Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS142553.roa
File:                     AS142553.roa (raw, json)
Hash identifier:          rCOCTpRPoWgQNgtp0eqjWe+HJobndodl3rbYdl1T0r4=
Subject key identifier:   37:31:4D:A5:8C:5C:4A:42:16:BE:40:2E:33:EB:F5:3E:90:DF:F6:80
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       77DF612616BE6432545532C1550789227DD71F21
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS142553.roa
Signing time:             Tue 05 Nov 2024 03:40:04 +0000
ROA not before:           Tue 05 Nov 2024 03:35:04 +0000
ROA not after:            Tue 04 Nov 2025 03:40:04 +0000
asID:                     142553
IP address blocks:        2a06:a005:560::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 23:17:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            77:df:61:26:16:be:64:32:54:55:32:c1:55:07:89:22:7d:d7:1f:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Nov  5 03:35:04 2024 GMT
            Not After : Nov  4 03:40:04 2025 GMT
        Subject: CN=37314DA58C5C4A4216BE402E33EBF53E90DFF680
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:70:33:80:8d:98:59:4d:c5:51:6e:be:12:71:
                    bb:01:7a:8c:b1:c5:ed:b9:c4:cc:20:0b:a9:47:fd:
                    9f:77:3f:18:ed:1b:99:48:1e:4e:19:90:de:07:42:
                    62:bd:51:36:de:98:71:a0:29:7c:3b:65:8a:a3:e9:
                    55:c8:4b:cd:48:1a:71:1d:fc:65:e0:e5:c7:d0:15:
                    3f:39:6c:09:ab:21:f3:b1:cf:8f:d9:22:e5:83:5e:
                    7a:17:76:01:2a:15:4f:02:2c:0e:ab:8a:ef:23:42:
                    2f:64:df:33:fc:c1:d3:c2:b7:b7:47:cb:33:c2:26:
                    91:5f:ae:24:b8:44:1b:cc:ee:3a:fa:71:a2:07:3e:
                    73:af:bf:81:ad:f2:ef:19:fa:c5:dc:10:58:60:ff:
                    bc:f7:45:0a:2a:eb:3b:c9:a7:80:ef:f9:4c:3f:e9:
                    2d:da:4c:7c:d5:ad:ab:6a:86:d9:43:98:dc:81:7e:
                    98:de:e6:11:60:00:df:7f:5c:6a:68:2f:b6:fa:c9:
                    7e:8b:5c:de:04:12:40:cf:f7:25:2e:c3:5b:b6:5a:
                    77:ea:2d:23:46:e1:b1:66:2d:2c:58:4d:5a:f3:85:
                    dc:d6:44:74:c8:6c:fd:d3:0b:2a:65:7f:95:49:9a:
                    7a:ae:d2:84:66:7c:78:d2:72:b2:8e:21:d0:4e:46:
                    c4:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:31:4D:A5:8C:5C:4A:42:16:BE:40:2E:33:EB:F5:3E:90:DF:F6:80
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS142553.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:560::/44

    Signature Algorithm: sha256WithRSAEncryption
         1e:34:94:da:26:32:f0:90:0a:1c:76:4e:9f:87:22:ae:7b:2b:
         49:f2:4e:77:5a:52:0f:a6:d1:01:5a:10:20:6a:82:38:2c:13:
         e2:a8:10:0d:23:54:3b:92:93:51:a1:8f:1a:3b:c1:e7:22:d5:
         a3:db:8d:8a:a7:0d:45:a8:a2:1f:37:a8:de:31:0b:3a:9a:46:
         d0:3b:5a:df:fc:f4:71:7e:92:d3:f1:59:7b:6c:9f:96:00:21:
         0a:6d:23:e8:74:0b:ae:4d:e4:b5:50:69:20:36:b2:3b:e1:c1:
         53:87:a9:90:3d:ce:0d:2e:8a:c2:f1:a4:ee:d5:b8:de:2f:5a:
         d7:d7:ff:03:24:5b:a1:f6:39:fe:d4:34:27:14:fd:07:54:47:
         0b:77:90:fa:1c:f6:d2:b8:71:d1:c3:6d:0a:9e:a4:30:01:6a:
         91:e1:ef:09:b8:7b:46:40:c0:fc:2a:7e:3b:eb:00:95:93:a1:
         9f:cf:cb:7f:80:2b:4e:ae:0b:39:f7:2d:2b:b1:1c:11:2d:23:
         90:42:ac:fd:a1:0a:4f:06:4d:ce:86:65:f1:fb:0a:f7:d8:9c:
         33:1b:05:29:29:5a:90:8e:7a:da:58:9c:c5:59:80:52:e2:a3:
         a8:35:56:db:a7:88:90:12:00:07:ad:2d:35:7b:3b:01:6f:18:
         ee:73:5e:ff
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUd99hJha+ZDJUVTLBVQeJIn3XHyEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDExMDUwMzM1MDRaFw0yNTExMDQwMzQwMDRaMDMxMTAvBgNV
BAMTKDM3MzE0REE1OEM1QzRBNDIxNkJFNDAyRTMzRUJGNTNFOTBERkY2ODAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDhcDOAjZhZTcVRbr4ScbsBeoyx
xe25xMwgC6lH/Z93PxjtG5lIHk4ZkN4HQmK9UTbemHGgKXw7ZYqj6VXIS81IGnEd
/GXg5cfQFT85bAmrIfOxz4/ZIuWDXnoXdgEqFU8CLA6riu8jQi9k3zP8wdPCt7dH
yzPCJpFfriS4RBvM7jr6caIHPnOvv4Gt8u8Z+sXcEFhg/7z3RQoq6zvJp4Dv+Uw/
6S3aTHzVratqhtlDmNyBfpje5hFgAN9/XGpoL7b6yX6LXN4EEkDP9yUuw1u2Wnfq
LSNG4bFmLSxYTVrzhdzWRHTIbP3TCyplf5VJmnqu0oRmfHjScrKOIdBORsShAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUNzFNpYxcSkIWvkAuM+v1PpDf9oAwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MTQyNTUzLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcEKgagBQVgMA0GCSqGSIb3DQEBCwUAA4IBAQAeNJTa
JjLwkAocdk6fhyKueytJ8k53WlIPptEBWhAgaoI4LBPiqBANI1Q7kpNRoY8aO8Hn
ItWj242Kpw1FqKIfN6jeMQs6mkbQO1rf/PRxfpLT8Vl7bJ+WACEKbSPodAuuTeS1
UGkgNrI74cFTh6mQPc4NLorC8aTu1bjeL1rX1/8DJFuh9jn+1DQnFP0HVEcLd5D6
HPbSuHHRw20KnqQwAWqR4e8JuHtGQMD8Kn476wCVk6Gfz8t/gCtOrgs59y0rsRwR
LSOQQqz9oQpPBk3OhmXx+wr32JwzGwUpKVqQjnraWJzFWYBS4qOoNVbbp4iQEgAH
rS01ezsBbxjuc17/
-----END CERTIFICATE-----