Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/326130303a646438303a33613a3a2f34382d3438203d3e203336323336.roa
File:                     326130303a646438303a33613a3a2f34382d3438203d3e203336323336.roa (raw, json)
Hash identifier:          6QasQsU/oRn7Kouw5QwBnOzzyd32axOAVXgKklamK3E=
Subject key identifier:   5E:6D:7A:9B:09:F6:16:A1:45:98:55:15:34:DD:39:FD:78:42:DC:6F
Certificate issuer:       /CN=eb2c7e62503b0634eb4ab53f88c06950ac76dcd1
Certificate serial:       10DD32E1B2B8C4D70D84AFDC560F76B5AC14177A
Authority key identifier: EB:2C:7E:62:50:3B:06:34:EB:4A:B5:3F:88:C0:69:50:AC:76:DC:D1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6yx-YlA7BjTrSrU_iMBpUKx23NE.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/326130303a646438303a33613a3a2f34382d3438203d3e203336323336.roa
Signing time:             Mon 04 Aug 2025 20:13:54 +0000
ROA not before:           Mon 04 Aug 2025 20:08:54 +0000
ROA not after:            Mon 03 Aug 2026 20:13:54 +0000
asID:                     36236
IP address blocks:        2a00:dd80:3a::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/EB2C7E62503B0634EB4AB53F88C06950AC76DCD1.crl
                          rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/EB2C7E62503B0634EB4AB53F88C06950AC76DCD1.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6yx-YlA7BjTrSrU_iMBpUKx23NE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 Aug 2025 12:42:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            10:dd:32:e1:b2:b8:c4:d7:0d:84:af:dc:56:0f:76:b5:ac:14:17:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eb2c7e62503b0634eb4ab53f88c06950ac76dcd1
        Validity
            Not Before: Aug  4 20:08:54 2025 GMT
            Not After : Aug  3 20:13:54 2026 GMT
        Subject: CN=5E6D7A9B09F616A14598551534DD39FD7842DC6F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:2c:92:c1:b9:73:6c:d8:b6:05:74:93:fd:ce:
                    02:43:47:d8:4b:fc:b3:83:df:52:f0:87:e5:bb:c3:
                    ee:50:a6:07:32:c6:fa:8f:79:71:14:77:58:33:98:
                    ad:0e:c3:56:2f:b3:ac:a9:b2:4b:63:e5:fb:e8:e4:
                    57:d5:f9:96:0f:7c:26:74:31:58:57:14:bd:45:da:
                    f5:39:75:e1:49:05:3d:8d:36:7c:43:1a:8b:2b:6e:
                    0e:24:00:be:8e:38:01:62:6a:f5:3c:41:f6:4b:eb:
                    e9:39:92:d6:f2:99:cc:3e:d7:85:2b:74:aa:d2:13:
                    86:0b:7c:7a:7f:e6:20:98:0b:f3:40:68:47:fa:67:
                    6b:43:36:25:86:0c:6e:18:cc:cb:be:8e:72:41:ee:
                    1f:d9:f9:a4:6e:73:03:cb:a5:45:98:24:97:01:a3:
                    73:8d:d0:ee:b7:ce:1d:79:9e:64:a5:27:64:91:ed:
                    74:1f:1c:89:28:b2:59:1e:7c:1a:50:cb:57:4c:7c:
                    75:5e:2f:62:4d:1e:35:8e:74:09:da:bb:63:82:0b:
                    4d:3b:59:b5:dc:fb:f7:54:ea:25:61:94:f2:e3:f6:
                    aa:ec:c8:ac:93:03:c3:b3:2d:c4:dd:4c:6a:a9:1b:
                    c4:5a:1b:d1:0e:86:6f:f8:ab:f5:0a:31:94:f1:b7:
                    d3:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:6D:7A:9B:09:F6:16:A1:45:98:55:15:34:DD:39:FD:78:42:DC:6F
            X509v3 Authority Key Identifier:
                keyid:EB:2C:7E:62:50:3B:06:34:EB:4A:B5:3F:88:C0:69:50:AC:76:DC:D1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/EB2C7E62503B0634EB4AB53F88C06950AC76DCD1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6yx-YlA7BjTrSrU_iMBpUKx23NE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/326130303a646438303a33613a3a2f34382d3438203d3e203336323336.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a00:dd80:3a::/48

    Signature Algorithm: sha256WithRSAEncryption
         29:68:d2:b1:dd:9f:ec:52:58:9c:c8:3c:19:7d:0d:5f:ec:db:
         f9:2b:d1:5a:01:c2:bd:3f:e2:29:6a:df:fe:03:67:6d:36:55:
         f6:5d:a7:f6:66:fa:78:48:4e:92:88:6a:04:5c:ce:5f:1e:cd:
         bb:a5:0c:ad:09:da:77:df:c7:44:e7:06:b4:3f:df:c8:9b:6f:
         52:51:b4:2e:4b:d6:da:db:51:f4:e1:ee:7f:5b:20:e0:08:c1:
         5b:6c:31:13:14:1b:12:91:6b:1a:54:99:e4:b1:35:4a:09:be:
         1b:c9:cd:95:c8:26:0a:4f:8f:6c:80:12:f4:94:05:46:73:0f:
         89:88:1a:da:f3:07:5a:e3:de:18:be:26:4d:17:50:f0:70:37:
         43:93:93:6f:16:0c:2d:d3:4b:4f:20:18:8c:58:03:44:52:c3:
         88:56:a1:f2:f8:69:f7:21:6f:eb:f0:6e:5a:7c:1f:ed:0d:9b:
         e5:8f:03:20:ee:18:df:34:93:7b:c4:f5:02:10:17:95:cc:d1:
         99:b1:0d:fe:79:79:28:de:d7:30:de:63:65:ce:52:b8:c2:a4:
         64:ce:a4:64:d6:2b:e0:aa:33:8d:e9:02:40:23:53:30:63:10:
         6b:86:a7:84:93:2a:cd:60:66:f7:25:6b:11:23:70:9d:88:18:
         35:39:d2:ee
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgIUEN0y4bK4xNcNhK/cVg92tawUF3owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZWIyYzdlNjI1MDNiMDYzNGViNGFiNTNmODhjMDY5NTBh
Yzc2ZGNkMTAeFw0yNTA4MDQyMDA4NTRaFw0yNjA4MDMyMDEzNTRaMDMxMTAvBgNV
BAMTKDVFNkQ3QTlCMDlGNjE2QTE0NTk4NTUxNTM0REQzOUZENzg0MkRDNkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCULJLBuXNs2LYFdJP9zgJDR9hL
/LOD31Lwh+W7w+5QpgcyxvqPeXEUd1gzmK0Ow1Yvs6ypsktj5fvo5FfV+ZYPfCZ0
MVhXFL1F2vU5deFJBT2NNnxDGosrbg4kAL6OOAFiavU8QfZL6+k5ktbymcw+14Ur
dKrSE4YLfHp/5iCYC/NAaEf6Z2tDNiWGDG4YzMu+jnJB7h/Z+aRucwPLpUWYJJcB
o3ON0O63zh15nmSlJ2SR7XQfHIkoslkefBpQy1dMfHVeL2JNHjWOdAnau2OCC007
WbXc+/dU6iVhlPLj9qrsyKyTA8OzLcTdTGqpG8RaG9EOhm/4q/UKMZTxt9NLAgMB
AAGjggIpMIICJTAdBgNVHQ4EFgQUXm16mwn2FqFFmFUVNN05/XhC3G8wHwYDVR0j
BBgwFoAU6yx+YlA7BjTrSrU/iMBpUKx23NEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGU4MmQ1ZGU0MTAxODNmNjg2NjEwODRiODYvMS9FQjJDN0U2MjUw
M0IwNjM0RUI0QUI1M0Y4OEMwNjk1MEFDNzZEQ0QxLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNnl4LVlsQTdCalRyU3JVX2lNQnBVS3gyM05FLmNlcjCBpgYIKwYB
BQUHAQsEgZkwgZYwgZMGCCsGAQUFBzALhoGGcnN5bmM6Ly9ycGtpLXJwcy5hcmlu
Lm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRlODJkNWRlNDEwMTgzZjY4NjYxMDg0Yjg2
LzEvMzI2MTMwMzAzYTY0NjQzODMwM2EzMzYxM2EzYTJmMzQzODJkMzQzODIwM2Qz
ZTIwMzMzNjMyMzMzNi5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggr
BgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoA3YAAOjANBgkqhkiG9w0BAQsFAAOC
AQEAKWjSsd2f7FJYnMg8GX0NX+zb+SvRWgHCvT/iKWrf/gNnbTZV9l2n9mb6eEhO
kohqBFzOXx7Nu6UMrQnad9/HROcGtD/fyJtvUlG0LkvW2ttR9OHuf1sg4AjBW2wx
ExQbEpFrGlSZ5LE1Sgm+G8nNlcgmCk+PbIAS9JQFRnMPiYga2vMHWuPeGL4mTRdQ
8HA3Q5OTbxYMLdNLTyAYjFgDRFLDiFah8vhp9yFv6/BuWnwf7Q2b5Y8DIO4Y3zST
e8T1AhAXlczRmbEN/nl5KN7XMN5jZc5SuMKkZM6kZNYr4KozjekCQCNTMGMQa4an
hJMqzWBm9yVrESNwnYgYNTnS7g==
-----END CERTIFICATE-----