Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS212196.roa
File:                     AS212196.roa (raw, json)
Hash identifier:          nkZ2JYcpJCaDJKezenoq0uGALktYLjWI+BO+jNaLN6E=
Subject key identifier:   6A:26:49:3B:B2:E0:2B:D9:FC:87:00:93:4C:83:9B:69:A7:32:16:12
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       45EBF36F1B0FB61452BD89CEF1629CE75CC61068
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS212196.roa
Signing time:             Thu 28 Nov 2024 05:40:12 +0000
ROA not before:           Thu 28 Nov 2024 05:35:12 +0000
ROA not after:            Thu 27 Nov 2025 05:40:12 +0000
asID:                     212196
IP address blocks:        2a06:a005:2c10::/44 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 05 Apr 2025 09:24:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            45:eb:f3:6f:1b:0f:b6:14:52:bd:89:ce:f1:62:9c:e7:5c:c6:10:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Nov 28 05:35:12 2024 GMT
            Not After : Nov 27 05:40:12 2025 GMT
        Subject: CN=6A26493BB2E02BD9FC8700934C839B69A7321612
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:d1:59:29:b3:25:9e:5f:fd:ab:f7:9f:41:79:
                    6f:3b:28:3a:11:5f:3a:2f:01:f9:5a:f1:f7:94:46:
                    1c:d9:2c:7c:6b:dc:64:3c:f4:25:85:72:2f:6d:1a:
                    e5:3b:20:b9:48:82:90:0e:f1:8f:60:dd:27:69:10:
                    c4:0a:34:ed:19:73:ca:d8:c2:69:27:e8:9b:52:73:
                    f3:a4:83:1f:21:da:30:f6:71:8f:75:40:8d:bf:1c:
                    be:34:5b:5c:25:a3:c3:b2:b2:da:6d:88:96:16:b1:
                    88:8c:d6:5a:0a:9f:4d:35:c3:df:91:d5:a7:2a:56:
                    25:34:9b:2f:2c:84:b7:b9:81:3c:fb:05:ec:cc:95:
                    ba:f2:04:58:b2:c4:23:a1:ca:d9:61:1a:98:2f:14:
                    82:d1:7f:03:c2:54:c9:4c:a0:f3:00:e1:12:16:57:
                    a3:79:bb:5e:7a:0b:fc:0c:5d:55:4e:c2:f7:f3:45:
                    fa:14:ba:a5:7a:5d:1f:6f:87:93:16:7d:8b:09:64:
                    11:65:33:b7:6d:a9:73:85:51:95:f8:95:cf:7b:f0:
                    80:cc:64:bb:84:a2:66:57:dc:d0:ff:91:bd:bd:c0:
                    4e:c6:b1:0a:c8:35:62:af:67:53:a4:ae:45:4c:b5:
                    75:bf:47:14:1c:77:49:63:c0:04:ab:1b:66:c7:05:
                    37:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:26:49:3B:B2:E0:2B:D9:FC:87:00:93:4C:83:9B:69:A7:32:16:12
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS212196.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:2c10::/44

    Signature Algorithm: sha256WithRSAEncryption
         ac:9c:1f:92:da:21:82:7e:95:b0:ba:54:fb:5a:3a:13:5d:0d:
         0f:27:2e:fb:e7:0c:83:d5:2d:8d:22:35:21:36:88:2f:e4:cf:
         7a:87:d2:9b:3e:72:91:44:8a:a4:a3:80:b9:b9:5f:a2:34:23:
         75:02:06:8f:45:29:f8:d5:a3:57:06:e0:8a:ee:af:fa:28:72:
         75:d2:df:f4:2d:86:65:a2:5d:8d:51:e2:c5:c2:cd:7f:3f:78:
         53:12:69:c6:df:54:0d:e0:39:94:3b:83:5a:43:7c:68:ff:ad:
         db:31:35:8e:87:fb:38:81:27:2c:9c:12:f3:6d:3a:b1:ce:a5:
         28:92:ca:46:63:50:cf:ab:5f:f6:cf:62:04:c9:2d:14:ce:5c:
         0d:7e:66:8d:c3:b2:c3:67:0f:96:e4:c3:39:a0:d8:13:3c:06:
         23:5d:35:41:64:f5:b8:76:36:e0:76:29:49:eb:de:7f:7b:ac:
         bb:2e:96:76:af:38:92:2c:e6:48:ef:bf:da:22:c8:71:0d:09:
         42:7a:fa:4e:53:4e:ee:e7:8f:ec:96:16:27:ca:e3:8e:96:63:
         42:4f:f2:ed:21:78:cc:92:98:6e:8a:8e:d6:31:22:c5:30:11:
         9d:6d:0c:78:7f:91:45:74:a9:3c:04:03:3a:a4:29:ce:d7:1d:
         96:64:ac:72
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIURevzbxsPthRSvYnO8WKc51zGEGgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDExMjgwNTM1MTJaFw0yNTExMjcwNTQwMTJaMDMxMTAvBgNV
BAMTKDZBMjY0OTNCQjJFMDJCRDlGQzg3MDA5MzRDODM5QjY5QTczMjE2MTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC10VkpsyWeX/2r959BeW87KDoR
XzovAfla8feURhzZLHxr3GQ89CWFci9tGuU7ILlIgpAO8Y9g3SdpEMQKNO0Zc8rY
wmkn6JtSc/Okgx8h2jD2cY91QI2/HL40W1wlo8OystptiJYWsYiM1loKn001w9+R
1acqViU0my8shLe5gTz7BezMlbryBFiyxCOhytlhGpgvFILRfwPCVMlMoPMA4RIW
V6N5u156C/wMXVVOwvfzRfoUuqV6XR9vh5MWfYsJZBFlM7dtqXOFUZX4lc978IDM
ZLuEomZX3ND/kb29wE7GsQrINWKvZ1OkrkVMtXW/RxQcd0ljwASrG2bHBTfbAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUaiZJO7LgK9n8hwCTTIObaacyFhIwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjEyMTk2LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcEKgagBSwQMA0GCSqGSIb3DQEBCwUAA4IBAQCsnB+S
2iGCfpWwulT7WjoTXQ0PJy775wyD1S2NIjUhNogv5M96h9KbPnKRRIqko4C5uV+i
NCN1AgaPRSn41aNXBuCK7q/6KHJ10t/0LYZlol2NUeLFws1/P3hTEmnG31QN4DmU
O4NaQ3xo/63bMTWOh/s4gScsnBLzbTqxzqUokspGY1DPq1/2z2IEyS0UzlwNfmaN
w7LDZw+W5MM5oNgTPAYjXTVBZPW4djbgdilJ695/e6y7LpZ2rziSLOZI77/aIshx
DQlCevpOU07u54/slhYnyuOOlmNCT/LtIXjMkphuio7WMSLFMBGdbQx4f5FFdKk8
BAM6pCnO1x2WZKxy
-----END CERTIFICATE-----