Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/6ab96e7a6130498aa9813d7ee5bbed31/11/3138352e3135352e37352e302f32342d3234203d3e203439383637.roa
File:                     3138352e3135352e37352e302f32342d3234203d3e203439383637.roa (raw, json)
Hash identifier:          2BM7Up/uRpC2kGUw5rjIZjF1FqK6q9BWKbfrDV6CTuE=
Subject key identifier:   85:AB:CE:9A:CD:90:18:87:09:19:E3:89:E9:C6:92:24:C8:B9:EA:4D
Certificate issuer:       /CN=d4700d8e6f022571a0b26fcd4c70c0408ea4ffc9
Certificate serial:       4973D785EBB9F29A837629915FBBCFC0E3CDBDF2
Authority key identifier: D4:70:0D:8E:6F:02:25:71:A0:B2:6F:CD:4C:70:C0:40:8E:A4:FF:C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1HANjm8CJXGgsm_NTHDAQI6k_8k.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/6ab96e7a6130498aa9813d7ee5bbed31/11/3138352e3135352e37352e302f32342d3234203d3e203439383637.roa
Signing time:             Mon 16 Jun 2025 21:51:23 +0000
ROA not before:           Mon 16 Jun 2025 21:46:23 +0000
ROA not after:            Mon 15 Jun 2026 21:51:23 +0000
asID:                     49867
IP address blocks:        185.155.75.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/6ab96e7a6130498aa9813d7ee5bbed31/11/D4700D8E6F022571A0B26FCD4C70C0408EA4FFC9.crl
                          rsync://rpki-rps.arin.net/repository/6ab96e7a6130498aa9813d7ee5bbed31/11/D4700D8E6F022571A0B26FCD4C70C0408EA4FFC9.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1HANjm8CJXGgsm_NTHDAQI6k_8k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Jun 2025 04:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            49:73:d7:85:eb:b9:f2:9a:83:76:29:91:5f:bb:cf:c0:e3:cd:bd:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d4700d8e6f022571a0b26fcd4c70c0408ea4ffc9
        Validity
            Not Before: Jun 16 21:46:23 2025 GMT
            Not After : Jun 15 21:51:23 2026 GMT
        Subject: CN=85ABCE9ACD9018870919E389E9C69224C8B9EA4D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:14:7c:96:6f:be:e9:f2:a3:48:59:84:ba:2a:
                    f0:b3:6a:db:52:b1:98:c9:7c:5c:51:7b:16:c3:77:
                    8f:ea:af:b4:ec:17:81:b7:24:86:8f:eb:50:b1:9d:
                    20:19:a2:84:18:aa:c9:97:a1:98:93:b9:34:4d:dc:
                    ae:27:6c:c7:e3:a8:b2:11:a3:af:5d:81:6e:94:7c:
                    72:a5:62:8d:90:ed:20:d3:b7:5c:c2:e2:5a:5c:a9:
                    f3:51:63:e1:d2:9d:18:76:e7:6d:43:0d:f7:74:f7:
                    0e:14:b4:b8:82:a6:a6:2d:da:c0:d9:a8:aa:7c:dd:
                    43:25:2a:18:34:33:06:09:2e:f1:13:7a:4c:23:06:
                    30:b2:aa:4d:6b:14:5f:90:b7:4c:36:e9:45:06:ea:
                    44:2c:1e:f4:f1:a9:8f:f1:54:03:4a:70:e4:bb:3e:
                    d3:ba:8f:9c:b4:35:09:91:4c:51:39:9f:88:5b:a7:
                    42:43:a8:bb:fe:8e:d0:e5:b6:bd:2e:2e:e5:45:ec:
                    fe:fa:26:a1:62:58:ab:b2:47:ca:f9:bb:44:cb:2e:
                    aa:20:f0:e4:d6:f5:ec:b8:6b:df:bc:99:5b:4d:73:
                    89:30:a6:5c:06:92:02:8c:9d:37:2b:1c:1b:6b:cb:
                    39:53:72:28:3f:b7:38:a2:1a:75:1a:b1:f1:52:b6:
                    92:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:AB:CE:9A:CD:90:18:87:09:19:E3:89:E9:C6:92:24:C8:B9:EA:4D
            X509v3 Authority Key Identifier:
                keyid:D4:70:0D:8E:6F:02:25:71:A0:B2:6F:CD:4C:70:C0:40:8E:A4:FF:C9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/6ab96e7a6130498aa9813d7ee5bbed31/11/D4700D8E6F022571A0B26FCD4C70C0408EA4FFC9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HANjm8CJXGgsm_NTHDAQI6k_8k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/6ab96e7a6130498aa9813d7ee5bbed31/11/3138352e3135352e37352e302f32342d3234203d3e203439383637.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.155.75.0/24

    Signature Algorithm: sha256WithRSAEncryption
         76:9c:f1:b3:8a:ab:52:83:ef:69:db:d6:84:65:45:47:82:fe:
         06:ea:66:9a:67:f5:59:09:37:e0:58:ea:44:0a:09:fd:9b:de:
         f8:67:42:76:84:ba:ef:86:36:a5:49:5b:7e:c3:e0:bf:9b:62:
         1c:80:f1:ed:fa:12:da:4b:0b:27:dd:9e:89:dd:2b:de:88:a0:
         06:ce:b8:55:05:6b:e0:56:ec:46:6a:dc:18:ae:89:ae:a0:97:
         31:f0:14:05:db:ae:ce:2e:1b:ae:e7:73:27:3f:6b:df:6f:33:
         0e:c1:b6:ef:83:2b:71:5b:01:b0:ca:31:79:14:90:d7:23:d0:
         da:bf:cf:e6:80:b5:cc:f4:12:39:03:88:68:4c:c0:4f:59:0d:
         fd:36:f1:31:7c:59:e4:8e:f2:87:32:cf:f6:f1:62:62:18:b2:
         74:7f:c9:52:2e:e4:a7:9a:a4:ff:37:ae:ac:15:82:97:c0:7b:
         83:33:ef:30:d9:d4:94:dd:4f:0f:a4:cc:6b:c2:77:8f:46:b7:
         dd:69:68:ea:00:e6:76:5c:8c:a1:96:04:ea:67:8d:a3:18:a2:
         7a:37:b1:99:22:26:cb:a7:67:85:6d:e3:9f:2d:6a:a0:6d:6c:
         01:90:36:31:61:03:e0:dd:3d:5e:ac:8e:b8:20:b6:9d:e7:41:
         0b:e8:00:d8
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgIUSXPXheu58pqDdimRX7vPwOPNvfIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDQ3MDBkOGU2ZjAyMjU3MWEwYjI2ZmNkNGM3MGMwNDA4
ZWE0ZmZjOTAeFw0yNTA2MTYyMTQ2MjNaFw0yNjA2MTUyMTUxMjNaMDMxMTAvBgNV
BAMTKDg1QUJDRTlBQ0Q5MDE4ODcwOTE5RTM4OUU5QzY5MjI0QzhCOUVBNEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCOFHyWb77p8qNIWYS6KvCzattS
sZjJfFxRexbDd4/qr7TsF4G3JIaP61CxnSAZooQYqsmXoZiTuTRN3K4nbMfjqLIR
o69dgW6UfHKlYo2Q7SDTt1zC4lpcqfNRY+HSnRh2521DDfd09w4UtLiCpqYt2sDZ
qKp83UMlKhg0MwYJLvETekwjBjCyqk1rFF+Qt0w26UUG6kQsHvTxqY/xVANKcOS7
PtO6j5y0NQmRTFE5n4hbp0JDqLv+jtDltr0uLuVF7P76JqFiWKuyR8r5u0TLLqog
8OTW9ey4a9+8mVtNc4kwplwGkgKMnTcrHBtryzlTcig/tziiGnUasfFStpLTAgMB
AAGjggIkMIICIDAdBgNVHQ4EFgQUhavOms2QGIcJGeOJ6caSJMi56k0wHwYDVR0j
BBgwFoAU1HANjm8CJXGgsm/NTHDAQI6k/8kwDgYDVR0PAQH/BAQDAgeAMIGGBgNV
HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvNmFiOTZlN2E2MTMwNDk4YWE5ODEzZDdlZTViYmVkMzEvMTEvRDQ3MDBEOEU2
RjAyMjU3MUEwQjI2RkNENEM3MEMwNDA4RUE0RkZDOS5jcmwwZAYIKwYBBQUHAQEE
WDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzFIQU5qbThDSlhHZ3NtX05USERBUUk2a184ay5jZXIwgaMGCCsG
AQUFBwELBIGWMIGTMIGQBggrBgEFBQcwC4aBg3JzeW5jOi8vcnBraS1ycHMuYXJp
bi5uZXQvcmVwb3NpdG9yeS82YWI5NmU3YTYxMzA0OThhYTk4MTNkN2VlNWJiZWQz
MS8xMS8zMTM4MzUyZTMxMzUzNTJlMzczNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2Uy
MDM0MzkzODM2Mzcucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYB
BQUHAQcBAf8EEDAOMAwEAgABMAYDBAC5m0swDQYJKoZIhvcNAQELBQADggEBAHac
8bOKq1KD72nb1oRlRUeC/gbqZppn9VkJN+BY6kQKCf2b3vhnQnaEuu+GNqVJW37D
4L+bYhyA8e36EtpLCyfdnondK96IoAbOuFUFa+BW7EZq3Biuia6glzHwFAXbrs4u
G67ncyc/a99vMw7Btu+DK3FbAbDKMXkUkNcj0Nq/z+aAtcz0EjkDiGhMwE9ZDf02
8TF8WeSO8ocyz/bxYmIYsnR/yVIu5KeapP83rqwVgpfAe4Mz7zDZ1JTdTw+kzGvC
d49Gt91paOoA5nZcjKGWBOpnjaMYono3sZkiJsunZ4Vt458taqBtbAGQNjFhA+Dd
PV6sjrggtp3nQQvoANg=
-----END CERTIFICATE-----