Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS142289.roa
File:                     AS142289.roa (raw, json)
Hash identifier:          jKTbDXdGeH7Dp6bFJBlnW6Xa3ZSvZZwkiukjFrB5KqA=
Subject key identifier:   74:09:56:20:03:13:50:F8:11:AF:5A:5D:16:94:E4:B7:FC:18:CD:46
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       21907A0A245C2686739C9A3E543A6D44DF7422BA
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS142289.roa
Signing time:             Tue 05 Dec 2023 02:44:19 +0000
ROA not before:           Tue 05 Dec 2023 02:39:19 +0000
ROA not after:            Tue 03 Dec 2024 02:44:19 +0000
asID:                     142289
IP address blocks:        2a06:a005:700::/44 maxlen: 48
                          2a06:a005:a30::/44 maxlen: 48
                          2a06:a005:a40::/44 maxlen: 48
                          2a06:a005:a50::/44 maxlen: 48
                          2a06:a005:a60::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 04 May 2024 14:41:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            21:90:7a:0a:24:5c:26:86:73:9c:9a:3e:54:3a:6d:44:df:74:22:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Dec  5 02:39:19 2023 GMT
            Not After : Dec  3 02:44:19 2024 GMT
        Subject: CN=74095620031350F811AF5A5D1694E4B7FC18CD46
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:1a:7d:c0:ec:f2:f0:18:6b:0d:5b:0d:0e:e4:
                    04:7b:67:22:b8:aa:26:c7:a7:50:a2:c1:01:d4:c0:
                    c0:ce:18:8f:fe:91:07:dc:f4:37:dc:60:55:f9:c7:
                    97:77:2b:e7:0a:e7:6f:f1:14:57:78:4f:4a:3e:42:
                    ac:8a:ec:b5:eb:62:a1:d2:ee:34:a5:61:0b:40:cf:
                    e9:36:e9:d2:be:a2:8e:54:76:35:8a:b5:5b:89:d8:
                    88:f0:33:90:17:7e:21:a7:8d:df:e6:e7:b9:5e:dd:
                    b7:24:72:d3:a1:83:0c:0e:5c:5b:ea:0c:8f:2f:df:
                    bb:f6:32:32:91:0e:fa:1a:2f:0c:c2:fc:12:a5:6e:
                    67:46:9b:80:09:29:5a:17:0e:ef:3e:f6:b3:00:ce:
                    a4:28:d9:ed:cc:6b:65:79:86:e2:f3:e4:9c:2d:6d:
                    40:3a:ae:66:e4:d5:62:b8:3c:ae:ca:44:1c:04:05:
                    91:0b:15:10:55:2e:97:e9:38:38:4e:e5:e7:c8:9a:
                    34:b6:3c:c7:48:5f:76:63:7c:45:d4:5c:f3:64:82:
                    c9:4d:20:94:28:53:f6:0c:cb:57:7b:c5:8d:c2:22:
                    27:7b:61:22:13:cc:0e:3d:e3:b3:bf:58:0d:57:c1:
                    9d:79:b1:4d:a2:83:27:90:7c:2a:8a:0c:41:60:b3:
                    22:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:09:56:20:03:13:50:F8:11:AF:5A:5D:16:94:E4:B7:FC:18:CD:46
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS142289.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:700::/44
                  2a06:a005:a30::-2a06:a005:a6f:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         86:00:43:ce:e5:9d:47:77:b5:80:90:8b:d3:ad:c7:94:6f:00:
         ac:c7:be:ba:de:78:17:8c:e2:1d:75:86:fc:c5:4d:8d:a7:02:
         c1:17:8f:8f:95:20:c7:10:36:cb:f5:ff:be:e6:8b:54:e6:05:
         92:d8:ef:ae:f4:95:4f:b0:33:95:a2:a6:2c:62:83:20:d3:97:
         d5:77:65:48:16:fa:2a:b9:ec:f2:b2:fe:93:60:a6:5c:21:b9:
         23:dc:cf:87:3b:f8:34:f5:d6:76:ff:87:a1:9c:05:66:75:93:
         cd:9e:90:c4:8d:2e:66:4a:93:e6:4b:c9:68:c4:cf:25:cc:c7:
         b1:1a:ce:bc:f6:ac:75:79:61:97:f8:7c:08:d9:32:19:7e:cd:
         c6:1c:ca:64:49:9d:2d:01:df:c8:b6:e8:2b:d6:66:5d:6f:84:
         85:fe:f5:c6:c2:f3:14:34:8c:16:f3:a1:c8:36:c5:95:34:70:
         12:b3:e8:7a:e9:4d:58:ba:40:b0:75:eb:68:ce:6d:ca:a5:22:
         c0:2d:c1:ec:7f:7f:68:a3:16:ee:28:c5:0c:99:76:e3:9d:8d:
         54:37:27:ac:63:75:90:44:a8:1f:cf:36:59:12:a5:ef:0e:ea:
         81:8a:90:53:ee:64:b1:39:88:35:5b:7b:10:67:aa:c0:2f:49:
         ec:56:32:8d
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgIUIZB6CiRcJoZznJo+VDptRN90IrowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzEyMDUwMjM5MTlaFw0yNDEyMDMwMjQ0MTlaMDMxMTAvBgNV
BAMTKDc0MDk1NjIwMDMxMzUwRjgxMUFGNUE1RDE2OTRFNEI3RkMxOENENDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDGn3A7PLwGGsNWw0O5AR7ZyK4
qibHp1CiwQHUwMDOGI/+kQfc9DfcYFX5x5d3K+cK52/xFFd4T0o+QqyK7LXrYqHS
7jSlYQtAz+k26dK+oo5UdjWKtVuJ2IjwM5AXfiGnjd/m57le3bckctOhgwwOXFvq
DI8v37v2MjKRDvoaLwzC/BKlbmdGm4AJKVoXDu8+9rMAzqQo2e3Ma2V5huLz5Jwt
bUA6rmbk1WK4PK7KRBwEBZELFRBVLpfpODhO5efImjS2PMdIX3ZjfEXUXPNkgslN
IJQoU/YMy1d7xY3CIid7YSITzA4947O/WA1XwZ15sU2igyeQfCqKDEFgsyKLAgMB
AAGjggIGMIICAjAdBgNVHQ4EFgQUdAlWIAMTUPgRr1pdFpTkt/wYzUYwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MTQyMjg5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEH
AQH/BCcwJTAjBAIAAjAdAwcEKgagBQcAMBIDBwQqBqAFCjADBwQqBqAFCmAwDQYJ
KoZIhvcNAQELBQADggEBAIYAQ87lnUd3tYCQi9Otx5RvAKzHvrreeBeM4h11hvzF
TY2nAsEXj4+VIMcQNsv1/77mi1TmBZLY7670lU+wM5WipixigyDTl9V3ZUgW+iq5
7PKy/pNgplwhuSPcz4c7+DT11nb/h6GcBWZ1k82ekMSNLmZKk+ZLyWjEzyXMx7Ea
zrz2rHV5YZf4fAjZMhl+zcYcymRJnS0B38i26CvWZl1vhIX+9cbC8xQ0jBbzocg2
xZU0cBKz6HrpTVi6QLB162jObcqlIsAtwex/f2ijFu4oxQyZduOdjVQ3J6xjdZBE
qB/PNlkSpe8O6oGKkFPuZLE5iDVbexBnqsAvSexWMo0=
-----END CERTIFICATE-----