:7e:64:36:bc:07:33:87:c1:46:a3:65:f4:d6:19:14:6c:95:
         ef:de:78:b4:93:75:24:10:c6:91:00:97:f5:cf:31:45:36:81:
         d4:80:50:88:69:f0:fc:f6:6d:aa:5a:6b:24:8b:a6:97:dd:22:
         ab:f7:9b:fa:43:48:95:2e:4e:39:29:78:e0:5e:b6:15:e4:3f:
         f9:2f:bb:60:79:7a:0e:04:c1:66:12:29:e8:f0:59:1d:3c:3f:
         16:1e:1d:8c
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgIUYeVk9Rq7dTWC4Q81m+HnFi4ypOkwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxMTMwMDAwMDAwMTEwLwYDVQQFEyg5MTE4RTVBNkJF
NUU4MkFFNTBBOUJGQTA3MTk3NUY2NkVDNTkxNzBGMB4XDTI0MDgxNjA3MTIwMloX
DTI1MDgxNTA3MTcwMlowMzExMC8GA1UEAxMoQTI3QjkyODQxNENDNEQzRTEwNzZG
OTZDMTFGODM4NkNFMDNGNkZCODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALZUPrwtGkMavp0G8TQVuVp8VwSyHtWGHf91wa0Zg3eDdDdlk01k7BSmyMQG
QpXGBSaCyzyt2L2qGp0iccWCAz075/sDTJdVq/N6Mug80esoNe+6QJJlFC4VXDIL
wzOIk0t2W9ta6XowDcrAfnqE3eRx/rQ0DOgrnf+WAxcqrXKJVcpBUkrv2vIAZa0W
4f7u7luHtv3L5XyxvyoElEiEJOnogy0bty60r3ANrGja4vq+g3Nv67CwpFS0mR47
6ADWiuK6Ptkwqg4WuxCG5vvgmEI4sqZEcefQ85oYBzgDtgTXG6lAhAMUeJyUVvGI
ePp0dvnJPCZsP82uCbAHYKHhn08CAwEAAaOCAjswggI3MB0GA1UdDgQWBBSie5KE
FMxNPhB2+WwR+Dhs4D9vuDAfBgNVHSMEGDAWgBSRGOWmvl6CrlCpv6Bxl19m7FkX
DzAOBgNVHQ8BAf8EBAMCB4AwgYUGA1UdHwR+MHwweqB4oHaGdHJzeW5jOi8vcnBr
aS1ycHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjkxNGUwYWE2MDE5MTU5
ZjJmYjI3MGNhOC8zLzkxMThFNUE2QkU1RTgyQUU1MEE5QkZBMDcxOTc1RjY2RUM1
OTE3MEYuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9y
cGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3
QzcyRkQxRkYyL2tSamxwcjVlZ3E1UXFiLWdjWmRmWnV4WkZ3OC5jZXIwgaAGCCsG
AQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5jOi8vcnBraS1ycHMuYXJp
bi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjkxNGUwYWE2MDE5MTU5ZjJmYjI3MGNh
OC8zLzMyMzQzMDMxM2EzMjMxMzIzMDNhM2EyZjMzMzIyZDM0MzgyMDNkM2UyMDMz
MzgzMTMzMzYucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIAYIKwYBBQUH
AQcBAf8EETAPMA0EAgACMAcDBQAkASEgMA0GCSqGSIb3DQEBCwUAA4IBAQCv+92u
HdxZYz3gDNOulhKxdahcT3wo4u0tjFy2G9Igm2trYQwdKBvjYfhyACqmtgjw3oBE
02E4SrcH7Fbl1KTkYTv/Y1NPkuE/t63GvbthXzzGCCDW3tZ7aQA/+YJqtV2Vsx2g
ChMJVzdVFziHfzDjwia7cuprdS5eboItaBMVl6uYIeAhal39QS46kneFHejvUJ6s
LP3Sa6k252SMedexpwBNfmQ2vAczh8FGo2X01hkUbJXv3ni0k3UkEMaRAJf1zzFF
NoHUgFCIafD89m2qWmski6aX3SKr95v6Q0iVLk45KXjgXrYV5D/5L7tgeXoOBMFm
Eino8FkdPD8WHh2M
-----END CERTIFICATE-----
Generated at Tue Nov 26 02:17:21 2024 by rpki-client on console-fra.rpki-client.org