Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS212085.roa
File:                     AS212085.roa (raw, json)
Hash identifier:          8LQpO+iR2QMM1epJLRyENH1aPzvZc8LztDH7ZM8R2k4=
Subject key identifier:   77:7D:C9:1F:E4:2D:28:FE:80:51:22:FC:B1:AD:67:9E:F0:D2:48:92
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       32DCA2A8250342934768E8D9DB0A832A777903AF
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS212085.roa
Signing time:             Thu 20 Jul 2023 11:28:47 +0000
ROA not before:           Thu 20 Jul 2023 11:23:47 +0000
ROA not after:            Thu 18 Jul 2024 11:28:47 +0000
asID:                     212085
IP address blocks:        2a06:a001:a070::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 05 May 2024 05:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            32:dc:a2:a8:25:03:42:93:47:68:e8:d9:db:0a:83:2a:77:79:03:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Jul 20 11:23:47 2023 GMT
            Not After : Jul 18 11:28:47 2024 GMT
        Subject: CN=777DC91FE42D28FE805122FCB1AD679EF0D24892
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:d4:6e:78:dd:fb:2b:07:da:44:f7:74:16:91:
                    e6:c5:26:4b:d1:68:fc:74:9f:42:4e:64:79:59:10:
                    3e:67:a9:03:30:82:13:f9:34:a5:bc:db:11:13:5d:
                    a1:4c:2b:df:cf:98:28:02:ae:14:d3:94:d4:37:a2:
                    d0:1b:f3:66:05:cf:87:e8:f0:ce:32:07:a6:cb:c4:
                    9b:74:4c:78:43:36:d7:c7:99:ac:b1:9f:62:dd:90:
                    81:62:da:38:76:90:e4:51:de:ae:28:c3:32:d4:25:
                    24:83:67:f8:76:56:28:b0:7e:ec:21:58:f6:04:18:
                    95:9e:b2:4d:92:5c:26:2b:8e:bd:b4:c9:53:f8:4d:
                    d6:ee:c4:90:63:ad:8b:ce:a5:e8:5b:bb:ee:2e:ba:
                    4b:ce:10:be:ff:50:bc:13:6f:b8:2d:a2:4d:2c:12:
                    7d:ff:79:61:16:ff:4d:f5:e6:e0:79:78:2f:64:1a:
                    b6:df:9b:00:0a:fc:16:81:4b:14:03:1e:14:ed:8a:
                    2f:44:28:1f:08:a9:57:9c:08:76:4e:c2:e3:e0:08:
                    a0:84:c7:a9:81:65:82:c2:91:a5:a7:b9:0d:44:4c:
                    a3:c3:d4:38:ee:b5:43:f8:c5:f7:74:4f:83:4f:fe:
                    4f:2d:97:f8:1b:7f:62:51:03:ca:37:fc:65:e7:ff:
                    c9:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:7D:C9:1F:E4:2D:28:FE:80:51:22:FC:B1:AD:67:9E:F0:D2:48:92
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS212085.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a001:a070::/44

    Signature Algorithm: sha256WithRSAEncryption
         3e:ab:12:53:db:6c:cd:c6:cc:9b:9a:b1:9b:4e:76:99:ca:51:
         92:76:55:b5:89:f6:62:79:e7:e7:ac:a4:39:7e:9e:fc:a2:19:
         94:ca:f3:3d:3a:a1:91:31:1a:b7:8b:9f:91:eb:3b:89:43:3a:
         aa:60:63:dc:72:3a:cb:f5:9d:02:b4:97:22:17:28:79:65:63:
         79:94:9f:04:dd:c1:bd:e1:9c:92:58:49:4b:d3:46:b8:b1:68:
         5a:23:34:81:86:06:20:73:aa:6a:ba:13:06:b1:0a:5b:09:f7:
         0d:44:9c:ba:aa:68:9f:a7:b2:d4:91:c6:5d:79:c3:11:3f:b0:
         66:08:2d:73:57:3f:08:fc:25:99:25:7e:84:2e:63:02:5a:51:
         93:10:20:cb:3f:8d:76:62:4e:cc:2f:42:32:fd:88:1e:07:4b:
         a7:07:5d:07:5f:70:e7:55:bf:23:a4:40:70:47:55:95:1d:8d:
         6e:6a:56:6e:71:8f:01:c5:0f:bb:19:1c:b7:83:0c:3f:8a:54:
         10:84:01:da:5c:c5:45:7c:e5:1c:ef:83:fc:68:1d:af:b3:c1:
         be:a6:30:3e:cf:f6:b4:d3:03:04:09:94:d1:5b:10:a5:11:d4:
         86:f3:6c:b3:10:43:30:07:83:bd:db:39:ef:ef:26:85:cf:8a:
         46:9d:7e:45
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUMtyiqCUDQpNHaOjZ2wqDKnd5A68wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzA3MjAxMTIzNDdaFw0yNDA3MTgxMTI4NDdaMDMxMTAvBgNV
BAMTKDc3N0RDOTFGRTQyRDI4RkU4MDUxMjJGQ0IxQUQ2NzlFRjBEMjQ4OTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCp1G543fsrB9pE93QWkebFJkvR
aPx0n0JOZHlZED5nqQMwghP5NKW82xETXaFMK9/PmCgCrhTTlNQ3otAb82YFz4fo
8M4yB6bLxJt0THhDNtfHmayxn2LdkIFi2jh2kORR3q4owzLUJSSDZ/h2Viiwfuwh
WPYEGJWesk2SXCYrjr20yVP4TdbuxJBjrYvOpehbu+4uukvOEL7/ULwTb7gtok0s
En3/eWEW/0315uB5eC9kGrbfmwAK/BaBSxQDHhTtii9EKB8IqVecCHZOwuPgCKCE
x6mBZYLCkaWnuQ1ETKPD1DjutUP4xfd0T4NP/k8tl/gbf2JRA8o3/GXn/8nrAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUd33JH+QtKP6AUSL8sa1nnvDSSJIwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjEyMDg1LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcEKgagAaBwMA0GCSqGSIb3DQEBCwUAA4IBAQA+qxJT
22zNxsybmrGbTnaZylGSdlW1ifZieefnrKQ5fp78ohmUyvM9OqGRMRq3i5+R6zuJ
QzqqYGPccjrL9Z0CtJciFyh5ZWN5lJ8E3cG94ZySWElL00a4sWhaIzSBhgYgc6pq
uhMGsQpbCfcNRJy6qmifp7LUkcZdecMRP7BmCC1zVz8I/CWZJX6ELmMCWlGTECDL
P412Yk7ML0Iy/YgeB0unB10HX3DnVb8jpEBwR1WVHY1ualZucY8BxQ+7GRy3gww/
ilQQhAHaXMVFfOUc74P8aB2vs8G+pjA+z/a00wMECZTRWxClEdSG82yzEEMwB4O9
2znv7yaFz4pGnX5F
-----END CERTIFICATE-----