Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS212178.roa
File:                     AS212178.roa (raw, json)
Hash identifier:          T4WlQJa0lvTMzZrzvAkDy0AJn12BbmvQ6loJqYvBkHg=
Subject key identifier:   18:31:21:30:22:F5:76:58:24:54:C8:DF:67:D1:1E:65:FA:8F:61:81
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       66E6229726D424AD6C0E54407A8A4A4FA647A25E
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS212178.roa
Signing time:             Wed 04 Dec 2024 19:40:12 +0000
ROA not before:           Wed 04 Dec 2024 19:35:12 +0000
ROA not after:            Wed 03 Dec 2025 19:40:12 +0000
asID:                     212178
IP address blocks:        2a06:a005:1630::/44 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 13 Mar 2025 15:28:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            66:e6:22:97:26:d4:24:ad:6c:0e:54:40:7a:8a:4a:4f:a6:47:a2:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Dec  4 19:35:12 2024 GMT
            Not After : Dec  3 19:40:12 2025 GMT
        Subject: CN=1831213022F576582454C8DF67D11E65FA8F6181
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:6a:69:f8:d2:fe:5b:81:7e:37:ad:cb:e0:bc:
                    87:27:ff:7b:e7:a6:79:7d:e9:5e:7f:10:56:10:7f:
                    16:97:0c:e4:17:fc:37:15:93:41:be:6b:db:28:d7:
                    c0:93:02:95:fc:32:a9:b9:f1:b4:39:34:97:4f:d9:
                    25:6a:91:73:b4:d6:b2:e8:a1:37:8c:ba:a1:08:f3:
                    bd:e7:36:9b:a9:29:1f:c2:6a:38:b1:d4:a0:9a:9c:
                    07:6b:3b:87:92:ac:05:86:81:f2:7b:85:39:10:41:
                    d2:10:a4:7a:05:7b:86:52:9b:5a:d4:15:17:8a:d4:
                    12:b9:88:3a:65:9e:e7:13:69:a8:e4:d8:dc:f7:c1:
                    f6:0c:71:cd:7f:47:d3:2b:bd:18:90:53:6d:e3:e7:
                    fa:13:0d:12:e0:d7:a0:36:31:58:d9:40:8e:e3:84:
                    f6:fd:a4:61:9b:d7:fd:97:fe:cd:03:99:38:e4:fc:
                    9d:76:b0:78:87:da:ac:ea:aa:4e:27:79:31:82:d4:
                    08:cd:be:45:a1:55:12:82:cf:ef:6d:f5:05:d7:62:
                    2d:13:ba:e5:9c:7b:bc:21:9f:62:9b:42:e5:9d:a8:
                    ae:7d:2f:0e:cd:33:08:43:d3:22:02:1b:6f:4b:ef:
                    1d:5b:2b:05:de:c5:07:fb:4f:4b:aa:b2:7c:4f:7e:
                    ef:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:31:21:30:22:F5:76:58:24:54:C8:DF:67:D1:1E:65:FA:8F:61:81
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS212178.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:1630::/44

    Signature Algorithm: sha256WithRSAEncryption
         b9:b4:28:75:73:3d:eb:8f:13:28:65:c7:1f:0e:2c:4c:fd:50:
         39:7f:c4:c0:6c:c8:49:7c:15:7a:9f:d4:9b:9f:69:c6:b6:8c:
         fc:eb:46:ab:37:b1:67:42:b1:9a:7a:7f:04:f4:2b:dc:7e:60:
         c0:31:fd:8d:a5:7f:bd:fb:fd:77:40:71:73:bd:67:fa:e0:9f:
         df:2c:61:32:25:51:fc:74:e6:3d:ac:00:25:6e:c3:06:af:6c:
         26:8e:e4:07:7f:b9:1c:0f:96:9b:2e:de:bb:ca:ef:6f:5c:0b:
         82:ff:18:e7:d6:35:b3:2b:f1:9d:9b:17:36:92:c3:9e:da:21:
         ef:06:f0:13:81:61:8b:c6:36:ad:db:db:e6:89:31:c0:62:3a:
         6e:26:3e:da:4d:04:c1:94:d3:2f:3d:40:c3:c1:17:43:f7:61:
         f6:34:8a:fe:19:86:f6:ba:95:5c:48:86:b6:f9:b1:f0:1a:eb:
         01:4f:03:44:9a:83:6e:50:65:ee:bf:f4:8e:34:67:67:2c:dd:
         6a:94:e2:21:5a:47:fb:44:35:33:02:ea:7f:a3:3e:46:4c:18:
         d9:01:2d:3d:e1:5a:c2:07:1e:ff:6a:38:e7:7c:d1:d0:38:6a:
         7a:16:2a:2d:f3:dd:62:1e:69:00:18:3d:01:65:2a:64:75:6b:
         dd:4c:2e:0f
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUZuYilybUJK1sDlRAeopKT6ZHol4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDEyMDQxOTM1MTJaFw0yNTEyMDMxOTQwMTJaMDMxMTAvBgNV
BAMTKDE4MzEyMTMwMjJGNTc2NTgyNDU0QzhERjY3RDExRTY1RkE4RjYxODEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4amn40v5bgX43rcvgvIcn/3vn
pnl96V5/EFYQfxaXDOQX/DcVk0G+a9so18CTApX8Mqm58bQ5NJdP2SVqkXO01rLo
oTeMuqEI873nNpupKR/Cajix1KCanAdrO4eSrAWGgfJ7hTkQQdIQpHoFe4ZSm1rU
FReK1BK5iDplnucTaajk2Nz3wfYMcc1/R9MrvRiQU23j5/oTDRLg16A2MVjZQI7j
hPb9pGGb1/2X/s0DmTjk/J12sHiH2qzqqk4neTGC1AjNvkWhVRKCz+9t9QXXYi0T
uuWce7whn2KbQuWdqK59Lw7NMwhD0yICG29L7x1bKwXexQf7T0uqsnxPfu+xAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUGDEhMCL1dlgkVMjfZ9EeZfqPYYEwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjEyMTc4LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcEKgagBRYwMA0GCSqGSIb3DQEBCwUAA4IBAQC5tCh1
cz3rjxMoZccfDixM/VA5f8TAbMhJfBV6n9Sbn2nGtoz860arN7FnQrGaen8E9Cvc
fmDAMf2NpX+9+/13QHFzvWf64J/fLGEyJVH8dOY9rAAlbsMGr2wmjuQHf7kcD5ab
Lt67yu9vXAuC/xjn1jWzK/Gdmxc2ksOe2iHvBvATgWGLxjat29vmiTHAYjpuJj7a
TQTBlNMvPUDDwRdD92H2NIr+GYb2upVcSIa2+bHwGusBTwNEmoNuUGXuv/SONGdn
LN1qlOIhWkf7RDUzAup/oz5GTBjZAS094VrCBx7/ajjnfNHQOGp6Fiot891iHmkA
GD0BZSpkdWvdTC4P
-----END CERTIFICATE-----