Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS147018.roa
File:                     AS147018.roa (raw, json)
Hash identifier:          HVXnruP27UJ4+M8sfEwOCCEUxTEVChOyaXivJgYyxOw=
Subject key identifier:   2C:AA:77:A2:EE:5E:A9:58:4B:71:71:C4:B5:E5:4F:C3:73:22:42:85
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       439732D22267740CA42ABFE4E4E7F6975F0C7688
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS147018.roa
Signing time:             Tue 05 Dec 2023 02:44:13 +0000
ROA not before:           Tue 05 Dec 2023 02:39:13 +0000
ROA not after:            Tue 03 Dec 2024 02:44:13 +0000
asID:                     147018
IP address blocks:        2a06:a005:a06::/48 maxlen: 48
                          2a06:a005:fc0::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 05 May 2024 05:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            43:97:32:d2:22:67:74:0c:a4:2a:bf:e4:e4:e7:f6:97:5f:0c:76:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Dec  5 02:39:13 2023 GMT
            Not After : Dec  3 02:44:13 2024 GMT
        Subject: CN=2CAA77A2EE5EA9584B7171C4B5E54FC373224285
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:04:30:8a:94:dd:ed:44:1c:f7:16:12:77:cd:
                    b8:95:38:54:17:dc:cc:24:40:d0:2d:e7:5f:04:fb:
                    4e:0d:b6:23:26:fc:fd:1a:58:8a:d0:53:65:4f:28:
                    aa:f5:ec:3d:1e:e1:ef:86:61:b8:97:a7:e8:da:25:
                    34:91:d0:b1:45:2c:70:69:af:90:07:15:61:29:25:
                    eb:4f:c1:fe:aa:cd:b1:f3:d8:49:df:ba:71:d4:73:
                    d3:0c:7d:40:11:00:26:97:c9:b6:2e:db:fb:53:4f:
                    f8:2b:83:be:10:40:e6:8f:b9:71:4b:b1:4c:fe:50:
                    9b:27:1e:d0:ff:93:fb:c0:13:23:07:71:3c:e0:87:
                    34:f2:12:9f:3d:68:34:f2:59:d0:7c:be:55:fb:5e:
                    75:6a:21:00:e9:41:e1:ca:dc:26:e7:d0:ee:70:3e:
                    13:f7:24:6b:53:24:73:2d:24:5d:9b:42:f1:99:77:
                    50:7b:ec:52:a0:78:7b:f1:4e:25:03:63:45:91:1a:
                    90:59:f1:1c:19:d2:76:d4:ae:c3:71:5f:ee:3d:0e:
                    5a:4e:6d:8b:f9:71:86:b7:aa:9a:f8:5a:54:77:8b:
                    d8:f3:a6:35:37:7b:1f:b2:56:e6:73:4f:c1:53:cc:
                    fc:30:ef:f8:92:3f:3c:5d:aa:c7:7a:f0:92:f7:5b:
                    42:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:AA:77:A2:EE:5E:A9:58:4B:71:71:C4:B5:E5:4F:C3:73:22:42:85
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS147018.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:a06::/48
                  2a06:a005:fc0::/44

    Signature Algorithm: sha256WithRSAEncryption
         30:63:7e:49:80:c9:29:bb:44:c7:c3:7a:17:ee:05:b5:e5:01:
         61:f3:c9:69:41:d9:cc:46:b6:59:fe:81:86:31:0f:33:5d:72:
         37:61:24:88:d4:c2:e3:78:cc:d0:e3:af:4c:f4:f0:11:f8:17:
         21:a1:22:91:b6:7c:55:3c:4f:d1:cc:2b:27:0c:1e:99:24:13:
         22:63:2c:42:94:cd:70:ae:4f:1d:14:4a:d5:24:50:65:1b:ae:
         1f:1d:d9:04:e8:a7:3e:36:2b:92:a9:32:de:98:96:e8:11:a0:
         8d:52:f5:56:fa:17:c8:9e:f7:fc:b1:a7:3e:50:f3:4a:d2:e8:
         b8:53:a2:5d:7e:d2:23:1e:38:0a:35:c7:89:fa:29:3e:65:d8:
         b6:7d:17:54:75:6c:35:30:42:00:18:87:2e:6b:83:94:e8:0a:
         38:ad:60:ce:7e:95:b2:1f:99:29:cf:c1:2d:e8:79:4b:a7:6d:
         4e:9a:5b:cc:27:a0:84:3a:1d:a9:16:af:6c:a0:e4:b2:e4:70:
         b5:e2:dd:ee:92:93:d9:84:da:65:1d:66:a8:80:a4:12:80:32:
         b3:3e:aa:f4:ac:56:ac:22:36:b0:b3:49:b8:d8:5f:92:5b:19:
         c9:0c:d2:f0:4b:90:9f:5f:d9:1c:45:83:50:c3:be:e0:e6:7c:
         c0:e9:50:15
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIUQ5cy0iJndAykKr/k5Of2l18MdogwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzEyMDUwMjM5MTNaFw0yNDEyMDMwMjQ0MTNaMDMxMTAvBgNV
BAMTKDJDQUE3N0EyRUU1RUE5NTg0QjcxNzFDNEI1RTU0RkMzNzMyMjQyODUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaBDCKlN3tRBz3FhJ3zbiVOFQX
3MwkQNAt518E+04NtiMm/P0aWIrQU2VPKKr17D0e4e+GYbiXp+jaJTSR0LFFLHBp
r5AHFWEpJetPwf6qzbHz2EnfunHUc9MMfUARACaXybYu2/tTT/grg74QQOaPuXFL
sUz+UJsnHtD/k/vAEyMHcTzghzTyEp89aDTyWdB8vlX7XnVqIQDpQeHK3Cbn0O5w
PhP3JGtTJHMtJF2bQvGZd1B77FKgeHvxTiUDY0WRGpBZ8RwZ0nbUrsNxX+49DlpO
bYv5cYa3qpr4WlR3i9jzpjU3ex+yVuZzT8FTzPww7/iSPzxdqsd68JL3W0IJAgMB
AAGjggH7MIIB9zAdBgNVHQ4EFgQULKp3ou5eqVhLcXHEteVPw3MiQoUwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MTQ3MDE4LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEH
AQH/BBwwGjAYBAIAAjASAwcAKgagBQoGAwcEKgagBQ/AMA0GCSqGSIb3DQEBCwUA
A4IBAQAwY35JgMkpu0THw3oX7gW15QFh88lpQdnMRrZZ/oGGMQ8zXXI3YSSI1MLj
eMzQ469M9PAR+BchoSKRtnxVPE/RzCsnDB6ZJBMiYyxClM1wrk8dFErVJFBlG64f
HdkE6Kc+NiuSqTLemJboEaCNUvVW+hfInvf8sac+UPNK0ui4U6JdftIjHjgKNceJ
+ik+Zdi2fRdUdWw1MEIAGIcua4OU6Ao4rWDOfpWyH5kpz8Et6HlLp21OmlvMJ6CE
Oh2pFq9soOSy5HC14t3ukpPZhNplHWaogKQSgDKzPqr0rFasIjaws0m42F+SWxnJ
DNLwS5CfX9kcRYNQw77g5nzA6VAV
-----END CERTIFICATE-----