Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/326130303a646438303a34303a3a2f34382d3438203d3e203336323336.roa
File:                     326130303a646438303a34303a3a2f34382d3438203d3e203336323336.roa (raw, json)
Hash identifier:          csadHMUdPZdN1Rc5k+ytlgj9H7wOVX6E//3BuRxhDcU=
Subject key identifier:   77:F0:6F:B5:1F:12:8F:15:39:BC:85:20:F7:79:20:D6:1B:A8:D1:66
Certificate issuer:       /CN=eb2c7e62503b0634eb4ab53f88c06950ac76dcd1
Certificate serial:       67A1BD49BC4F4814FDCDA9D575A280D33C969AC2
Authority key identifier: EB:2C:7E:62:50:3B:06:34:EB:4A:B5:3F:88:C0:69:50:AC:76:DC:D1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6yx-YlA7BjTrSrU_iMBpUKx23NE.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/326130303a646438303a34303a3a2f34382d3438203d3e203336323336.roa
Signing time:             Mon 04 Aug 2025 20:13:53 +0000
ROA not before:           Mon 04 Aug 2025 20:08:53 +0000
ROA not after:            Mon 03 Aug 2026 20:13:53 +0000
asID:                     36236
IP address blocks:        2a00:dd80:40::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/EB2C7E62503B0634EB4AB53F88C06950AC76DCD1.crl
                          rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/EB2C7E62503B0634EB4AB53F88C06950AC76DCD1.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6yx-YlA7BjTrSrU_iMBpUKx23NE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 09 Aug 2025 01:08:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            67:a1:bd:49:bc:4f:48:14:fd:cd:a9:d5:75:a2:80:d3:3c:96:9a:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eb2c7e62503b0634eb4ab53f88c06950ac76dcd1
        Validity
            Not Before: Aug  4 20:08:53 2025 GMT
            Not After : Aug  3 20:13:53 2026 GMT
        Subject: CN=77F06FB51F128F1539BC8520F77920D61BA8D166
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:63:40:54:30:1a:91:03:f6:5f:c8:61:f1:e1:
                    35:16:9d:3e:7d:5c:0a:99:f3:78:9e:b5:9b:92:54:
                    52:e9:87:a9:2a:e8:cb:b5:74:78:4f:7e:7f:b1:a1:
                    e8:ef:b9:96:cc:2e:7e:c0:90:fe:9f:1a:97:0e:b0:
                    1d:92:ab:b8:2a:b1:e3:3c:f8:ee:df:bf:18:43:09:
                    8b:17:7f:df:53:14:86:40:b1:dc:bd:8c:4c:a5:a0:
                    c5:5b:de:48:79:f9:e3:62:8b:26:b5:b1:b7:89:70:
                    c9:07:0c:61:ae:9e:32:5e:1f:de:28:e2:3b:23:c0:
                    f0:27:ca:26:8e:b3:ab:03:13:a3:b7:ea:3d:b5:02:
                    2d:0e:43:9e:1a:bb:e1:58:51:a5:0a:8c:48:7f:67:
                    33:40:82:9d:db:d4:7a:7b:1a:1b:6d:42:3c:b2:b1:
                    28:54:c9:a5:0a:2f:61:bc:8e:c6:98:91:1b:a5:f5:
                    bd:ab:74:f6:86:25:b0:86:f2:91:d0:eb:72:a6:ca:
                    8e:b1:0a:51:db:b2:32:ba:d3:3e:be:71:56:db:d0:
                    9c:9b:cc:66:a4:51:63:d7:5c:9f:ff:b6:7f:b8:58:
                    2c:a0:57:90:96:23:63:51:c1:3a:09:f1:85:ae:c3:
                    0e:fc:9c:ac:00:e4:b9:81:07:b1:dc:ac:7e:12:c5:
                    7b:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:F0:6F:B5:1F:12:8F:15:39:BC:85:20:F7:79:20:D6:1B:A8:D1:66
            X509v3 Authority Key Identifier:
                keyid:EB:2C:7E:62:50:3B:06:34:EB:4A:B5:3F:88:C0:69:50:AC:76:DC:D1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/EB2C7E62503B0634EB4AB53F88C06950AC76DCD1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6yx-YlA7BjTrSrU_iMBpUKx23NE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/1/326130303a646438303a34303a3a2f34382d3438203d3e203336323336.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a00:dd80:40::/48

    Signature Algorithm: sha256WithRSAEncryption
         0c:de:22:c4:5d:c3:a0:36:74:0f:22:46:d6:c9:92:12:e0:7d:
         82:9b:14:e3:2b:c7:19:5e:32:0c:0c:7f:01:36:aa:a2:c2:0a:
         dc:81:89:05:5c:44:4c:e3:9c:3d:af:cc:55:3e:9e:43:df:11:
         58:bc:3f:56:ba:7a:f0:14:a0:10:98:5d:a0:62:27:28:a7:d2:
         3a:53:59:98:e3:68:c8:8b:3b:50:d6:06:ac:69:52:aa:b0:85:
         dd:ef:61:8e:f8:d1:4c:b8:6f:dd:f7:d5:0a:4c:ee:ee:3c:85:
         f8:c2:d3:ed:ee:d2:1a:2c:77:0e:e9:fd:16:f0:42:c8:68:ef:
         20:a3:60:7c:d3:3a:e9:d6:22:1c:19:2f:d6:98:a2:18:9e:72:
         9f:9e:38:13:71:e2:79:8d:e5:4a:0a:99:69:1d:01:ee:74:80:
         b3:38:32:4f:92:29:68:ab:c5:85:40:bc:3a:85:e4:0b:ca:3a:
         f8:a6:20:8d:44:8e:cb:7f:a5:f3:41:f8:62:92:06:86:e8:ac:
         3e:61:44:98:a0:7a:36:6b:00:97:04:31:0d:6e:b0:21:fd:3c:
         f9:fb:61:b8:e1:6d:47:7c:4d:eb:44:c9:2f:90:ee:65:6e:c8:
         79:08:17:2b:f6:82:61:2d:88:68:b3:17:e9:f0:52:c7:20:6e:
         61:7d:e8:00
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgIUZ6G9SbxPSBT9zanVdaKA0zyWmsIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZWIyYzdlNjI1MDNiMDYzNGViNGFiNTNmODhjMDY5NTBh
Yzc2ZGNkMTAeFw0yNTA4MDQyMDA4NTNaFw0yNjA4MDMyMDEzNTNaMDMxMTAvBgNV
BAMTKDc3RjA2RkI1MUYxMjhGMTUzOUJDODUyMEY3NzkyMEQ2MUJBOEQxNjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqY0BUMBqRA/ZfyGHx4TUWnT59
XAqZ83ietZuSVFLph6kq6Mu1dHhPfn+xoejvuZbMLn7AkP6fGpcOsB2Sq7gqseM8
+O7fvxhDCYsXf99TFIZAsdy9jEyloMVb3kh5+eNiiya1sbeJcMkHDGGunjJeH94o
4jsjwPAnyiaOs6sDE6O36j21Ai0OQ54au+FYUaUKjEh/ZzNAgp3b1Hp7GhttQjyy
sShUyaUKL2G8jsaYkRul9b2rdPaGJbCG8pHQ63Kmyo6xClHbsjK60z6+cVbb0Jyb
zGakUWPXXJ//tn+4WCygV5CWI2NRwToJ8YWuww78nKwA5LmBB7HcrH4SxXunAgMB
AAGjggIpMIICJTAdBgNVHQ4EFgQUd/BvtR8SjxU5vIUg93kg1huo0WYwHwYDVR0j
BBgwFoAU6yx+YlA7BjTrSrU/iMBpUKx23NEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGU4MmQ1ZGU0MTAxODNmNjg2NjEwODRiODYvMS9FQjJDN0U2MjUw
M0IwNjM0RUI0QUI1M0Y4OEMwNjk1MEFDNzZEQ0QxLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNnl4LVlsQTdCalRyU3JVX2lNQnBVS3gyM05FLmNlcjCBpgYIKwYB
BQUHAQsEgZkwgZYwgZMGCCsGAQUFBzALhoGGcnN5bmM6Ly9ycGtpLXJwcy5hcmlu
Lm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRlODJkNWRlNDEwMTgzZjY4NjYxMDg0Yjg2
LzEvMzI2MTMwMzAzYTY0NjQzODMwM2EzNDMwM2EzYTJmMzQzODJkMzQzODIwM2Qz
ZTIwMzMzNjMyMzMzNi5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggr
BgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoA3YAAQDANBgkqhkiG9w0BAQsFAAOC
AQEADN4ixF3DoDZ0DyJG1smSEuB9gpsU4yvHGV4yDAx/ATaqosIK3IGJBVxETOOc
Pa/MVT6eQ98RWLw/Vrp68BSgEJhdoGInKKfSOlNZmONoyIs7UNYGrGlSqrCF3e9h
jvjRTLhv3ffVCkzu7jyF+MLT7e7SGix3Dun9FvBCyGjvIKNgfNM66dYiHBkv1pii
GJ5yn544E3HieY3lSgqZaR0B7nSAszgyT5IpaKvFhUC8OoXkC8o6+KYgjUSOy3+l
80H4YpIGhuisPmFEmKB6NmsAlwQxDW6wIf08+fthuOFtR3xN60TJL5DuZW7IeQgX
K/aCYS2IaLMX6fBSxyBuYX3oAA==
-----END CERTIFICATE-----
Generated at Fri Aug 8 13:02:41 2025 by rpki-client