Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS211622.roa
File:                     AS211622.roa (raw, json)
Hash identifier:          FD60cXV/JfHV31MwrpTdT45wTVLKdilQQlkmBoYYz04=
Subject key identifier:   E1:32:95:24:1E:72:18:0D:15:06:DE:8E:BB:72:FE:4A:D7:34:0C:6B
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       1069C186CFB10C0B10C42239EFF8D93DA3D7586B
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS211622.roa
Signing time:             Tue 05 Dec 2023 02:44:15 +0000
ROA not before:           Tue 05 Dec 2023 02:39:15 +0000
ROA not after:            Tue 03 Dec 2024 02:44:15 +0000
asID:                     211622
IP address blocks:        2a06:a005:860::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 05 May 2024 05:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            10:69:c1:86:cf:b1:0c:0b:10:c4:22:39:ef:f8:d9:3d:a3:d7:58:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Dec  5 02:39:15 2023 GMT
            Not After : Dec  3 02:44:15 2024 GMT
        Subject: CN=E13295241E72180D1506DE8EBB72FE4AD7340C6B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:ff:8c:24:30:57:8a:db:7c:8a:a7:58:06:45:
                    73:af:d4:a8:dc:8b:28:f0:0f:4e:c8:ce:92:39:32:
                    b2:50:cb:82:49:e7:ee:9c:eb:e8:66:cd:f2:16:79:
                    70:72:52:f0:f9:99:0e:1a:db:e3:14:df:c0:96:09:
                    da:45:9c:b5:91:90:6f:8e:cd:6a:03:ec:69:e2:8f:
                    87:15:30:1f:d3:10:0a:e2:0f:b9:8a:63:85:fc:b9:
                    71:ab:36:e6:22:f5:98:62:c5:0e:08:45:4a:74:df:
                    a8:6e:46:79:a1:ef:a3:16:cd:72:0b:9c:ef:ac:0d:
                    4d:0f:3a:84:34:df:34:f2:07:1a:6d:89:6d:1b:7b:
                    c0:c5:96:46:59:0d:f5:22:28:2a:0e:97:0d:1c:ca:
                    9a:b0:3c:a4:84:b6:73:61:fb:59:68:95:6c:4d:72:
                    13:ea:7e:ce:6c:2f:74:fe:d9:96:c8:04:1a:07:54:
                    8c:54:23:c3:43:6a:6d:9f:a6:14:2c:08:1f:de:dc:
                    7b:a3:f1:5d:78:f4:bd:58:50:69:9d:77:bc:d9:b2:
                    2e:21:1b:bf:12:c4:53:9a:76:85:e1:5b:33:2d:28:
                    5c:e1:b6:6c:c4:76:e0:59:d0:db:c8:93:ca:28:3a:
                    75:71:69:a5:7d:ac:e5:38:58:cf:18:60:7e:14:bb:
                    e5:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:32:95:24:1E:72:18:0D:15:06:DE:8E:BB:72:FE:4A:D7:34:0C:6B
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS211622.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:860::/44

    Signature Algorithm: sha256WithRSAEncryption
         85:8b:5e:68:fb:e1:73:0a:cf:7b:75:51:b8:3c:1d:68:49:cc:
         c8:bb:19:07:9c:e8:5b:ae:28:1b:2e:8f:be:36:50:22:9c:aa:
         fc:18:d8:a9:6a:43:46:d4:d2:cb:aa:dd:62:94:e6:55:08:3f:
         e7:9e:7d:0e:61:eb:61:92:9d:8c:e1:ae:ae:95:36:9b:0c:68:
         33:3f:c0:d6:34:d4:4f:24:4e:48:18:5f:ac:4d:03:14:f8:0a:
         48:98:f4:7f:d1:c9:15:81:d5:61:7e:28:44:d1:55:6f:31:fe:
         8f:79:8b:f1:f3:ae:eb:5d:21:a7:a4:07:65:36:dc:96:71:49:
         a4:06:24:00:0d:2a:d5:3b:af:b2:58:2e:09:21:3c:e4:a7:c0:
         1a:89:8b:57:3e:d9:17:69:f7:e3:01:13:00:65:03:d7:13:dd:
         62:76:63:56:12:ee:4a:ee:e1:fc:32:92:bb:e2:7f:12:e8:b2:
         32:b0:eb:4b:39:91:41:4d:e2:a9:38:5a:be:c0:c0:a7:ef:c0:
         e3:f4:e7:f1:92:44:d4:71:79:ea:64:b1:96:6e:83:28:1d:1c:
         d2:e3:7d:f6:87:4c:e8:b6:e1:b9:fd:37:8f:ba:9c:0c:60:38:
         16:d8:a6:e8:87:ae:88:70:7d:3a:1f:ac:a0:54:54:32:6c:61:
         6d:f4:04:aa
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUEGnBhs+xDAsQxCI57/jZPaPXWGswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzEyMDUwMjM5MTVaFw0yNDEyMDMwMjQ0MTVaMDMxMTAvBgNV
BAMTKEUxMzI5NTI0MUU3MjE4MEQxNTA2REU4RUJCNzJGRTRBRDczNDBDNkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCf/4wkMFeK23yKp1gGRXOv1Kjc
iyjwD07IzpI5MrJQy4JJ5+6c6+hmzfIWeXByUvD5mQ4a2+MU38CWCdpFnLWRkG+O
zWoD7Gnij4cVMB/TEAriD7mKY4X8uXGrNuYi9ZhixQ4IRUp036huRnmh76MWzXIL
nO+sDU0POoQ03zTyBxptiW0be8DFlkZZDfUiKCoOlw0cypqwPKSEtnNh+1lolWxN
chPqfs5sL3T+2ZbIBBoHVIxUI8NDam2fphQsCB/e3Huj8V149L1YUGmdd7zZsi4h
G78SxFOadoXhWzMtKFzhtmzEduBZ0NvIk8ooOnVxaaV9rOU4WM8YYH4Uu+WhAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQU4TKVJB5yGA0VBt6Ou3L+Stc0DGswHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjExNjIyLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcEKgagBQhgMA0GCSqGSIb3DQEBCwUAA4IBAQCFi15o
++FzCs97dVG4PB1oSczIuxkHnOhbrigbLo++NlAinKr8GNipakNG1NLLqt1ilOZV
CD/nnn0OYethkp2M4a6ulTabDGgzP8DWNNRPJE5IGF+sTQMU+ApImPR/0ckVgdVh
fihE0VVvMf6PeYvx867rXSGnpAdlNtyWcUmkBiQADSrVO6+yWC4JITzkp8AaiYtX
PtkXaffjARMAZQPXE91idmNWEu5K7uH8MpK74n8S6LIysOtLOZFBTeKpOFq+wMCn
78Dj9OfxkkTUcXnqZLGWboMoHRzS4332h0zotuG5/TePupwMYDgW2Kboh66IcH06
H6ygVFQybGFt9ASq
-----END CERTIFICATE-----