Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS18250.roa
File:                     AS18250.roa (raw, json)
Hash identifier:          AbUqzO3muIfYgKE0U0WrZgQnNgfIEzQ3IaxQfZu5L6g=
Subject key identifier:   B2:F9:3E:F2:27:63:12:DC:80:64:65:D5:18:0D:0D:B0:1D:A9:AF:B8
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       7486466DF7C24C4E6137ECA0B0D3DE22EC4FE618
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS18250.roa
Signing time:             Tue 05 Dec 2023 02:44:18 +0000
ROA not before:           Tue 05 Dec 2023 02:39:18 +0000
ROA not after:            Tue 03 Dec 2024 02:44:18 +0000
asID:                     18250
IP address blocks:        2a06:a005:4e0::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 04 May 2024 14:41:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            74:86:46:6d:f7:c2:4c:4e:61:37:ec:a0:b0:d3:de:22:ec:4f:e6:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Dec  5 02:39:18 2023 GMT
            Not After : Dec  3 02:44:18 2024 GMT
        Subject: CN=B2F93EF2276312DC806465D5180D0DB01DA9AFB8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:df:74:06:99:3c:95:82:a9:48:99:ce:2e:a7:
                    40:e3:59:86:0e:12:5f:6e:8c:36:89:79:96:72:a9:
                    12:5d:e9:90:ad:8e:62:9f:39:f3:30:d1:3f:71:dc:
                    81:18:89:c0:bd:88:82:2e:22:cf:03:3b:90:0c:2e:
                    69:76:5d:0a:9d:b5:a8:e1:bb:10:b7:06:49:64:95:
                    a4:e0:ee:cc:53:3b:db:f8:7a:fd:f1:6d:cf:4b:d7:
                    85:25:c5:14:05:9a:e5:e0:ab:ab:18:dc:8a:c4:25:
                    f6:54:91:06:c3:d7:15:7c:61:df:2f:05:2f:4d:6a:
                    04:48:96:f3:9c:f1:90:dd:55:ff:94:8b:11:76:ba:
                    5d:c4:4b:c1:83:04:6d:5d:60:1f:4b:37:cb:d5:b5:
                    93:4a:ba:9f:7d:80:69:3f:24:52:b8:aa:d9:a3:79:
                    38:07:77:d4:bf:3c:59:ff:f0:f0:0e:d4:c9:17:f0:
                    91:7d:c2:8c:7b:0b:86:02:d1:84:10:38:4c:ea:1e:
                    19:32:e5:7c:47:73:86:07:75:fd:95:ca:3c:5f:b6:
                    a8:cb:df:e8:2c:1d:23:f3:bd:1b:f2:d0:51:5d:9c:
                    52:cb:f9:1a:7f:59:11:6f:5c:18:aa:c9:91:a2:cc:
                    95:7a:31:4e:ea:5f:a3:c2:60:e2:40:12:e3:f6:62:
                    5e:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:F9:3E:F2:27:63:12:DC:80:64:65:D5:18:0D:0D:B0:1D:A9:AF:B8
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS18250.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:4e0::/44

    Signature Algorithm: sha256WithRSAEncryption
         03:ca:10:6b:e5:73:12:ab:2c:c3:eb:7f:73:60:c6:75:0f:63:
         b4:50:6f:1c:3a:c8:66:ce:86:4c:2e:61:82:5f:b5:ee:2d:c5:
         a7:e3:22:11:e9:a1:20:fe:35:14:71:71:17:bc:2f:41:75:fe:
         5f:17:d8:7b:a8:fc:11:a9:df:ae:08:fe:b4:13:85:5e:fe:da:
         8e:09:26:cd:c4:3c:21:76:b0:9f:69:90:47:bf:b3:53:07:f0:
         6d:3f:9c:27:8c:30:31:73:dc:9c:21:5a:0d:3d:31:27:e0:aa:
         77:72:e4:da:81:5f:51:9a:18:5f:01:48:22:6b:81:76:fd:6b:
         b9:16:ee:cf:c0:b7:f8:4d:44:dc:44:d1:1a:48:61:38:c3:8f:
         72:7d:25:8e:41:81:36:60:f6:7c:9e:f3:f1:75:a0:78:78:7d:
         bb:c4:d9:86:50:d9:fb:95:55:eb:41:6b:ea:a7:1b:2f:ea:38:
         0e:8a:21:af:b9:08:60:f6:8d:bf:3c:c0:eb:a6:4e:52:1f:5b:
         bf:52:30:87:b2:ad:59:12:b1:13:54:a4:4f:b9:84:45:69:8e:
         15:3f:36:11:92:1d:ad:22:89:74:38:cf:96:1c:61:78:d7:43:
         45:55:fe:d9:73:8b:df:24:fd:81:ec:94:8f:5d:79:ee:9c:50:
         82:f1:fd:be
-----BEGIN CERTIFICATE-----
MIIE5zCCA8+gAwIBAgIUdIZGbffCTE5hN+ygsNPeIuxP5hgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzEyMDUwMjM5MThaFw0yNDEyMDMwMjQ0MThaMDMxMTAvBgNV
BAMTKEIyRjkzRUYyMjc2MzEyREM4MDY0NjVENTE4MEQwREIwMURBOUFGQjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDI33QGmTyVgqlImc4up0DjWYYO
El9ujDaJeZZyqRJd6ZCtjmKfOfMw0T9x3IEYicC9iIIuIs8DO5AMLml2XQqdtajh
uxC3BklklaTg7sxTO9v4ev3xbc9L14UlxRQFmuXgq6sY3IrEJfZUkQbD1xV8Yd8v
BS9NagRIlvOc8ZDdVf+UixF2ul3ES8GDBG1dYB9LN8vVtZNKup99gGk/JFK4qtmj
eTgHd9S/PFn/8PAO1MkX8JF9wox7C4YC0YQQOEzqHhky5XxHc4YHdf2VyjxftqjL
3+gsHSPzvRvy0FFdnFLL+Rp/WRFvXBiqyZGizJV6MU7qX6PCYOJAEuP2Yl4fAgMB
AAGjggHxMIIB7TAdBgNVHQ4EFgQUsvk+8idjEtyAZGXVGA0NsB2pr7gwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBvBggrBgEF
BQcBCwRjMGEwXwYIKwYBBQUHMAuGU3JzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MTgyNTAucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcB
Af8EEzARMA8EAgACMAkDBwQqBqAFBOAwDQYJKoZIhvcNAQELBQADggEBAAPKEGvl
cxKrLMPrf3NgxnUPY7RQbxw6yGbOhkwuYYJfte4txafjIhHpoSD+NRRxcRe8L0F1
/l8X2Huo/BGp364I/rQThV7+2o4JJs3EPCF2sJ9pkEe/s1MH8G0/nCeMMDFz3Jwh
Wg09MSfgqndy5NqBX1GaGF8BSCJrgXb9a7kW7s/At/hNRNxE0RpIYTjDj3J9JY5B
gTZg9nye8/F1oHh4fbvE2YZQ2fuVVetBa+qnGy/qOA6KIa+5CGD2jb88wOumTlIf
W79SMIeyrVkSsRNUpE+5hEVpjhU/NhGSHa0iiXQ4z5YcYXjXQ0VV/tlzi98k/YHs
lI9dee6cUILx/b4=
-----END CERTIFICATE-----