Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS136479.roa
File:                     AS136479.roa (raw, json)
Hash identifier:          GT609tKyKios9NcgeMcyHuj67u1z0OhmfsX4AUfTGT4=
Subject key identifier:   82:4A:BD:9F:C5:8D:53:D9:B7:7C:BA:52:FF:53:BA:DE:3E:2C:09:57
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       5B34C7AB218CB3607F71CEC35CD93F903EF5C57D
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS136479.roa
Signing time:             Tue 05 Nov 2024 03:40:07 +0000
ROA not before:           Tue 05 Nov 2024 03:35:07 +0000
ROA not after:            Tue 04 Nov 2025 03:40:07 +0000
asID:                     136479
IP address blocks:        2a06:a005:5e0::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 26 Nov 2024 16:12:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5b:34:c7:ab:21:8c:b3:60:7f:71:ce:c3:5c:d9:3f:90:3e:f5:c5:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Nov  5 03:35:07 2024 GMT
            Not After : Nov  4 03:40:07 2025 GMT
        Subject: CN=824ABD9FC58D53D9B77CBA52FF53BADE3E2C0957
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:4b:b5:44:ae:ed:1a:63:8a:c9:d5:0e:20:58:
                    7a:d2:26:66:d0:0c:d6:14:6e:13:c1:36:94:6f:e3:
                    b6:f0:73:d6:33:4f:01:d4:b2:8e:f8:02:96:ea:10:
                    ae:f1:13:ff:86:7b:e9:30:bd:8c:b3:dc:f9:e0:b1:
                    81:1f:59:38:79:f3:9d:69:33:91:73:66:a0:4e:c4:
                    ad:e1:19:69:a7:ab:43:ff:b0:aa:3a:6c:33:4b:05:
                    68:ee:0d:4b:76:e6:b4:7c:16:1a:ba:69:1d:7e:74:
                    07:71:a5:ed:24:5f:0e:93:13:89:e4:79:05:b2:a9:
                    30:16:80:c4:b2:62:db:a7:6c:b7:78:29:fd:d1:52:
                    a7:11:da:ef:75:ad:fd:51:6f:1e:fa:1f:bc:32:28:
                    d1:38:61:8e:2d:f1:e8:e7:2a:45:9b:31:7a:6c:ce:
                    90:24:48:6e:1c:51:4c:d4:67:1e:13:77:bb:84:da:
                    db:b9:94:80:58:29:89:ea:99:69:5a:18:6b:77:9f:
                    cb:95:61:c0:0e:26:1a:57:66:3b:f2:51:3a:be:c1:
                    95:b9:66:73:31:b5:f7:a7:5a:a6:b5:ef:12:79:a4:
                    88:05:49:cd:ed:a0:4f:50:67:ba:dd:60:f1:b9:78:
                    f0:3c:b0:49:69:3f:19:15:0d:66:e3:f0:62:9f:2a:
                    4b:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:4A:BD:9F:C5:8D:53:D9:B7:7C:BA:52:FF:53:BA:DE:3E:2C:09:57
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS136479.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:5e0::/48

    Signature Algorithm: sha256WithRSAEncryption
         7c:fb:60:cf:1b:10:19:31:5b:58:b5:e8:93:47:e2:87:33:32:
         56:b6:75:ad:d5:38:a5:e9:ce:93:95:2a:3b:24:75:57:69:3f:
         db:60:31:ea:6b:1d:1f:62:3e:05:14:f8:f7:d4:d6:fa:8e:2b:
         40:71:0c:81:8a:cf:80:89:4a:33:d8:c6:ff:4d:ae:76:88:2b:
         e4:d0:cb:ec:35:bb:d5:1a:4e:74:5a:08:60:ee:ff:e3:96:bf:
         29:b0:c8:a9:ad:de:ac:5c:bf:4d:23:4a:35:bd:e0:f0:22:cc:
         af:e6:15:ac:8a:67:cc:85:11:5d:b2:4e:0b:c8:66:6e:86:db:
         fb:16:f3:bf:48:3f:31:32:df:af:f0:65:1c:e5:90:26:67:80:
         e1:be:65:06:14:99:ab:df:b7:b7:32:10:cc:57:70:6d:79:3a:
         d2:05:47:81:83:ac:7b:40:74:bc:60:2f:60:39:26:66:41:a3:
         63:0e:3e:62:20:3f:05:86:ae:36:8c:6b:7a:40:de:5c:8f:c2:
         60:3c:86:86:8d:cc:3f:89:8e:63:84:3b:a6:84:63:fd:7a:7d:
         8d:3f:93:b7:62:0d:41:30:6f:a4:54:cf:8d:f9:73:38:8b:f1:
         1e:24:f9:2c:a4:b8:3f:8d:98:ad:b3:8b:7a:79:7f:d6:1a:e0:
         6d:4b:43:45
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUWzTHqyGMs2B/cc7DXNk/kD71xX0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDExMDUwMzM1MDdaFw0yNTExMDQwMzQwMDdaMDMxMTAvBgNV
BAMTKDgyNEFCRDlGQzU4RDUzRDlCNzdDQkE1MkZGNTNCQURFM0UyQzA5NTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDmS7VEru0aY4rJ1Q4gWHrSJmbQ
DNYUbhPBNpRv47bwc9YzTwHUso74ApbqEK7xE/+Ge+kwvYyz3PngsYEfWTh5851p
M5FzZqBOxK3hGWmnq0P/sKo6bDNLBWjuDUt25rR8Fhq6aR1+dAdxpe0kXw6TE4nk
eQWyqTAWgMSyYtunbLd4Kf3RUqcR2u91rf1Rbx76H7wyKNE4YY4t8ejnKkWbMXps
zpAkSG4cUUzUZx4Td7uE2tu5lIBYKYnqmWlaGGt3n8uVYcAOJhpXZjvyUTq+wZW5
ZnMxtfenWqa17xJ5pIgFSc3toE9QZ7rdYPG5ePA8sElpPxkVDWbj8GKfKkubAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUgkq9n8WNU9m3fLpS/1O63j4sCVcwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MTM2NDc5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcAKgagBQXgMA0GCSqGSIb3DQEBCwUAA4IBAQB8+2DP
GxAZMVtYteiTR+KHMzJWtnWt1Til6c6TlSo7JHVXaT/bYDHqax0fYj4FFPj31Nb6
jitAcQyBis+AiUoz2Mb/Ta52iCvk0MvsNbvVGk50Wghg7v/jlr8psMiprd6sXL9N
I0o1veDwIsyv5hWsimfMhRFdsk4LyGZuhtv7FvO/SD8xMt+v8GUc5ZAmZ4DhvmUG
FJmr37e3MhDMV3BteTrSBUeBg6x7QHS8YC9gOSZmQaNjDj5iID8Fhq42jGt6QN5c
j8JgPIaGjcw/iY5jhDumhGP9en2NP5O3Yg1BMG+kVM+N+XM4i/EeJPkspLg/jZit
s4t6eX/WGuBtS0NF
-----END CERTIFICATE-----