Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS212178.roa
File:                     AS212178.roa (raw, json)
Hash identifier:          0QTz4/zZMMJfSQKtwVC5OAlwGvGDq+YTg3AF2BONPF4=
Subject key identifier:   9C:6C:1E:C9:B4:5D:4C:28:16:A6:53:E6:9D:90:66:DD:04:BC:BD:0E
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       6F22A416C799EE231036257060114114802DCC50
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS212178.roa
Signing time:             Wed 03 Jan 2024 18:44:21 +0000
ROA not before:           Wed 03 Jan 2024 18:39:21 +0000
ROA not after:            Wed 01 Jan 2025 18:44:21 +0000
asID:                     212178
IP address blocks:        2a06:a005:1630::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 05 May 2024 05:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6f:22:a4:16:c7:99:ee:23:10:36:25:70:60:11:41:14:80:2d:cc:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Jan  3 18:39:21 2024 GMT
            Not After : Jan  1 18:44:21 2025 GMT
        Subject: CN=9C6C1EC9B45D4C2816A653E69D9066DD04BCBD0E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:92:4b:1b:d4:36:ab:38:81:9b:3e:9b:f2:23:
                    a4:46:1a:48:e1:71:bf:57:db:b6:d7:15:35:e8:cd:
                    15:62:7f:03:19:13:b1:6b:be:ea:89:ca:6b:cc:55:
                    4e:45:95:9f:28:d3:ad:6d:c6:2d:f4:c7:9d:74:f1:
                    65:87:1d:04:80:40:25:59:30:c8:79:7d:8d:15:b2:
                    13:72:d8:c5:26:13:86:91:79:c5:05:c9:f0:8d:f0:
                    8a:44:65:c7:05:f0:fd:f3:1e:35:77:84:2a:84:9e:
                    ed:10:6c:6b:c9:47:b1:67:69:47:35:db:06:18:f0:
                    2f:9d:d0:19:ab:3c:83:b5:bd:c6:71:42:2e:0d:c1:
                    4b:f0:ef:0f:17:00:bc:ea:b3:7b:30:7b:88:a5:32:
                    ac:b6:1d:85:a6:c0:83:ea:c4:85:68:a1:34:5d:f8:
                    18:c2:1d:db:2d:68:75:f5:80:8b:ec:98:70:d0:9b:
                    6b:78:89:8a:ac:17:f6:78:7f:30:67:ff:4e:c5:6a:
                    a9:83:a0:37:4d:78:bc:ca:30:4b:3f:54:60:64:f1:
                    91:9c:e7:5b:c3:43:2a:1d:b9:3e:8c:60:68:e2:bd:
                    0d:0b:f8:ec:1b:5d:f8:78:be:de:73:51:a4:80:a4:
                    3e:ae:32:2a:16:42:f9:5f:a1:af:97:b5:0c:e1:a4:
                    4c:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:6C:1E:C9:B4:5D:4C:28:16:A6:53:E6:9D:90:66:DD:04:BC:BD:0E
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS212178.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:1630::/44

    Signature Algorithm: sha256WithRSAEncryption
         0d:68:fd:52:02:a9:02:57:6d:b7:f7:b1:1d:ac:f5:bc:96:96:
         f5:66:b2:82:66:85:84:de:74:17:af:1f:8d:1e:28:1f:34:9e:
         33:ea:d7:6c:b7:9a:e7:5a:dc:50:db:5c:0e:1d:f0:08:3c:93:
         47:39:f8:cf:7f:da:fa:b2:21:b2:96:a5:0f:cb:95:1b:94:56:
         42:32:39:ef:b6:7a:b5:a9:e5:27:c2:7d:7a:16:3b:26:d7:48:
         c0:0b:9e:6f:f5:b0:83:60:17:39:25:22:58:cf:7f:f7:92:c7:
         f2:09:cc:5e:9b:a6:9a:77:d6:5e:7b:86:08:62:9a:2a:2c:0f:
         44:12:44:dc:33:34:23:56:d8:d8:e7:a8:a5:51:02:c1:44:73:
         1b:37:94:aa:d5:8d:5a:14:de:e0:cb:53:a0:f1:ee:c2:06:80:
         c2:9f:a8:e0:8f:e8:6c:5d:ab:b2:c9:29:d5:7b:80:53:9f:45:
         40:a8:dd:4e:a5:8a:9a:a2:94:fe:07:49:b6:a0:d4:d7:9c:8b:
         92:11:7c:77:21:95:c5:26:c6:63:a6:28:06:a8:e8:e6:42:78:
         0d:9f:a9:21:51:90:58:21:63:f7:63:91:8b:fb:ae:e5:a7:8a:
         86:0c:7f:9e:b1:ce:18:7d:5f:9c:eb:72:7f:2a:a9:12:ed:14:
         77:a9:d9:d7
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUbyKkFseZ7iMQNiVwYBFBFIAtzFAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDAxMDMxODM5MjFaFw0yNTAxMDExODQ0MjFaMDMxMTAvBgNV
BAMTKDlDNkMxRUM5QjQ1RDRDMjgxNkE2NTNFNjlEOTA2NkREMDRCQ0JEMEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjkksb1DarOIGbPpvyI6RGGkjh
cb9X27bXFTXozRVifwMZE7FrvuqJymvMVU5FlZ8o061txi30x5108WWHHQSAQCVZ
MMh5fY0VshNy2MUmE4aRecUFyfCN8IpEZccF8P3zHjV3hCqEnu0QbGvJR7FnaUc1
2wYY8C+d0BmrPIO1vcZxQi4NwUvw7w8XALzqs3swe4ilMqy2HYWmwIPqxIVooTRd
+BjCHdstaHX1gIvsmHDQm2t4iYqsF/Z4fzBn/07FaqmDoDdNeLzKMEs/VGBk8ZGc
51vDQyoduT6MYGjivQ0L+OwbXfh4vt5zUaSApD6uMioWQvlfoa+XtQzhpEwPAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUnGweybRdTCgWplPmnZBm3QS8vQ4wHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjEyMTc4LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcEKgagBRYwMA0GCSqGSIb3DQEBCwUAA4IBAQANaP1S
AqkCV22397EdrPW8lpb1ZrKCZoWE3nQXrx+NHigfNJ4z6tdst5rnWtxQ21wOHfAI
PJNHOfjPf9r6siGylqUPy5UblFZCMjnvtnq1qeUnwn16Fjsm10jAC55v9bCDYBc5
JSJYz3/3ksfyCcxem6aad9Zee4YIYpoqLA9EEkTcMzQjVtjY56ilUQLBRHMbN5Sq
1Y1aFN7gy1Og8e7CBoDCn6jgj+hsXauyySnVe4BTn0VAqN1OpYqaopT+B0m2oNTX
nIuSEXx3IZXFJsZjpigGqOjmQngNn6khUZBYIWP3Y5GL+67lp4qGDH+esc4YfV+c
63J/KqkS7RR3qdnX
-----END CERTIFICATE-----