Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS142289.roa
File:                     AS142289.roa (raw, json)
Hash identifier:          MxspPaMNh5fcBNwk18WqRyBC3XPlQ325LQlOxTfF95E=
Subject key identifier:   73:25:5F:7E:AF:9D:8E:68:1E:A8:2E:15:9D:85:FC:9F:AF:F5:CE:49
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       18F88EFA2826848A1F102D57A496C8B1BC05F883
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS142289.roa
Signing time:             Tue 05 Nov 2024 03:40:06 +0000
ROA not before:           Tue 05 Nov 2024 03:35:06 +0000
ROA not after:            Tue 04 Nov 2025 03:40:06 +0000
asID:                     142289
IP address blocks:        2a06:a005:700::/44 maxlen: 48
                          2a06:a005:a30::/44 maxlen: 48
                          2a06:a005:a40::/44 maxlen: 48
                          2a06:a005:a50::/44 maxlen: 48
                          2a06:a005:a60::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 23:17:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            18:f8:8e:fa:28:26:84:8a:1f:10:2d:57:a4:96:c8:b1:bc:05:f8:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Nov  5 03:35:06 2024 GMT
            Not After : Nov  4 03:40:06 2025 GMT
        Subject: CN=73255F7EAF9D8E681EA82E159D85FC9FAFF5CE49
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:30:c0:34:6a:af:08:2a:34:10:61:65:ad:e3:
                    89:4d:d2:a4:2f:8f:2c:a2:ce:47:2b:2a:c3:f4:7d:
                    4e:8d:73:aa:2c:02:ff:0f:90:82:a1:73:0a:e5:c9:
                    52:9f:45:18:59:a7:5f:b7:28:9e:39:da:75:10:a2:
                    e0:d6:8e:8c:83:2f:ba:52:22:51:4c:2e:e5:c2:62:
                    2e:4d:9d:f0:a4:0c:83:04:af:b0:3c:3b:fe:fb:20:
                    bc:4f:8e:97:7f:6e:80:1d:29:46:d2:b1:b4:4c:f5:
                    10:c7:f4:17:49:24:73:20:cf:6c:8a:ca:37:56:d4:
                    85:31:08:82:ca:ee:e6:13:98:fa:c7:4e:24:32:67:
                    fb:0c:c2:2b:64:4f:a4:c8:98:2a:a5:d0:1e:61:55:
                    7b:12:5e:d5:19:fd:15:80:79:0b:69:dd:b2:4d:40:
                    9d:e8:f2:59:9f:06:fb:a9:be:d0:8c:43:c0:cf:39:
                    19:f7:8e:78:b8:12:6c:7d:ed:e2:9c:a8:ad:65:ea:
                    89:7f:8c:f5:d8:ac:6f:43:4b:ed:a9:3f:bb:a7:0c:
                    fa:47:20:9b:e1:25:d6:2d:52:59:4e:44:7d:ca:f1:
                    23:e8:37:f0:5b:33:81:a5:d7:a4:5c:e2:26:1e:06:
                    6d:60:45:be:6d:dd:d3:20:66:af:39:8a:b2:13:88:
                    e8:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:25:5F:7E:AF:9D:8E:68:1E:A8:2E:15:9D:85:FC:9F:AF:F5:CE:49
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS142289.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:700::/44
                  2a06:a005:a30::-2a06:a005:a6f:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         46:08:0d:8d:80:4b:b3:b0:de:af:78:9c:2e:00:a3:a2:3e:e4:
         57:fc:81:0b:0e:6a:73:ab:ba:07:a7:99:f9:1e:64:ce:4c:9c:
         54:ff:93:43:85:cc:5f:a1:55:44:9c:9c:7b:25:27:e1:45:07:
         91:5a:44:ff:a4:0c:46:c3:eb:24:be:9f:ed:94:f4:d2:5c:30:
         6e:29:76:39:87:3b:d8:eb:68:d3:9a:12:fc:ea:af:44:cf:34:
         31:a5:e5:a6:8a:2a:84:4d:73:eb:76:98:5c:72:7a:78:19:90:
         1d:83:a7:66:0e:00:3d:f7:91:67:fc:14:b7:6c:11:a3:52:52:
         81:6b:2e:4e:16:32:31:b7:52:20:30:b8:bc:75:6a:99:76:83:
         e9:52:80:58:ef:41:47:a0:69:7c:58:f4:39:8e:5c:4b:2d:4f:
         24:23:48:8b:19:3f:c2:ed:f7:80:5b:6a:75:de:81:19:bb:fc:
         02:b3:c9:01:62:9d:1c:07:d7:96:bc:10:4a:d4:fa:25:ab:8e:
         bb:4d:4b:6a:60:fa:63:21:d8:48:6e:b0:7d:0c:79:e1:bd:4d:
         8d:ef:04:94:4d:57:ad:af:ce:97:f9:18:be:7b:9d:d4:bf:c1:
         b9:97:29:0f:cf:15:6f:6d:1e:e3:dd:87:97:38:ae:54:41:69:
         25:6b:06:ef
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgIUGPiO+igmhIofEC1XpJbIsbwF+IMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDExMDUwMzM1MDZaFw0yNTExMDQwMzQwMDZaMDMxMTAvBgNV
BAMTKDczMjU1RjdFQUY5RDhFNjgxRUE4MkUxNTlEODVGQzlGQUZGNUNFNDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAMMA0aq8IKjQQYWWt44lN0qQv
jyyizkcrKsP0fU6Nc6osAv8PkIKhcwrlyVKfRRhZp1+3KJ452nUQouDWjoyDL7pS
IlFMLuXCYi5NnfCkDIMEr7A8O/77ILxPjpd/boAdKUbSsbRM9RDH9BdJJHMgz2yK
yjdW1IUxCILK7uYTmPrHTiQyZ/sMwitkT6TImCql0B5hVXsSXtUZ/RWAeQtp3bJN
QJ3o8lmfBvupvtCMQ8DPORn3jni4Emx97eKcqK1l6ol/jPXYrG9DS+2pP7unDPpH
IJvhJdYtUllORH3K8SPoN/BbM4Gl16Rc4iYeBm1gRb5t3dMgZq85irITiOjJAgMB
AAGjggIGMIICAjAdBgNVHQ4EFgQUcyVffq+djmgeqC4VnYX8n6/1zkkwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MTQyMjg5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEH
AQH/BCcwJTAjBAIAAjAdAwcEKgagBQcAMBIDBwQqBqAFCjADBwQqBqAFCmAwDQYJ
KoZIhvcNAQELBQADggEBAEYIDY2AS7Ow3q94nC4Ao6I+5Ff8gQsOanOrugenmfke
ZM5MnFT/k0OFzF+hVUScnHslJ+FFB5FaRP+kDEbD6yS+n+2U9NJcMG4pdjmHO9jr
aNOaEvzqr0TPNDGl5aaKKoRNc+t2mFxyengZkB2Dp2YOAD33kWf8FLdsEaNSUoFr
Lk4WMjG3UiAwuLx1apl2g+lSgFjvQUegaXxY9DmOXEstTyQjSIsZP8Lt94BbanXe
gRm7/AKzyQFinRwH15a8EErU+iWrjrtNS2pg+mMh2EhusH0MeeG9TY3vBJRNV62v
zpf5GL57ndS/wbmXKQ/PFW9tHuPdh5c4rlRBaSVrBu8=
-----END CERTIFICATE-----