Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS210881.roa
File:                     AS210881.roa (raw, json)
Hash identifier:          omkfiKhfhLjamdiVuSSYJk10vUrMMibFVMLWT/wYzBA=
Subject key identifier:   48:1A:AE:35:E1:75:C6:E5:34:7B:E0:06:2E:B3:04:E9:78:3A:5C:87
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       6EC1B5AEBA5B534B99A1806270DCC32F76A880A5
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS210881.roa
Signing time:             Tue 05 Dec 2023 02:44:11 +0000
ROA not before:           Tue 05 Dec 2023 02:39:11 +0000
ROA not after:            Tue 03 Dec 2024 02:44:11 +0000
asID:                     210881
IP address blocks:        2a06:a005:920::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 05 May 2024 05:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6e:c1:b5:ae:ba:5b:53:4b:99:a1:80:62:70:dc:c3:2f:76:a8:80:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Dec  5 02:39:11 2023 GMT
            Not After : Dec  3 02:44:11 2024 GMT
        Subject: CN=481AAE35E175C6E5347BE0062EB304E9783A5C87
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:65:b0:6b:7c:69:1a:b8:92:90:90:b1:e9:23:
                    92:39:3f:e4:c1:4e:d7:01:13:f8:39:a9:ee:d1:53:
                    50:59:dd:da:75:e3:b7:cb:0d:f5:1c:95:3b:22:83:
                    67:2c:f7:cd:34:0d:40:c4:73:56:e5:11:1e:55:89:
                    e5:5c:d2:17:11:ca:37:b4:77:41:ed:1c:dd:fd:fe:
                    6e:60:83:d7:ef:d3:be:11:39:8f:e2:e3:d8:2a:15:
                    1b:89:f0:d0:80:75:95:4c:b7:cd:84:f1:5d:c2:82:
                    a9:06:00:19:49:3c:a7:d3:f6:35:52:32:46:56:82:
                    e3:1b:c8:22:ce:5a:b7:29:9c:02:a4:eb:a6:8a:8e:
                    e9:e0:18:43:b0:f4:42:c7:32:4f:80:1c:fc:bf:cd:
                    78:eb:1b:7d:15:a4:25:5b:a0:43:27:c7:13:f8:1e:
                    ab:23:8e:00:a9:f0:c9:d4:9e:e6:8b:04:22:f1:6d:
                    16:0f:16:a7:84:bd:ac:b4:21:55:e8:34:f2:2b:10:
                    7d:b0:70:7a:87:1a:16:2b:a1:fe:6b:da:dc:da:7b:
                    a9:00:53:b5:9a:9e:ba:dc:67:54:27:b9:42:63:0f:
                    1c:67:73:f3:48:93:f2:f1:58:a7:9c:d4:d9:1b:23:
                    32:15:04:0c:aa:34:57:cb:e2:02:79:1d:c6:e8:b1:
                    d0:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:1A:AE:35:E1:75:C6:E5:34:7B:E0:06:2E:B3:04:E9:78:3A:5C:87
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS210881.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:920::/44

    Signature Algorithm: sha256WithRSAEncryption
         ba:64:4a:27:4a:ff:90:a3:9d:16:d8:2e:f9:be:b2:e7:0a:1d:
         ec:ff:a2:fb:11:e9:1e:83:30:fc:e1:74:2a:2e:80:da:99:88:
         31:bb:e6:7c:e9:0d:0b:0f:e3:a7:64:aa:95:24:2b:fd:78:a5:
         0a:b7:b8:3f:b3:91:6e:87:79:f6:fe:8b:35:e1:55:9b:a9:47:
         64:a9:80:b0:37:33:91:35:ff:0d:90:f6:39:87:a8:7c:be:fb:
         02:92:5d:26:4b:03:15:5f:a7:44:99:2c:50:34:d9:7d:74:96:
         e3:1c:8d:70:62:5f:b6:dd:de:14:22:88:cd:91:01:49:e3:7c:
         b6:f7:3e:61:cb:63:5f:0d:07:63:12:d9:9c:cb:8e:f4:67:19:
         e8:60:06:1a:cb:aa:3d:db:95:19:64:1c:bd:f6:2d:0b:8f:f7:
         11:d4:61:63:50:be:3e:1d:d3:c0:f8:24:9f:25:dc:b8:45:e5:
         bb:9a:d9:d7:d1:78:04:79:81:af:c1:df:c2:fb:36:3c:fa:b1:
         30:70:7b:02:d2:6b:ef:a0:fd:a5:f7:77:87:82:95:4e:eb:7b:
         8e:26:00:9f:54:d9:04:62:6d:e1:fb:2b:81:d3:47:e5:21:8d:
         89:af:b2:f3:24:65:3c:5e:2c:a3:1b:a7:bd:59:ad:f5:86:0a:
         cf:20:34:8a
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUbsG1rrpbU0uZoYBicNzDL3aogKUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzEyMDUwMjM5MTFaFw0yNDEyMDMwMjQ0MTFaMDMxMTAvBgNV
BAMTKDQ4MUFBRTM1RTE3NUM2RTUzNDdCRTAwNjJFQjMwNEU5NzgzQTVDODcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbZbBrfGkauJKQkLHpI5I5P+TB
TtcBE/g5qe7RU1BZ3dp147fLDfUclTsig2cs9800DUDEc1blER5VieVc0hcRyje0
d0HtHN39/m5gg9fv074ROY/i49gqFRuJ8NCAdZVMt82E8V3CgqkGABlJPKfT9jVS
MkZWguMbyCLOWrcpnAKk66aKjungGEOw9ELHMk+AHPy/zXjrG30VpCVboEMnxxP4
HqsjjgCp8MnUnuaLBCLxbRYPFqeEvay0IVXoNPIrEH2wcHqHGhYrof5r2tzae6kA
U7WanrrcZ1QnuUJjDxxnc/NIk/LxWKec1NkbIzIVBAyqNFfL4gJ5HcbosdA1AgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUSBquNeF1xuU0e+AGLrME6Xg6XIcwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjEwODgxLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcEKgagBQkgMA0GCSqGSIb3DQEBCwUAA4IBAQC6ZEon
Sv+Qo50W2C75vrLnCh3s/6L7EekegzD84XQqLoDamYgxu+Z86Q0LD+OnZKqVJCv9
eKUKt7g/s5Fuh3n2/os14VWbqUdkqYCwNzORNf8NkPY5h6h8vvsCkl0mSwMVX6dE
mSxQNNl9dJbjHI1wYl+23d4UIojNkQFJ43y29z5hy2NfDQdjEtmcy470ZxnoYAYa
y6o925UZZBy99i0Lj/cR1GFjUL4+HdPA+CSfJdy4ReW7mtnX0XgEeYGvwd/C+zY8
+rEwcHsC0mvvoP2l93eHgpVO63uOJgCfVNkEYm3h+yuB00flIY2Jr7LzJGU8Xiyj
G6e9Wa31hgrPIDSK
-----END CERTIFICATE-----