Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS212085.roa
File:                     AS212085.roa (raw, json)
Hash identifier:          V/rClSDfG6fw1gVeII8HJc2nlbkp4HSYrxIeEjodqXc=
Subject key identifier:   E0:F6:75:5F:B2:B1:04:F7:52:48:DB:E1:1F:55:45:2D:44:03:FA:43
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       04A3D44EF801F765B513260A6A9DA0B5FC2347B0
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS212085.roa
Signing time:             Thu 22 May 2025 12:33:05 +0000
ROA not before:           Thu 22 May 2025 12:28:05 +0000
ROA not after:            Thu 21 May 2026 12:33:05 +0000
asID:                     212085
IP address blocks:        2a06:a001:a070::/44 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 04 Jun 2025 08:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:a3:d4:4e:f8:01:f7:65:b5:13:26:0a:6a:9d:a0:b5:fc:23:47:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: May 22 12:28:05 2025 GMT
            Not After : May 21 12:33:05 2026 GMT
        Subject: CN=E0F6755FB2B104F75248DBE11F55452D4403FA43
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:cb:6a:fd:5c:67:d7:73:ce:47:ac:57:22:5c:
                    fd:c1:2b:25:fe:5f:32:fd:19:79:2c:ad:19:6a:d9:
                    4d:52:b4:61:69:53:2d:c4:d4:1b:5c:74:1c:95:9b:
                    39:3b:49:c9:bf:72:b1:dc:18:94:b8:42:28:4c:b1:
                    28:0b:ed:c7:47:5a:5f:38:7b:8e:04:63:4f:4c:2c:
                    0e:f7:d0:63:9a:31:12:8a:4e:07:88:75:a7:aa:12:
                    b2:b8:6a:32:4b:fe:0b:df:50:63:d0:71:d9:3e:8c:
                    f3:7f:fe:0e:79:10:e8:73:5e:2c:8f:79:20:7a:97:
                    8d:d1:d1:c4:d3:c9:c1:0c:be:67:5e:ae:70:de:3e:
                    c7:d8:83:2b:78:8f:f7:c5:dc:fe:a8:fd:d6:a2:2e:
                    64:4a:4d:e2:de:c1:47:58:f9:88:0f:ae:99:fb:bb:
                    83:90:5f:5c:36:32:3b:6a:a6:47:cd:4a:67:2e:9d:
                    fa:e4:65:f1:a3:8e:fe:fa:ed:f2:22:a5:5f:bb:2d:
                    92:82:3c:61:e8:8c:d8:68:57:4b:32:c9:d7:19:b0:
                    d8:e3:a0:57:dc:c5:e2:4f:6b:5e:5b:96:06:23:b1:
                    76:f5:ee:a8:62:06:7a:3c:76:02:1b:7b:73:be:db:
                    4b:36:f5:b9:1e:7d:08:8a:4e:3a:96:e4:33:cb:b8:
                    ca:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:F6:75:5F:B2:B1:04:F7:52:48:DB:E1:1F:55:45:2D:44:03:FA:43
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS212085.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a001:a070::/44

    Signature Algorithm: sha256WithRSAEncryption
         b2:49:25:28:ca:49:28:be:17:04:f2:12:e0:7b:b2:ef:28:59:
         c2:aa:b0:d1:c3:bc:cf:4f:d8:be:ed:13:80:fe:f4:d0:91:60:
         65:56:02:d7:cf:2d:fe:b6:67:15:53:37:c8:62:61:84:67:04:
         62:03:ed:97:5e:c3:25:7c:b7:4b:78:71:9d:95:b7:6d:95:2d:
         cb:f6:a1:78:72:be:d4:f1:03:3e:2a:53:36:59:ef:aa:dd:5b:
         a0:10:51:ee:03:c2:83:a4:ee:fe:eb:58:39:d3:77:dd:00:75:
         e7:1f:0b:b0:13:d6:26:fc:0d:34:61:59:a5:b0:58:ef:3a:c4:
         70:49:20:9f:e7:24:41:60:12:bb:37:23:63:09:18:72:bc:47:
         e9:28:9c:18:16:ef:2c:8f:77:fb:fe:67:30:63:8d:f7:bd:c9:
         d7:f1:27:ca:bc:c8:20:d2:89:48:23:ea:fa:18:94:2b:26:34:
         47:6d:fe:01:20:32:0c:3a:ff:28:d3:27:81:99:5d:db:cc:7e:
         e4:84:60:dc:34:29:85:cf:76:4b:c0:d5:cc:01:49:11:a3:a2:
         84:f9:fd:91:12:a6:3f:31:fa:64:d2:92:43:07:8f:2a:c7:4f:
         93:0e:bc:53:ca:11:61:38:2e:68:35:c9:22:dd:9d:38:22:b4:
         01:ca:78:71
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUBKPUTvgB92W1EyYKap2gtfwjR7AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNTA1MjIxMjI4MDVaFw0yNjA1MjExMjMzMDVaMDMxMTAvBgNV
BAMTKEUwRjY3NTVGQjJCMTA0Rjc1MjQ4REJFMTFGNTU0NTJENDQwM0ZBNDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCry2r9XGfXc85HrFciXP3BKyX+
XzL9GXksrRlq2U1StGFpUy3E1BtcdByVmzk7Scm/crHcGJS4QihMsSgL7cdHWl84
e44EY09MLA730GOaMRKKTgeIdaeqErK4ajJL/gvfUGPQcdk+jPN//g55EOhzXiyP
eSB6l43R0cTTycEMvmdernDePsfYgyt4j/fF3P6o/daiLmRKTeLewUdY+YgPrpn7
u4OQX1w2MjtqpkfNSmcunfrkZfGjjv767fIipV+7LZKCPGHojNhoV0syydcZsNjj
oFfcxeJPa15blgYjsXb17qhiBno8dgIbe3O+20s29bkefQiKTjqW5DPLuMp3AgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQU4PZ1X7KxBPdSSNvhH1VFLUQD+kMwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjEyMDg1LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcEKgagAaBwMA0GCSqGSIb3DQEBCwUAA4IBAQCySSUo
ykkovhcE8hLge7LvKFnCqrDRw7zPT9i+7ROA/vTQkWBlVgLXzy3+tmcVUzfIYmGE
ZwRiA+2XXsMlfLdLeHGdlbdtlS3L9qF4cr7U8QM+KlM2We+q3VugEFHuA8KDpO7+
61g503fdAHXnHwuwE9Ym/A00YVmlsFjvOsRwSSCf5yRBYBK7NyNjCRhyvEfpKJwY
Fu8sj3f7/mcwY433vcnX8SfKvMgg0olII+r6GJQrJjRHbf4BIDIMOv8o0yeBmV3b
zH7khGDcNCmFz3ZLwNXMAUkRo6KE+f2REqY/Mfpk0pJDB48qx0+TDrxTyhFhOC5o
Ncki3Z04IrQBynhx
-----END CERTIFICATE-----