Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf92ee4d840193df45a0ea6687/3/326130663a363238373a653535623a3a2f34382d3438203d3e20333936393638.roa
File:                     326130663a363238373a653535623a3a2f34382d3438203d3e20333936393638.roa (raw, json)
Hash identifier:          xyPGgRQs5QgcxhgcUfoyYaOjKAKaDj2F5uMfH3JnAqU=
Subject key identifier:   19:41:F7:3C:6F:86:FB:DF:7D:33:60:08:B5:DD:DE:B6:F1:20:3D:AC
Certificate issuer:       /CN=015C706E4D5CD4BD25FBBE8F8390C84A7CF57D15
Certificate serial:       4469FC075979D0FC2DAC0E7F2F4C0AC47002AD35
Authority key identifier: 01:5C:70:6E:4D:5C:D4:BD:25:FB:BE:8F:83:90:C8:4A:7C:F5:7D:15
Authority info access:    rsync://krill.47272.net/repo/HYEHOST/5/015C706E4D5CD4BD25FBBE8F8390C84A7CF57D15.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf92ee4d840193df45a0ea6687/3/326130663a363238373a653535623a3a2f34382d3438203d3e20333936393638.roa
Signing time:             Fri 04 Jul 2025 00:47:46 +0000
ROA not before:           Fri 04 Jul 2025 00:42:46 +0000
ROA not after:            Fri 03 Jul 2026 00:47:46 +0000
asID:                     396968
IP address blocks:        2a0f:6287:e55b::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf92ee4d840193df45a0ea6687/3/015C706E4D5CD4BD25FBBE8F8390C84A7CF57D15.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf92ee4d840193df45a0ea6687/3/015C706E4D5CD4BD25FBBE8F8390C84A7CF57D15.mft
                          rsync://krill.47272.net/repo/HYEHOST/5/015C706E4D5CD4BD25FBBE8F8390C84A7CF57D15.cer
                          rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl
                          rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 05 Jul 2025 01:21:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            44:69:fc:07:59:79:d0:fc:2d:ac:0e:7f:2f:4c:0a:c4:70:02:ad:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=015C706E4D5CD4BD25FBBE8F8390C84A7CF57D15
        Validity
            Not Before: Jul  4 00:42:46 2025 GMT
            Not After : Jul  3 00:47:46 2026 GMT
        Subject: CN=1941F73C6F86FBDF7D336008B5DDDEB6F1203DAC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:fc:6a:a7:77:04:09:63:6b:55:2c:90:51:cf:
                    78:62:01:d9:43:8f:d9:42:3d:23:64:8c:54:11:27:
                    fb:39:e1:37:2e:b3:84:b2:54:de:31:d9:b1:37:ad:
                    46:0a:86:ed:ea:b0:de:f6:e2:e5:16:76:42:b3:93:
                    8c:95:c1:48:9b:51:12:a5:db:59:34:0e:55:09:07:
                    fe:27:4a:11:cd:93:bf:67:c8:1f:77:95:3f:9c:cb:
                    98:04:41:31:56:e8:27:26:fb:3f:98:66:e2:85:77:
                    63:1a:37:4c:2e:62:f5:c8:0a:c6:81:36:cb:f1:d8:
                    a8:1f:21:b7:3f:4b:27:03:5f:cb:f3:18:3d:87:e5:
                    0d:9b:7f:e9:58:d2:8a:33:4f:9c:e4:1e:f6:f5:54:
                    22:41:12:06:21:c7:53:9e:0a:5d:40:68:d4:21:5f:
                    2c:0e:01:2c:35:fb:4d:66:50:b8:84:e6:6d:21:d8:
                    de:ae:0e:dc:ed:f7:e3:fa:48:a9:50:45:a1:7e:e9:
                    5a:8c:76:a1:ac:6d:39:89:97:86:45:43:ba:0f:d8:
                    16:ea:4e:74:16:55:d5:02:ba:d5:ce:90:20:4e:a8:
                    09:de:1a:54:53:69:3b:87:19:72:75:63:ae:35:b8:
                    48:aa:39:c6:d1:7a:ad:0b:1a:46:a2:95:3e:62:19:
                    00:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:41:F7:3C:6F:86:FB:DF:7D:33:60:08:B5:DD:DE:B6:F1:20:3D:AC
            X509v3 Authority Key Identifier:
                keyid:01:5C:70:6E:4D:5C:D4:BD:25:FB:BE:8F:83:90:C8:4A:7C:F5:7D:15

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf92ee4d840193df45a0ea6687/3/015C706E4D5CD4BD25FBBE8F8390C84A7CF57D15.crl

            Authority Information Access:
                CA Issuers - URI:rsync://krill.47272.net/repo/HYEHOST/5/015C706E4D5CD4BD25FBBE8F8390C84A7CF57D15.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf92ee4d840193df45a0ea6687/3/326130663a363238373a653535623a3a2f34382d3438203d3e20333936393638.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:6287:e55b::/48

    Signature Algorithm: sha256WithRSAEncryption
         68:02:6c:50:65:c4:e8:69:35:c3:be:e1:e4:52:7c:99:e8:38:
         2d:dd:b0:12:4d:1d:25:9d:03:ac:8d:6c:92:84:6d:2d:c4:ed:
         c8:30:9b:3f:3a:a2:10:74:dc:62:24:c8:f1:c8:c5:3c:b6:98:
         ad:cb:71:d2:6a:1b:cb:ef:6b:45:62:ec:af:8f:1a:50:2e:4a:
         f6:1a:12:df:c2:a9:cd:fb:9c:6a:29:4c:e0:bd:fa:fa:33:f6:
         a0:65:a0:57:a8:80:5e:a8:e6:76:b7:9b:d5:3d:4f:5c:23:dc:
         0b:69:da:bb:f2:50:26:c0:93:d0:0b:19:85:62:6a:d5:9d:4e:
         e2:bb:d6:87:09:77:8c:76:50:d6:f6:f7:b6:04:0f:06:55:0f:
         28:0e:28:45:d5:60:8d:7b:00:c7:08:61:e1:4d:d9:44:82:ac:
         47:94:c1:4b:0c:d5:98:56:df:f2:19:40:c5:9a:10:83:e8:3c:
         c6:b3:f8:43:4e:b0:90:cd:af:b5:79:59:51:a5:8f:52:4e:e5:
         b6:3c:ef:47:11:5e:43:41:ef:ff:9e:b0:78:45:81:a0:d6:98:
         a5:b5:48:3a:4c:3d:bf:8a:52:ba:01:72:75:f4:55:05:07:a2:
         37:62:04:67:c6:39:f3:28:33:07:00:30:bb:a3:08:c1:f0:4c:
         56:a8:13:cc
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgIURGn8B1l50PwtrA5/L0wKxHACrTUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDE1QzcwNkU0RDVDRDRCRDI1RkJCRThGODM5MEM4NEE3
Q0Y1N0QxNTAeFw0yNTA3MDQwMDQyNDZaFw0yNjA3MDMwMDQ3NDZaMDMxMTAvBgNV
BAMTKDE5NDFGNzNDNkY4NkZCREY3RDMzNjAwOEI1RERERUI2RjEyMDNEQUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDD/GqndwQJY2tVLJBRz3hiAdlD
j9lCPSNkjFQRJ/s54Tcus4SyVN4x2bE3rUYKhu3qsN724uUWdkKzk4yVwUibURKl
21k0DlUJB/4nShHNk79nyB93lT+cy5gEQTFW6Ccm+z+YZuKFd2MaN0wuYvXICsaB
Nsvx2KgfIbc/SycDX8vzGD2H5Q2bf+lY0oozT5zkHvb1VCJBEgYhx1OeCl1AaNQh
XywOASw1+01mULiE5m0h2N6uDtzt9+P6SKlQRaF+6VqMdqGsbTmJl4ZFQ7oP2Bbq
TnQWVdUCutXOkCBOqAneGlRTaTuHGXJ1Y641uEiqOcbReq0LGkailT5iGQBDAgMB
AAGjggI6MIICNjAdBgNVHQ4EFgQUGUH3PG+G+999M2AItd3etvEgPawwHwYDVR0j
BBgwFoAUAVxwbk1c1L0l+76Pg5DISnz1fRUwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY5MmVlNGQ4NDAxOTNkZjQ1YTBlYTY2ODcvMy8wMTVDNzA2RTRE
NUNENEJEMjVGQkJFOEY4MzkwQzg0QTdDRjU3RDE1LmNybDBvBggrBgEFBQcBAQRj
MGEwXwYIKwYBBQUHMAKGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlF
SE9TVC81LzAxNUM3MDZFNEQ1Q0Q0QkQyNUZCQkU4RjgzOTBDODRBN0NGNTdEMTUu
Y2VyMIGsBggrBgEFBQcBCwSBnzCBnDCBmQYIKwYBBQUHMAuGgYxyc3luYzovL3Jw
a2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRvcnkvOGE4NDhhZGY5MmVlNGQ4NDAxOTNk
ZjQ1YTBlYTY2ODcvMy8zMjYxMzA2NjNhMzYzMjM4MzczYTY1MzUzNTYyM2EzYTJm
MzQzODJkMzQzODIwM2QzZTIwMzMzOTM2MzkzNjM4LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg9ih+Vb
MA0GCSqGSIb3DQEBCwUAA4IBAQBoAmxQZcToaTXDvuHkUnyZ6Dgt3bASTR0lnQOs
jWyShG0txO3IMJs/OqIQdNxiJMjxyMU8tpity3HSahvL72tFYuyvjxpQLkr2GhLf
wqnN+5xqKUzgvfr6M/agZaBXqIBeqOZ2t5vVPU9cI9wLadq78lAmwJPQCxmFYmrV
nU7iu9aHCXeMdlDW9ve2BA8GVQ8oDihF1WCNewDHCGHhTdlEgqxHlMFLDNWYVt/y
GUDFmhCD6DzGs/hDTrCQza+1eVlRpY9STuW2PO9HEV5DQe//nrB4RYGg1piltUg6
TD2/ilK6AXJ19FUFB6I3YgRnxjnzKDMHADC7owjB8ExWqBPM
-----END CERTIFICATE-----
Generated at Fri Jul 4 14:35:11 2025 by rpki-client