Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS211562.roa
File:                     AS211562.roa (raw, json)
Hash identifier:          kjYWL0iTu3tI9TQ1gWASDFZ3hexXFo5y8agiOq3sQ0g=
Subject key identifier:   D8:47:60:D6:81:C3:87:E9:38:45:91:9E:31:91:DF:6C:37:49:89:D0
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       6784E01B8C53CECB697310DFCBB3EE155016028B
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS211562.roa
Signing time:             Mon 04 Mar 2024 04:44:24 +0000
ROA not before:           Mon 04 Mar 2024 04:39:24 +0000
ROA not after:            Mon 03 Mar 2025 04:44:24 +0000
asID:                     211562
IP address blocks:        2a06:a005:180b::/48 maxlen: 48
                          2a06:a005:187b::/48 maxlen: 48
                          2a06:a005:187d::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 05 May 2024 05:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            67:84:e0:1b:8c:53:ce:cb:69:73:10:df:cb:b3:ee:15:50:16:02:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Mar  4 04:39:24 2024 GMT
            Not After : Mar  3 04:44:24 2025 GMT
        Subject: CN=D84760D681C387E93845919E3191DF6C374989D0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:b5:e3:e8:5f:27:1e:da:0c:10:c5:64:e3:5e:
                    d0:ec:dd:f4:b4:a8:9b:f1:3b:b7:d9:d1:bf:b3:8f:
                    a0:44:a7:a4:6c:c0:4c:27:04:87:fd:d3:d0:b7:27:
                    92:90:2b:15:e6:27:be:c6:b1:ed:af:4b:d4:b3:f0:
                    73:f5:f5:26:37:90:6d:6c:ea:46:64:3a:6e:86:8b:
                    8e:92:0d:34:ce:3c:c4:86:5b:c4:87:c6:d5:08:54:
                    05:3e:0b:9f:fe:3e:46:45:9f:93:9f:a2:e0:62:19:
                    63:06:50:00:4c:8d:44:58:dd:73:69:4e:15:f5:92:
                    18:b8:a1:46:de:e0:65:5b:3e:cd:5a:61:27:73:fa:
                    e7:ca:f5:e2:0d:69:ed:9f:d5:3e:a6:9b:bc:a5:ee:
                    92:aa:08:f4:55:e5:2c:c1:3b:62:8a:68:60:00:f0:
                    8e:05:a7:e0:17:dd:fc:de:80:34:e9:b3:50:a8:55:
                    2f:e5:b5:a2:17:d8:19:24:92:da:0d:14:a1:bb:93:
                    77:d6:ec:ba:ec:2b:bd:73:96:12:86:32:bc:28:01:
                    30:93:6c:2b:76:56:f7:33:51:0d:73:c7:86:b3:ed:
                    a0:3e:28:b2:75:e8:dd:dd:2c:2a:31:76:5a:82:7d:
                    f4:18:b9:36:7d:f5:1d:03:63:83:68:09:3c:99:6b:
                    ca:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:47:60:D6:81:C3:87:E9:38:45:91:9E:31:91:DF:6C:37:49:89:D0
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS211562.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:180b::/48
                  2a06:a005:187b::/48
                  2a06:a005:187d::/48

    Signature Algorithm: sha256WithRSAEncryption
         6f:d9:57:bc:65:02:e4:4d:3d:6f:d2:6f:3b:4e:c5:ec:f6:25:
         d7:0e:20:7c:4f:73:be:93:86:49:91:61:ed:11:7b:78:2e:3c:
         19:59:3c:a2:11:c9:33:1e:cb:c8:69:9a:66:52:e8:18:5b:6b:
         46:bb:dd:0e:52:8b:e9:63:3b:dc:02:4f:f3:07:88:c4:90:d6:
         08:62:86:c7:02:94:7f:d8:9b:cf:28:0e:16:9b:2c:e8:a8:6a:
         39:4c:9e:7a:8f:78:3d:68:b3:eb:a7:73:28:ef:13:60:0f:e3:
         da:b7:c2:f7:c0:56:91:dc:09:12:1f:62:1f:d4:ce:82:34:f8:
         e1:a5:71:84:04:f1:49:91:12:f4:f1:d6:c0:44:9f:1e:be:fa:
         09:d3:4b:e7:ae:bc:6e:b1:e1:55:7a:b7:76:53:19:f6:aa:4e:
         b5:8a:82:a2:ed:48:de:92:96:2a:f3:0a:ef:b1:93:37:c5:02:
         c7:21:e4:5c:66:06:af:bb:44:40:a5:4f:0c:cf:e0:30:07:57:
         45:f3:dd:60:21:b9:a5:81:f2:ff:f3:26:e6:2f:8c:55:32:fe:
         fc:62:c5:f7:4e:35:9a:d0:00:b1:3a:1d:4a:48:14:e5:dd:b8:
         d2:ee:2b:df:f5:0b:4f:a8:d9:63:06:e6:0d:be:ac:8b:0a:fe:
         3d:1b:29:3a
-----BEGIN CERTIFICATE-----
MIIE+jCCA+KgAwIBAgIUZ4TgG4xTzstpcxDfy7PuFVAWAoswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDAzMDQwNDM5MjRaFw0yNTAzMDMwNDQ0MjRaMDMxMTAvBgNV
BAMTKEQ4NDc2MEQ2ODFDMzg3RTkzODQ1OTE5RTMxOTFERjZDMzc0OTg5RDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgtePoXyce2gwQxWTjXtDs3fS0
qJvxO7fZ0b+zj6BEp6RswEwnBIf909C3J5KQKxXmJ77Gse2vS9Sz8HP19SY3kG1s
6kZkOm6Gi46SDTTOPMSGW8SHxtUIVAU+C5/+PkZFn5OfouBiGWMGUABMjURY3XNp
ThX1khi4oUbe4GVbPs1aYSdz+ufK9eINae2f1T6mm7yl7pKqCPRV5SzBO2KKaGAA
8I4Fp+AX3fzegDTps1CoVS/ltaIX2BkkktoNFKG7k3fW7LrsK71zlhKGMrwoATCT
bCt2VvczUQ1zx4az7aA+KLJ16N3dLCoxdlqCffQYuTZ99R0DY4NoCTyZa8pRAgMB
AAGjggIEMIICADAdBgNVHQ4EFgQU2Edg1oHDh+k4RZGeMZHfbDdJidAwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjExNTYyLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEH
AQH/BCUwIzAhBAIAAjAbAwcAKgagBRgLAwcAKgagBRh7AwcAKgagBRh9MA0GCSqG
SIb3DQEBCwUAA4IBAQBv2Ve8ZQLkTT1v0m87TsXs9iXXDiB8T3O+k4ZJkWHtEXt4
LjwZWTyiEckzHsvIaZpmUugYW2tGu90OUovpYzvcAk/zB4jEkNYIYobHApR/2JvP
KA4WmyzoqGo5TJ56j3g9aLPrp3Mo7xNgD+Pat8L3wFaR3AkSH2If1M6CNPjhpXGE
BPFJkRL08dbARJ8evvoJ00vnrrxuseFVerd2Uxn2qk61ioKi7UjekpYq8wrvsZM3
xQLHIeRcZgavu0RApU8Mz+AwB1dF891gIbmlgfL/8ybmL4xVMv78YsX3TjWa0ACx
Oh1KSBTl3bjS7ivf9QtPqNljBuYNvqyLCv49Gyk6
-----END CERTIFICATE-----