Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS17138.roa
File:                     AS17138.roa (raw, json)
Hash identifier:          UUzZwi0u0DoEYGHTXiZfN+0qAiJ/3RW5betfniD+tcc=
Subject key identifier:   5E:B5:31:46:AB:B4:2C:B6:8C:1C:D5:FC:85:CC:58:47:BD:4F:EB:BA
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       151CDD5FC3FC2E03FCE128A3B951B5EFE6F9A17C
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS17138.roa
Signing time:             Tue 05 Nov 2024 03:40:05 +0000
ROA not before:           Tue 05 Nov 2024 03:35:05 +0000
ROA not after:            Tue 04 Nov 2025 03:40:05 +0000
asID:                     17138
IP address blocks:        2a06:a005:b10::/44 maxlen: 48
                          2a06:a005:b20::/44 maxlen: 48
                          2a06:a005:b30::/44 maxlen: 48
                          2a06:a005:b40::/44 maxlen: 48
                          2a06:a005:b50::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 23:17:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            15:1c:dd:5f:c3:fc:2e:03:fc:e1:28:a3:b9:51:b5:ef:e6:f9:a1:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Nov  5 03:35:05 2024 GMT
            Not After : Nov  4 03:40:05 2025 GMT
        Subject: CN=5EB53146ABB42CB68C1CD5FC85CC5847BD4FEBBA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:cd:fd:ae:3f:97:ff:db:26:4a:b8:2a:39:c7:
                    b5:cb:c9:ef:0b:f5:6c:cd:7b:d5:e7:87:41:06:f3:
                    88:9c:78:e8:b2:1e:10:60:ba:d3:27:b5:0b:b0:95:
                    49:f2:e3:6b:5c:0a:d0:05:a9:86:4c:51:84:e3:1e:
                    54:6d:7d:b3:7f:2f:34:ea:0d:fa:d8:3b:aa:f0:15:
                    00:19:bd:3b:a9:51:04:be:9b:26:d7:b1:91:8b:44:
                    1b:fa:80:11:5f:36:25:00:00:fa:8a:19:e3:db:1d:
                    58:99:72:53:15:c8:d6:e2:1f:b8:ff:b1:fa:f6:c2:
                    32:55:8a:26:18:67:d9:76:61:c9:cd:4a:05:15:ce:
                    73:d2:8f:df:d0:d9:08:6f:4a:7e:2e:1f:d3:2a:97:
                    a4:f8:7c:81:39:c0:00:d2:eb:c0:f8:bb:1d:39:15:
                    2b:db:7d:9c:a0:f3:2b:01:03:15:5e:4b:c0:08:df:
                    39:7a:cc:5f:48:7f:f9:c8:3b:87:7e:ad:9b:29:1f:
                    5f:86:d6:23:b6:05:67:a6:5a:42:1a:3f:72:01:9e:
                    21:eb:c1:67:30:23:79:79:1f:68:40:5f:39:f7:a3:
                    df:be:0b:81:d9:eb:90:4d:52:dd:75:8f:f4:ac:d5:
                    7f:68:be:73:2b:86:f6:d9:5a:14:b3:de:e1:4a:6a:
                    ba:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:B5:31:46:AB:B4:2C:B6:8C:1C:D5:FC:85:CC:58:47:BD:4F:EB:BA
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS17138.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:b10::-2a06:a005:b5f:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         46:44:ee:50:c3:ca:23:c4:f7:6b:2c:15:0a:0f:75:10:63:e6:
         d2:97:a2:73:e2:4f:e0:4a:5d:97:de:9e:cc:51:8a:2b:9f:e8:
         71:ed:79:54:df:73:01:16:e1:4a:a9:a7:9b:25:d6:b1:dc:9d:
         72:6f:0f:75:e0:f4:97:ff:84:23:f9:5a:da:fc:bd:ac:6c:0e:
         93:7b:76:ef:e9:fb:1a:39:d0:c2:a1:4f:6d:43:70:09:93:90:
         81:02:4c:b7:7c:6e:de:69:7a:6d:d2:15:38:01:f5:46:4c:ae:
         b6:e0:83:aa:8f:93:98:ee:33:6a:77:ef:c3:61:8d:c9:e3:86:
         b3:cb:06:86:cb:59:ab:6f:36:96:e8:63:d8:f1:ca:36:7f:83:
         43:31:a0:3d:94:65:ea:cb:14:a3:d3:9c:19:74:d2:99:96:23:
         3e:d9:2b:7c:b0:cf:04:65:81:2a:ba:1a:c6:f6:44:7a:6b:f9:
         1c:93:d5:1a:f3:ab:51:58:66:3b:4e:f7:21:6d:c8:46:f3:5f:
         97:31:47:91:a6:6e:e0:1d:3c:3b:f3:05:bd:00:a1:21:c7:f9:
         ed:d4:c1:23:fd:52:bf:89:fc:6d:ee:db:12:71:a5:c4:9c:8e:
         36:43:15:51:74:65:b0:22:65:42:b3:6c:4c:bd:88:52:0f:54:
         33:fb:c0:8b
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIUFRzdX8P8LgP84SijuVG17+b5oXwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDExMDUwMzM1MDVaFw0yNTExMDQwMzQwMDVaMDMxMTAvBgNV
BAMTKDVFQjUzMTQ2QUJCNDJDQjY4QzFDRDVGQzg1Q0M1ODQ3QkQ0RkVCQkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCezf2uP5f/2yZKuCo5x7XLye8L
9WzNe9Xnh0EG84iceOiyHhBgutMntQuwlUny42tcCtAFqYZMUYTjHlRtfbN/LzTq
DfrYO6rwFQAZvTupUQS+mybXsZGLRBv6gBFfNiUAAPqKGePbHViZclMVyNbiH7j/
sfr2wjJViiYYZ9l2YcnNSgUVznPSj9/Q2QhvSn4uH9Mql6T4fIE5wADS68D4ux05
FSvbfZyg8ysBAxVeS8AI3zl6zF9If/nIO4d+rZspH1+G1iO2BWemWkIaP3IBniHr
wWcwI3l5H2hAXzn3o9++C4HZ65BNUt11j/Ss1X9ovnMrhvbZWhSz3uFKarrXAgMB
AAGjggH8MIIB+DAdBgNVHQ4EFgQUXrUxRqu0LLaMHNX8hcxYR71P67owHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBvBggrBgEF
BQcBCwRjMGEwXwYIKwYBBQUHMAuGU3JzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MTcxMzgucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwLQYIKwYBBQUHAQcB
Af8EHjAcMBoEAgACMBQwEgMHBCoGoAULEAMHBSoGoAULQDANBgkqhkiG9w0BAQsF
AAOCAQEARkTuUMPKI8T3aywVCg91EGPm0peic+JP4Epdl96ezFGKK5/oce15VN9z
ARbhSqmnmyXWsdydcm8PdeD0l/+EI/la2vy9rGwOk3t27+n7GjnQwqFPbUNwCZOQ
gQJMt3xu3ml6bdIVOAH1RkyutuCDqo+TmO4zanfvw2GNyeOGs8sGhstZq282luhj
2PHKNn+DQzGgPZRl6ssUo9OcGXTSmZYjPtkrfLDPBGWBKroaxvZEemv5HJPVGvOr
UVhmO073IW3IRvNflzFHkaZu4B08O/MFvQChIcf57dTBI/1Sv4n8be7bEnGlxJyO
NkMVUXRlsCJlQrNsTL2IUg9UM/vAiw==
-----END CERTIFICATE-----