Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/81a44566458e4578b67eed3053f820f5/1/326130623a346530373a33383a3a2f34382d3438203d3e20323133343133.roa
File:                     326130623a346530373a33383a3a2f34382d3438203d3e20323133343133.roa (raw, json)
Hash identifier:          v4BotdrXv7sigyezzwxyhIpyj4wHXfkXALDUPyoAWTw=
Subject key identifier:   C3:A9:41:71:8B:C0:C9:E4:E9:04:95:4B:BE:B5:63:35:6E:A8:24:5A
Certificate issuer:       /CN=5124C31FCFA4E82C4D0F6E09A30A04A55C9778BF
Certificate serial:       171E82BC6E67438AB9C4F277E7B74EA392E4C7FC
Authority key identifier: 51:24:C3:1F:CF:A4:E8:2C:4D:0F:6E:09:A3:0A:04:A5:5C:97:78:BF
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/5124C31FCFA4E82C4D0F6E09A30A04A55C9778BF.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/81a44566458e4578b67eed3053f820f5/1/326130623a346530373a33383a3a2f34382d3438203d3e20323133343133.roa
Signing time:             Wed 23 Jul 2025 19:02:40 +0000
ROA not before:           Wed 23 Jul 2025 18:57:40 +0000
ROA not after:            Wed 22 Jul 2026 19:02:40 +0000
asID:                     213413
IP address blocks:        2a0b:4e07:38::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/81a44566458e4578b67eed3053f820f5/1/5124C31FCFA4E82C4D0F6E09A30A04A55C9778BF.crl
                          rsync://rpki-rps.arin.net/repository/81a44566458e4578b67eed3053f820f5/1/5124C31FCFA4E82C4D0F6E09A30A04A55C9778BF.mft
                          rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/5124C31FCFA4E82C4D0F6E09A30A04A55C9778BF.cer
                          rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/42E508FBA8960F48071B119ACCBF57BDBF3A8057.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/42E508FBA8960F48071B119ACCBF57BDBF3A8057.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QuUI-6iWD0gHGxGazL9Xvb86gFc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 06 Aug 2025 08:53:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            17:1e:82:bc:6e:67:43:8a:b9:c4:f2:77:e7:b7:4e:a3:92:e4:c7:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5124C31FCFA4E82C4D0F6E09A30A04A55C9778BF
        Validity
            Not Before: Jul 23 18:57:40 2025 GMT
            Not After : Jul 22 19:02:40 2026 GMT
        Subject: CN=C3A941718BC0C9E4E904954BBEB563356EA8245A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:fa:e5:5d:cc:b1:6d:14:d0:a5:b7:b9:a0:7c:
                    7e:dc:f0:80:fb:58:18:fb:ac:6c:b5:fe:02:28:75:
                    76:8a:4e:d9:19:06:13:6b:7e:77:48:35:d2:0b:f8:
                    58:79:69:f5:fb:5f:c3:ba:e1:dc:98:f6:93:91:8d:
                    24:a5:44:a0:bb:45:99:6f:5c:c2:4c:32:cd:47:72:
                    cf:6d:80:df:57:75:4b:fc:82:83:00:f2:21:5a:44:
                    6d:a3:be:46:3e:3c:54:8e:11:c6:f8:f7:2b:29:0f:
                    96:23:6b:a6:fe:8a:2a:4f:73:75:d0:83:19:9e:42:
                    34:e6:ed:51:cc:af:57:e7:2a:8d:c4:12:bb:80:bb:
                    97:fa:6c:60:61:4a:c4:be:46:03:c5:ca:00:a7:dc:
                    17:66:8a:9a:ec:d6:e0:3a:1d:79:ba:77:f3:4b:41:
                    7c:5a:11:c8:7a:a3:1a:e1:de:d0:92:97:b1:9a:31:
                    d6:49:0c:e2:05:1f:a7:35:d6:0a:45:39:07:ba:59:
                    a0:59:98:e1:e1:e9:a6:0e:a0:40:5b:f4:a7:57:04:
                    48:10:73:9c:48:ea:de:f9:54:00:10:2b:fc:c2:cb:
                    9b:c5:a1:5f:49:40:18:a5:b5:a1:f0:b2:02:00:6f:
                    26:f0:c9:1d:e8:06:0a:01:fe:0a:55:e2:2c:3c:cd:
                    a0:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:A9:41:71:8B:C0:C9:E4:E9:04:95:4B:BE:B5:63:35:6E:A8:24:5A
            X509v3 Authority Key Identifier:
                keyid:51:24:C3:1F:CF:A4:E8:2C:4D:0F:6E:09:A3:0A:04:A5:5C:97:78:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/81a44566458e4578b67eed3053f820f5/1/5124C31FCFA4E82C4D0F6E09A30A04A55C9778BF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/5124C31FCFA4E82C4D0F6E09A30A04A55C9778BF.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/81a44566458e4578b67eed3053f820f5/1/326130623a346530373a33383a3a2f34382d3438203d3e20323133343133.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0b:4e07:38::/48

    Signature Algorithm: sha256WithRSAEncryption
         1f:a3:18:ee:f7:c4:6e:6a:c7:a4:95:17:28:d5:5e:36:db:41:
         9e:6f:84:6d:27:65:30:3a:fb:43:c0:c3:25:ab:86:81:66:2c:
         c6:9b:b0:2a:c8:53:a5:72:66:37:c8:85:64:03:66:8d:9d:0e:
         2a:23:9e:20:20:a8:9a:c8:11:a6:6d:c9:ed:59:fa:9e:04:b6:
         2a:df:3b:ce:03:8a:4a:42:7f:6c:26:36:d3:35:a3:cd:7b:23:
         d6:de:45:4d:ac:d6:f3:63:f7:58:fd:0b:12:01:74:38:f5:f9:
         ed:36:dc:00:57:cc:75:01:11:40:bc:58:38:d7:5f:3f:32:eb:
         2e:52:81:d8:c9:a1:70:98:d0:6e:fe:5c:24:58:27:36:01:e3:
         b2:26:34:3d:2f:2b:91:f7:ea:0a:61:f5:92:e0:b5:1e:99:7e:
         c2:2e:41:80:16:47:98:c4:cb:8a:56:0e:31:58:b6:34:a3:45:
         9e:f1:81:4c:9e:48:ae:0c:e7:0c:de:45:2c:4b:d4:fa:08:89:
         70:e0:0f:5f:4f:35:04:d8:dd:cd:92:76:7b:06:67:10:5e:13:
         5e:bb:c1:59:c0:11:fe:98:6c:53:a8:cb:ca:03:68:52:6e:ed:
         c5:e8:32:79:2e:c6:e7:da:b7:49:c9:c0:04:a1:59:bf:3d:08:
         e9:16:ca:c2
-----BEGIN CERTIFICATE-----
MIIFXDCCBESgAwIBAgIUFx6CvG5nQ4q5xPJ357dOo5Lkx/wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTEyNEMzMUZDRkE0RTgyQzREMEY2RTA5QTMwQTA0QTU1
Qzk3NzhCRjAeFw0yNTA3MjMxODU3NDBaFw0yNjA3MjIxOTAyNDBaMDMxMTAvBgNV
BAMTKEMzQTk0MTcxOEJDMEM5RTRFOTA0OTU0QkJFQjU2MzM1NkVBODI0NUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8+uVdzLFtFNClt7mgfH7c8ID7
WBj7rGy1/gIodXaKTtkZBhNrfndINdIL+Fh5afX7X8O64dyY9pORjSSlRKC7RZlv
XMJMMs1Hcs9tgN9XdUv8goMA8iFaRG2jvkY+PFSOEcb49yspD5Yja6b+iipPc3XQ
gxmeQjTm7VHMr1fnKo3EEruAu5f6bGBhSsS+RgPFygCn3Bdmiprs1uA6HXm6d/NL
QXxaEch6oxrh3tCSl7GaMdZJDOIFH6c11gpFOQe6WaBZmOHh6aYOoEBb9KdXBEgQ
c5xI6t75VAAQK/zCy5vFoV9JQBiltaHwsgIAbybwyR3oBgoB/gpV4iw8zaAlAgMB
AAGjggJmMIICYjAdBgNVHQ4EFgQUw6lBcYvAyeTpBJVLvrVjNW6oJFowHwYDVR0j
BBgwFoAUUSTDH8+k6CxND24JowoEpVyXeL8wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvODFhNDQ1NjY0NThlNDU3OGI2N2VlZDMwNTNmODIwZjUvMS81MTI0QzMxRkNG
QTRFODJDNEQwRjZFMDlBMzBBMDRBNTVDOTc3OEJGLmNybDCBngYIKwYBBQUHAQEE
gZEwgY4wgYsGCCsGAQUFBzAChn9yc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5LzczYjhlYzAxLThiYTUtNDc5Zi1hMjI5LTBhYjcwZTQ4
MTViYi8wLzUxMjRDMzFGQ0ZBNEU4MkM0RDBGNkUwOUEzMEEwNEE1NUM5Nzc4QkYu
Y2VyMIGoBggrBgEFBQcBCwSBmzCBmDCBlQYIKwYBBQUHMAuGgYhyc3luYzovL3Jw
a2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRvcnkvODFhNDQ1NjY0NThlNDU3OGI2N2Vl
ZDMwNTNmODIwZjUvMS8zMjYxMzA2MjNhMzQ2NTMwMzczYTMzMzgzYTNhMmYzNDM4
MmQzNDM4MjAzZDNlMjAzMjMxMzMzNDMxMzMucm9hMBgGA1UdIAEB/wQOMAwwCgYI
KwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAqC04HADgwDQYJ
KoZIhvcNAQELBQADggEBAB+jGO73xG5qx6SVFyjVXjbbQZ5vhG0nZTA6+0PAwyWr
hoFmLMabsCrIU6VyZjfIhWQDZo2dDiojniAgqJrIEaZtye1Z+p4EtirfO84DikpC
f2wmNtM1o817I9beRU2s1vNj91j9CxIBdDj1+e023ABXzHUBEUC8WDjXXz8y6y5S
gdjJoXCY0G7+XCRYJzYB47ImND0vK5H36gph9ZLgtR6ZfsIuQYAWR5jEy4pWDjFY
tjSjRZ7xgUyeSK4M5wzeRSxL1PoIiXDgD19PNQTY3c2SdnsGZxBeE167wVnAEf6Y
bFOoy8oDaFJu7cXoMnkuxufat0nJwAShWb89COkWysI=
-----END CERTIFICATE-----
Generated at Tue Aug 5 20:21:04 2025 by rpki-client