Route Origin Authorization

$ rpki-client -vvf rpki.sn-p.io/repo/sn-p-io/2/38392e3138372e36382e302f32342d3332203d3e20323035383438.roa
File:                     38392e3138372e36382e302f32342d3332203d3e20323035383438.roa (raw, json)
Hash identifier:          XXcmCcNAJFyusTP4fLJdInjZVJsyLkvh3OAm7Ll9RAg=
Subject key identifier:   F6:B6:97:FC:41:49:90:1F:64:96:1B:67:DD:0D:69:A2:A4:76:76:0D
Certificate issuer:       /CN=8C0F9F7AA93BA1735F59A004E37710C51DFBB593
Certificate serial:       7B8CB584FAB8FDB9BEC0017E6C5C81A366BA3AD0
Authority key identifier: 8C:0F:9F:7A:A9:3B:A1:73:5F:59:A0:04:E3:77:10:C5:1D:FB:B5:93
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/8C0F9F7AA93BA1735F59A004E37710C51DFBB593.cer
Subject info access:      rsync://rpki.sn-p.io/repo/sn-p-io/2/38392e3138372e36382e302f32342d3332203d3e20323035383438.roa
Signing time:             Thu 03 Jul 2025 15:52:56 +0000
ROA not before:           Thu 03 Jul 2025 15:47:56 +0000
ROA not after:            Thu 02 Jul 2026 15:52:56 +0000
asID:                     205848
IP address blocks:        89.187.68.0/24 maxlen: 32
Validation:               OK
Signature path:           rsync://rpki.sn-p.io/repo/sn-p-io/2/8C0F9F7AA93BA1735F59A004E37710C51DFBB593.crl
                          rsync://rpki.sn-p.io/repo/sn-p-io/2/8C0F9F7AA93BA1735F59A004E37710C51DFBB593.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/8C0F9F7AA93BA1735F59A004E37710C51DFBB593.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 06 Jul 2025 02:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7b:8c:b5:84:fa:b8:fd:b9:be:c0:01:7e:6c:5c:81:a3:66:ba:3a:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8C0F9F7AA93BA1735F59A004E37710C51DFBB593
        Validity
            Not Before: Jul  3 15:47:56 2025 GMT
            Not After : Jul  2 15:52:56 2026 GMT
        Subject: CN=F6B697FC4149901F64961B67DD0D69A2A476760D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:51:98:42:d0:43:25:64:ab:ba:8c:88:67:e7:
                    cd:7a:bc:0b:7e:68:55:ac:07:43:7d:f3:ab:46:5c:
                    7e:69:09:5f:57:56:25:fd:7a:ab:c1:84:a6:2f:35:
                    42:f8:94:72:c8:cf:02:9b:d5:ee:95:ce:ad:0b:c4:
                    a9:fd:2f:e8:c1:2c:bb:ce:61:fc:3d:52:f5:06:0c:
                    99:36:a1:66:31:62:12:39:ff:8b:79:a2:3e:3d:71:
                    0e:e8:51:c2:b8:36:0c:9a:9e:e0:0d:ac:b0:1c:83:
                    98:d4:ad:6d:be:f4:c8:a5:b7:6d:c5:df:cb:30:61:
                    64:85:2a:e6:65:37:d8:e2:43:ef:9f:a0:35:6a:71:
                    9c:e7:57:09:90:00:88:da:90:4b:57:c6:09:7b:f3:
                    33:25:19:a3:ad:4a:b5:71:3a:98:73:61:4b:73:94:
                    bb:08:d0:27:c8:d1:df:15:60:be:0a:f9:b9:cc:2e:
                    a1:a8:9d:69:ee:5c:3b:c3:48:9a:4d:13:32:5d:3a:
                    c1:60:8e:38:d9:92:d5:44:6a:10:21:51:7c:72:a1:
                    97:f7:2f:38:c5:23:e7:e6:f7:f8:e1:7e:6a:bc:7e:
                    ba:34:d9:11:5a:2b:b0:bc:cd:c4:43:6b:ff:50:b8:
                    ae:17:a7:70:78:d6:fc:bc:fb:63:75:a6:b0:5c:24:
                    f4:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:B6:97:FC:41:49:90:1F:64:96:1B:67:DD:0D:69:A2:A4:76:76:0D
            X509v3 Authority Key Identifier:
                keyid:8C:0F:9F:7A:A9:3B:A1:73:5F:59:A0:04:E3:77:10:C5:1D:FB:B5:93

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.sn-p.io/repo/sn-p-io/2/8C0F9F7AA93BA1735F59A004E37710C51DFBB593.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/8C0F9F7AA93BA1735F59A004E37710C51DFBB593.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.sn-p.io/repo/sn-p-io/2/38392e3138372e36382e302f32342d3332203d3e20323035383438.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.187.68.0/24

    Signature Algorithm: sha256WithRSAEncryption
         04:84:10:c4:18:4f:be:50:c6:92:71:88:73:74:ae:ca:a4:e4:
         bc:ae:fc:38:8a:0b:f4:f2:98:da:2a:b6:00:f0:f5:11:e2:15:
         b5:77:61:2c:2b:0a:fc:d0:5e:70:68:1f:49:84:ef:67:cc:fc:
         c1:96:54:2c:ff:38:dc:8e:af:fd:a8:38:1d:1d:f8:21:d7:13:
         2c:c7:22:ad:ba:39:30:6b:eb:f0:3b:1d:ea:e1:43:f9:8f:5c:
         76:0b:f4:b1:b7:0a:e9:9b:4d:c6:c0:76:f5:5d:ff:88:b2:64:
         0e:d7:00:ad:cf:57:78:9b:e0:53:6e:b1:4d:bb:8b:8e:95:4d:
         0c:da:ec:62:83:72:01:55:9a:7c:24:bc:45:8c:98:92:07:73:
         50:8e:90:93:c9:48:2c:62:dd:d9:b7:fa:61:2b:29:e3:be:37:
         a7:49:11:3d:40:4d:78:43:ba:d0:d3:3a:a6:cd:cd:0f:11:04:
         e4:e9:d0:16:ec:e3:77:2a:70:ea:12:5f:6a:75:f3:a6:6e:4a:
         11:df:73:b9:08:e9:d5:92:29:bf:5d:86:6b:16:18:b6:76:67:
         cf:34:72:bc:17:d8:d3:56:2d:80:a1:79:97:da:4c:11:c9:71:
         a9:6f:3c:c5:df:7c:f4:2b:2e:45:a8:a5:be:b9:78:3b:41:f6:
         02:cc:d5:6d
-----BEGIN CERTIFICATE-----
MIIE+jCCA+KgAwIBAgIUe4y1hPq4/bm+wAF+bFyBo2a6OtAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOEMwRjlGN0FBOTNCQTE3MzVGNTlBMDA0RTM3NzEwQzUx
REZCQjU5MzAeFw0yNTA3MDMxNTQ3NTZaFw0yNjA3MDIxNTUyNTZaMDMxMTAvBgNV
BAMTKEY2QjY5N0ZDNDE0OTkwMUY2NDk2MUI2N0REMEQ2OUEyQTQ3Njc2MEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwUZhC0EMlZKu6jIhn5816vAt+
aFWsB0N986tGXH5pCV9XViX9eqvBhKYvNUL4lHLIzwKb1e6Vzq0LxKn9L+jBLLvO
Yfw9UvUGDJk2oWYxYhI5/4t5oj49cQ7oUcK4NgyanuANrLAcg5jUrW2+9Milt23F
38swYWSFKuZlN9jiQ++foDVqcZznVwmQAIjakEtXxgl78zMlGaOtSrVxOphzYUtz
lLsI0CfI0d8VYL4K+bnMLqGonWnuXDvDSJpNEzJdOsFgjjjZktVEahAhUXxyoZf3
LzjFI+fm9/jhfmq8fro02RFaK7C8zcRDa/9QuK4Xp3B41vy8+2N1prBcJPR3AgMB
AAGjggIEMIICADAdBgNVHQ4EFgQU9raX/EFJkB9klhtn3Q1poqR2dg0wHwYDVR0j
BBgwFoAUjA+feqk7oXNfWaAE43cQxR37tZMwDgYDVR0PAQH/BAQDAgeAMGEGA1Ud
HwRaMFgwVqBUoFKGUHJzeW5jOi8vcnBraS5zbi1wLmlvL3JlcG8vc24tcC1pby8y
LzhDMEY5RjdBQTkzQkExNzM1RjU5QTAwNEUzNzcxMEM1MURGQkI1OTMuY3JsMIGT
BggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1ycHMu
YXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJl
M2Y5ZC83LzhDMEY5RjdBQTkzQkExNzM1RjU5QTAwNEUzNzcxMEM1MURGQkI1OTMu
Y2VyMHoGCCsGAQUFBwELBG4wbDBqBggrBgEFBQcwC4ZecnN5bmM6Ly9ycGtpLnNu
LXAuaW8vcmVwby9zbi1wLWlvLzIvMzgzOTJlMzEzODM3MmUzNjM4MmUzMDJmMzIz
NDJkMzMzMjIwM2QzZTIwMzIzMDM1MzgzNDM4LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWbtEMA0GCSqG
SIb3DQEBCwUAA4IBAQAEhBDEGE++UMaScYhzdK7KpOS8rvw4igv08pjaKrYA8PUR
4hW1d2EsKwr80F5waB9JhO9nzPzBllQs/zjcjq/9qDgdHfgh1xMsxyKtujkwa+vw
Ox3q4UP5j1x2C/Sxtwrpm03GwHb1Xf+IsmQO1wCtz1d4m+BTbrFNu4uOlU0M2uxi
g3IBVZp8JLxFjJiSB3NQjpCTyUgsYt3Zt/phKynjvjenSRE9QE14Q7rQ0zqmzc0P
EQTk6dAW7ON3KnDqEl9qdfOmbkoR33O5COnVkim/XYZrFhi2dmfPNHK8F9jTVi2A
oXmX2kwRyXGpbzzF33z0Ky5FqKW+uXg7QfYCzNVt
-----END CERTIFICATE-----
Generated at Sat Jul 5 08:39:11 2025 by rpki-client