Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS18041.roa
File:                     AS18041.roa (raw, json)
Hash identifier:          Ow89LPL5jvEyDopyTP2s5fPSd95trJUZ9dKevFcxWkQ=
Subject key identifier:   7A:11:79:CA:FF:8F:12:C6:DD:91:B2:6A:42:E6:39:03:97:DD:EC:6B
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       28F869864EE947FB46B95D13948F2DAABE86617F
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS18041.roa
Signing time:             Tue 05 Dec 2023 02:44:12 +0000
ROA not before:           Tue 05 Dec 2023 02:39:12 +0000
ROA not after:            Tue 03 Dec 2024 02:44:12 +0000
asID:                     18041
IP address blocks:        2a06:a005:500::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 05 May 2024 05:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            28:f8:69:86:4e:e9:47:fb:46:b9:5d:13:94:8f:2d:aa:be:86:61:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Dec  5 02:39:12 2023 GMT
            Not After : Dec  3 02:44:12 2024 GMT
        Subject: CN=7A1179CAFF8F12C6DD91B26A42E6390397DDEC6B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:a4:5d:38:d6:42:f0:20:24:8f:f7:b9:89:0c:
                    a2:88:50:b1:21:ef:7a:09:db:cb:ce:7f:60:3b:3a:
                    5d:c0:ba:78:31:12:6b:25:92:fe:ed:ec:35:1f:6c:
                    a2:5e:e2:88:5e:06:e9:6a:1f:c4:27:a6:d5:22:ea:
                    00:23:08:9f:1b:63:d6:61:9d:7c:1c:a5:53:b5:73:
                    9d:04:7f:f0:5e:88:1c:32:b8:5c:7e:a8:16:e8:13:
                    3a:01:66:27:6d:99:40:c5:26:0b:ac:a7:fb:a7:75:
                    29:de:8c:98:6a:67:c9:cf:90:c6:e5:20:f5:bc:41:
                    46:3f:4a:bc:f2:bf:41:3e:c6:16:1f:4a:b7:f1:a1:
                    40:c4:26:c8:90:17:57:52:c3:bd:6a:5e:91:fa:eb:
                    6c:e5:8f:28:bf:23:72:bc:aa:2c:24:58:8f:bb:78:
                    29:72:2f:a8:51:0a:56:46:c1:f7:df:fd:46:47:6b:
                    55:b5:a3:fd:69:76:93:13:07:62:10:50:c7:ba:99:
                    21:94:a6:9b:49:32:d5:46:d6:cb:8f:95:bc:de:e1:
                    77:66:fc:67:fa:de:3d:74:94:bc:1b:83:fe:13:86:
                    3c:f7:34:fd:b1:0d:41:ad:6f:51:5a:ab:e8:a9:20:
                    76:39:01:06:26:a4:aa:47:f5:08:1e:6d:57:89:50:
                    7f:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:11:79:CA:FF:8F:12:C6:DD:91:B2:6A:42:E6:39:03:97:DD:EC:6B
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS18041.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:500::/44

    Signature Algorithm: sha256WithRSAEncryption
         2f:49:4b:ca:c4:ce:39:d4:a3:e3:59:e9:27:59:11:85:ee:a5:
         ef:8f:76:b4:0b:84:d4:02:a0:ba:0e:cf:f0:89:b5:5b:16:b3:
         18:16:a8:07:09:7a:1e:52:d0:05:c4:fd:6f:92:76:b6:fd:56:
         52:eb:03:fa:b7:68:a4:d8:2d:80:e5:1e:d4:c0:96:36:f3:cf:
         49:ce:08:e4:6f:df:b4:39:18:6d:d0:cb:37:67:da:5a:d9:15:
         6b:aa:08:48:2f:2c:92:1f:3d:f2:6d:d8:f0:34:ad:42:cc:a1:
         3e:36:d1:09:6f:24:d6:8f:79:0d:06:da:c7:35:46:5b:0e:6e:
         a0:a5:e1:5a:0c:af:79:09:a9:e4:81:05:36:51:2d:e1:e4:0b:
         f6:cf:9a:31:53:88:3a:ed:bc:c0:4a:46:cb:83:ba:9f:61:c1:
         ef:be:29:da:23:fd:fd:c8:08:7c:9b:cf:46:00:3b:dd:e8:cc:
         41:d8:d4:18:99:dd:82:07:88:de:c5:0e:fc:83:a1:f0:8b:ea:
         43:2e:73:70:d7:a1:5e:22:77:8a:68:ad:34:fe:65:8b:27:e3:
         d5:b0:9a:1d:1a:ab:85:7c:ad:e5:ef:8d:46:5d:f6:0b:d3:83:
         28:40:bf:99:c7:17:ba:27:d2:87:8f:08:ed:e6:74:a5:01:a1:
         10:04:65:c1
-----BEGIN CERTIFICATE-----
MIIE5zCCA8+gAwIBAgIUKPhphk7pR/tGuV0TlI8tqr6GYX8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzEyMDUwMjM5MTJaFw0yNDEyMDMwMjQ0MTJaMDMxMTAvBgNV
BAMTKDdBMTE3OUNBRkY4RjEyQzZERDkxQjI2QTQyRTYzOTAzOTdEREVDNkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfpF041kLwICSP97mJDKKIULEh
73oJ28vOf2A7Ol3AungxEmslkv7t7DUfbKJe4oheBulqH8QnptUi6gAjCJ8bY9Zh
nXwcpVO1c50Ef/BeiBwyuFx+qBboEzoBZidtmUDFJgusp/undSnejJhqZ8nPkMbl
IPW8QUY/Srzyv0E+xhYfSrfxoUDEJsiQF1dSw71qXpH662zljyi/I3K8qiwkWI+7
eClyL6hRClZGwfff/UZHa1W1o/1pdpMTB2IQUMe6mSGUpptJMtVG1suPlbze4Xdm
/Gf63j10lLwbg/4Thjz3NP2xDUGtb1Faq+ipIHY5AQYmpKpH9QgebVeJUH+9AgMB
AAGjggHxMIIB7TAdBgNVHQ4EFgQUehF5yv+PEsbdkbJqQuY5A5fd7GswHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBvBggrBgEF
BQcBCwRjMGEwXwYIKwYBBQUHMAuGU3JzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MTgwNDEucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcB
Af8EEzARMA8EAgACMAkDBwQqBqAFBQAwDQYJKoZIhvcNAQELBQADggEBAC9JS8rE
zjnUo+NZ6SdZEYXupe+PdrQLhNQCoLoOz/CJtVsWsxgWqAcJeh5S0AXE/W+Sdrb9
VlLrA/q3aKTYLYDlHtTAljbzz0nOCORv37Q5GG3Qyzdn2lrZFWuqCEgvLJIfPfJt
2PA0rULMoT420QlvJNaPeQ0G2sc1RlsObqCl4VoMr3kJqeSBBTZRLeHkC/bPmjFT
iDrtvMBKRsuDup9hwe++Kdoj/f3ICHybz0YAO93ozEHY1BiZ3YIHiN7FDvyDofCL
6kMuc3DXoV4id4porTT+ZYsn49Wwmh0aq4V8reXvjUZd9gvTgyhAv5nHF7on0oeP
CO3mdKUBoRAEZcE=
-----END CERTIFICATE-----