Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS211360.roa
File:                     AS211360.roa (raw, json)
Hash identifier:          kTRdth8iuWyDTg70p7IziiRYnXKSJ4omZasDd/vg6nY=
Subject key identifier:   73:9F:D6:D6:35:C2:62:52:CD:9D:6E:AB:7F:16:9D:7D:D9:BE:95:C4
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       3BEE1F2EFC32E9CC45E6F8FC2A5BB61D46740BF7
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS211360.roa
Signing time:             Tue 05 Dec 2023 02:44:15 +0000
ROA not before:           Tue 05 Dec 2023 02:39:15 +0000
ROA not after:            Tue 03 Dec 2024 02:44:15 +0000
asID:                     211360
IP address blocks:        2a06:a005:1f::/48 maxlen: 48
                          2a06:a005:a90::/44 maxlen: 48
                          2a06:a005:aa0::/44 maxlen: 48
                          2a06:a005:ab0::/44 maxlen: 48
                          2a06:a005:ac0::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 04 May 2024 11:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3b:ee:1f:2e:fc:32:e9:cc:45:e6:f8:fc:2a:5b:b6:1d:46:74:0b:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Dec  5 02:39:15 2023 GMT
            Not After : Dec  3 02:44:15 2024 GMT
        Subject: CN=739FD6D635C26252CD9D6EAB7F169D7DD9BE95C4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:d6:43:86:c6:f1:16:46:1b:95:6e:89:ed:1c:
                    17:20:7d:01:54:5a:a3:61:68:3f:78:cd:ce:4f:11:
                    46:d2:94:7f:eb:2e:e5:b0:e5:73:51:9d:f2:6f:29:
                    88:a2:e7:cc:38:0c:14:2c:e5:03:b2:ca:27:b7:9f:
                    6f:cb:4b:43:6a:4c:32:24:cb:d5:85:55:1b:0e:9e:
                    30:b9:d3:62:fc:88:b9:aa:41:1e:55:f1:b3:27:a0:
                    07:86:df:2d:17:34:62:5e:d3:9d:92:10:a6:cd:83:
                    8a:71:45:87:02:5d:ea:d0:59:f4:e6:99:0b:d7:cc:
                    e5:7b:cf:41:ca:f8:4f:3e:9b:46:96:e7:d0:d5:a4:
                    92:f1:38:6d:fd:b0:eb:16:33:65:62:a8:34:00:82:
                    31:41:e2:74:bc:b5:5e:ed:35:51:7b:e7:be:56:67:
                    3a:2a:5e:f2:68:21:bd:d5:56:c4:2d:96:d1:01:8a:
                    89:79:5d:0b:37:c0:d9:ca:1e:0a:7a:d9:18:ae:8f:
                    45:32:e5:11:cd:71:18:ef:fd:d5:aa:37:9e:56:25:
                    12:e4:e8:a9:44:a4:e0:25:f5:65:f1:02:9d:8a:bb:
                    07:9f:95:6c:7f:d5:2a:2b:b6:1d:b7:2c:e3:fd:42:
                    9a:f3:5a:79:1a:d3:f6:65:7b:c3:96:81:1c:11:79:
                    34:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:9F:D6:D6:35:C2:62:52:CD:9D:6E:AB:7F:16:9D:7D:D9:BE:95:C4
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS211360.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:1f::/48
                  2a06:a005:a90::-2a06:a005:acf:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         0f:3a:e9:73:82:da:fc:ae:09:36:59:93:ef:b4:8e:95:a6:3e:
         62:14:10:a5:e1:e4:22:16:6a:51:1b:73:09:43:9c:cc:d2:8b:
         af:b9:60:f7:2f:86:42:11:dc:37:87:ee:07:ec:79:d2:d3:82:
         21:3c:a6:7f:4e:2f:fc:4a:eb:9a:22:06:61:77:3f:2c:c4:95:
         df:d3:d3:c7:bd:a2:99:a1:fd:35:65:4d:8b:87:c3:56:0f:26:
         f1:45:f7:91:c6:3a:38:75:45:ee:e5:9d:5a:ed:64:3d:bd:b1:
         7f:a8:fa:5f:d7:99:21:ba:13:94:4c:98:d3:d2:e4:b4:d0:0c:
         b8:13:0d:46:ea:74:84:b2:e7:3e:36:bc:80:d7:c9:6b:eb:00:
         64:de:a2:87:8d:3a:11:86:76:d3:1a:84:08:b6:89:b1:2c:e7:
         d0:60:af:1a:c5:77:3b:88:6f:8e:3a:a5:78:f7:73:01:18:6c:
         58:d6:30:f0:ed:27:82:b9:59:7a:3e:f4:28:18:35:0f:ce:2b:
         80:a8:13:c0:da:6d:24:5d:1b:60:e7:e6:2f:27:6f:10:72:79:
         a0:69:f8:4c:57:08:bf:c5:89:fc:86:d4:34:05:72:17:8c:25:
         eb:57:2b:ef:f2:ec:11:ff:1e:f9:93:6f:dc:db:94:00:27:a4:
         d7:7a:6a:b8
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgIUO+4fLvwy6cxF5vj8Klu2HUZ0C/cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzEyMDUwMjM5MTVaFw0yNDEyMDMwMjQ0MTVaMDMxMTAvBgNV
BAMTKDczOUZENkQ2MzVDMjYyNTJDRDlENkVBQjdGMTY5RDdERDlCRTk1QzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCt1kOGxvEWRhuVbontHBcgfQFU
WqNhaD94zc5PEUbSlH/rLuWw5XNRnfJvKYii58w4DBQs5QOyyie3n2/LS0NqTDIk
y9WFVRsOnjC502L8iLmqQR5V8bMnoAeG3y0XNGJe052SEKbNg4pxRYcCXerQWfTm
mQvXzOV7z0HK+E8+m0aW59DVpJLxOG39sOsWM2ViqDQAgjFB4nS8tV7tNVF7575W
ZzoqXvJoIb3VVsQtltEBiol5XQs3wNnKHgp62Riuj0Uy5RHNcRjv/dWqN55WJRLk
6KlEpOAl9WXxAp2KuweflWx/1Sorth23LOP9QprzWnka0/Zle8OWgRwReTQpAgMB
AAGjggIGMIICAjAdBgNVHQ4EFgQUc5/W1jXCYlLNnW6rfxadfdm+lcQwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjExMzYwLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEH
AQH/BCcwJTAjBAIAAjAdAwcAKgagBQAfMBIDBwQqBqAFCpADBwQqBqAFCsAwDQYJ
KoZIhvcNAQELBQADggEBAA866XOC2vyuCTZZk++0jpWmPmIUEKXh5CIWalEbcwlD
nMzSi6+5YPcvhkIR3DeH7gfsedLTgiE8pn9OL/xK65oiBmF3PyzEld/T08e9opmh
/TVlTYuHw1YPJvFF95HGOjh1Re7lnVrtZD29sX+o+l/XmSG6E5RMmNPS5LTQDLgT
DUbqdISy5z42vIDXyWvrAGTeooeNOhGGdtMahAi2ibEs59BgrxrFdzuIb446pXj3
cwEYbFjWMPDtJ4K5WXo+9CgYNQ/OK4CoE8DabSRdG2Dn5i8nbxByeaBp+ExXCL/F
ifyG1DQFcheMJetXK+/y7BH/HvmTb9zblAAnpNd6arg=
-----END CERTIFICATE-----