Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS136591.roa
File:                     AS136591.roa (raw, json)
Hash identifier:          ugDN+I9P3LBPPehc12zMMtSoqk7UldyaUi20V5imXro=
Subject key identifier:   74:50:4B:1B:7B:0E:BF:A1:1C:23:9D:4D:93:CC:03:54:35:76:E5:66
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       4170C0C323135E3D308AA33D209ECCC2EAA7303C
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS136591.roa
Signing time:             Tue 05 Dec 2023 02:44:15 +0000
ROA not before:           Tue 05 Dec 2023 02:39:15 +0000
ROA not after:            Tue 03 Dec 2024 02:44:15 +0000
asID:                     136591
IP address blocks:        2a06:a005:5f5::/48 maxlen: 48
                          2a06:a005:fd0::/44 maxlen: 48
                          2a06:a005:fe0::/44 maxlen: 48
                          2a06:a005:ff0::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 05 May 2024 05:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            41:70:c0:c3:23:13:5e:3d:30:8a:a3:3d:20:9e:cc:c2:ea:a7:30:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Dec  5 02:39:15 2023 GMT
            Not After : Dec  3 02:44:15 2024 GMT
        Subject: CN=74504B1B7B0EBFA11C239D4D93CC03543576E566
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:e8:1a:c4:23:d1:d1:65:40:d4:f3:1d:56:28:
                    e0:f9:e4:42:ca:af:88:b0:97:4b:09:3c:40:15:89:
                    7a:b9:ff:0d:41:06:a6:24:ee:9b:16:a7:84:ad:e5:
                    3e:be:eb:1d:0e:a9:50:e3:05:c0:db:11:42:5e:5e:
                    20:8f:62:fe:14:4d:d4:bd:18:61:9b:b1:47:73:89:
                    c2:c1:88:86:b3:d5:d5:75:cf:48:6c:fc:33:df:15:
                    f3:bd:fe:d8:c4:d0:6f:b5:94:71:23:ff:88:9c:4a:
                    a8:b7:97:a8:81:be:13:8f:78:a7:86:7c:4f:8d:59:
                    03:ec:11:b6:20:9f:96:b8:a5:14:a2:7b:7d:d0:0b:
                    8c:22:f1:72:25:17:02:c7:58:86:ff:78:6e:34:03:
                    ba:c2:d0:1d:9a:9d:84:d1:91:c6:a1:a8:7f:82:5a:
                    5c:05:bd:93:69:06:0c:34:00:8b:0e:49:b6:6e:27:
                    87:ee:e5:a5:56:13:c8:15:58:b0:c0:39:b0:27:33:
                    79:be:e1:ab:9d:4a:79:a1:6e:d6:c7:6f:e9:bd:c7:
                    25:e5:24:d1:d5:e7:5c:3d:0e:ff:65:78:59:4a:1f:
                    2b:3f:f4:35:74:05:29:2d:48:15:80:d3:4f:8c:74:
                    a6:6e:a1:78:c7:39:de:1f:74:85:60:e9:13:80:fb:
                    9a:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:50:4B:1B:7B:0E:BF:A1:1C:23:9D:4D:93:CC:03:54:35:76:E5:66
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS136591.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:5f5::/48
                  2a06:a005:fd0::-2a06:a005:fff:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         3d:72:ff:5c:40:27:74:33:00:f9:a6:a1:68:b9:11:e3:81:5f:
         5c:f4:6a:b2:8b:6c:57:8e:8d:06:63:31:bd:83:05:48:80:17:
         8c:db:37:74:6c:71:9b:c7:a0:2b:8f:3a:9c:d3:fa:b5:0c:cb:
         1b:16:90:57:76:1b:42:21:91:bb:37:af:10:e3:8c:40:4f:21:
         56:ed:58:b3:53:e8:54:66:e4:4b:7c:92:9e:80:98:67:6d:d9:
         d0:31:6b:63:33:43:f6:96:ba:58:7f:4c:71:93:43:d0:88:52:
         c6:df:b7:36:7b:67:f9:72:5f:53:c2:5a:1d:6a:0f:69:fa:2d:
         00:e6:b8:d8:ba:ca:89:66:70:11:3b:b1:56:d6:1d:4b:8f:73:
         53:7f:03:29:b9:c6:1d:54:c6:92:95:fa:a7:5e:e9:7e:0e:9e:
         4a:07:c7:32:cf:a8:90:57:94:4e:28:37:41:d4:4d:50:fe:b5:
         6a:d9:52:19:1f:11:53:7e:a7:88:af:29:50:80:df:e3:35:b8:
         e6:96:10:a3:a2:e2:38:ae:6a:96:fc:ff:ef:f5:79:09:6c:cf:
         bd:5f:92:c6:da:53:49:3c:9b:91:82:67:f2:cf:21:6d:9e:f7:
         c8:c1:4a:04:c0:50:db:ee:4a:78:c1:80:08:22:53:4b:df:75:
         48:dc:c8:48
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIUQXDAwyMTXj0wiqM9IJ7MwuqnMDwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzEyMDUwMjM5MTVaFw0yNDEyMDMwMjQ0MTVaMDMxMTAvBgNV
BAMTKDc0NTA0QjFCN0IwRUJGQTExQzIzOUQ0RDkzQ0MwMzU0MzU3NkU1NjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDE6BrEI9HRZUDU8x1WKOD55ELK
r4iwl0sJPEAViXq5/w1BBqYk7psWp4St5T6+6x0OqVDjBcDbEUJeXiCPYv4UTdS9
GGGbsUdzicLBiIaz1dV1z0hs/DPfFfO9/tjE0G+1lHEj/4icSqi3l6iBvhOPeKeG
fE+NWQPsEbYgn5a4pRSie33QC4wi8XIlFwLHWIb/eG40A7rC0B2anYTRkcahqH+C
WlwFvZNpBgw0AIsOSbZuJ4fu5aVWE8gVWLDAObAnM3m+4audSnmhbtbHb+m9xyXl
JNHV51w9Dv9leFlKHys/9DV0BSktSBWA00+MdKZuoXjHOd4fdIVg6ROA+5otAgMB
AAGjggIFMIICATAdBgNVHQ4EFgQUdFBLG3sOv6EcI51Nk8wDVDV25WYwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MTM2NTkxLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEH
AQH/BCYwJDAiBAIAAjAcAwcAKgagBQX1MBEDBwQqBqAFD9ADBgQqBqAFADANBgkq
hkiG9w0BAQsFAAOCAQEAPXL/XEAndDMA+aahaLkR44FfXPRqsotsV46NBmMxvYMF
SIAXjNs3dGxxm8egK486nNP6tQzLGxaQV3YbQiGRuzevEOOMQE8hVu1Ys1PoVGbk
S3ySnoCYZ23Z0DFrYzND9pa6WH9McZND0IhSxt+3Nntn+XJfU8JaHWoPafotAOa4
2LrKiWZwETuxVtYdS49zU38DKbnGHVTGkpX6p17pfg6eSgfHMs+okFeUTig3QdRN
UP61atlSGR8RU36niK8pUIDf4zW45pYQo6LiOK5qlvz/7/V5CWzPvV+SxtpTSTyb
kYJn8s8hbZ73yMFKBMBQ2+5KeMGACCJTS991SNzISA==
-----END CERTIFICATE-----