Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS136591.roa
File:                     AS136591.roa (raw, json)
Hash identifier:          UK8chSQsizr2U5z6uKLYkQsEimc9MqJe8/GuFJlYXJ8=
Subject key identifier:   BA:9B:00:24:AA:06:86:B8:C3:9F:2D:71:40:67:22:20:CA:2B:70:62
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       29C16CD258C0C7DA22603C743D2E2E211DC2C51F
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS136591.roa
Signing time:             Tue 05 Nov 2024 03:40:09 +0000
ROA not before:           Tue 05 Nov 2024 03:35:09 +0000
ROA not after:            Tue 04 Nov 2025 03:40:09 +0000
asID:                     136591
IP address blocks:        2a06:a005:5f5::/48 maxlen: 48
                          2a06:a005:fd0::/44 maxlen: 48
                          2a06:a005:fe0::/44 maxlen: 48
                          2a06:a005:ff0::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 23:17:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            29:c1:6c:d2:58:c0:c7:da:22:60:3c:74:3d:2e:2e:21:1d:c2:c5:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Nov  5 03:35:09 2024 GMT
            Not After : Nov  4 03:40:09 2025 GMT
        Subject: CN=BA9B0024AA0686B8C39F2D7140672220CA2B7062
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:61:23:10:de:63:4d:e8:00:29:bf:0a:31:2d:
                    4e:da:c8:f8:d3:bc:f5:bb:2e:71:63:a0:19:3d:b8:
                    86:02:5d:3b:c6:17:2e:b6:2e:95:67:8b:81:ff:af:
                    88:08:79:d8:4e:6c:5c:d2:9d:01:41:2b:e5:38:bc:
                    a7:a6:a5:fc:8c:33:9e:00:ae:a3:19:0a:e7:95:07:
                    69:ee:6a:10:2c:a9:5c:f6:e7:67:86:d4:ea:74:e5:
                    9b:2e:12:48:f1:b2:46:22:81:c4:d6:31:74:45:b1:
                    e2:ca:ea:b9:81:68:9e:e4:77:8e:4b:2a:d4:8b:ba:
                    2f:c2:f0:f5:3c:7d:1a:3c:cc:2f:d0:88:47:be:97:
                    6a:86:56:c7:56:94:6a:8c:90:44:9c:45:06:90:1a:
                    eb:c2:38:d1:ac:3d:65:6d:37:52:09:ad:a7:fd:40:
                    73:72:b0:60:00:e5:c9:1b:0b:79:22:c7:6a:3c:16:
                    7a:95:bb:b4:7e:cf:c2:a9:fe:dc:42:84:d0:c8:99:
                    80:12:7b:91:0c:61:a5:b8:ca:0f:f6:97:a0:d9:04:
                    a1:ad:89:7d:f2:ae:40:f0:1d:d9:6e:74:ee:3a:98:
                    02:ee:ef:da:41:03:39:be:df:5e:ff:9b:3a:0a:d8:
                    f4:67:52:04:89:8c:69:4f:4d:63:5c:10:16:62:30:
                    78:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:9B:00:24:AA:06:86:B8:C3:9F:2D:71:40:67:22:20:CA:2B:70:62
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS136591.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:5f5::/48
                  2a06:a005:fd0::-2a06:a005:fff:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         98:83:89:61:1d:46:ec:91:24:67:1c:60:fc:e8:9c:d8:c0:e2:
         ac:7e:b2:44:59:c5:b1:44:b9:10:59:f4:8b:9b:f6:80:7b:06:
         ed:c5:81:27:cd:89:8e:1f:44:a6:2b:ca:03:8c:8e:73:b2:b7:
         ad:19:bd:65:cb:9d:3d:77:e5:fb:10:6b:ce:96:c1:28:37:70:
         d2:be:3b:e5:09:b0:e4:a6:b6:8d:02:de:b7:d8:2d:f7:ab:02:
         62:9a:22:a4:ea:8a:88:cc:c0:73:2a:91:97:11:51:78:7c:8a:
         6a:e9:ef:77:bf:04:01:09:92:d1:93:c4:83:c2:a8:af:71:22:
         1b:b9:bd:17:18:35:29:da:1e:7e:c8:ca:ca:c5:c7:10:3f:47:
         d6:45:f6:dd:90:8d:79:77:ce:80:52:73:7e:db:54:b5:8e:40:
         73:9d:00:4e:54:55:f8:08:78:39:ed:e7:49:27:01:34:3d:c0:
         1d:0b:62:2f:d1:18:16:3d:28:11:d8:47:25:b1:63:e7:01:ae:
         21:37:76:6c:42:cd:c4:8c:81:2c:dd:f7:36:c7:83:58:2d:49:
         89:81:9b:1c:7e:57:12:02:90:e3:9e:f9:e8:bb:ec:3b:b9:22:
         7c:81:da:26:9c:dc:2a:86:76:80:af:b6:f2:56:f4:a2:6b:e4:
         03:db:3a:6e
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIUKcFs0ljAx9oiYDx0PS4uIR3CxR8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDExMDUwMzM1MDlaFw0yNTExMDQwMzQwMDlaMDMxMTAvBgNV
BAMTKEJBOUIwMDI0QUEwNjg2QjhDMzlGMkQ3MTQwNjcyMjIwQ0EyQjcwNjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDuYSMQ3mNN6AApvwoxLU7ayPjT
vPW7LnFjoBk9uIYCXTvGFy62LpVni4H/r4gIedhObFzSnQFBK+U4vKempfyMM54A
rqMZCueVB2nuahAsqVz252eG1Op05ZsuEkjxskYigcTWMXRFseLK6rmBaJ7kd45L
KtSLui/C8PU8fRo8zC/QiEe+l2qGVsdWlGqMkEScRQaQGuvCONGsPWVtN1IJraf9
QHNysGAA5ckbC3kix2o8FnqVu7R+z8Kp/txChNDImYASe5EMYaW4yg/2l6DZBKGt
iX3yrkDwHdludO46mALu79pBAzm+317/mzoK2PRnUgSJjGlPTWNcEBZiMHjPAgMB
AAGjggIFMIICATAdBgNVHQ4EFgQUupsAJKoGhrjDny1xQGciIMorcGIwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MTM2NTkxLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEH
AQH/BCYwJDAiBAIAAjAcAwcAKgagBQX1MBEDBwQqBqAFD9ADBgQqBqAFADANBgkq
hkiG9w0BAQsFAAOCAQEAmIOJYR1G7JEkZxxg/Oic2MDirH6yRFnFsUS5EFn0i5v2
gHsG7cWBJ82Jjh9EpivKA4yOc7K3rRm9ZcudPXfl+xBrzpbBKDdw0r475Qmw5Ka2
jQLet9gt96sCYpoipOqKiMzAcyqRlxFReHyKaunvd78EAQmS0ZPEg8Kor3EiG7m9
Fxg1KdoefsjKysXHED9H1kX23ZCNeXfOgFJzfttUtY5Ac50ATlRV+Ah4Oe3nSScB
ND3AHQtiL9EYFj0oEdhHJbFj5wGuITd2bELNxIyBLN33NseDWC1JiYGbHH5XEgKQ
45756LvsO7kifIHaJpzcKoZ2gK+28lb0omvkA9s6bg==
-----END CERTIFICATE-----