Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf92ee4d840193df45a0ea6687/3/326130663a363238373a653431313a3a2f34382d3438203d3e20333936393638.roa
File:                     326130663a363238373a653431313a3a2f34382d3438203d3e20333936393638.roa (raw, json)
Hash identifier:          AaO6DIyQfwFdCRlTCM115MyKLvqW9yEUxKqzqIJv2qM=
Subject key identifier:   A9:03:95:65:5A:E3:A1:B7:03:70:16:05:1C:69:7A:7F:DC:6C:25:91
Certificate issuer:       /CN=015C706E4D5CD4BD25FBBE8F8390C84A7CF57D15
Certificate serial:       7FCF9449D4CADA801ABE479597BD919744FD99ED
Authority key identifier: 01:5C:70:6E:4D:5C:D4:BD:25:FB:BE:8F:83:90:C8:4A:7C:F5:7D:15
Authority info access:    rsync://krill.47272.net/repo/HYEHOST/5/015C706E4D5CD4BD25FBBE8F8390C84A7CF57D15.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf92ee4d840193df45a0ea6687/3/326130663a363238373a653431313a3a2f34382d3438203d3e20333936393638.roa
Signing time:             Fri 04 Jul 2025 00:47:44 +0000
ROA not before:           Fri 04 Jul 2025 00:42:44 +0000
ROA not after:            Fri 03 Jul 2026 00:47:44 +0000
asID:                     396968
IP address blocks:        2a0f:6287:e411::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf92ee4d840193df45a0ea6687/3/015C706E4D5CD4BD25FBBE8F8390C84A7CF57D15.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf92ee4d840193df45a0ea6687/3/015C706E4D5CD4BD25FBBE8F8390C84A7CF57D15.mft
                          rsync://krill.47272.net/repo/HYEHOST/5/015C706E4D5CD4BD25FBBE8F8390C84A7CF57D15.cer
                          rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl
                          rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 05 Jul 2025 01:21:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7f:cf:94:49:d4:ca:da:80:1a:be:47:95:97:bd:91:97:44:fd:99:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=015C706E4D5CD4BD25FBBE8F8390C84A7CF57D15
        Validity
            Not Before: Jul  4 00:42:44 2025 GMT
            Not After : Jul  3 00:47:44 2026 GMT
        Subject: CN=A90395655AE3A1B7037016051C697A7FDC6C2591
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:ee:a6:fa:c1:a4:f5:1f:b6:f1:8e:59:28:db:
                    de:23:15:e3:59:a6:48:76:78:db:93:aa:a4:5d:86:
                    49:f4:bb:37:d2:6a:c2:83:2d:61:eb:5d:91:36:d1:
                    c6:82:8f:fc:2b:8f:7d:e3:ed:8b:86:cd:4f:c0:b1:
                    ee:f4:c5:32:68:0d:10:2c:1a:08:ab:4a:b9:ce:49:
                    a3:f4:32:ce:1c:43:b2:10:a5:b6:76:61:d5:fa:69:
                    75:46:c4:41:04:3a:9e:62:71:a0:92:e9:25:83:f2:
                    9b:bd:10:5b:97:81:a1:7a:5d:da:3f:79:bb:a9:47:
                    c6:60:02:23:08:b0:85:b6:66:ea:61:be:98:da:91:
                    87:86:ed:96:e7:4a:09:53:7d:a8:3d:95:a8:59:ec:
                    b6:95:89:12:64:c9:cd:0a:d4:3f:9a:ba:2c:4a:ca:
                    30:bc:94:fc:ba:c2:93:82:ae:ce:77:91:6b:00:84:
                    ac:9b:1b:e6:f7:96:e2:80:68:b8:91:a1:4c:83:c4:
                    db:6d:aa:18:22:ab:db:0c:2b:c2:83:4c:03:d3:d6:
                    84:9f:34:cd:4b:44:bf:10:23:b1:f8:a5:d5:16:95:
                    8e:fa:16:a6:7b:ad:2f:9f:c4:86:aa:57:a5:bd:a5:
                    fd:c1:ff:55:8c:72:fc:ae:c0:b7:66:5f:22:d6:17:
                    3a:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:03:95:65:5A:E3:A1:B7:03:70:16:05:1C:69:7A:7F:DC:6C:25:91
            X509v3 Authority Key Identifier:
                keyid:01:5C:70:6E:4D:5C:D4:BD:25:FB:BE:8F:83:90:C8:4A:7C:F5:7D:15

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf92ee4d840193df45a0ea6687/3/015C706E4D5CD4BD25FBBE8F8390C84A7CF57D15.crl

            Authority Information Access:
                CA Issuers - URI:rsync://krill.47272.net/repo/HYEHOST/5/015C706E4D5CD4BD25FBBE8F8390C84A7CF57D15.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf92ee4d840193df45a0ea6687/3/326130663a363238373a653431313a3a2f34382d3438203d3e20333936393638.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:6287:e411::/48

    Signature Algorithm: sha256WithRSAEncryption
         27:06:48:8a:10:86:7f:76:3d:e2:ad:db:30:6c:1f:eb:bb:08:
         0c:fe:02:ce:03:50:b4:52:a0:47:7f:0d:29:4a:a5:6f:91:00:
         14:63:6f:ce:b1:de:be:ad:20:85:43:09:49:df:31:27:7a:2a:
         d3:15:29:72:f4:fa:4e:f7:0c:4a:98:0c:5c:51:a4:33:b5:16:
         b0:57:9a:64:bf:43:b5:31:5b:09:da:a8:d0:fe:f2:95:30:c2:
         e7:56:75:ce:fe:da:e4:dc:e6:da:17:c0:65:81:9e:dc:9f:e7:
         94:ab:3d:1c:bb:84:bc:e4:11:5c:be:12:34:95:24:14:bd:11:
         28:c9:91:07:96:fd:51:79:e7:b6:4e:de:d3:95:dd:72:bb:0b:
         eb:ee:e9:a8:15:1e:5e:fa:d5:68:c4:21:c6:fa:e6:9f:36:94:
         c3:77:82:31:67:d8:8c:0f:dc:8f:4d:ea:68:54:4f:e8:13:99:
         bb:b3:cd:96:a7:67:a0:a4:00:21:c5:ff:c8:9f:18:85:9e:e4:
         af:5b:7f:4c:36:64:d9:be:5d:b4:a7:bb:bd:e7:dc:9b:5e:3e:
         ce:a2:99:fc:46:45:69:f4:8d:a1:c8:a1:9a:8e:53:fb:da:35:
         e7:04:b3:6c:85:89:0a:9f:04:ae:9c:8b:e6:54:c5:7a:c3:4d:
         58:64:c9:aa
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgIUf8+USdTK2oAavkeVl72Rl0T9me0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDE1QzcwNkU0RDVDRDRCRDI1RkJCRThGODM5MEM4NEE3
Q0Y1N0QxNTAeFw0yNTA3MDQwMDQyNDRaFw0yNjA3MDMwMDQ3NDRaMDMxMTAvBgNV
BAMTKEE5MDM5NTY1NUFFM0ExQjcwMzcwMTYwNTFDNjk3QTdGREM2QzI1OTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCu7qb6waT1H7bxjlko294jFeNZ
pkh2eNuTqqRdhkn0uzfSasKDLWHrXZE20caCj/wrj33j7YuGzU/Ase70xTJoDRAs
GgirSrnOSaP0Ms4cQ7IQpbZ2YdX6aXVGxEEEOp5icaCS6SWD8pu9EFuXgaF6Xdo/
ebupR8ZgAiMIsIW2ZuphvpjakYeG7ZbnSglTfag9lahZ7LaViRJkyc0K1D+auixK
yjC8lPy6wpOCrs53kWsAhKybG+b3luKAaLiRoUyDxNttqhgiq9sMK8KDTAPT1oSf
NM1LRL8QI7H4pdUWlY76FqZ7rS+fxIaqV6W9pf3B/1WMcvyuwLdmXyLWFzrtAgMB
AAGjggI6MIICNjAdBgNVHQ4EFgQUqQOVZVrjobcDcBYFHGl6f9xsJZEwHwYDVR0j
BBgwFoAUAVxwbk1c1L0l+76Pg5DISnz1fRUwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY5MmVlNGQ4NDAxOTNkZjQ1YTBlYTY2ODcvMy8wMTVDNzA2RTRE
NUNENEJEMjVGQkJFOEY4MzkwQzg0QTdDRjU3RDE1LmNybDBvBggrBgEFBQcBAQRj
MGEwXwYIKwYBBQUHMAKGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlF
SE9TVC81LzAxNUM3MDZFNEQ1Q0Q0QkQyNUZCQkU4RjgzOTBDODRBN0NGNTdEMTUu
Y2VyMIGsBggrBgEFBQcBCwSBnzCBnDCBmQYIKwYBBQUHMAuGgYxyc3luYzovL3Jw
a2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRvcnkvOGE4NDhhZGY5MmVlNGQ4NDAxOTNk
ZjQ1YTBlYTY2ODcvMy8zMjYxMzA2NjNhMzYzMjM4MzczYTY1MzQzMTMxM2EzYTJm
MzQzODJkMzQzODIwM2QzZTIwMzMzOTM2MzkzNjM4LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg9ih+QR
MA0GCSqGSIb3DQEBCwUAA4IBAQAnBkiKEIZ/dj3irdswbB/ruwgM/gLOA1C0UqBH
fw0pSqVvkQAUY2/Osd6+rSCFQwlJ3zEneirTFSly9PpO9wxKmAxcUaQztRawV5pk
v0O1MVsJ2qjQ/vKVMMLnVnXO/trk3ObaF8BlgZ7cn+eUqz0cu4S85BFcvhI0lSQU
vREoyZEHlv1Reee2Tt7Tld1yuwvr7umoFR5e+tVoxCHG+uafNpTDd4IxZ9iMD9yP
TepoVE/oE5m7s82Wp2egpAAhxf/InxiFnuSvW39MNmTZvl20p7u959ybXj7Oopn8
RkVp9I2hyKGajlP72jXnBLNshYkKnwSunIvmVMV6w01YZMmq
-----END CERTIFICATE-----
Generated at Fri Jul 4 14:35:07 2025 by rpki-client