Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS149835.roa
File:                     AS149835.roa (raw, json)
Hash identifier:          qMEBYaXHMxmMOuF6UTSOOkcK4rZL6CdpuPpZabsbpm4=
Subject key identifier:   9C:B0:10:9F:2A:86:C6:8D:FD:75:A5:7E:29:7A:09:26:F1:B1:FB:BD
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       5272A5EDE6FEB3F37D5A86D71F489ECBBB76E7B5
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS149835.roa
Signing time:             Tue 05 Dec 2023 02:44:15 +0000
ROA not before:           Tue 05 Dec 2023 02:39:15 +0000
ROA not after:            Tue 03 Dec 2024 02:44:15 +0000
asID:                     149835
IP address blocks:        2a06:a005:10a0::/44 maxlen: 48
                          2a06:a005:2850::/44 maxlen: 48
                          2a06:a005:2860::/44 maxlen: 48
                          2a06:a005:2870::/44 maxlen: 48
                          2a06:a005:2880::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 05 May 2024 05:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            52:72:a5:ed:e6:fe:b3:f3:7d:5a:86:d7:1f:48:9e:cb:bb:76:e7:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Dec  5 02:39:15 2023 GMT
            Not After : Dec  3 02:44:15 2024 GMT
        Subject: CN=9CB0109F2A86C68DFD75A57E297A0926F1B1FBBD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:e1:54:4a:13:b2:18:0a:f5:7b:e5:71:40:01:
                    55:45:4b:d6:cd:24:65:94:c5:95:b3:c6:62:e2:d0:
                    41:a2:7c:b6:38:05:61:d9:15:1c:e5:40:04:85:dc:
                    0a:93:ac:bc:c8:57:af:7a:c8:66:1c:98:1d:7e:b2:
                    e5:c6:d4:5e:cf:d6:99:e4:f9:de:12:83:65:0a:99:
                    36:f1:cf:4d:94:26:08:88:37:34:8d:a8:b8:9b:65:
                    20:e2:16:04:4d:c0:a1:98:21:c9:de:16:f5:e0:df:
                    19:fb:99:1f:e4:d7:b0:07:31:66:7d:09:e4:13:1d:
                    06:cb:75:0f:96:bf:b4:33:f8:da:fd:8b:fc:4f:0b:
                    c6:00:ec:a0:19:f7:fc:36:a7:bc:44:8a:ad:80:56:
                    43:6a:02:38:77:b9:02:14:b8:58:bf:4b:03:66:bb:
                    d7:3c:7f:39:63:fe:26:a8:55:5d:0e:bc:cf:ce:35:
                    b0:ff:b2:52:7c:81:00:8e:7a:e1:2c:2a:c2:e4:65:
                    10:c1:00:b6:28:03:9d:9a:e6:99:fe:54:dd:09:c2:
                    57:3b:06:9a:2f:5b:d9:71:0a:f9:28:e6:78:ca:fd:
                    4f:a2:cb:58:7c:67:a3:15:ef:0b:3c:58:59:4e:f8:
                    3f:bb:b1:44:f5:e2:c3:a0:e7:a3:f9:4e:2b:ab:9c:
                    af:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:B0:10:9F:2A:86:C6:8D:FD:75:A5:7E:29:7A:09:26:F1:B1:FB:BD
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS149835.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:10a0::/44
                  2a06:a005:2850::-2a06:a005:288f:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         9a:4c:a1:cc:5b:29:d1:9c:95:07:4c:c3:21:17:23:e5:d5:4a:
         6f:ea:cc:6e:65:5d:e9:65:64:f3:79:01:b0:e8:c3:4e:2d:cd:
         7b:93:8d:4e:28:67:b6:12:04:66:1b:d9:5d:f3:99:6e:03:f7:
         f2:1e:ee:3f:66:1d:81:07:f8:72:75:28:e1:be:62:45:35:4c:
         30:67:01:34:14:ed:4e:b3:a5:86:23:a2:a6:ee:5a:f5:70:f7:
         af:4a:ad:c6:e2:b0:7e:8e:e9:88:90:aa:fb:6d:93:a0:64:5d:
         74:22:36:a3:5c:84:bb:0d:af:d3:fb:1a:a0:22:58:d9:d5:63:
         c3:50:51:2b:cd:e9:92:2a:78:ab:31:26:4c:be:ab:a4:2e:45:
         29:b5:3e:75:26:c4:fd:38:ad:57:a2:41:9c:19:17:1d:94:08:
         3a:1b:2b:22:a1:f3:74:94:ad:ea:f8:be:a3:64:a0:be:79:4a:
         6e:32:04:52:c9:e3:32:1c:84:83:86:98:d9:45:f8:7f:d6:9b:
         f7:a7:55:de:1f:36:5b:2a:ad:25:14:8d:50:d6:5b:61:49:dc:
         f9:2e:f2:17:fa:62:a2:18:43:5f:ff:a9:26:d0:cb:15:d5:96:
         71:f5:24:05:66:2c:cb:bf:b6:98:fb:84:e2:d7:83:c0:cb:18:
         c8:e1:2a:99
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgIUUnKl7eb+s/N9WobXH0iey7t257UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzEyMDUwMjM5MTVaFw0yNDEyMDMwMjQ0MTVaMDMxMTAvBgNV
BAMTKDlDQjAxMDlGMkE4NkM2OERGRDc1QTU3RTI5N0EwOTI2RjFCMUZCQkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDI4VRKE7IYCvV75XFAAVVFS9bN
JGWUxZWzxmLi0EGifLY4BWHZFRzlQASF3AqTrLzIV696yGYcmB1+suXG1F7P1pnk
+d4Sg2UKmTbxz02UJgiINzSNqLibZSDiFgRNwKGYIcneFvXg3xn7mR/k17AHMWZ9
CeQTHQbLdQ+Wv7Qz+Nr9i/xPC8YA7KAZ9/w2p7xEiq2AVkNqAjh3uQIUuFi/SwNm
u9c8fzlj/iaoVV0OvM/ONbD/slJ8gQCOeuEsKsLkZRDBALYoA52a5pn+VN0Jwlc7
BpovW9lxCvko5njK/U+iy1h8Z6MV7ws8WFlO+D+7sUT14sOg56P5TiurnK/pAgMB
AAGjggIGMIICAjAdBgNVHQ4EFgQUnLAQnyqGxo39daV+KXoJJvGx+70wHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MTQ5ODM1LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEH
AQH/BCcwJTAjBAIAAjAdAwcEKgagBRCgMBIDBwQqBqAFKFADBwQqBqAFKIAwDQYJ
KoZIhvcNAQELBQADggEBAJpMocxbKdGclQdMwyEXI+XVSm/qzG5lXellZPN5AbDo
w04tzXuTjU4oZ7YSBGYb2V3zmW4D9/Ie7j9mHYEH+HJ1KOG+YkU1TDBnATQU7U6z
pYYjoqbuWvVw969KrcbisH6O6YiQqvttk6BkXXQiNqNchLsNr9P7GqAiWNnVY8NQ
USvN6ZIqeKsxJky+q6QuRSm1PnUmxP04rVeiQZwZFx2UCDobKyKh83SUrer4vqNk
oL55Sm4yBFLJ4zIchIOGmNlF+H/Wm/enVd4fNlsqrSUUjVDWW2FJ3Pku8hf6YqIY
Q1//qSbQyxXVlnH1JAVmLMu/tpj7hOLXg8DLGMjhKpk=
-----END CERTIFICATE-----