Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS14618.roa
File:                     AS14618.roa (raw, json)
Hash identifier:          Y5inkSggsT245lyPFKiE06Szq6pNS9NurXPwi6IyjyY=
Subject key identifier:   47:C5:1A:08:65:3B:8D:D7:69:B7:6E:9D:E0:1D:65:5C:9D:C4:C2:77
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       664655BC182333E2D98F8655EEE536C90E6D7C1E
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS14618.roa
Signing time:             Sun 22 Oct 2023 03:35:39 +0000
ROA not before:           Sun 22 Oct 2023 03:30:39 +0000
ROA not after:            Sun 20 Oct 2024 03:35:39 +0000
asID:                     14618
IP address blocks:        2a0a:6043::/40 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 02 May 2024 14:46:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            66:46:55:bc:18:23:33:e2:d9:8f:86:55:ee:e5:36:c9:0e:6d:7c:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Oct 22 03:30:39 2023 GMT
            Not After : Oct 20 03:35:39 2024 GMT
        Subject: CN=47C51A08653B8DD769B76E9DE01D655C9DC4C277
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:55:9d:2b:91:08:8a:44:42:f7:48:61:d9:bd:
                    80:03:a7:b1:e2:29:18:50:a9:cf:71:e9:c7:6d:33:
                    60:ec:16:75:01:4b:33:d8:da:ef:f2:42:6f:7c:ce:
                    8b:ba:22:20:69:3d:16:c1:d6:27:3a:82:f9:dd:46:
                    11:0d:37:3d:bf:38:2b:5a:b0:30:b2:ef:ea:01:ec:
                    1e:85:99:fc:81:ad:78:d4:11:2b:c3:81:e2:c5:55:
                    64:90:d9:5a:7b:30:ea:f6:af:3d:40:12:62:e8:60:
                    82:be:0f:9f:38:ae:91:0f:3e:d6:88:a1:0d:df:46:
                    72:4e:c1:a3:e4:c7:47:0f:78:78:57:b8:e3:c4:5e:
                    a7:17:13:c9:2b:77:02:03:56:5d:0f:87:e7:6f:a1:
                    6e:ca:67:ba:92:ad:a9:52:dd:1a:be:f9:72:7d:6f:
                    a7:7b:d9:59:0e:4c:1d:ac:a5:41:e1:05:70:f6:54:
                    e4:0c:73:9d:18:10:6a:87:5d:95:23:0c:8b:ed:99:
                    0b:5e:3e:8c:6c:02:4d:50:1a:12:83:c2:73:55:53:
                    39:33:2a:67:53:16:4f:92:e4:57:9e:b3:ee:14:c1:
                    a2:aa:c9:0a:69:40:74:0e:5d:3a:f0:84:fe:6d:5a:
                    c6:ac:9e:9c:0a:99:31:b9:3a:0f:b5:f8:d0:a1:66:
                    f8:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:C5:1A:08:65:3B:8D:D7:69:B7:6E:9D:E0:1D:65:5C:9D:C4:C2:77
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS14618.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:6043::/40

    Signature Algorithm: sha256WithRSAEncryption
         b5:8f:72:c9:5e:62:6b:df:4a:99:04:12:4e:b1:7f:6f:1f:d6:
         4c:a0:f4:40:9f:5c:ec:ad:47:8e:7d:b5:82:b4:8e:b1:da:8f:
         ac:03:c5:fe:72:a0:bb:87:82:41:b3:e4:53:53:20:de:34:1b:
         e3:30:91:63:74:9d:4a:2d:42:dc:72:7a:bc:39:cc:80:98:f7:
         c9:c8:68:ca:26:d5:5b:73:a7:00:6f:d8:10:61:6c:08:be:31:
         ab:70:90:c7:23:44:c2:df:0e:68:0c:bd:18:84:7e:66:e8:5f:
         db:71:17:c0:93:c9:d5:2d:0a:3e:b9:a0:db:6a:14:52:47:39:
         05:64:22:b0:a7:c4:23:e5:0d:2a:1a:65:40:d5:de:a9:d3:40:
         65:df:bf:9f:32:04:90:fe:5b:4f:4d:97:b9:f9:dd:db:8d:e0:
         43:89:73:3d:f7:3b:5a:96:95:54:e5:69:96:7e:bd:8f:c2:79:
         f4:0e:d4:c4:93:ef:6c:aa:5d:79:b7:b9:ad:f6:98:23:1c:12:
         70:3b:f1:2c:f8:be:47:d0:1e:c0:d5:b5:08:a6:46:42:cf:ea:
         e9:6f:7f:bc:9e:04:e5:75:91:bb:d6:80:bb:93:4c:bc:17:e4:
         f7:c3:48:f4:6c:95:68:f4:d8:f9:43:d2:92:ba:ec:03:c7:6e:
         28:94:05:e3
-----BEGIN CERTIFICATE-----
MIIE5jCCA86gAwIBAgIUZkZVvBgjM+LZj4ZV7uU2yQ5tfB4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzEwMjIwMzMwMzlaFw0yNDEwMjAwMzM1MzlaMDMxMTAvBgNV
BAMTKDQ3QzUxQTA4NjUzQjhERDc2OUI3NkU5REUwMUQ2NTVDOURDNEMyNzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvVZ0rkQiKREL3SGHZvYADp7Hi
KRhQqc9x6cdtM2DsFnUBSzPY2u/yQm98zou6IiBpPRbB1ic6gvndRhENNz2/OCta
sDCy7+oB7B6FmfyBrXjUESvDgeLFVWSQ2Vp7MOr2rz1AEmLoYIK+D584rpEPPtaI
oQ3fRnJOwaPkx0cPeHhXuOPEXqcXE8krdwIDVl0Ph+dvoW7KZ7qSralS3Rq++XJ9
b6d72VkOTB2spUHhBXD2VOQMc50YEGqHXZUjDIvtmQtePoxsAk1QGhKDwnNVUzkz
KmdTFk+S5Fees+4UwaKqyQppQHQOXTrwhP5tWsasnpwKmTG5Og+1+NChZvhnAgMB
AAGjggHwMIIB7DAdBgNVHQ4EFgQUR8UaCGU7jddpt26d4B1lXJ3EwncwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBvBggrBgEF
BQcBCwRjMGEwXwYIKwYBBQUHMAuGU3JzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MTQ2MTgucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcB
Af8EEjAQMA4EAgACMAgDBgAqCmBDADANBgkqhkiG9w0BAQsFAAOCAQEAtY9yyV5i
a99KmQQSTrF/bx/WTKD0QJ9c7K1Hjn21grSOsdqPrAPF/nKgu4eCQbPkU1Mg3jQb
4zCRY3SdSi1C3HJ6vDnMgJj3ychoyibVW3OnAG/YEGFsCL4xq3CQxyNEwt8OaAy9
GIR+Zuhf23EXwJPJ1S0KPrmg22oUUkc5BWQisKfEI+UNKhplQNXeqdNAZd+/nzIE
kP5bT02Xufnd243gQ4lzPfc7WpaVVOVpln69j8J59A7UxJPvbKpdebe5rfaYIxwS
cDvxLPi+R9AewNW1CKZGQs/q6W9/vJ4E5XWRu9aAu5NMvBfk98NI9GyVaPTY+UPS
krrsA8duKJQF4w==
-----END CERTIFICATE-----