Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS139321.roa
File:                     AS139321.roa (raw, json)
Hash identifier:          wcyqo1aJG/Fw2ypwLjpuovd37gBcUEoqCvCMiySuRZg=
Subject key identifier:   E4:88:8C:2B:7C:58:82:F4:1D:FC:49:EA:D1:FD:D5:F1:F3:D9:FA:3D
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       09D7597481524F7DEFCC33B70101BE4E851071E1
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS139321.roa
Signing time:             Tue 02 Jul 2024 01:39:57 +0000
ROA not before:           Tue 02 Jul 2024 01:34:57 +0000
ROA not after:            Tue 01 Jul 2025 01:39:57 +0000
asID:                     139321
IP address blocks:        2a06:1284::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 26 Nov 2024 16:12:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            09:d7:59:74:81:52:4f:7d:ef:cc:33:b7:01:01:be:4e:85:10:71:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Jul  2 01:34:57 2024 GMT
            Not After : Jul  1 01:39:57 2025 GMT
        Subject: CN=E4888C2B7C5882F41DFC49EAD1FDD5F1F3D9FA3D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:02:b1:97:5d:64:b4:82:8a:ad:ff:30:32:12:
                    cd:f5:fd:39:db:4e:d9:75:f8:bb:da:25:b7:c2:de:
                    7d:92:b0:c3:4e:db:4c:54:8b:27:6b:f1:2e:62:64:
                    48:b6:cf:9a:2c:78:d2:a4:81:01:f9:01:ce:d5:8a:
                    f7:d3:b3:df:b8:63:61:2d:18:4d:2b:d3:06:93:95:
                    14:cb:34:49:33:6f:2d:30:5a:d7:db:59:e6:de:34:
                    16:9e:d6:59:0a:b5:02:4c:1e:1c:7d:74:d4:76:70:
                    17:40:5f:98:c8:5b:88:44:88:dd:80:a0:bc:2b:97:
                    53:2f:df:b1:53:e2:de:e2:e0:8c:3a:09:75:b3:2d:
                    e9:11:76:f6:81:e5:ee:3e:90:cf:2c:b3:f3:64:52:
                    f0:dc:84:03:3b:1b:e3:b3:71:54:ae:10:d0:48:15:
                    55:98:4c:b6:df:b3:5b:d8:3d:ec:6d:2b:b3:d2:d9:
                    a3:48:f9:a8:d0:cb:ec:0b:d9:55:de:ad:d6:2e:98:
                    e3:d0:8f:ac:0c:d6:d2:3c:85:87:f0:1e:4b:67:43:
                    ce:02:d9:1a:f7:98:41:1c:cb:eb:5c:a3:d3:86:8d:
                    52:09:1a:b1:d4:05:e6:fd:57:f4:10:86:bb:bc:16:
                    0d:80:d5:99:01:0c:a1:03:8b:de:ec:c4:1a:6b:09:
                    fc:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:88:8C:2B:7C:58:82:F4:1D:FC:49:EA:D1:FD:D5:F1:F3:D9:FA:3D
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS139321.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:1284::/32

    Signature Algorithm: sha256WithRSAEncryption
         3e:22:23:64:c3:60:26:e2:38:f1:66:e8:30:e5:88:12:c1:19:
         ff:c9:e1:6d:55:83:09:03:eb:9b:5e:ff:13:e4:70:77:12:30:
         cf:84:ce:20:18:52:52:21:d0:c8:e8:07:e6:58:0a:0f:cb:23:
         63:47:6f:86:30:54:e4:41:f6:01:d0:e8:c8:e0:8d:5b:a1:99:
         6a:1c:d0:ae:74:fc:1c:fd:f3:f6:e7:5d:1a:75:ad:b1:c8:bb:
         37:32:28:b3:c4:19:d6:e9:c2:ea:b6:66:1d:ce:90:a2:c5:f8:
         20:0f:48:64:a0:f9:f4:ff:44:b1:c0:37:71:74:cc:8d:c3:b8:
         1b:40:b3:5d:bc:b5:c3:44:84:ed:40:a9:f0:77:0a:db:8a:a9:
         b2:ce:de:86:0b:af:0d:77:02:b1:8a:4f:92:68:1b:42:b0:36:
         17:01:64:b9:40:71:94:6c:54:19:52:00:5d:5c:46:f9:89:ff:
         40:2c:e8:fc:7f:26:e5:ed:df:5a:e0:4f:68:7f:a0:ae:3e:99:
         99:d8:ac:94:3e:ce:af:9d:54:35:ce:d9:85:24:bb:62:41:96:
         9e:d5:66:83:4d:79:e5:5c:7c:e7:8e:f9:d2:d2:a1:96:34:80:
         be:eb:28:8c:e5:99:57:22:ec:5e:99:ff:5f:ad:b2:85:8b:85:
         0b:ea:04:44
-----BEGIN CERTIFICATE-----
MIIE5jCCA86gAwIBAgIUCddZdIFST33vzDO3AQG+ToUQceEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDA3MDIwMTM0NTdaFw0yNTA3MDEwMTM5NTdaMDMxMTAvBgNV
BAMTKEU0ODg4QzJCN0M1ODgyRjQxREZDNDlFQUQxRkRENUYxRjNEOUZBM0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaArGXXWS0goqt/zAyEs31/Tnb
Ttl1+LvaJbfC3n2SsMNO20xUiydr8S5iZEi2z5oseNKkgQH5Ac7VivfTs9+4Y2Et
GE0r0waTlRTLNEkzby0wWtfbWebeNBae1lkKtQJMHhx9dNR2cBdAX5jIW4hEiN2A
oLwrl1Mv37FT4t7i4Iw6CXWzLekRdvaB5e4+kM8ss/NkUvDchAM7G+OzcVSuENBI
FVWYTLbfs1vYPextK7PS2aNI+ajQy+wL2VXerdYumOPQj6wM1tI8hYfwHktnQ84C
2Rr3mEEcy+tco9OGjVIJGrHUBeb9V/QQhru8Fg2A1ZkBDKEDi97sxBprCfxFAgMB
AAGjggHwMIIB7DAdBgNVHQ4EFgQU5IiMK3xYgvQd/Enq0f3V8fPZ+j0wHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MTM5MzIxLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEH
AQH/BBEwDzANBAIAAjAHAwUAKgYShDANBgkqhkiG9w0BAQsFAAOCAQEAPiIjZMNg
JuI48WboMOWIEsEZ/8nhbVWDCQPrm17/E+RwdxIwz4TOIBhSUiHQyOgH5lgKD8sj
Y0dvhjBU5EH2AdDoyOCNW6GZahzQrnT8HP3z9uddGnWtsci7NzIos8QZ1unC6rZm
Hc6QosX4IA9IZKD59P9EscA3cXTMjcO4G0CzXby1w0SE7UCp8HcK24qpss7ehguv
DXcCsYpPkmgbQrA2FwFkuUBxlGxUGVIAXVxG+Yn/QCzo/H8m5e3fWuBPaH+grj6Z
mdislD7Or51UNc7ZhSS7YkGWntVmg0155Vx854750tKhljSAvusojOWZVyLsXpn/
X62yhYuFC+oERA==
-----END CERTIFICATE-----