Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS211562.roa
File:                     AS211562.roa (raw, json)
Hash identifier:          Zdwr1B6SWmHI2eVAnSg5tKojfec7za3lj4oXknrmhKY=
Subject key identifier:   8E:3E:E6:39:6C:F1:08:91:3C:7C:D0:37:26:D9:6B:03:A7:8A:FB:0D
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       73C5A800561756DE47863FB2767A2F8F2009F3C0
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS211562.roa
Signing time:             Fri 13 Dec 2024 02:56:29 +0000
ROA not before:           Fri 13 Dec 2024 02:51:29 +0000
ROA not after:            Fri 12 Dec 2025 02:56:29 +0000
asID:                     211562
IP address blocks:        2a06:a005:180b::/48 maxlen: 48
                          2a06:a005:187b::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 05 Apr 2025 09:24:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            73:c5:a8:00:56:17:56:de:47:86:3f:b2:76:7a:2f:8f:20:09:f3:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Dec 13 02:51:29 2024 GMT
            Not After : Dec 12 02:56:29 2025 GMT
        Subject: CN=8E3EE6396CF108913C7CD03726D96B03A78AFB0D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:65:a7:7c:6c:5c:d4:2b:eb:5b:8e:28:0c:ff:
                    96:d5:c1:4d:e4:6e:fe:01:3f:c2:85:bd:c9:4f:52:
                    19:aa:36:05:17:43:14:aa:d0:92:46:2e:81:cf:53:
                    1c:60:4b:3f:16:be:1d:68:6f:bf:db:03:bc:02:e4:
                    c3:c5:ea:1d:df:60:09:ce:ce:e1:96:2c:09:17:e5:
                    6e:55:b1:3f:08:31:51:9f:59:02:a0:86:e3:12:47:
                    c9:9a:14:ab:99:a4:d3:2c:d5:c4:40:59:2a:a2:f4:
                    0a:11:0c:7f:6c:03:53:e8:cc:95:00:94:51:c1:b9:
                    8f:ff:7b:bf:8b:e1:fb:c0:87:39:96:13:e6:f5:7d:
                    1e:71:c6:b4:29:9d:f3:8a:d7:0e:99:30:ab:b1:2a:
                    37:a3:e2:32:0c:29:52:b7:df:41:9b:2c:2d:96:10:
                    77:44:95:5f:4e:25:fc:46:17:3e:83:e6:10:bf:58:
                    92:7a:0e:d4:18:7b:bb:9a:5a:91:5c:9d:c6:33:df:
                    c4:ce:d6:c8:b7:c9:f4:d6:6a:cc:bf:99:2c:f6:54:
                    34:23:cb:c7:78:4d:c6:9e:44:fe:82:57:88:c1:91:
                    fc:2e:b8:d4:65:d4:5a:e6:10:fe:72:69:58:aa:af:
                    f7:70:cd:dc:0d:83:9a:43:d7:18:58:b5:43:1e:d9:
                    3a:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:3E:E6:39:6C:F1:08:91:3C:7C:D0:37:26:D9:6B:03:A7:8A:FB:0D
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS211562.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:180b::/48
                  2a06:a005:187b::/48

    Signature Algorithm: sha256WithRSAEncryption
         79:9f:96:be:9a:3f:9b:e3:56:1e:7c:43:b6:9e:3c:9a:3e:1a:
         50:da:ae:d2:de:ae:39:48:86:9d:61:fd:60:16:77:4c:7c:25:
         4a:e6:e2:09:5a:ef:5e:e3:31:10:a5:a6:25:73:38:f2:56:6d:
         7c:c2:72:1a:5a:bd:fd:e9:25:03:c7:80:6d:76:0a:3a:c6:9d:
         e9:29:76:cf:2c:f0:40:f4:9c:73:f4:a3:58:46:90:2e:f5:8f:
         1c:31:7a:63:b7:55:ee:8e:38:ab:ad:2a:76:36:ec:a8:e9:7d:
         eb:b0:a6:bd:e2:d3:68:df:77:1f:c9:46:cd:60:57:01:ff:7b:
         fb:c4:78:ab:e7:82:36:f6:e4:c6:db:1b:f5:35:c7:4a:34:02:
         89:47:c7:6e:a8:0d:be:14:2a:58:ba:9b:73:83:e5:cf:70:7d:
         b7:e0:26:a7:b3:a7:98:31:ae:93:0f:5a:54:fd:ae:25:a3:10:
         85:01:36:dd:b9:fb:89:6e:ae:e9:34:81:ee:2c:56:ad:39:43:
         f1:7c:5b:b3:ac:c5:de:23:e4:f9:77:bb:26:85:07:f9:0a:c7:
         c8:bf:f7:2b:6e:ed:12:cf:2c:58:c6:c8:67:98:7e:a9:c5:66:
         be:15:3d:1d:e9:94:d9:d6:f7:0c:60:4b:93:02:f4:93:e6:75:
         73:fb:25:e9
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIUc8WoAFYXVt5Hhj+ydnovjyAJ88AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDEyMTMwMjUxMjlaFw0yNTEyMTIwMjU2MjlaMDMxMTAvBgNV
BAMTKDhFM0VFNjM5NkNGMTA4OTEzQzdDRDAzNzI2RDk2QjAzQTc4QUZCMEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYZad8bFzUK+tbjigM/5bVwU3k
bv4BP8KFvclPUhmqNgUXQxSq0JJGLoHPUxxgSz8Wvh1ob7/bA7wC5MPF6h3fYAnO
zuGWLAkX5W5VsT8IMVGfWQKghuMSR8maFKuZpNMs1cRAWSqi9AoRDH9sA1PozJUA
lFHBuY//e7+L4fvAhzmWE+b1fR5xxrQpnfOK1w6ZMKuxKjej4jIMKVK330GbLC2W
EHdElV9OJfxGFz6D5hC/WJJ6DtQYe7uaWpFcncYz38TO1si3yfTWasy/mSz2VDQj
y8d4TcaeRP6CV4jBkfwuuNRl1FrmEP5yaViqr/dwzdwNg5pD1xhYtUMe2TrNAgMB
AAGjggH7MIIB9zAdBgNVHQ4EFgQUjj7mOWzxCJE8fNA3JtlrA6eK+w0wHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjExNTYyLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEH
AQH/BBwwGjAYBAIAAjASAwcAKgagBRgLAwcAKgagBRh7MA0GCSqGSIb3DQEBCwUA
A4IBAQB5n5a+mj+b41YefEO2njyaPhpQ2q7S3q45SIadYf1gFndMfCVK5uIJWu9e
4zEQpaYlczjyVm18wnIaWr396SUDx4Btdgo6xp3pKXbPLPBA9Jxz9KNYRpAu9Y8c
MXpjt1XujjirrSp2Nuyo6X3rsKa94tNo33cfyUbNYFcB/3v7xHir54I29uTG2xv1
NcdKNAKJR8duqA2+FCpYuptzg+XPcH234Cans6eYMa6TD1pU/a4loxCFATbdufuJ
bq7pNIHuLFatOUPxfFuzrMXeI+T5d7smhQf5CsfIv/crbu0SzyxYxshnmH6pxWa+
FT0d6ZTZ1vcMYEuTAvST5nVz+yXp
-----END CERTIFICATE-----