Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS210576.roa
File:                     AS210576.roa (raw, json)
Hash identifier:          GZacoi/TZuG407+EuTe87zQ8J3gzvKErq77iLo1OrsU=
Subject key identifier:   30:9A:8D:B1:C5:17:D2:A3:47:15:2F:10:94:FD:AC:A8:36:E0:41:2E
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       2740FB70563ADACCB16295B9A1AD9A11F4AA0F7E
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS210576.roa
Signing time:             Tue 05 Nov 2024 03:40:09 +0000
ROA not before:           Tue 05 Nov 2024 03:35:09 +0000
ROA not after:            Tue 04 Nov 2025 03:40:09 +0000
asID:                     210576
IP address blocks:        2a06:a005:5fc::/46 maxlen: 48
                          2a06:a005:1100::/44 maxlen: 48
                          2a06:a005:1110::/44 maxlen: 48
                          2a06:a005:1120::/44 maxlen: 48
                          2a06:a005:1130::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 23:17:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            27:40:fb:70:56:3a:da:cc:b1:62:95:b9:a1:ad:9a:11:f4:aa:0f:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Nov  5 03:35:09 2024 GMT
            Not After : Nov  4 03:40:09 2025 GMT
        Subject: CN=309A8DB1C517D2A347152F1094FDACA836E0412E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:7d:d7:66:86:39:ec:66:65:e2:90:74:54:61:
                    11:08:45:1e:1d:08:e8:f5:01:d7:12:7c:9d:8a:df:
                    6c:54:12:81:8d:ee:3a:55:37:be:12:19:b0:86:c7:
                    17:9f:3c:35:f7:74:76:1a:14:e6:a4:cf:76:50:aa:
                    a5:99:d0:2b:a5:33:68:13:3d:8e:80:59:ad:b9:7c:
                    4a:e4:e9:17:93:37:f5:dc:29:43:f0:d3:cd:39:b0:
                    6b:33:99:a1:58:c8:1f:7c:60:71:a0:11:ec:ff:c4:
                    1c:5f:b3:09:38:86:d0:89:63:41:e7:af:0d:5a:56:
                    4d:d2:10:0d:29:57:1d:e6:c4:72:74:e6:11:be:db:
                    f1:3a:eb:67:89:aa:47:dd:e3:a7:e1:82:5d:c7:b6:
                    43:8f:25:e0:4d:f3:26:ec:c8:5a:90:ee:29:04:0b:
                    92:5b:5b:2f:c6:8f:6e:68:ef:9f:9f:8d:35:28:0c:
                    36:85:06:32:26:38:c4:3a:40:ee:52:4c:47:4a:0f:
                    a1:db:60:db:35:1e:e6:da:05:bc:09:1a:c7:35:45:
                    0c:98:4b:e3:b0:9a:8d:d1:d9:bc:46:f2:e3:f6:d8:
                    9e:dd:1e:b1:7f:f8:78:9a:5a:6f:24:99:a7:9a:52:
                    fa:4d:b6:31:12:d5:50:47:50:9e:95:34:23:3d:ec:
                    b4:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:9A:8D:B1:C5:17:D2:A3:47:15:2F:10:94:FD:AC:A8:36:E0:41:2E
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS210576.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:5fc::/46
                  2a06:a005:1100::/42

    Signature Algorithm: sha256WithRSAEncryption
         55:cf:85:7d:55:7c:5d:f0:25:1b:9b:10:31:24:e6:29:70:b6:
         3e:e0:3e:2f:27:ec:fa:95:12:97:31:aa:e3:89:71:4d:fe:15:
         65:6d:ba:9d:bd:13:eb:ba:bc:7e:73:9b:75:a1:da:3b:da:7d:
         b3:35:68:ed:ba:c9:2e:7e:87:02:8c:6b:a0:5e:a7:c6:73:cf:
         24:25:8b:0c:95:b9:60:d9:01:5d:a7:07:5a:73:92:37:5d:f4:
         0d:a6:f2:be:d6:5a:33:69:73:9b:af:de:30:fb:76:74:7d:a1:
         4e:eb:9b:d9:ea:46:54:69:a4:a4:c5:75:e9:63:e7:5d:29:be:
         50:ad:70:d2:ef:1e:97:9b:d6:fe:76:08:6b:3d:b3:ab:5f:ba:
         a7:cb:c7:8a:31:44:43:25:2f:ea:a9:09:fe:4b:ce:82:d6:59:
         d3:94:31:ca:28:57:b1:f4:86:de:6c:b2:9f:ce:98:ba:11:76:
         d4:e9:a3:47:5a:0d:1f:c3:37:a9:53:f9:76:3d:67:94:b4:2b:
         a7:f3:e7:b4:45:0a:6d:d4:67:7f:b1:12:70:5b:91:59:25:89:
         7a:9b:e7:87:03:b0:c1:60:9f:51:8b:f8:dd:03:18:35:df:a6:
         d2:49:be:47:f1:d7:fd:4e:c8:27:e1:83:02:73:e3:2e:46:08:
         00:c7:28:41
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIUJ0D7cFY62syxYpW5oa2aEfSqD34wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDExMDUwMzM1MDlaFw0yNTExMDQwMzQwMDlaMDMxMTAvBgNV
BAMTKDMwOUE4REIxQzUxN0QyQTM0NzE1MkYxMDk0RkRBQ0E4MzZFMDQxMkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzfddmhjnsZmXikHRUYREIRR4d
COj1AdcSfJ2K32xUEoGN7jpVN74SGbCGxxefPDX3dHYaFOakz3ZQqqWZ0CulM2gT
PY6AWa25fErk6ReTN/XcKUPw0805sGszmaFYyB98YHGgEez/xBxfswk4htCJY0Hn
rw1aVk3SEA0pVx3mxHJ05hG+2/E662eJqkfd46fhgl3HtkOPJeBN8ybsyFqQ7ikE
C5JbWy/Gj25o75+fjTUoDDaFBjImOMQ6QO5STEdKD6HbYNs1HubaBbwJGsc1RQyY
S+Owmo3R2bxG8uP22J7dHrF/+HiaWm8kmaeaUvpNtjES1VBHUJ6VNCM97LRZAgMB
AAGjggH7MIIB9zAdBgNVHQ4EFgQUMJqNscUX0qNHFS8QlP2sqDbgQS4wHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjEwNTc2LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEH
AQH/BBwwGjAYBAIAAjASAwcCKgagBQX8AwcGKgagBREAMA0GCSqGSIb3DQEBCwUA
A4IBAQBVz4V9VXxd8CUbmxAxJOYpcLY+4D4vJ+z6lRKXMarjiXFN/hVlbbqdvRPr
urx+c5t1odo72n2zNWjtuskufocCjGugXqfGc88kJYsMlblg2QFdpwdac5I3XfQN
pvK+1lozaXObr94w+3Z0faFO65vZ6kZUaaSkxXXpY+ddKb5QrXDS7x6Xm9b+dghr
PbOrX7qny8eKMURDJS/qqQn+S86C1lnTlDHKKFex9IbebLKfzpi6EXbU6aNHWg0f
wzepU/l2PWeUtCun8+e0RQpt1Gd/sRJwW5FZJYl6m+eHA7DBYJ9Ri/jdAxg136bS
Sb5H8df9Tsgn4YMCc+MuRggAxyhB
-----END CERTIFICATE-----