Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS212359.roa
File:                     AS212359.roa (raw, json)
Hash identifier:          IKqImoASwEqZdvyZ4bpi+qqqj+C8EgkAwH8SPhn35Us=
Subject key identifier:   EC:41:95:C0:6E:9F:36:78:F2:A2:77:35:6E:FA:9E:6A:C1:D0:BE:A2
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       789A54F255A76E5B1CE4F08A740B61E594B117F7
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS212359.roa
Signing time:             Tue 05 Dec 2023 02:44:10 +0000
ROA not before:           Tue 05 Dec 2023 02:39:10 +0000
ROA not after:            Tue 03 Dec 2024 02:44:10 +0000
asID:                     212359
IP address blocks:        2a06:a005:1c0::/44 maxlen: 48
                          2a06:a005:1d0::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 05 May 2024 05:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            78:9a:54:f2:55:a7:6e:5b:1c:e4:f0:8a:74:0b:61:e5:94:b1:17:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Dec  5 02:39:10 2023 GMT
            Not After : Dec  3 02:44:10 2024 GMT
        Subject: CN=EC4195C06E9F3678F2A277356EFA9E6AC1D0BEA2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:a7:4f:66:69:aa:06:77:32:e8:75:1c:d5:a3:
                    6f:98:61:01:38:93:5a:36:8a:a8:3d:6e:37:c4:88:
                    fa:cb:73:1c:4a:0e:76:29:00:5d:39:b6:c8:a0:d7:
                    d1:c4:39:d5:f5:ff:a7:22:ba:78:8e:9a:21:5d:3e:
                    af:3d:fc:d5:32:a9:7c:17:86:85:55:bb:ea:07:80:
                    f8:5b:f4:6f:63:cd:0e:c4:36:e4:23:ac:d9:ea:2f:
                    c4:08:fb:cc:af:4d:69:00:57:01:28:43:cf:40:b7:
                    c4:fa:84:cb:8a:83:95:99:62:e9:3d:6b:89:fe:ed:
                    50:5e:9b:79:9b:38:97:cf:80:ba:07:e4:9c:dc:3d:
                    b8:30:f2:97:73:d9:58:13:16:20:1d:c4:15:92:cd:
                    63:92:6f:c0:c8:b1:7a:d5:0b:bc:b6:09:6f:b5:f0:
                    86:37:99:9c:cf:7b:a0:73:d6:f2:90:0f:e0:1c:ad:
                    fb:d0:4d:e3:d9:de:6f:33:b0:c3:75:1d:47:fd:f7:
                    7d:c4:53:f9:e3:83:db:39:18:b0:80:4e:01:e8:4a:
                    1f:b5:1b:d3:51:8e:01:a6:1f:a2:f4:f4:35:72:a3:
                    25:3e:76:41:fc:e4:ef:ed:c3:25:a1:f8:25:1f:af:
                    a3:69:9a:97:13:b3:77:7e:f8:ea:78:bb:e8:df:79:
                    0f:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:41:95:C0:6E:9F:36:78:F2:A2:77:35:6E:FA:9E:6A:C1:D0:BE:A2
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS212359.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:1c0::/43

    Signature Algorithm: sha256WithRSAEncryption
         b2:e8:25:42:40:b3:9e:dc:c8:24:d2:8b:3d:1c:b3:74:7e:75:
         39:68:f9:46:9b:62:76:c4:43:bf:ee:2b:24:18:a6:d5:ad:a6:
         48:86:7f:69:57:03:a0:7a:26:d9:14:eb:9e:14:b7:77:ac:1c:
         89:3c:f2:ea:7e:ec:4d:12:2d:2c:fe:3e:ca:e8:8a:b1:b4:57:
         c7:7a:d9:e6:41:b1:92:98:13:69:28:2e:81:6e:af:49:7e:ba:
         3f:60:d1:7a:9e:d7:56:e6:c9:34:9a:69:c2:e1:60:3c:ff:e2:
         74:a6:77:d7:65:0f:de:23:ef:1c:5f:9c:c3:0b:fa:06:e6:8e:
         e1:03:d3:8f:d7:ba:b0:eb:6e:07:49:4b:49:ab:15:79:08:1a:
         fa:fa:ce:81:ef:53:bb:9d:28:7c:4b:cd:1e:f6:46:d9:a3:25:
         5d:a9:e7:ae:2f:3e:79:d8:3a:ea:ad:ae:ee:e1:08:b4:b8:9e:
         17:97:67:96:61:c3:47:0c:03:7a:e7:3a:73:8e:a2:44:0b:7e:
         a7:e7:15:03:72:fb:45:4c:76:d6:ca:e6:9e:41:7e:7d:5c:40:
         70:26:8d:71:20:35:c3:db:27:01:3a:c0:6b:bc:65:ea:98:60:
         e0:6b:88:e1:07:a7:d0:98:f1:31:46:1c:86:2d:bd:5e:56:10:
         51:b1:2b:ff
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUeJpU8lWnblsc5PCKdAth5ZSxF/cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzEyMDUwMjM5MTBaFw0yNDEyMDMwMjQ0MTBaMDMxMTAvBgNV
BAMTKEVDNDE5NUMwNkU5RjM2NzhGMkEyNzczNTZFRkE5RTZBQzFEMEJFQTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDpp09maaoGdzLodRzVo2+YYQE4
k1o2iqg9bjfEiPrLcxxKDnYpAF05tsig19HEOdX1/6ciuniOmiFdPq89/NUyqXwX
hoVVu+oHgPhb9G9jzQ7ENuQjrNnqL8QI+8yvTWkAVwEoQ89At8T6hMuKg5WZYuk9
a4n+7VBem3mbOJfPgLoH5JzcPbgw8pdz2VgTFiAdxBWSzWOSb8DIsXrVC7y2CW+1
8IY3mZzPe6Bz1vKQD+AcrfvQTePZ3m8zsMN1HUf9933EU/njg9s5GLCATgHoSh+1
G9NRjgGmH6L09DVyoyU+dkH85O/twyWh+CUfr6NpmpcTs3d++Op4u+jfeQ/NAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQU7EGVwG6fNnjyonc1bvqeasHQvqIwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjEyMzU5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcFKgagBQHAMA0GCSqGSIb3DQEBCwUAA4IBAQCy6CVC
QLOe3Mgk0os9HLN0fnU5aPlGm2J2xEO/7iskGKbVraZIhn9pVwOgeibZFOueFLd3
rByJPPLqfuxNEi0s/j7K6IqxtFfHetnmQbGSmBNpKC6Bbq9Jfro/YNF6ntdW5sk0
mmnC4WA8/+J0pnfXZQ/eI+8cX5zDC/oG5o7hA9OP17qw624HSUtJqxV5CBr6+s6B
71O7nSh8S80e9kbZoyVdqeeuLz552Drqra7u4Qi0uJ4Xl2eWYcNHDAN65zpzjqJE
C36n5xUDcvtFTHbWyuaeQX59XEBwJo1xIDXD2ycBOsBrvGXqmGDga4jhB6fQmPEx
RhyGLb1eVhBRsSv/
-----END CERTIFICATE-----