Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/6ab96e7a6130498aa9813d7ee5bbed31/10/3139352e3234362e3139332e302f32342d3234203d3e20393435.roa
File:                     3139352e3234362e3139332e302f32342d3234203d3e20393435.roa (raw, json)
Hash identifier:          A3inirpsxSlWx2+BzBG5+bBwRG/9PViwXz52ch/vdiw=
Subject key identifier:   AB:6D:ED:64:C4:3A:93:0B:81:7B:4A:86:0E:EA:C9:17:43:61:D3:28
Certificate issuer:       /CN=1372792608e2b16493a8c184695ac9bf7d210bda
Certificate serial:       6AE803E961DB8072987C26A58ACB7EC1017FAD31
Authority key identifier: 13:72:79:26:08:E2:B1:64:93:A8:C1:84:69:5A:C9:BF:7D:21:0B:DA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/E3J5JgjisWSTqMGEaVrJv30hC9o.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/6ab96e7a6130498aa9813d7ee5bbed31/10/3139352e3234362e3139332e302f32342d3234203d3e20393435.roa
Signing time:             Mon 16 Jun 2025 21:49:26 +0000
ROA not before:           Mon 16 Jun 2025 21:44:26 +0000
ROA not after:            Mon 15 Jun 2026 21:49:26 +0000
asID:                     945
IP address blocks:        195.246.193.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/6ab96e7a6130498aa9813d7ee5bbed31/10/1372792608E2B16493A8C184695AC9BF7D210BDA.crl
                          rsync://rpki-rps.arin.net/repository/6ab96e7a6130498aa9813d7ee5bbed31/10/1372792608E2B16493A8C184695AC9BF7D210BDA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/E3J5JgjisWSTqMGEaVrJv30hC9o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 01 Jul 2025 04:01:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6a:e8:03:e9:61:db:80:72:98:7c:26:a5:8a:cb:7e:c1:01:7f:ad:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1372792608e2b16493a8c184695ac9bf7d210bda
        Validity
            Not Before: Jun 16 21:44:26 2025 GMT
            Not After : Jun 15 21:49:26 2026 GMT
        Subject: CN=AB6DED64C43A930B817B4A860EEAC9174361D328
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:5f:7a:78:a9:21:4d:56:e0:06:39:53:eb:be:
                    ad:9f:90:08:ce:44:cb:eb:3c:c2:32:d6:5e:70:1c:
                    10:bc:9b:b6:45:43:73:89:3a:03:93:84:c9:09:84:
                    94:1b:36:f9:72:c6:59:82:1c:f1:9a:51:47:91:50:
                    21:a9:40:f0:86:0d:37:0a:34:96:e2:eb:dc:eb:03:
                    58:a5:5b:5e:36:6a:34:57:38:cb:ba:01:5f:5c:58:
                    4e:2d:60:36:fa:5f:5e:1b:cc:26:80:4b:c9:b0:70:
                    5b:f3:67:6e:a4:5a:86:fe:c8:6c:7b:42:be:ec:83:
                    fa:1f:38:2d:f6:e2:c2:21:d0:b4:9b:74:63:ac:f0:
                    9c:4c:e9:00:ee:95:bf:57:6e:f5:ab:eb:c0:24:a3:
                    29:4a:eb:33:8b:d7:ba:bf:9e:26:fd:5e:e1:8c:8d:
                    50:c4:f2:89:94:51:ae:08:7f:78:5d:24:57:f5:2b:
                    c3:ee:4f:86:38:f6:54:b5:29:76:81:f5:a2:92:55:
                    e9:30:72:32:c2:31:58:1c:dd:a7:fc:77:9b:d2:71:
                    b2:0e:99:47:4d:ae:16:05:ad:3b:7c:be:40:cd:c8:
                    e3:28:d3:2c:e0:71:09:94:07:24:b3:46:7b:12:7f:
                    30:c9:45:c8:e0:f9:60:a2:26:ee:c3:2b:9d:8c:9b:
                    13:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:6D:ED:64:C4:3A:93:0B:81:7B:4A:86:0E:EA:C9:17:43:61:D3:28
            X509v3 Authority Key Identifier:
                keyid:13:72:79:26:08:E2:B1:64:93:A8:C1:84:69:5A:C9:BF:7D:21:0B:DA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/6ab96e7a6130498aa9813d7ee5bbed31/10/1372792608E2B16493A8C184695AC9BF7D210BDA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E3J5JgjisWSTqMGEaVrJv30hC9o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/6ab96e7a6130498aa9813d7ee5bbed31/10/3139352e3234362e3139332e302f32342d3234203d3e20393435.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.246.193.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0a:d7:80:dc:57:61:bc:3b:29:42:d5:42:a4:48:b7:f5:4d:8a:
         32:eb:9b:f2:af:23:e0:64:a5:b0:5a:bf:d6:3e:97:91:39:51:
         39:16:aa:2a:93:12:10:68:25:12:8c:a9:71:e5:49:11:55:2c:
         4c:89:98:60:cb:25:e4:20:cf:f4:7d:26:e4:3b:ec:99:46:ce:
         d7:fb:fe:d3:41:f2:f7:46:04:cf:12:42:05:1e:a7:08:bb:40:
         45:ba:06:09:f3:88:c9:13:a0:1c:d3:b5:f3:f0:fc:22:4e:9f:
         7f:2c:49:09:08:2b:64:3e:d8:ea:73:7c:4e:7a:ec:ca:6e:1a:
         80:fa:bd:7c:a3:0e:65:dd:2e:12:1e:91:a8:8d:0f:48:4a:e4:
         40:ed:14:61:cb:75:cd:11:e3:c5:b0:cb:ca:7c:f2:b4:d6:f7:
         83:bd:c8:a5:c8:62:0f:f5:b8:7e:7e:9e:0d:06:bf:1a:e4:e2:
         49:88:9c:a1:e1:b1:e1:7b:58:f2:b4:88:aa:c0:c3:87:45:1f:
         8e:a1:bd:a7:e2:06:0b:8a:5d:e0:e2:b7:73:80:f2:8f:59:d6:
         c8:21:e0:8e:25:d5:6f:08:f0:cf:8e:c8:6e:70:35:15:f2:b6:
         52:6d:f6:0c:12:c6:6e:87:f9:b0:53:cb:c0:8b:59:b3:94:74:
         ea:d4:47:4c
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIUaugD6WHbgHKYfCalist+wQF/rTEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTM3Mjc5MjYwOGUyYjE2NDkzYThjMTg0Njk1YWM5YmY3
ZDIxMGJkYTAeFw0yNTA2MTYyMTQ0MjZaFw0yNjA2MTUyMTQ5MjZaMDMxMTAvBgNV
BAMTKEFCNkRFRDY0QzQzQTkzMEI4MTdCNEE4NjBFRUFDOTE3NDM2MUQzMjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCUX3p4qSFNVuAGOVPrvq2fkAjO
RMvrPMIy1l5wHBC8m7ZFQ3OJOgOThMkJhJQbNvlyxlmCHPGaUUeRUCGpQPCGDTcK
NJbi69zrA1ilW142ajRXOMu6AV9cWE4tYDb6X14bzCaAS8mwcFvzZ26kWob+yGx7
Qr7sg/ofOC324sIh0LSbdGOs8JxM6QDulb9XbvWr68AkoylK6zOL17q/nib9XuGM
jVDE8omUUa4If3hdJFf1K8PuT4Y49lS1KXaB9aKSVekwcjLCMVgc3af8d5vScbIO
mUdNrhYFrTt8vkDNyOMo0yzgcQmUBySzRnsSfzDJRcjg+WCiJu7DK52MmxMVAgMB
AAGjggIiMIICHjAdBgNVHQ4EFgQUq23tZMQ6kwuBe0qGDurJF0Nh0ygwHwYDVR0j
BBgwFoAUE3J5JgjisWSTqMGEaVrJv30hC9owDgYDVR0PAQH/BAQDAgeAMIGGBgNV
HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvNmFiOTZlN2E2MTMwNDk4YWE5ODEzZDdlZTViYmVkMzEvMTAvMTM3Mjc5MjYw
OEUyQjE2NDkzQThDMTg0Njk1QUM5QkY3RDIxMEJEQS5jcmwwZAYIKwYBBQUHAQEE
WDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL0UzSjVKZ2ppc1dTVHFNR0VhVnJKdjMwaEM5by5jZXIwgaEGCCsG
AQUFBwELBIGUMIGRMIGOBggrBgEFBQcwC4aBgXJzeW5jOi8vcnBraS1ycHMuYXJp
bi5uZXQvcmVwb3NpdG9yeS82YWI5NmU3YTYxMzA0OThhYTk4MTNkN2VlNWJiZWQz
MS8xMC8zMTM5MzUyZTMyMzQzNjJlMzEzOTMzMmUzMDJmMzIzNDJkMzIzNDIwM2Qz
ZTIwMzkzNDM1LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAw/bBMA0GCSqGSIb3DQEBCwUAA4IBAQAK14Dc
V2G8OylC1UKkSLf1TYoy65vyryPgZKWwWr/WPpeROVE5FqoqkxIQaCUSjKlx5UkR
VSxMiZhgyyXkIM/0fSbkO+yZRs7X+/7TQfL3RgTPEkIFHqcIu0BFugYJ84jJE6Ac
07Xz8PwiTp9/LEkJCCtkPtjqc3xOeuzKbhqA+r18ow5l3S4SHpGojQ9ISuRA7RRh
y3XNEePFsMvKfPK01veDvcilyGIP9bh+fp4NBr8a5OJJiJyh4bHhe1jytIiqwMOH
RR+Oob2n4gYLil3g4rdzgPKPWdbIIeCOJdVvCPDPjshucDUV8rZSbfYMEsZuh/mw
U8vAi1mzlHTq1EdM
-----END CERTIFICATE-----