Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS211869.roa
File:                     AS211869.roa (raw, json)
Hash identifier:          gZIhNjSk1t0ToBGRgS2jipn/22BnfKA3owi1qQpJUE0=
Subject key identifier:   79:E0:B6:A5:C7:16:6A:E9:F2:15:05:05:D1:4A:C5:C1:70:BE:7A:97
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       06B23EB00829FB6A5D94EDE46556E23067E1BE7D
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS211869.roa
Signing time:             Tue 02 Jan 2024 19:44:21 +0000
ROA not before:           Tue 02 Jan 2024 19:39:21 +0000
ROA not after:            Tue 31 Dec 2024 19:44:21 +0000
asID:                     211869
IP address blocks:        2a06:a005:1300::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 17:16:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            06:b2:3e:b0:08:29:fb:6a:5d:94:ed:e4:65:56:e2:30:67:e1:be:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Jan  2 19:39:21 2024 GMT
            Not After : Dec 31 19:44:21 2024 GMT
        Subject: CN=79E0B6A5C7166AE9F2150505D14AC5C170BE7A97
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:2a:8b:59:42:f9:8f:45:f1:88:eb:28:80:dc:
                    a3:58:6b:1a:88:67:cf:45:9e:69:94:a3:0d:3f:9d:
                    c6:07:ef:47:3d:b2:19:93:1e:24:0c:af:61:e4:08:
                    8d:8c:16:6a:66:b1:0f:79:3a:17:64:dd:28:9d:3e:
                    66:4f:24:e4:21:77:06:39:d4:4e:df:f5:c5:07:5e:
                    16:6d:e7:4c:35:15:75:6c:a8:a6:12:88:af:28:cb:
                    6f:43:99:fe:6b:70:15:10:81:e5:07:48:b1:13:cb:
                    4f:c8:ae:ec:1d:10:23:2c:e9:1f:fc:0b:02:bc:e1:
                    4f:14:95:66:7d:56:b0:41:d8:39:3c:4e:57:01:b2:
                    24:57:ec:03:b7:76:e8:12:10:0c:25:fe:6b:d0:1d:
                    92:4b:25:43:a1:c2:72:0d:2c:99:8c:f0:b0:75:4d:
                    0c:f5:e0:ea:bc:11:a2:83:b9:ee:3a:16:80:63:48:
                    15:65:33:5a:48:8e:cb:73:e6:03:47:78:f0:b1:21:
                    63:50:be:44:1c:b6:46:fa:47:86:11:bf:06:98:19:
                    1f:92:75:69:a8:d8:5e:49:47:dc:da:24:44:4d:30:
                    b4:87:d5:54:76:6c:ad:70:2b:3a:3f:04:ad:50:10:
                    1f:7a:16:e5:a8:26:7f:ee:a1:18:32:86:76:db:8b:
                    12:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:E0:B6:A5:C7:16:6A:E9:F2:15:05:05:D1:4A:C5:C1:70:BE:7A:97
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS211869.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:1300::/44

    Signature Algorithm: sha256WithRSAEncryption
         ca:c1:eb:d6:00:76:04:5e:fc:7a:de:72:a3:6c:57:c7:42:5b:
         6e:10:d8:b6:4a:d8:e2:b7:b6:bc:8e:be:b7:86:79:3f:fd:c5:
         ce:e7:cb:3b:6d:8c:f1:26:a8:cb:16:3f:bc:6b:0e:d8:38:40:
         d5:fb:56:0f:fc:63:3d:a0:9f:32:8b:55:5d:0d:91:2f:95:07:
         f6:8d:fd:9a:eb:d9:2b:4f:33:f8:89:3e:b4:09:fd:6d:f8:fe:
         84:41:af:3b:c8:aa:0a:09:c7:75:e5:2f:64:a9:3c:42:15:53:
         b8:54:92:16:7d:15:9b:b7:aa:1b:5d:ad:83:53:65:fa:f4:3d:
         8c:df:a6:66:20:14:e3:b3:79:53:a3:47:f3:42:16:c0:1b:1b:
         84:f7:e6:3a:ae:75:8d:db:1d:f7:61:5f:35:e3:ae:f7:5e:b8:
         d1:ac:ed:68:4f:f8:d9:bf:01:78:12:3d:22:12:b6:81:12:20:
         d3:0a:8b:6b:4b:a0:9f:5e:ff:6d:b2:78:3f:72:77:36:4e:82:
         a1:43:54:72:a0:ed:07:6f:2c:51:75:d7:d3:9f:cf:f1:4a:5b:
         3c:2e:81:29:ee:b7:c1:2b:67:98:74:17:3f:40:da:c2:01:fb:
         d9:54:0f:d8:a7:1b:26:c1:85:07:e6:63:5f:f5:66:ef:32:25:
         b6:54:6e:91
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUBrI+sAgp+2pdlO3kZVbiMGfhvn0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDAxMDIxOTM5MjFaFw0yNDEyMzExOTQ0MjFaMDMxMTAvBgNV
BAMTKDc5RTBCNkE1QzcxNjZBRTlGMjE1MDUwNUQxNEFDNUMxNzBCRTdBOTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmKotZQvmPRfGI6yiA3KNYaxqI
Z89FnmmUow0/ncYH70c9shmTHiQMr2HkCI2MFmpmsQ95Ohdk3SidPmZPJOQhdwY5
1E7f9cUHXhZt50w1FXVsqKYSiK8oy29Dmf5rcBUQgeUHSLETy0/IruwdECMs6R/8
CwK84U8UlWZ9VrBB2Dk8TlcBsiRX7AO3dugSEAwl/mvQHZJLJUOhwnINLJmM8LB1
TQz14Oq8EaKDue46FoBjSBVlM1pIjstz5gNHePCxIWNQvkQctkb6R4YRvwaYGR+S
dWmo2F5JR9zaJERNMLSH1VR2bK1wKzo/BK1QEB96FuWoJn/uoRgyhnbbixJZAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUeeC2pccWaunyFQUF0UrFwXC+epcwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjExODY5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcEKgagBRMAMA0GCSqGSIb3DQEBCwUAA4IBAQDKwevW
AHYEXvx63nKjbFfHQltuENi2Stjit7a8jr63hnk//cXO58s7bYzxJqjLFj+8aw7Y
OEDV+1YP/GM9oJ8yi1VdDZEvlQf2jf2a69krTzP4iT60Cf1t+P6EQa87yKoKCcd1
5S9kqTxCFVO4VJIWfRWbt6obXa2DU2X69D2M36ZmIBTjs3lTo0fzQhbAGxuE9+Y6
rnWN2x33YV814673XrjRrO1oT/jZvwF4Ej0iEraBEiDTCotrS6CfXv9tsng/cnc2
ToKhQ1RyoO0HbyxRddfTn8/xSls8LoEp7rfBK2eYdBc/QNrCAfvZVA/YpxsmwYUH
5mNf9WbvMiW2VG6R
-----END CERTIFICATE-----