Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS1012.roa
File:                     AS1012.roa (raw, json)
Hash identifier:          scBrUH/73Q14m+ZtW2u78zITkeaMlBkdUB+03AMfNyo=
Subject key identifier:   4E:C1:27:04:F4:39:7D:73:95:DE:C2:A1:19:57:C0:83:8E:C5:CD:2A
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       1AFA29F0FFCB95787C093F0E7E533BAD2F488B70
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS1012.roa
Signing time:             Tue 05 Dec 2023 02:44:15 +0000
ROA not before:           Tue 05 Dec 2023 02:39:15 +0000
ROA not after:            Tue 03 Dec 2024 02:44:15 +0000
asID:                     1012
IP address blocks:        2a06:a005:1c80::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 21 Apr 2024 00:45:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1a:fa:29:f0:ff:cb:95:78:7c:09:3f:0e:7e:53:3b:ad:2f:48:8b:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Dec  5 02:39:15 2023 GMT
            Not After : Dec  3 02:44:15 2024 GMT
        Subject: CN=4EC12704F4397D7395DEC2A11957C0838EC5CD2A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:9d:4f:8c:86:c6:26:d2:20:f4:d6:7c:ef:90:
                    f7:30:47:a0:2d:30:52:9c:6b:bd:2d:2b:c3:b8:66:
                    bb:30:89:6e:10:7f:83:be:68:c0:79:ea:dd:d2:b8:
                    49:13:bc:30:0c:c1:6a:df:80:6d:67:9c:5b:35:93:
                    d3:9b:58:bb:39:0f:a0:db:9c:bd:bb:53:9f:fe:79:
                    49:50:9a:6a:fc:d7:78:46:29:10:a4:83:34:bd:0f:
                    a3:12:95:80:d1:71:d8:40:25:b8:2d:20:33:28:46:
                    f4:d8:7d:99:84:80:35:21:02:05:39:cb:d4:0e:f1:
                    c4:bf:dc:c0:d2:91:7a:87:b1:d8:e0:19:26:ae:51:
                    9b:9e:61:da:58:5a:c2:ad:b1:8a:0a:f8:b5:f4:31:
                    57:63:85:2a:b3:91:2e:e1:0e:69:18:4b:a0:71:7a:
                    11:fd:de:d2:b4:f4:63:5d:69:f9:b0:e1:07:b0:26:
                    74:18:82:f1:31:89:af:44:1c:50:b0:39:36:e0:28:
                    ed:dc:72:b8:a7:68:b2:80:d6:7c:7d:1d:80:c5:b9:
                    5d:03:9d:fc:0b:15:1a:82:cb:d9:b8:03:08:d5:31:
                    a8:74:59:51:96:a7:25:7e:09:81:c2:02:da:be:7d:
                    bb:6d:59:9e:90:8f:85:52:11:0d:ce:c4:86:45:c3:
                    86:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:C1:27:04:F4:39:7D:73:95:DE:C2:A1:19:57:C0:83:8E:C5:CD:2A
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS1012.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:1c80::/44

    Signature Algorithm: sha256WithRSAEncryption
         c6:63:bc:e9:ae:3f:39:d8:82:9f:d6:f2:da:c4:37:44:01:24:
         61:f2:07:9b:8f:c9:54:2e:39:07:7f:b2:17:d1:50:04:8f:47:
         40:0a:30:fe:5a:33:79:46:08:2a:df:1c:da:af:ca:4c:2a:ac:
         68:48:b2:e4:c8:1f:d7:4b:90:8a:b6:4f:e9:5d:3c:2a:da:a3:
         aa:be:65:4f:ce:4a:da:84:2e:61:96:e4:29:36:4a:13:4a:d9:
         41:b9:c7:7b:40:5a:a1:9c:08:0d:f8:86:32:73:7d:cb:8c:39:
         ca:a6:c0:12:09:7b:59:1f:51:a4:5f:9b:3e:91:40:7a:fa:82:
         fe:cb:63:f5:e4:d9:18:a8:e2:3d:1a:f3:46:91:a3:2c:54:5c:
         9b:f3:b9:f7:94:c6:16:98:4e:75:89:86:2e:7f:76:50:bf:6d:
         9e:55:90:a3:ca:87:96:5c:1d:4e:f4:81:cb:95:dd:3a:e4:06:
         4c:5d:d2:1e:75:61:15:2f:9a:0c:53:29:e8:6c:9b:34:43:02:
         08:09:25:bc:70:ea:bb:e4:99:2b:70:bf:91:37:fc:67:f3:cc:
         29:6d:61:cf:d4:67:49:9f:c2:c3:b7:fc:2c:37:97:74:86:61:
         9f:b2:68:f9:6c:8d:02:66:bf:84:52:db:3b:8f:e7:2c:5c:e4:
         01:34:85:49
-----BEGIN CERTIFICATE-----
MIIE5jCCA86gAwIBAgIUGvop8P/LlXh8CT8OflM7rS9Ii3AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzEyMDUwMjM5MTVaFw0yNDEyMDMwMjQ0MTVaMDMxMTAvBgNV
BAMTKDRFQzEyNzA0RjQzOTdENzM5NURFQzJBMTE5NTdDMDgzOEVDNUNEMkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCynU+MhsYm0iD01nzvkPcwR6At
MFKca70tK8O4ZrswiW4Qf4O+aMB56t3SuEkTvDAMwWrfgG1nnFs1k9ObWLs5D6Db
nL27U5/+eUlQmmr813hGKRCkgzS9D6MSlYDRcdhAJbgtIDMoRvTYfZmEgDUhAgU5
y9QO8cS/3MDSkXqHsdjgGSauUZueYdpYWsKtsYoK+LX0MVdjhSqzkS7hDmkYS6Bx
ehH93tK09GNdafmw4QewJnQYgvExia9EHFCwOTbgKO3ccrinaLKA1nx9HYDFuV0D
nfwLFRqCy9m4AwjVMah0WVGWpyV+CYHCAtq+fbttWZ6Qj4VSEQ3OxIZFw4aJAgMB
AAGjggHwMIIB7DAdBgNVHQ4EFgQUTsEnBPQ5fXOV3sKhGVfAg47FzSowHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBuBggrBgEF
BQcBCwRiMGAwXgYIKwYBBQUHMAuGUnJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MTAxMi5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB
/wQTMBEwDwQCAAIwCQMHBCoGoAUcgDANBgkqhkiG9w0BAQsFAAOCAQEAxmO86a4/
OdiCn9by2sQ3RAEkYfIHm4/JVC45B3+yF9FQBI9HQAow/lozeUYIKt8c2q/KTCqs
aEiy5Mgf10uQirZP6V08Ktqjqr5lT85K2oQuYZbkKTZKE0rZQbnHe0BaoZwIDfiG
MnN9y4w5yqbAEgl7WR9RpF+bPpFAevqC/stj9eTZGKjiPRrzRpGjLFRcm/O595TG
FphOdYmGLn92UL9tnlWQo8qHllwdTvSBy5XdOuQGTF3SHnVhFS+aDFMp6GybNEMC
CAklvHDqu+SZK3C/kTf8Z/PMKW1hz9RnSZ/Cw7f8LDeXdIZhn7Jo+WyNAma/hFLb
O4/nLFzkATSFSQ==
-----END CERTIFICATE-----