Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/3137362e35382e39342e302f32342d3234203d3e203336323336.roa
File:                     3137362e35382e39342e302f32342d3234203d3e203336323336.roa (raw, json)
Hash identifier:          Cph0DEy+Le35sljuy5bJOuNjOh2ldDBYAKyGCrtp/Xc=
Subject key identifier:   A3:5C:D6:6B:C4:E1:EA:E2:B0:6B:AF:B6:39:4E:1D:BB:5F:C1:8E:A1
Certificate issuer:       /CN=eb2c7e62503b0634eb4ab53f88c06950ac76dcd1
Certificate serial:       1A1F06D943CB39FC105B3A9754F89B70EB7AEBA6
Authority key identifier: EB:2C:7E:62:50:3B:06:34:EB:4A:B5:3F:88:C0:69:50:AC:76:DC:D1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6yx-YlA7BjTrSrU_iMBpUKx23NE.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/3137362e35382e39342e302f32342d3234203d3e203336323336.roa
Signing time:             Mon 04 Aug 2025 23:13:59 +0000
ROA not before:           Mon 04 Aug 2025 23:08:59 +0000
ROA not after:            Mon 03 Aug 2026 23:13:59 +0000
asID:                     36236
IP address blocks:        176.58.94.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/EB2C7E62503B0634EB4AB53F88C06950AC76DCD1.crl
                          rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/EB2C7E62503B0634EB4AB53F88C06950AC76DCD1.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6yx-YlA7BjTrSrU_iMBpUKx23NE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 Aug 2025 12:42:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1a:1f:06:d9:43:cb:39:fc:10:5b:3a:97:54:f8:9b:70:eb:7a:eb:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eb2c7e62503b0634eb4ab53f88c06950ac76dcd1
        Validity
            Not Before: Aug  4 23:08:59 2025 GMT
            Not After : Aug  3 23:13:59 2026 GMT
        Subject: CN=A35CD66BC4E1EAE2B06BAFB6394E1DBB5FC18EA1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:34:ab:e9:a1:08:b1:05:f6:3e:13:53:ca:bd:
                    82:49:e8:12:6e:3e:61:d2:89:ad:77:96:a9:94:b7:
                    bf:86:70:33:63:48:ec:d2:69:aa:ca:0f:a7:bb:b5:
                    b8:c8:5e:86:70:d7:d4:4a:37:c4:70:83:c6:58:b2:
                    33:15:88:3b:8d:af:72:25:2f:2e:30:4b:b5:7e:4a:
                    45:e4:c6:ad:63:20:3f:ab:8e:2b:0d:d9:cb:1e:93:
                    2c:6c:69:a1:b5:52:23:08:bd:ed:5d:15:e2:d2:90:
                    ca:ea:eb:77:d7:87:b9:22:78:54:fa:81:e0:97:1e:
                    df:98:ed:16:09:49:f7:b4:2d:83:91:59:83:c4:05:
                    cb:4c:77:db:7e:3a:39:07:da:79:86:ff:72:ea:96:
                    f6:09:a1:fd:5c:b8:12:4c:d8:80:6f:a9:dc:ae:3e:
                    93:80:1e:6b:26:8f:51:bb:4d:46:42:b4:c2:50:53:
                    9e:99:4c:ba:e8:a3:40:4a:17:2f:10:27:e1:9d:bb:
                    32:a0:eb:76:5c:cd:0d:60:ce:82:7d:a2:5d:60:08:
                    22:44:38:95:24:b7:d7:f1:c2:1e:cf:81:d4:9f:9d:
                    be:a7:f9:95:fe:18:39:59:77:3e:c9:2e:c3:95:0e:
                    f7:ed:88:ae:b8:1f:83:fe:6a:07:44:af:94:3a:0e:
                    7c:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:5C:D6:6B:C4:E1:EA:E2:B0:6B:AF:B6:39:4E:1D:BB:5F:C1:8E:A1
            X509v3 Authority Key Identifier:
                keyid:EB:2C:7E:62:50:3B:06:34:EB:4A:B5:3F:88:C0:69:50:AC:76:DC:D1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/EB2C7E62503B0634EB4AB53F88C06950AC76DCD1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6yx-YlA7BjTrSrU_iMBpUKx23NE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/3137362e35382e39342e302f32342d3234203d3e203336323336.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.58.94.0/24

    Signature Algorithm: sha256WithRSAEncryption
         78:d4:b3:9c:b5:07:3f:7b:4c:c5:73:77:85:53:15:29:89:8e:
         e9:a7:2c:f0:69:59:18:0f:46:ae:6c:75:ce:b3:1a:e9:ae:96:
         f1:80:80:7f:d6:53:71:15:31:28:dc:7d:1a:52:c7:21:aa:c5:
         76:29:2c:05:96:cd:63:ad:c3:fb:34:27:88:17:69:3a:d6:30:
         d9:97:a2:ae:ea:f7:a9:d8:0f:cf:8a:12:88:4f:72:10:7a:a4:
         14:7a:ee:b6:0c:53:a2:7d:e4:b6:13:4f:2d:0f:ea:80:a2:28:
         c1:89:dc:70:4c:2c:95:4d:a2:e1:d0:35:1b:2c:bc:bb:1e:c1:
         41:54:dc:1a:25:a4:a4:1f:f2:8a:51:1a:73:ed:00:00:0e:ab:
         5c:a7:96:96:26:1a:e5:f0:bb:67:01:17:84:be:99:05:b8:74:
         89:b2:22:78:ca:fa:5c:43:3b:27:50:b3:f2:48:4a:52:59:be:
         0c:d4:c8:bc:fe:31:13:63:eb:1f:e5:5c:2c:dc:6b:b6:d6:ef:
         2a:ca:f4:50:a6:7d:8f:7a:c8:62:1e:56:a4:3a:05:9c:b9:fb:
         97:2e:9b:23:c5:32:c2:ed:64:2e:58:23:1d:74:26:4f:58:81:
         88:b0:19:db:68:83:2c:a7:fc:26:bb:83:55:45:4c:07:08:5c:
         70:1a:34:4d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIUGh8G2UPLOfwQWzqXVPibcOt666YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZWIyYzdlNjI1MDNiMDYzNGViNGFiNTNmODhjMDY5NTBh
Yzc2ZGNkMTAeFw0yNTA4MDQyMzA4NTlaFw0yNjA4MDMyMzEzNTlaMDMxMTAvBgNV
BAMTKEEzNUNENjZCQzRFMUVBRTJCMDZCQUZCNjM5NEUxREJCNUZDMThFQTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKNKvpoQixBfY+E1PKvYJJ6BJu
PmHSia13lqmUt7+GcDNjSOzSaarKD6e7tbjIXoZw19RKN8Rwg8ZYsjMViDuNr3Il
Ly4wS7V+SkXkxq1jID+rjisN2csekyxsaaG1UiMIve1dFeLSkMrq63fXh7kieFT6
geCXHt+Y7RYJSfe0LYORWYPEBctMd9t+OjkH2nmG/3LqlvYJof1cuBJM2IBvqdyu
PpOAHmsmj1G7TUZCtMJQU56ZTLroo0BKFy8QJ+GduzKg63ZczQ1gzoJ9ol1gCCJE
OJUkt9fxwh7PgdSfnb6n+ZX+GDlZdz7JLsOVDvftiK64H4P+agdEr5Q6DnxhAgMB
AAGjggIgMIICHDAdBgNVHQ4EFgQUo1zWa8Th6uKwa6+2OU4du1/BjqEwHwYDVR0j
BBgwFoAU6yx+YlA7BjTrSrU/iMBpUKx23NEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGU4MmQ1ZGU0MTAxODNmNjg2NjEwODRiODYvMS9FQjJDN0U2MjUw
M0IwNjM0RUI0QUI1M0Y4OEMwNjk1MEFDNzZEQ0QxLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNnl4LVlsQTdCalRyU3JVX2lNQnBVS3gyM05FLmNlcjCBoAYIKwYB
BQUHAQsEgZMwgZAwgY0GCCsGAQUFBzALhoGAcnN5bmM6Ly9ycGtpLXJwcy5hcmlu
Lm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRlODJkNWRlNDEwMTgzZjY4NjYxMDg0Yjg2
LzEvMzEzNzM2MmUzNTM4MmUzOTM0MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzMz
NjMyMzMzNi5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcB
BwEB/wQQMA4wDAQCAAEwBgMEALA6XjANBgkqhkiG9w0BAQsFAAOCAQEAeNSznLUH
P3tMxXN3hVMVKYmO6acs8GlZGA9Grmx1zrMa6a6W8YCAf9ZTcRUxKNx9GlLHIarF
diksBZbNY63D+zQniBdpOtYw2Zeirur3qdgPz4oSiE9yEHqkFHrutgxTon3kthNP
LQ/qgKIowYnccEwslU2i4dA1Gyy8ux7BQVTcGiWkpB/yilEac+0AAA6rXKeWliYa
5fC7ZwEXhL6ZBbh0ibIieMr6XEM7J1Cz8khKUlm+DNTIvP4xE2PrH+VcLNxrttbv
Ksr0UKZ9j3rIYh5WpDoFnLn7ly6bI8Uywu1kLlgjHXQmT1iBiLAZ22iDLKf8JruD
VUVMBwhccBo0TQ==
-----END CERTIFICATE-----