Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS210738.roa
File:                     AS210738.roa (raw, json)
Hash identifier:          VtSiBv8HuSRg4NwsHRkjF9GnKpuifT/FUPRe7AOOB2c=
Subject key identifier:   C5:21:3B:AB:64:00:7D:D5:9D:08:3F:5B:66:CE:97:54:D9:EE:09:0A
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       02B7E40B83B34581F9D65366DF02EE3C508C0C50
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS210738.roa
Signing time:             Sat 20 Jan 2024 23:44:24 +0000
ROA not before:           Sat 20 Jan 2024 23:39:24 +0000
ROA not after:            Sat 18 Jan 2025 23:44:24 +0000
asID:                     210738
IP address blocks:        2a06:a005:1f80::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 04 May 2024 11:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            02:b7:e4:0b:83:b3:45:81:f9:d6:53:66:df:02:ee:3c:50:8c:0c:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Jan 20 23:39:24 2024 GMT
            Not After : Jan 18 23:44:24 2025 GMT
        Subject: CN=C5213BAB64007DD59D083F5B66CE9754D9EE090A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:11:49:85:50:6a:a9:df:2d:c1:cc:0e:14:69:
                    b0:d9:d1:9d:89:e5:d6:47:a3:05:75:86:af:ae:0a:
                    24:82:21:8d:3e:9f:72:51:d1:22:7f:24:7f:31:d1:
                    48:08:40:3a:89:b7:1f:10:52:11:bd:61:17:f1:2f:
                    87:ad:a4:14:5b:50:29:7f:ce:12:69:28:74:86:f9:
                    b6:60:97:76:e0:0f:74:43:5e:3a:e6:81:0c:04:4d:
                    68:de:d1:09:2d:e9:00:6c:74:a2:dc:5f:4e:17:10:
                    a8:89:57:33:80:6b:d8:e3:da:68:c4:19:af:70:51:
                    9f:90:d3:86:f2:38:92:3e:ed:b9:10:4b:3d:b5:ac:
                    e3:b0:32:49:4b:e4:75:e9:23:f3:b0:64:40:95:ed:
                    c8:60:d8:a7:64:66:d0:3c:a8:05:85:cf:71:e3:29:
                    27:74:fa:19:ce:f7:3e:0a:4f:45:00:fe:e7:d8:54:
                    d0:47:dd:8e:5c:f6:d6:d0:8a:d2:b5:27:60:b6:7e:
                    93:5f:ec:1c:58:b4:ea:bd:0d:53:6d:47:c0:e8:90:
                    70:04:4e:17:35:fc:eb:9e:13:f7:08:35:b0:44:c5:
                    d4:c4:e6:34:d4:3d:da:9c:8d:f9:13:bf:67:09:8c:
                    b2:56:bf:09:9e:38:1b:20:f9:f4:d9:fe:71:ad:58:
                    d0:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:21:3B:AB:64:00:7D:D5:9D:08:3F:5B:66:CE:97:54:D9:EE:09:0A
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS210738.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:1f80::/44

    Signature Algorithm: sha256WithRSAEncryption
         09:f7:8f:2c:c5:af:eb:90:54:6e:d7:2f:da:95:f4:13:32:ea:
         7f:9a:4b:dd:0e:73:77:27:cc:7d:6b:f3:1d:23:4c:ae:f8:6a:
         e7:99:25:a2:63:05:43:0a:e8:2d:da:98:34:57:6c:53:0a:ab:
         f4:63:9d:23:39:0b:cc:46:bc:7a:ee:57:5a:d4:18:47:6d:03:
         37:39:87:e0:41:35:ae:17:6a:14:24:01:87:c8:5d:fc:3e:84:
         53:4e:7c:62:35:0d:34:eb:81:7f:5b:63:4f:ad:41:b0:f0:2c:
         52:ff:4b:e6:55:52:77:03:39:3a:e4:45:6b:aa:c7:5b:e3:6e:
         f5:e2:0f:c9:8e:28:48:5b:e3:50:f7:95:cd:91:96:c4:80:8a:
         12:8e:28:4b:50:48:ee:b4:18:09:ee:20:76:60:20:21:8e:e4:
         c8:73:2a:c1:a2:2a:5c:e7:65:ed:14:52:b9:3c:a8:14:11:30:
         07:96:ba:be:db:f3:17:e5:48:af:d6:55:fd:47:4b:f1:09:21:
         d6:a1:0e:1b:b4:3d:53:4f:5e:11:56:91:75:5a:02:85:f9:23:
         d7:a3:bf:eb:8b:38:02:b1:99:db:99:07:9a:b0:a5:2f:4e:af:
         4d:50:34:2a:3f:61:7d:fa:26:e0:83:7f:8b:a9:7d:bc:9c:71:
         29:81:0e:a3
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUArfkC4OzRYH51lNm3wLuPFCMDFAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDAxMjAyMzM5MjRaFw0yNTAxMTgyMzQ0MjRaMDMxMTAvBgNV
BAMTKEM1MjEzQkFCNjQwMDdERDU5RDA4M0Y1QjY2Q0U5NzU0RDlFRTA5MEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDhEUmFUGqp3y3BzA4UabDZ0Z2J
5dZHowV1hq+uCiSCIY0+n3JR0SJ/JH8x0UgIQDqJtx8QUhG9YRfxL4etpBRbUCl/
zhJpKHSG+bZgl3bgD3RDXjrmgQwETWje0Qkt6QBsdKLcX04XEKiJVzOAa9jj2mjE
Ga9wUZ+Q04byOJI+7bkQSz21rOOwMklL5HXpI/OwZECV7chg2KdkZtA8qAWFz3Hj
KSd0+hnO9z4KT0UA/ufYVNBH3Y5c9tbQitK1J2C2fpNf7BxYtOq9DVNtR8DokHAE
Thc1/OueE/cINbBExdTE5jTUPdqcjfkTv2cJjLJWvwmeOBsg+fTZ/nGtWNBNAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUxSE7q2QAfdWdCD9bZs6XVNnuCQowHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjEwNzM4LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcEKgagBR+AMA0GCSqGSIb3DQEBCwUAA4IBAQAJ948s
xa/rkFRu1y/alfQTMup/mkvdDnN3J8x9a/MdI0yu+GrnmSWiYwVDCugt2pg0V2xT
Cqv0Y50jOQvMRrx67lda1BhHbQM3OYfgQTWuF2oUJAGHyF38PoRTTnxiNQ0064F/
W2NPrUGw8CxS/0vmVVJ3Azk65EVrqsdb42714g/JjihIW+NQ95XNkZbEgIoSjihL
UEjutBgJ7iB2YCAhjuTIcyrBoipc52XtFFK5PKgUETAHlrq+2/MX5Uiv1lX9R0vx
CSHWoQ4btD1TT14RVpF1WgKF+SPXo7/rizgCsZnbmQeasKUvTq9NUDQqP2F9+ibg
g3+LqX28nHEpgQ6j
-----END CERTIFICATE-----