Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS133555.roa
File:                     AS133555.roa (raw, json)
Hash identifier:          DAQyQJ+wYxPyTfhuYX6GJ/SwbBKMNWTGDnux4daWde0=
Subject key identifier:   A2:34:41:37:45:AF:DE:8A:6E:4C:59:A6:EE:2C:B1:4C:2B:F8:D6:9E
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       1DC082D96066B9F2AD6BD9FB46C000962CEC7D17
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS133555.roa
Signing time:             Tue 05 Nov 2024 03:40:03 +0000
ROA not before:           Tue 05 Nov 2024 03:35:03 +0000
ROA not after:            Tue 04 Nov 2025 03:40:03 +0000
asID:                     133555
IP address blocks:        2a06:a005:260::/44 maxlen: 48
                          2a06:a005:270::/44 maxlen: 48
                          2a06:a005:280::/44 maxlen: 48
                          2a06:a005:290::/44 maxlen: 48
                          2a06:a005:2a0::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 23:17:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1d:c0:82:d9:60:66:b9:f2:ad:6b:d9:fb:46:c0:00:96:2c:ec:7d:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Nov  5 03:35:03 2024 GMT
            Not After : Nov  4 03:40:03 2025 GMT
        Subject: CN=A234413745AFDE8A6E4C59A6EE2CB14C2BF8D69E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:62:da:fe:d9:5d:3f:db:86:63:79:86:7e:bf:
                    ce:71:dc:40:91:0a:53:c4:34:31:94:69:eb:65:a1:
                    b1:0d:49:c0:e7:00:97:fc:7e:a8:69:07:b3:e3:ea:
                    fc:39:59:fa:1a:5e:80:89:0a:44:82:5f:00:22:d3:
                    39:bb:dd:e0:b6:fd:da:4e:79:34:6a:bb:6f:4a:bc:
                    91:bf:69:41:fd:f4:9d:59:23:3f:8c:da:c6:4a:5e:
                    a0:e6:f4:7c:54:94:ca:88:b4:93:dc:2f:d1:78:89:
                    17:d2:4e:13:47:83:72:73:c7:cd:ab:24:78:7d:07:
                    96:db:8a:8d:67:a6:46:2f:9b:3e:4b:89:a2:48:fe:
                    d0:7c:98:35:1c:a5:4c:2a:01:87:20:ff:e3:c1:82:
                    12:db:ce:bf:35:c7:11:bc:0f:08:66:a1:f9:44:81:
                    61:b7:a6:de:8d:f8:f5:cc:24:c2:da:db:66:4b:9d:
                    49:1d:8a:ed:be:20:30:21:88:e4:7b:17:29:a3:72:
                    02:75:2d:8b:1e:00:85:3c:6b:9f:64:28:19:c1:35:
                    a5:b1:78:09:7a:a6:1b:89:fb:0c:4a:9f:6f:87:ae:
                    19:dc:6b:3d:f7:a8:67:c8:f5:19:bf:45:77:46:8a:
                    e1:c1:22:38:4d:9f:e9:d8:51:86:55:b1:28:73:39:
                    f3:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:34:41:37:45:AF:DE:8A:6E:4C:59:A6:EE:2C:B1:4C:2B:F8:D6:9E
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS133555.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:260::-2a06:a005:2af:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         b5:a1:8d:df:05:69:be:3d:66:24:aa:07:f6:36:ef:a3:22:2a:
         ad:40:b4:bf:63:eb:b0:16:48:37:b0:2b:39:0a:32:46:1d:c3:
         50:f0:68:2d:0d:df:e3:36:79:f6:f6:1b:52:69:86:26:e9:ec:
         b9:5d:65:0c:50:9b:64:1f:30:ce:7d:98:48:53:2b:e7:e0:f4:
         ec:0a:b9:5c:74:76:50:ff:dc:73:98:bf:6a:64:0b:23:41:0b:
         af:28:10:13:57:87:fd:a5:9d:62:78:45:a4:e5:af:38:74:b8:
         c9:e1:c3:18:fd:74:a9:d9:48:46:30:2f:89:38:2c:2f:23:9d:
         e2:74:d9:99:e0:07:42:d2:12:cc:88:9e:59:4b:d6:50:05:c4:
         ba:67:a8:06:7e:d9:e6:10:43:e9:76:0c:24:1a:77:44:d1:05:
         7a:72:2e:f9:27:56:e4:b7:1d:f3:d2:a8:4c:ba:24:7e:2e:60:
         e4:a1:88:d8:2c:53:72:60:88:45:0e:a9:31:f6:07:7b:60:2f:
         07:8e:9c:a1:6b:cb:13:8b:72:29:cc:fe:2b:66:12:dc:60:cb:
         c9:eb:d9:00:22:c0:f1:45:5e:4b:1f:19:83:48:6f:fb:6f:80:
         03:05:dd:a0:b6:b2:d0:0d:b1:91:e9:11:15:84:e8:bc:ec:9f:
         f8:c3:63:f8
-----BEGIN CERTIFICATE-----
MIIE8zCCA9ugAwIBAgIUHcCC2WBmufKta9n7RsAAlizsfRcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDExMDUwMzM1MDNaFw0yNTExMDQwMzQwMDNaMDMxMTAvBgNV
BAMTKEEyMzQ0MTM3NDVBRkRFOEE2RTRDNTlBNkVFMkNCMTRDMkJGOEQ2OUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCXYtr+2V0/24ZjeYZ+v85x3ECR
ClPENDGUaetlobENScDnAJf8fqhpB7Pj6vw5WfoaXoCJCkSCXwAi0zm73eC2/dpO
eTRqu29KvJG/aUH99J1ZIz+M2sZKXqDm9HxUlMqItJPcL9F4iRfSThNHg3Jzx82r
JHh9B5bbio1npkYvmz5LiaJI/tB8mDUcpUwqAYcg/+PBghLbzr81xxG8DwhmoflE
gWG3pt6N+PXMJMLa22ZLnUkdiu2+IDAhiOR7FymjcgJ1LYseAIU8a59kKBnBNaWx
eAl6phuJ+wxKn2+Hrhncaz33qGfI9Rm/RXdGiuHBIjhNn+nYUYZVsShzOfPrAgMB
AAGjggH9MIIB+TAdBgNVHQ4EFgQUojRBN0Wv3opuTFmm7iyxTCv41p4wHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MTMzNTU1LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEH
AQH/BB4wHDAaBAIAAjAUMBIDBwUqBqAFAmADBwQqBqAFAqAwDQYJKoZIhvcNAQEL
BQADggEBALWhjd8Fab49ZiSqB/Y276MiKq1AtL9j67AWSDewKzkKMkYdw1DwaC0N
3+M2efb2G1Jphibp7LldZQxQm2QfMM59mEhTK+fg9OwKuVx0dlD/3HOYv2pkCyNB
C68oEBNXh/2lnWJ4RaTlrzh0uMnhwxj9dKnZSEYwL4k4LC8jneJ02ZngB0LSEsyI
nllL1lAFxLpnqAZ+2eYQQ+l2DCQad0TRBXpyLvknVuS3HfPSqEy6JH4uYOShiNgs
U3JgiEUOqTH2B3tgLweOnKFryxOLcinM/itmEtxgy8nr2QAiwPFFXksfGYNIb/tv
gAMF3aC2stANsZHpERWE6Lzsn/jDY/g=
-----END CERTIFICATE-----