Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS210023.roa
File:                     AS210023.roa (raw, json)
Hash identifier:          9m9wF9Pp6pNf9f62YoW25FLx6oBA7RMfyKmUZmys1wo=
Subject key identifier:   F6:4F:6A:C2:85:26:BC:2B:B4:91:C4:2E:79:5C:BB:A6:43:3B:C5:70
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       47AFC399BA9CF7EE9DDB71F7D525C1408634AC97
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS210023.roa
Signing time:             Tue 05 Dec 2023 02:44:16 +0000
ROA not before:           Tue 05 Dec 2023 02:39:16 +0000
ROA not after:            Tue 03 Dec 2024 02:44:16 +0000
asID:                     210023
IP address blocks:        2a06:a005::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 05 May 2024 05:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            47:af:c3:99:ba:9c:f7:ee:9d:db:71:f7:d5:25:c1:40:86:34:ac:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Dec  5 02:39:16 2023 GMT
            Not After : Dec  3 02:44:16 2024 GMT
        Subject: CN=F64F6AC28526BC2BB491C42E795CBBA6433BC570
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:4e:12:59:2f:92:96:57:b1:76:3a:9c:76:90:
                    d5:ac:c1:55:77:a0:4a:6b:9e:6a:d3:f8:44:2e:2a:
                    13:04:3f:ba:37:22:31:22:8e:fb:f9:ca:18:fd:15:
                    06:40:9c:06:06:70:85:01:58:ed:b5:90:42:64:00:
                    67:a9:b3:bc:38:ce:d9:2d:0c:33:9d:bf:f3:1b:b2:
                    a4:db:21:20:63:34:dd:de:08:05:f2:43:49:08:e1:
                    ce:33:64:ea:7e:4d:41:0d:f1:f6:4b:dc:df:97:fb:
                    02:5b:27:7d:9f:b1:8a:ff:d9:fb:af:11:13:4f:8e:
                    29:21:8a:3c:9c:ad:d3:69:32:43:d1:4a:69:da:62:
                    ad:82:b8:af:ac:b0:68:75:08:9b:7c:45:cb:9a:ee:
                    a4:c8:5a:59:f8:39:f1:30:25:b2:b2:7b:97:19:16:
                    24:ac:b6:d4:45:2f:1b:a4:e0:8d:23:3a:10:b7:9b:
                    48:74:aa:9a:11:d2:2c:7d:4c:00:ff:fd:47:03:92:
                    8f:12:7a:6d:05:9b:fa:27:fb:c0:7b:5b:8f:8d:b1:
                    d2:ad:72:61:bb:2a:0d:46:df:e3:45:b6:db:4d:83:
                    ff:4b:07:b8:23:83:71:55:9a:7c:43:36:77:74:93:
                    92:c6:6c:3f:c0:5d:a7:2a:44:46:6d:89:05:a2:1d:
                    81:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:4F:6A:C2:85:26:BC:2B:B4:91:C4:2E:79:5C:BB:A6:43:3B:C5:70
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS210023.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005::/48

    Signature Algorithm: sha256WithRSAEncryption
         91:01:79:f5:4c:ac:77:f6:b6:98:36:25:d0:70:a9:09:bb:21:
         9d:7f:d6:42:2d:f9:54:11:a3:de:d2:b9:8c:a2:bc:e5:a3:ae:
         fc:c3:26:62:ce:8e:3f:a7:66:df:fc:3b:44:f0:b8:f1:9f:30:
         cb:cf:ef:52:bb:e1:a0:ac:19:61:63:d9:35:da:49:6d:cb:ce:
         3b:e3:fb:90:2d:d0:2d:3c:dc:c4:95:bd:68:69:b0:d2:c3:be:
         73:13:64:aa:e3:99:49:6e:95:4d:f4:44:2a:70:c6:87:6c:1b:
         8f:d5:09:05:2f:8d:c5:6d:4d:c8:16:e1:80:1e:d9:06:d8:cd:
         90:2f:2b:a6:57:16:31:c6:e9:ea:7d:51:2c:c9:91:0e:b9:3a:
         3e:09:4c:20:4a:5d:51:23:39:ad:a1:e8:70:60:0b:2a:56:e0:
         ac:b0:ed:81:31:20:94:fa:ec:ce:2d:19:7f:a2:6b:7e:cd:54:
         80:77:7d:0f:b8:94:b7:4c:6f:73:55:dd:9c:96:bc:aa:f8:06:
         13:d6:4e:d8:9c:03:b8:4c:16:b0:80:c0:12:ae:ad:69:a4:cf:
         c3:8c:ee:81:9b:7f:49:28:31:18:f3:8f:39:78:a9:ca:1f:87:
         72:a1:cb:55:63:a5:a9:a7:28:0b:53:75:1d:eb:fd:c1:58:91:
         ea:ae:ca:46
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUR6/Dmbqc9+6d23H31SXBQIY0rJcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzEyMDUwMjM5MTZaFw0yNDEyMDMwMjQ0MTZaMDMxMTAvBgNV
BAMTKEY2NEY2QUMyODUyNkJDMkJCNDkxQzQyRTc5NUNCQkE2NDMzQkM1NzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDnThJZL5KWV7F2Opx2kNWswVV3
oEprnmrT+EQuKhMEP7o3IjEijvv5yhj9FQZAnAYGcIUBWO21kEJkAGeps7w4ztkt
DDOdv/MbsqTbISBjNN3eCAXyQ0kI4c4zZOp+TUEN8fZL3N+X+wJbJ32fsYr/2fuv
ERNPjikhijycrdNpMkPRSmnaYq2CuK+ssGh1CJt8Rcua7qTIWln4OfEwJbKye5cZ
FiSsttRFLxuk4I0jOhC3m0h0qpoR0ix9TAD//UcDko8Sem0Fm/on+8B7W4+NsdKt
cmG7Kg1G3+NFtttNg/9LB7gjg3FVmnxDNnd0k5LGbD/AXacqREZtiQWiHYExAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQU9k9qwoUmvCu0kcQueVy7pkM7xXAwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjEwMDIzLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcAKgagBQAAMA0GCSqGSIb3DQEBCwUAA4IBAQCRAXn1
TKx39raYNiXQcKkJuyGdf9ZCLflUEaPe0rmMorzlo678wyZizo4/p2bf/DtE8Ljx
nzDLz+9Su+GgrBlhY9k12klty8474/uQLdAtPNzElb1oabDSw75zE2Sq45lJbpVN
9EQqcMaHbBuP1QkFL43FbU3IFuGAHtkG2M2QLyumVxYxxunqfVEsyZEOuTo+CUwg
Sl1RIzmtoehwYAsqVuCssO2BMSCU+uzOLRl/omt+zVSAd30PuJS3TG9zVd2clryq
+AYT1k7YnAO4TBawgMASrq1ppM/DjO6Bm39JKDEY8485eKnKH4dyoctVY6WppygL
U3Ud6/3BWJHqrspG
-----END CERTIFICATE-----