Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS150298.roa
File:                     AS150298.roa (raw, json)
Hash identifier:          wQWag/H2sI8JFwUfjDd2qeoxu8DOnVSsMczE8YuRfT0=
Subject key identifier:   5D:C1:C6:F8:3C:34:4A:5A:59:44:42:DB:13:E2:55:33:B6:BA:5B:AE
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       191A4486617D4E200A5CA76E5F43753AE844A263
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS150298.roa
Signing time:             Tue 05 Dec 2023 02:44:19 +0000
ROA not before:           Tue 05 Dec 2023 02:39:19 +0000
ROA not after:            Tue 03 Dec 2024 02:44:19 +0000
asID:                     150298
IP address blocks:        2a06:a005:1278::/48 maxlen: 48
                          2a06:a005:1c50::/44 maxlen: 48
                          2a06:a005:1c60::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 05 May 2024 05:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            19:1a:44:86:61:7d:4e:20:0a:5c:a7:6e:5f:43:75:3a:e8:44:a2:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Dec  5 02:39:19 2023 GMT
            Not After : Dec  3 02:44:19 2024 GMT
        Subject: CN=5DC1C6F83C344A5A594442DB13E25533B6BA5BAE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:50:c6:ff:1b:24:37:a5:54:8a:93:99:ce:bf:
                    0c:85:e3:64:af:d4:ea:82:f2:1c:ee:57:5d:03:46:
                    45:9b:04:9e:70:c0:85:a1:05:e1:25:bc:f0:fb:29:
                    fb:eb:35:2c:25:63:de:22:ce:a4:ec:df:8b:be:58:
                    ad:97:76:60:6a:94:92:ba:3a:85:b2:62:93:bf:a0:
                    a5:bd:2d:d1:c7:aa:4a:86:a3:41:29:3d:11:7b:c4:
                    1e:84:d0:78:21:a0:91:ed:39:a9:02:04:ee:58:db:
                    6f:88:fe:eb:8d:6e:82:5d:d1:a2:26:85:19:5c:0d:
                    35:46:e4:62:0f:4d:0c:ed:d4:38:3d:c2:38:bb:23:
                    de:26:6d:d7:b8:f6:f3:a0:e5:a3:63:27:c1:da:5d:
                    ea:9c:9b:55:a3:b8:03:cf:37:42:82:2b:3b:03:45:
                    2c:72:55:e2:2b:56:dd:a0:6d:a7:93:b1:9c:03:de:
                    98:e2:0b:ce:ed:4a:0b:cc:14:4c:83:5c:38:c9:8b:
                    56:ed:f5:80:1b:af:57:13:af:bc:7d:46:7b:4e:6c:
                    c4:be:2c:96:41:93:92:36:22:b9:6c:f2:b6:46:30:
                    2c:67:67:79:36:ed:21:71:1f:28:e0:aa:3f:32:ff:
                    ec:2d:be:2b:02:d3:d4:df:c2:42:ca:9a:8d:5c:ae:
                    03:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:C1:C6:F8:3C:34:4A:5A:59:44:42:DB:13:E2:55:33:B6:BA:5B:AE
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS150298.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:1278::/48
                  2a06:a005:1c50::-2a06:a005:1c6f:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         60:56:cf:f2:e6:09:71:ed:91:f8:41:14:a9:70:4f:e1:ce:3a:
         d3:6a:74:ff:d0:89:37:81:8f:4d:7a:db:90:45:6f:f2:0e:f0:
         ff:14:ea:1f:45:0d:2b:17:ce:b9:77:fb:bb:84:ba:06:a0:6f:
         8c:fe:80:78:7a:3d:64:8b:fd:4f:d5:8b:3f:c2:e0:0c:a9:5b:
         4f:6d:10:34:6a:a6:6c:59:23:7b:d0:9a:80:ef:6a:04:00:a3:
         be:0a:72:49:fa:ed:68:88:6c:0e:7f:3c:d5:3e:1c:cc:d8:c5:
         89:80:71:58:68:c6:7f:ba:72:3b:8e:0d:87:a1:99:25:fc:a7:
         9d:1c:be:93:ba:e9:c6:5d:19:1d:92:d1:1a:4d:4b:ce:23:b6:
         dd:a5:f3:6d:10:d5:7f:65:c1:19:99:e9:e0:e1:be:ad:d4:bf:
         29:27:fd:36:68:de:3d:c3:f6:44:ef:ec:c2:dc:cf:c1:b5:29:
         42:01:f1:60:5f:04:11:c6:23:cd:fc:01:ee:09:29:92:63:8f:
         93:f9:98:a3:7e:95:d2:2f:ff:6f:f1:28:05:cc:5a:ce:ff:d6:
         6a:61:6c:5a:2c:e6:15:43:2e:0a:ba:32:4e:dc:f9:ff:90:d7:
         d7:37:57:4b:74:52:6c:a8:48:1d:a8:3a:fb:19:13:b0:53:96:
         70:4b:53:04
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgIUGRpEhmF9TiAKXKduX0N1OuhEomMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzEyMDUwMjM5MTlaFw0yNDEyMDMwMjQ0MTlaMDMxMTAvBgNV
BAMTKDVEQzFDNkY4M0MzNDRBNUE1OTQ0NDJEQjEzRTI1NTMzQjZCQTVCQUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNUMb/GyQ3pVSKk5nOvwyF42Sv
1OqC8hzuV10DRkWbBJ5wwIWhBeElvPD7KfvrNSwlY94izqTs34u+WK2XdmBqlJK6
OoWyYpO/oKW9LdHHqkqGo0EpPRF7xB6E0HghoJHtOakCBO5Y22+I/uuNboJd0aIm
hRlcDTVG5GIPTQzt1Dg9wji7I94mbde49vOg5aNjJ8HaXeqcm1WjuAPPN0KCKzsD
RSxyVeIrVt2gbaeTsZwD3pjiC87tSgvMFEyDXDjJi1bt9YAbr1cTr7x9RntObMS+
LJZBk5I2Irls8rZGMCxnZ3k27SFxHyjgqj8y/+wtvisC09TfwkLKmo1crgNvAgMB
AAGjggIGMIICAjAdBgNVHQ4EFgQUXcHG+Dw0SlpZRELbE+JVM7a6W64wHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MTUwMjk4LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEH
AQH/BCcwJTAjBAIAAjAdAwcAKgagBRJ4MBIDBwQqBqAFHFADBwQqBqAFHGAwDQYJ
KoZIhvcNAQELBQADggEBAGBWz/LmCXHtkfhBFKlwT+HOOtNqdP/QiTeBj01625BF
b/IO8P8U6h9FDSsXzrl3+7uEugagb4z+gHh6PWSL/U/Viz/C4AypW09tEDRqpmxZ
I3vQmoDvagQAo74Kckn67WiIbA5/PNU+HMzYxYmAcVhoxn+6cjuODYehmSX8p50c
vpO66cZdGR2S0RpNS84jtt2l820Q1X9lwRmZ6eDhvq3Uvykn/TZo3j3D9kTv7MLc
z8G1KUIB8WBfBBHGI838Ae4JKZJjj5P5mKN+ldIv/2/xKAXMWs7/1mphbFos5hVD
Lgq6Mk7c+f+Q19c3V0t0UmyoSB2oOvsZE7BTlnBLUwQ=
-----END CERTIFICATE-----