Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/3138352e3137382e3230322e302f32342d3234203d3e203336323336.roa
File:                     3138352e3137382e3230322e302f32342d3234203d3e203336323336.roa (raw, json)
Hash identifier:          xNQD3OGfq5cBLxSkq6BdiD5nnqX/C4yNQo6EngYdNg0=
Subject key identifier:   62:81:2E:85:01:83:7D:16:40:74:60:FD:1B:97:70:98:42:AA:50:21
Certificate issuer:       /CN=eb2c7e62503b0634eb4ab53f88c06950ac76dcd1
Certificate serial:       7AB328008AAFEA4CF8C03226A7F28D293867F7F0
Authority key identifier: EB:2C:7E:62:50:3B:06:34:EB:4A:B5:3F:88:C0:69:50:AC:76:DC:D1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6yx-YlA7BjTrSrU_iMBpUKx23NE.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/3138352e3137382e3230322e302f32342d3234203d3e203336323336.roa
Signing time:             Thu 24 Jul 2025 20:13:49 +0000
ROA not before:           Thu 24 Jul 2025 20:08:49 +0000
ROA not after:            Thu 23 Jul 2026 20:13:49 +0000
asID:                     36236
IP address blocks:        185.178.202.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/EB2C7E62503B0634EB4AB53F88C06950AC76DCD1.crl
                          rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/EB2C7E62503B0634EB4AB53F88C06950AC76DCD1.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6yx-YlA7BjTrSrU_iMBpUKx23NE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 09 Aug 2025 11:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7a:b3:28:00:8a:af:ea:4c:f8:c0:32:26:a7:f2:8d:29:38:67:f7:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eb2c7e62503b0634eb4ab53f88c06950ac76dcd1
        Validity
            Not Before: Jul 24 20:08:49 2025 GMT
            Not After : Jul 23 20:13:49 2026 GMT
        Subject: CN=62812E8501837D16407460FD1B97709842AA5021
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f6:40:46:7d:01:83:0c:09:7a:e9:2e:70:03:75:
                    79:5e:be:c4:b2:42:a8:be:25:77:2b:d1:b3:cd:c7:
                    33:e9:f1:c3:8b:c6:e7:5e:20:df:2a:ea:4d:60:bd:
                    d5:8f:f5:bd:4e:8f:9b:d2:f3:d2:cc:a1:0c:a4:8b:
                    da:2a:82:4f:9d:8c:22:17:f1:27:b2:a2:16:3a:c8:
                    dd:f5:9a:1f:cf:2c:a9:25:9e:50:4d:70:a8:16:c4:
                    9b:54:1f:d7:13:76:3f:02:86:cc:72:a6:6b:b3:c8:
                    55:21:e4:62:98:cd:89:48:48:ef:0a:e4:09:e2:2c:
                    00:f1:4f:16:76:98:2a:11:64:8c:28:00:33:21:6a:
                    bd:ff:75:38:41:c2:0f:e7:cd:34:a1:87:7e:ba:ec:
                    c9:f7:0b:2a:7e:cb:5a:a7:a5:35:dc:8b:ea:4f:31:
                    49:d3:21:70:f2:dd:ae:c4:bf:10:a0:ae:60:49:bc:
                    07:8c:4d:a9:7b:f2:d6:b0:56:fe:0c:c6:14:1b:39:
                    16:cd:61:eb:60:02:c3:0e:8c:03:10:b5:57:14:a3:
                    db:fe:97:f1:94:91:cd:70:bb:fe:6d:b6:a5:47:2d:
                    6b:71:c5:7e:ae:ad:58:a3:5d:ef:2c:aa:d3:be:42:
                    83:30:43:ea:17:3c:3f:67:a8:41:a7:6e:ec:3c:51:
                    68:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:81:2E:85:01:83:7D:16:40:74:60:FD:1B:97:70:98:42:AA:50:21
            X509v3 Authority Key Identifier:
                keyid:EB:2C:7E:62:50:3B:06:34:EB:4A:B5:3F:88:C0:69:50:AC:76:DC:D1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/EB2C7E62503B0634EB4AB53F88C06950AC76DCD1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6yx-YlA7BjTrSrU_iMBpUKx23NE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/3138352e3137382e3230322e302f32342d3234203d3e203336323336.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.178.202.0/24

    Signature Algorithm: sha256WithRSAEncryption
         00:3f:45:a5:ca:d2:b5:58:18:a8:d6:bb:92:83:a3:9b:b3:f7:
         fe:cd:28:19:12:aa:d2:fb:f0:3d:61:be:81:b1:66:05:d6:9d:
         cf:03:63:83:b2:89:55:82:ed:15:e8:ab:3d:3e:0f:80:e8:7b:
         55:3d:93:c0:07:dc:c3:4e:47:e7:d5:41:43:85:3b:c3:1b:12:
         d1:a0:7a:05:67:0a:db:af:b8:da:5b:12:45:6d:6d:a3:cd:6c:
         c5:59:7e:30:01:a3:05:91:18:50:01:fa:20:60:7f:a4:db:20:
         fb:56:81:cf:d8:f7:b4:dd:03:1a:ae:2a:38:ed:07:64:6c:be:
         a3:d9:34:c7:44:72:e0:ea:d3:53:43:78:95:b0:12:df:23:c8:
         63:53:07:c9:fa:56:09:bb:18:ff:3c:10:c5:13:16:9d:cf:7a:
         54:ab:36:41:e7:6c:bf:aa:bf:fb:91:94:48:ed:f1:e4:1c:c7:
         fa:6f:28:4e:93:1a:33:9f:59:58:6c:d2:db:51:0c:4f:72:ad:
         fa:be:7e:5b:ae:63:5a:3d:a6:96:20:29:fe:63:ad:a4:49:ad:
         81:ef:91:bc:f8:ef:82:26:41:dd:42:0e:52:c5:5a:93:bf:35:
         22:2a:54:ca:94:f0:b8:ea:f3:d2:78:b2:53:ea:f0:12:b9:33:
         09:70:df:92
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgIUerMoAIqv6kz4wDImp/KNKThn9/AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZWIyYzdlNjI1MDNiMDYzNGViNGFiNTNmODhjMDY5NTBh
Yzc2ZGNkMTAeFw0yNTA3MjQyMDA4NDlaFw0yNjA3MjMyMDEzNDlaMDMxMTAvBgNV
BAMTKDYyODEyRTg1MDE4MzdEMTY0MDc0NjBGRDFCOTc3MDk4NDJBQTUwMjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD2QEZ9AYMMCXrpLnADdXlevsSy
Qqi+JXcr0bPNxzPp8cOLxudeIN8q6k1gvdWP9b1Oj5vS89LMoQyki9oqgk+djCIX
8SeyohY6yN31mh/PLKklnlBNcKgWxJtUH9cTdj8ChsxypmuzyFUh5GKYzYlISO8K
5AniLADxTxZ2mCoRZIwoADMhar3/dThBwg/nzTShh3667Mn3Cyp+y1qnpTXci+pP
MUnTIXDy3a7EvxCgrmBJvAeMTal78tawVv4MxhQbORbNYetgAsMOjAMQtVcUo9v+
l/GUkc1wu/5ttqVHLWtxxX6urVijXe8sqtO+QoMwQ+oXPD9nqEGnbuw8UWhHAgMB
AAGjggIkMIICIDAdBgNVHQ4EFgQUYoEuhQGDfRZAdGD9G5dwmEKqUCEwHwYDVR0j
BBgwFoAU6yx+YlA7BjTrSrU/iMBpUKx23NEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGU4MmQ1ZGU0MTAxODNmNjg2NjEwODRiODYvMS9FQjJDN0U2MjUw
M0IwNjM0RUI0QUI1M0Y4OEMwNjk1MEFDNzZEQ0QxLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNnl4LVlsQTdCalRyU3JVX2lNQnBVS3gyM05FLmNlcjCBpAYIKwYB
BQUHAQsEgZcwgZQwgZEGCCsGAQUFBzALhoGEcnN5bmM6Ly9ycGtpLXJwcy5hcmlu
Lm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRlODJkNWRlNDEwMTgzZjY4NjYxMDg0Yjg2
LzEvMzEzODM1MmUzMTM3MzgyZTMyMzAzMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2Uy
MDMzMzYzMjMzMzYucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYB
BQUHAQcBAf8EEDAOMAwEAgABMAYDBAC5ssowDQYJKoZIhvcNAQELBQADggEBAAA/
RaXK0rVYGKjWu5KDo5uz9/7NKBkSqtL78D1hvoGxZgXWnc8DY4OyiVWC7RXoqz0+
D4Doe1U9k8AH3MNOR+fVQUOFO8MbEtGgegVnCtuvuNpbEkVtbaPNbMVZfjABowWR
GFAB+iBgf6TbIPtWgc/Y97TdAxquKjjtB2RsvqPZNMdEcuDq01NDeJWwEt8jyGNT
B8n6Vgm7GP88EMUTFp3PelSrNkHnbL+qv/uRlEjt8eQcx/pvKE6TGjOfWVhs0ttR
DE9yrfq+fluuY1o9ppYgKf5jraRJrYHvkbz474ImQd1CDlLFWpO/NSIqVMqU8Ljq
89J4slPq8BK5Mwlw35I=
-----END CERTIFICATE-----