Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf92ee4d840193df45a0ea6687/3/326130663a363238373a663536663a3a2f34382d3438203d3e20333936393638.roa
File:                     326130663a363238373a663536663a3a2f34382d3438203d3e20333936393638.roa (raw, json)
Hash identifier:          /lYfDHxeUKsqdIygzsKFvFmN3ik3crz/Xb04oGWSQGY=
Subject key identifier:   B6:54:BF:28:3C:8B:4B:C0:31:CB:0D:A2:52:C7:61:0B:BC:3A:12:FB
Certificate issuer:       /CN=015C706E4D5CD4BD25FBBE8F8390C84A7CF57D15
Certificate serial:       3EBB1BED40B19431F19031455F85A5D255B61D27
Authority key identifier: 01:5C:70:6E:4D:5C:D4:BD:25:FB:BE:8F:83:90:C8:4A:7C:F5:7D:15
Authority info access:    rsync://krill.47272.net/repo/HYEHOST/5/015C706E4D5CD4BD25FBBE8F8390C84A7CF57D15.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf92ee4d840193df45a0ea6687/3/326130663a363238373a663536663a3a2f34382d3438203d3e20333936393638.roa
Signing time:             Fri 04 Jul 2025 00:47:47 +0000
ROA not before:           Fri 04 Jul 2025 00:42:47 +0000
ROA not after:            Fri 03 Jul 2026 00:47:47 +0000
asID:                     396968
IP address blocks:        2a0f:6287:f56f::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf92ee4d840193df45a0ea6687/3/015C706E4D5CD4BD25FBBE8F8390C84A7CF57D15.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf92ee4d840193df45a0ea6687/3/015C706E4D5CD4BD25FBBE8F8390C84A7CF57D15.mft
                          rsync://krill.47272.net/repo/HYEHOST/5/015C706E4D5CD4BD25FBBE8F8390C84A7CF57D15.cer
                          rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl
                          rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 05 Jul 2025 01:21:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3e:bb:1b:ed:40:b1:94:31:f1:90:31:45:5f:85:a5:d2:55:b6:1d:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=015C706E4D5CD4BD25FBBE8F8390C84A7CF57D15
        Validity
            Not Before: Jul  4 00:42:47 2025 GMT
            Not After : Jul  3 00:47:47 2026 GMT
        Subject: CN=B654BF283C8B4BC031CB0DA252C7610BBC3A12FB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:4a:76:95:dc:2f:be:86:0a:cf:a5:ca:3d:4c:
                    6f:be:93:ba:1b:ec:22:f7:5f:02:39:c6:5a:3f:8a:
                    4c:24:61:5b:59:9d:56:8b:3f:72:6a:bc:0b:31:0d:
                    31:f1:0d:ac:8e:78:22:6e:f7:bb:4c:5c:dc:93:a0:
                    30:0d:47:60:b5:e9:80:5a:8a:f8:7e:e0:10:cd:a1:
                    dc:4a:12:65:c6:d6:b0:b9:81:67:bc:d7:4c:fc:f9:
                    48:a3:6c:6e:11:b0:2d:7c:3f:e8:4f:d3:fa:d5:ee:
                    af:b3:9b:5a:f8:07:a0:f2:3d:c0:a6:63:68:f3:ba:
                    c1:69:ff:36:02:28:22:4d:86:42:48:5e:e8:02:df:
                    e1:68:67:a6:10:07:c9:75:10:cc:77:92:4b:d5:bf:
                    37:1b:21:8e:70:fc:09:ae:7e:b1:23:c9:c0:50:87:
                    e7:c6:8b:c1:7e:d5:63:91:5a:8f:d2:86:48:fd:28:
                    bc:5b:00:72:0e:5b:5f:7c:d3:14:af:f4:a5:98:94:
                    f0:98:9f:56:ee:f0:2c:5b:8e:e4:72:a3:64:4e:06:
                    af:89:27:3d:da:25:9a:88:b6:11:28:a8:a4:db:e2:
                    d5:57:72:5c:fd:c3:f2:e2:60:87:05:76:ce:ee:ff:
                    f0:4e:42:84:7c:50:6a:c5:38:a8:3d:5d:99:55:0a:
                    87:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:54:BF:28:3C:8B:4B:C0:31:CB:0D:A2:52:C7:61:0B:BC:3A:12:FB
            X509v3 Authority Key Identifier:
                keyid:01:5C:70:6E:4D:5C:D4:BD:25:FB:BE:8F:83:90:C8:4A:7C:F5:7D:15

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf92ee4d840193df45a0ea6687/3/015C706E4D5CD4BD25FBBE8F8390C84A7CF57D15.crl

            Authority Information Access:
                CA Issuers - URI:rsync://krill.47272.net/repo/HYEHOST/5/015C706E4D5CD4BD25FBBE8F8390C84A7CF57D15.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf92ee4d840193df45a0ea6687/3/326130663a363238373a663536663a3a2f34382d3438203d3e20333936393638.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:6287:f56f::/48

    Signature Algorithm: sha256WithRSAEncryption
         9a:8f:d2:ce:be:7a:27:68:fc:66:e9:ba:59:6d:e8:53:cf:1e:
         10:9e:bc:63:f9:21:0b:47:21:5f:80:24:90:7f:bf:99:2a:65:
         09:24:94:af:ca:ef:0a:4f:a8:19:06:c2:c5:71:fe:96:a7:a9:
         1d:8f:f1:65:c7:51:2f:d5:8d:dd:a4:33:f4:e8:09:6a:7a:1b:
         a4:1b:2f:7b:e6:ef:a4:c5:ba:c0:8b:21:46:d9:51:60:77:83:
         55:50:53:ce:df:41:40:58:0f:22:f4:65:0f:56:6e:f6:a7:a1:
         79:51:23:08:68:5e:fe:97:1a:c4:b7:c0:22:7c:8d:92:c8:e0:
         f1:7f:3d:c9:9c:3b:09:ea:5c:76:ad:ad:bb:6e:0c:bf:99:73:
         45:82:8d:ca:e1:5f:cb:15:ac:ef:ae:67:de:74:ed:3d:20:7f:
         36:f4:70:c4:08:f9:d5:59:a1:2b:58:6a:49:be:ab:3c:24:cb:
         a2:ff:62:13:06:b2:2d:ca:3b:d4:d2:e1:ce:3b:da:41:77:ba:
         9b:fb:ab:30:58:eb:86:28:5a:b7:26:4c:0e:46:03:cf:af:40:
         2f:c8:94:58:e1:81:bb:6e:e3:91:b2:97:bd:55:6c:b6:54:26:
         71:38:7a:20:84:cc:7e:89:09:d4:96:99:66:a6:fe:05:30:8d:
         c4:ce:fe:c1
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgIUPrsb7UCxlDHxkDFFX4Wl0lW2HScwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDE1QzcwNkU0RDVDRDRCRDI1RkJCRThGODM5MEM4NEE3
Q0Y1N0QxNTAeFw0yNTA3MDQwMDQyNDdaFw0yNjA3MDMwMDQ3NDdaMDMxMTAvBgNV
BAMTKEI2NTRCRjI4M0M4QjRCQzAzMUNCMERBMjUyQzc2MTBCQkMzQTEyRkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrSnaV3C++hgrPpco9TG++k7ob
7CL3XwI5xlo/ikwkYVtZnVaLP3JqvAsxDTHxDayOeCJu97tMXNyToDANR2C16YBa
ivh+4BDNodxKEmXG1rC5gWe810z8+UijbG4RsC18P+hP0/rV7q+zm1r4B6DyPcCm
Y2jzusFp/zYCKCJNhkJIXugC3+FoZ6YQB8l1EMx3kkvVvzcbIY5w/AmufrEjycBQ
h+fGi8F+1WORWo/Shkj9KLxbAHIOW1980xSv9KWYlPCYn1bu8CxbjuRyo2ROBq+J
Jz3aJZqIthEoqKTb4tVXclz9w/LiYIcFds7u//BOQoR8UGrFOKg9XZlVCoctAgMB
AAGjggI6MIICNjAdBgNVHQ4EFgQUtlS/KDyLS8Axyw2iUsdhC7w6EvswHwYDVR0j
BBgwFoAUAVxwbk1c1L0l+76Pg5DISnz1fRUwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY5MmVlNGQ4NDAxOTNkZjQ1YTBlYTY2ODcvMy8wMTVDNzA2RTRE
NUNENEJEMjVGQkJFOEY4MzkwQzg0QTdDRjU3RDE1LmNybDBvBggrBgEFBQcBAQRj
MGEwXwYIKwYBBQUHMAKGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlF
SE9TVC81LzAxNUM3MDZFNEQ1Q0Q0QkQyNUZCQkU4RjgzOTBDODRBN0NGNTdEMTUu
Y2VyMIGsBggrBgEFBQcBCwSBnzCBnDCBmQYIKwYBBQUHMAuGgYxyc3luYzovL3Jw
a2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRvcnkvOGE4NDhhZGY5MmVlNGQ4NDAxOTNk
ZjQ1YTBlYTY2ODcvMy8zMjYxMzA2NjNhMzYzMjM4MzczYTY2MzUzNjY2M2EzYTJm
MzQzODJkMzQzODIwM2QzZTIwMzMzOTM2MzkzNjM4LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg9ih/Vv
MA0GCSqGSIb3DQEBCwUAA4IBAQCaj9LOvnonaPxm6bpZbehTzx4Qnrxj+SELRyFf
gCSQf7+ZKmUJJJSvyu8KT6gZBsLFcf6Wp6kdj/Flx1Ev1Y3dpDP06AlqehukGy97
5u+kxbrAiyFG2VFgd4NVUFPO30FAWA8i9GUPVm72p6F5USMIaF7+lxrEt8AifI2S
yODxfz3JnDsJ6lx2ra27bgy/mXNFgo3K4V/LFazvrmfedO09IH829HDECPnVWaEr
WGpJvqs8JMui/2ITBrItyjvU0uHOO9pBd7qb+6swWOuGKFq3JkwORgPPr0AvyJRY
4YG7buORspe9VWy2VCZxOHoghMx+iQnUlplmpv4FMI3Ezv7B
-----END CERTIFICATE-----
Generated at Fri Jul 4 14:35:12 2025 by rpki-client