Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/3138352e3137382e3230332e302f32342d3234203d3e203336323336.roa
File:                     3138352e3137382e3230332e302f32342d3234203d3e203336323336.roa (raw, json)
Hash identifier:          7tHdVAlRuiqtWN0YSJ+pWUHOH9vpNBg95eNLcIfMnxY=
Subject key identifier:   BE:F7:F8:65:A7:C9:FD:32:30:DC:B0:FC:36:6B:F1:A4:89:5C:AD:A1
Certificate issuer:       /CN=eb2c7e62503b0634eb4ab53f88c06950ac76dcd1
Certificate serial:       56300709369DE89B9A6E8F2571D5DD0EDAC53D7F
Authority key identifier: EB:2C:7E:62:50:3B:06:34:EB:4A:B5:3F:88:C0:69:50:AC:76:DC:D1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6yx-YlA7BjTrSrU_iMBpUKx23NE.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/3138352e3137382e3230332e302f32342d3234203d3e203336323336.roa
Signing time:             Thu 24 Jul 2025 20:13:49 +0000
ROA not before:           Thu 24 Jul 2025 20:08:49 +0000
ROA not after:            Thu 23 Jul 2026 20:13:49 +0000
asID:                     36236
IP address blocks:        185.178.203.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/EB2C7E62503B0634EB4AB53F88C06950AC76DCD1.crl
                          rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/EB2C7E62503B0634EB4AB53F88C06950AC76DCD1.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6yx-YlA7BjTrSrU_iMBpUKx23NE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 09 Aug 2025 18:18:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            56:30:07:09:36:9d:e8:9b:9a:6e:8f:25:71:d5:dd:0e:da:c5:3d:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eb2c7e62503b0634eb4ab53f88c06950ac76dcd1
        Validity
            Not Before: Jul 24 20:08:49 2025 GMT
            Not After : Jul 23 20:13:49 2026 GMT
        Subject: CN=BEF7F865A7C9FD3230DCB0FC366BF1A4895CADA1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:81:e2:16:64:62:98:f8:e7:5d:2d:c1:a0:8a:
                    74:46:c1:fe:5b:e6:86:c1:64:e8:35:b9:13:c7:88:
                    a1:9f:10:f9:34:7b:39:ba:2d:a9:76:44:60:32:4a:
                    cd:ea:18:a2:1e:19:12:c7:d0:2d:90:d5:98:59:e2:
                    6a:73:ff:29:c0:7f:63:0b:af:11:01:ff:a9:67:f2:
                    fa:94:3b:5f:65:f4:25:f4:9f:98:1b:7b:c1:11:3a:
                    a2:e9:00:9c:86:68:97:dd:ea:1d:88:37:ce:51:22:
                    49:67:fa:9b:75:01:2d:bf:32:07:97:25:4a:4f:19:
                    dd:32:bf:a4:4c:6f:19:d0:68:b1:88:d9:59:e2:fd:
                    7e:e0:30:4e:fc:f4:92:dc:02:34:ff:99:4d:55:66:
                    26:3e:63:63:91:a2:87:23:cd:85:41:2c:8a:9f:bd:
                    6c:d6:24:cf:d6:3a:00:91:21:d6:30:2a:3b:e9:96:
                    78:47:af:79:7f:12:b8:19:89:92:cb:63:0e:23:ec:
                    42:08:74:48:a1:7a:27:b3:f2:7c:98:f3:9d:ac:ef:
                    d3:64:cb:19:34:ea:97:44:26:48:19:14:a0:94:92:
                    ac:a3:bc:ac:3b:26:81:e1:67:36:84:1d:a4:d4:07:
                    4d:df:80:75:4d:cf:54:d4:b3:bd:2c:cc:37:f1:82:
                    0d:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:F7:F8:65:A7:C9:FD:32:30:DC:B0:FC:36:6B:F1:A4:89:5C:AD:A1
            X509v3 Authority Key Identifier:
                keyid:EB:2C:7E:62:50:3B:06:34:EB:4A:B5:3F:88:C0:69:50:AC:76:DC:D1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/EB2C7E62503B0634EB4AB53F88C06950AC76DCD1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6yx-YlA7BjTrSrU_iMBpUKx23NE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/3138352e3137382e3230332e302f32342d3234203d3e203336323336.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.178.203.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b6:0c:e0:e9:54:80:6c:56:3b:d2:70:fc:eb:22:82:65:1e:61:
         ff:74:bd:53:19:1a:90:7b:94:25:13:cb:d4:78:05:14:22:3d:
         ba:9e:bf:c0:ac:0d:af:5e:df:31:61:97:e6:22:fe:a1:9f:11:
         c3:38:3a:28:58:58:ba:78:7e:e6:7a:4e:e1:9a:94:4d:07:df:
         df:05:c7:9b:0e:70:e0:24:b2:32:d9:43:65:c2:2f:01:ca:0b:
         cc:2a:88:fc:4e:10:fd:59:65:68:56:62:58:6e:38:7e:49:f9:
         11:f4:fb:da:28:05:3a:a4:97:aa:f3:94:c6:0d:39:56:57:35:
         ce:6b:79:8c:ef:ef:fb:36:59:18:fc:f3:37:cf:bd:9d:1c:72:
         48:f6:64:58:46:01:90:9b:dc:9b:c0:e6:04:54:7b:cd:2d:70:
         f7:ad:54:cb:d4:8e:27:2d:52:11:36:1f:27:5c:5d:03:0e:15:
         50:3e:48:a4:e0:b4:90:b7:a7:b5:be:01:fe:64:f7:49:bc:6a:
         ed:cc:ac:d3:f3:f1:fa:e4:3a:37:ff:3c:be:70:1d:de:22:57:
         5f:6a:16:cd:aa:b7:53:d0:d8:2a:48:64:99:dd:dd:29:ef:22:
         d2:ea:0d:60:ab:b0:f3:ce:dc:1c:1e:27:be:7c:d0:83:e4:86:
         67:b3:45:cc
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgIUVjAHCTad6Juabo8lcdXdDtrFPX8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZWIyYzdlNjI1MDNiMDYzNGViNGFiNTNmODhjMDY5NTBh
Yzc2ZGNkMTAeFw0yNTA3MjQyMDA4NDlaFw0yNjA3MjMyMDEzNDlaMDMxMTAvBgNV
BAMTKEJFRjdGODY1QTdDOUZEMzIzMERDQjBGQzM2NkJGMUE0ODk1Q0FEQTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCUgeIWZGKY+OddLcGginRGwf5b
5obBZOg1uRPHiKGfEPk0ezm6Lal2RGAySs3qGKIeGRLH0C2Q1ZhZ4mpz/ynAf2ML
rxEB/6ln8vqUO19l9CX0n5gbe8EROqLpAJyGaJfd6h2IN85RIkln+pt1AS2/MgeX
JUpPGd0yv6RMbxnQaLGI2Vni/X7gME789JLcAjT/mU1VZiY+Y2ORoocjzYVBLIqf
vWzWJM/WOgCRIdYwKjvplnhHr3l/ErgZiZLLYw4j7EIIdEiheiez8nyY852s79Nk
yxk06pdEJkgZFKCUkqyjvKw7JoHhZzaEHaTUB03fgHVNz1TUs70szDfxgg0BAgMB
AAGjggIkMIICIDAdBgNVHQ4EFgQUvvf4ZafJ/TIw3LD8NmvxpIlcraEwHwYDVR0j
BBgwFoAU6yx+YlA7BjTrSrU/iMBpUKx23NEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGU4MmQ1ZGU0MTAxODNmNjg2NjEwODRiODYvMS9FQjJDN0U2MjUw
M0IwNjM0RUI0QUI1M0Y4OEMwNjk1MEFDNzZEQ0QxLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNnl4LVlsQTdCalRyU3JVX2lNQnBVS3gyM05FLmNlcjCBpAYIKwYB
BQUHAQsEgZcwgZQwgZEGCCsGAQUFBzALhoGEcnN5bmM6Ly9ycGtpLXJwcy5hcmlu
Lm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRlODJkNWRlNDEwMTgzZjY4NjYxMDg0Yjg2
LzEvMzEzODM1MmUzMTM3MzgyZTMyMzAzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2Uy
MDMzMzYzMjMzMzYucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYB
BQUHAQcBAf8EEDAOMAwEAgABMAYDBAC5ssswDQYJKoZIhvcNAQELBQADggEBALYM
4OlUgGxWO9Jw/OsigmUeYf90vVMZGpB7lCUTy9R4BRQiPbqev8CsDa9e3zFhl+Yi
/qGfEcM4OihYWLp4fuZ6TuGalE0H398Fx5sOcOAksjLZQ2XCLwHKC8wqiPxOEP1Z
ZWhWYlhuOH5J+RH0+9ooBTqkl6rzlMYNOVZXNc5reYzv7/s2WRj88zfPvZ0cckj2
ZFhGAZCb3JvA5gRUe80tcPetVMvUjictUhE2HydcXQMOFVA+SKTgtJC3p7W+Af5k
90m8au3MrNPz8frkOjf/PL5wHd4iV19qFs2qt1PQ2CpIZJnd3SnvItLqDWCrsPPO
3BweJ7580IPkhmezRcw=
-----END CERTIFICATE-----