Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS210932.roa
File:                     AS210932.roa (raw, json)
Hash identifier:          MM5q2QPghgiU/HFlc+w2FEigMoKVXg83L4HhECUGrOo=
Subject key identifier:   15:42:A5:D0:92:F4:F1:98:31:B9:CD:70:65:94:B6:2A:2D:67:DB:FE
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       28D7EEA760A2EE49F3AD4F04D0049A69168E3440
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS210932.roa
Signing time:             Tue 05 Dec 2023 02:44:19 +0000
ROA not before:           Tue 05 Dec 2023 02:39:19 +0000
ROA not after:            Tue 03 Dec 2024 02:44:19 +0000
asID:                     210932
IP address blocks:        2a06:a005:570::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 05 May 2024 05:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            28:d7:ee:a7:60:a2:ee:49:f3:ad:4f:04:d0:04:9a:69:16:8e:34:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Dec  5 02:39:19 2023 GMT
            Not After : Dec  3 02:44:19 2024 GMT
        Subject: CN=1542A5D092F4F19831B9CD706594B62A2D67DBFE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:18:4a:53:62:71:8c:96:93:67:29:d2:9b:68:
                    00:73:1d:01:a2:39:62:99:8a:e0:6e:4a:01:f8:d0:
                    7e:dc:6b:54:c6:01:01:2f:35:a4:5e:fb:93:91:9f:
                    ea:13:fa:d0:6f:28:da:4c:47:92:06:7b:fd:f0:3c:
                    31:3e:1b:5e:d4:3e:24:93:25:01:9b:3d:12:6e:40:
                    75:23:25:76:1a:28:a6:9b:9a:2c:a1:90:3d:ec:34:
                    f0:a2:48:2e:7d:cf:c1:3a:a5:62:a0:5d:75:85:ed:
                    fb:c6:f4:12:1a:5b:e9:8b:4e:45:c4:f0:6b:25:b1:
                    ff:fe:d0:41:9f:d9:61:3e:67:0b:07:5d:fb:e6:57:
                    e8:73:09:bb:bc:65:d1:39:c8:42:50:a5:a9:39:0e:
                    11:0c:e8:de:f1:fe:1e:6a:20:2f:97:2b:fc:c8:c9:
                    ef:c6:d3:b4:6b:8c:55:20:c4:1d:9c:58:29:56:86:
                    41:a7:e5:96:a9:59:fe:67:cb:1c:cf:8d:d7:e9:7c:
                    79:50:e9:ea:0f:21:39:d6:27:b6:5b:a3:26:2e:ae:
                    a4:f2:31:61:7b:cf:87:05:1f:88:6e:91:83:af:03:
                    f1:ed:86:7a:a8:c9:92:92:99:75:88:aa:1b:14:ce:
                    6e:c4:30:b8:c3:98:75:f0:88:ad:86:48:a2:6d:79:
                    2b:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:42:A5:D0:92:F4:F1:98:31:B9:CD:70:65:94:B6:2A:2D:67:DB:FE
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS210932.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:570::/44

    Signature Algorithm: sha256WithRSAEncryption
         55:46:3b:02:a1:a7:78:18:21:bd:4e:1b:42:aa:a3:6e:17:b9:
         3d:2e:eb:69:c1:62:c6:62:5b:ef:04:1e:64:97:fb:dd:a9:c1:
         6d:a8:8c:de:2e:1b:a9:a8:2f:3a:37:a4:a8:f6:aa:2c:01:bd:
         6c:b8:61:77:7f:1e:1c:2f:e3:1f:87:81:d6:59:a8:23:11:ea:
         a3:59:22:0a:6a:36:43:4d:59:cc:5a:bb:40:11:ab:db:21:0c:
         9d:9a:83:b0:0d:bf:0c:9d:9a:95:8d:fd:1b:10:3b:22:65:59:
         0f:93:3d:f5:6f:74:ad:43:87:8f:79:0c:66:d0:d9:28:be:8e:
         6b:43:9e:51:94:9d:5c:e3:7a:3f:28:0c:2a:e8:15:b9:e4:50:
         b5:20:09:9d:f1:e4:ee:4c:45:ed:cf:e9:02:d2:6f:a0:56:fe:
         65:65:01:93:8a:57:4b:4e:c8:6a:36:db:55:86:c4:a4:1a:66:
         22:d3:11:f4:97:d3:e3:77:32:72:24:21:b1:f7:a8:96:b0:f2:
         6a:0a:e9:0e:6c:43:cc:ed:5b:f5:d2:01:f8:99:cb:2f:fd:7d:
         e0:5a:47:f2:a1:8f:fb:2a:0d:26:11:6f:ea:13:34:b0:e8:91:
         a7:14:0f:ae:02:9e:07:52:12:36:4b:f4:9e:af:31:50:e7:60:
         bb:a3:4d:0a
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUKNfup2Ci7knzrU8E0ASaaRaONEAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzEyMDUwMjM5MTlaFw0yNDEyMDMwMjQ0MTlaMDMxMTAvBgNV
BAMTKDE1NDJBNUQwOTJGNEYxOTgzMUI5Q0Q3MDY1OTRCNjJBMkQ2N0RCRkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTGEpTYnGMlpNnKdKbaABzHQGi
OWKZiuBuSgH40H7ca1TGAQEvNaRe+5ORn+oT+tBvKNpMR5IGe/3wPDE+G17UPiST
JQGbPRJuQHUjJXYaKKabmiyhkD3sNPCiSC59z8E6pWKgXXWF7fvG9BIaW+mLTkXE
8Gslsf/+0EGf2WE+ZwsHXfvmV+hzCbu8ZdE5yEJQpak5DhEM6N7x/h5qIC+XK/zI
ye/G07RrjFUgxB2cWClWhkGn5ZapWf5nyxzPjdfpfHlQ6eoPITnWJ7ZboyYurqTy
MWF7z4cFH4hukYOvA/HthnqoyZKSmXWIqhsUzm7EMLjDmHXwiK2GSKJteSv7AgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUFUKl0JL08Zgxuc1wZZS2Ki1n2/4wHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjEwOTMyLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcEKgagBQVwMA0GCSqGSIb3DQEBCwUAA4IBAQBVRjsC
oad4GCG9ThtCqqNuF7k9LutpwWLGYlvvBB5kl/vdqcFtqIzeLhupqC86N6So9qos
Ab1suGF3fx4cL+Mfh4HWWagjEeqjWSIKajZDTVnMWrtAEavbIQydmoOwDb8MnZqV
jf0bEDsiZVkPkz31b3StQ4ePeQxm0Nkovo5rQ55RlJ1c43o/KAwq6BW55FC1IAmd
8eTuTEXtz+kC0m+gVv5lZQGTildLTshqNttVhsSkGmYi0xH0l9PjdzJyJCGx96iW
sPJqCukObEPM7Vv10gH4mcsv/X3gWkfyoY/7Kg0mEW/qEzSw6JGnFA+uAp4HUhI2
S/SerzFQ52C7o00K
-----END CERTIFICATE-----