Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS212477.roa
File:                     AS212477.roa (raw, json)
Hash identifier:          3R3xWctiDUYvFr742ly3eP14oF0tyCQrnmNNXSPKYQQ=
Subject key identifier:   76:F2:1E:79:5D:EF:B1:B7:A9:A6:E4:0F:25:C7:EE:50:4A:2E:1F:5B
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       6AA6B38F943EBB6C8B9ADEEFDEE0200F96AD24E2
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS212477.roa
Signing time:             Sat 27 Jan 2024 09:30:46 +0000
ROA not before:           Sat 27 Jan 2024 09:25:46 +0000
ROA not after:            Sat 25 Jan 2025 09:30:46 +0000
asID:                     212477
IP address blocks:        2a06:1281::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 03 May 2024 08:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6a:a6:b3:8f:94:3e:bb:6c:8b:9a:de:ef:de:e0:20:0f:96:ad:24:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Jan 27 09:25:46 2024 GMT
            Not After : Jan 25 09:30:46 2025 GMT
        Subject: CN=76F21E795DEFB1B7A9A6E40F25C7EE504A2E1F5B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:95:ff:51:bf:b3:b2:a8:1a:34:be:3a:65:6e:
                    c6:c8:f9:2d:51:e0:6e:f5:48:74:fb:6c:72:1b:9c:
                    e5:b9:09:54:db:0d:37:9c:ea:e3:0d:a4:c4:9b:12:
                    40:b3:df:52:f3:39:14:7e:c9:d8:bc:8a:b3:d8:66:
                    cb:14:8b:66:c8:be:5f:e8:d7:f5:f7:17:9a:36:50:
                    eb:6f:14:9a:70:72:6c:da:0b:aa:92:74:d5:59:30:
                    0b:20:fd:98:d2:17:ba:23:d9:a6:84:b7:57:19:b3:
                    69:29:fb:f9:e6:2d:0f:df:3a:fe:8d:55:8b:23:ea:
                    a5:38:0f:31:c1:64:aa:03:37:4a:00:9b:4c:ef:b7:
                    b9:dd:5f:7b:0d:b0:5b:82:f3:b5:95:04:3b:20:a2:
                    b2:6c:e9:ad:87:0f:eb:3d:1d:c7:6c:c6:2c:0a:9f:
                    95:fb:44:d3:f3:f1:29:be:35:6a:93:75:06:9a:9b:
                    cc:20:3e:06:ff:2a:4e:4a:f0:50:65:18:fe:5d:db:
                    2e:48:57:27:c9:58:0c:45:30:b7:b8:bb:27:62:fd:
                    90:01:60:f6:a9:df:d2:fc:6e:cf:01:62:d7:9e:b9:
                    c8:21:5f:5a:a4:e9:08:f6:b2:87:a8:32:8e:30:57:
                    5b:bf:9f:ca:39:03:36:c7:f6:79:cd:c4:95:6a:76:
                    e2:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:F2:1E:79:5D:EF:B1:B7:A9:A6:E4:0F:25:C7:EE:50:4A:2E:1F:5B
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS212477.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:1281::/32

    Signature Algorithm: sha256WithRSAEncryption
         62:ad:4e:85:6e:4d:d9:b5:f9:59:26:ce:af:21:06:d6:60:48:
         9a:84:38:f3:33:dc:0b:9a:66:17:83:1f:cb:9f:e8:d2:93:d3:
         b5:61:c9:6c:aa:56:30:b7:2c:57:19:c3:d7:fb:5e:04:6e:83:
         12:bf:49:de:97:a1:42:e2:57:a0:4e:43:4e:55:04:8c:8c:2a:
         85:a3:03:db:7e:fb:88:3f:a4:f3:7d:70:b0:b0:f4:a6:30:08:
         56:b7:f8:b7:bd:89:d7:c7:09:09:99:c4:63:7e:bd:b3:66:c2:
         9c:51:ff:74:93:d9:9a:b0:bf:8e:a9:4c:95:65:8b:98:89:74:
         48:ae:ec:1c:df:70:e7:f7:34:cc:b3:cd:a2:5c:02:ad:70:ab:
         68:7e:df:59:88:e8:3c:74:2c:3b:24:8d:0a:c2:5b:43:72:94:
         e9:eb:f4:df:3f:ed:c3:da:f0:89:e1:3f:79:a1:1e:3b:35:79:
         f4:98:74:91:ed:59:a7:9f:28:cf:36:5c:03:05:74:39:f3:5f:
         6d:06:77:5b:d2:62:b6:92:3d:87:a0:63:e9:17:40:e2:3e:4f:
         9e:89:f1:fa:d1:be:b6:73:d9:ed:2b:40:09:cc:59:d0:20:07:
         29:c2:63:b2:75:2e:a9:c5:90:aa:7e:e0:27:62:fa:b2:71:ee:
         be:d6:ff:77
-----BEGIN CERTIFICATE-----
MIIE5jCCA86gAwIBAgIUaqazj5Q+u2yLmt7v3uAgD5atJOIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDAxMjcwOTI1NDZaFw0yNTAxMjUwOTMwNDZaMDMxMTAvBgNV
BAMTKDc2RjIxRTc5NURFRkIxQjdBOUE2RTQwRjI1QzdFRTUwNEEyRTFGNUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQlf9Rv7OyqBo0vjplbsbI+S1R
4G71SHT7bHIbnOW5CVTbDTec6uMNpMSbEkCz31LzORR+ydi8irPYZssUi2bIvl/o
1/X3F5o2UOtvFJpwcmzaC6qSdNVZMAsg/ZjSF7oj2aaEt1cZs2kp+/nmLQ/fOv6N
VYsj6qU4DzHBZKoDN0oAm0zvt7ndX3sNsFuC87WVBDsgorJs6a2HD+s9HcdsxiwK
n5X7RNPz8Sm+NWqTdQaam8wgPgb/Kk5K8FBlGP5d2y5IVyfJWAxFMLe4uydi/ZAB
YPap39L8bs8BYteeucghX1qk6Qj2soeoMo4wV1u/n8o5AzbH9nnNxJVqduJvAgMB
AAGjggHwMIIB7DAdBgNVHQ4EFgQUdvIeeV3vsbeppuQPJcfuUEouH1swHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjEyNDc3LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEH
AQH/BBEwDzANBAIAAjAHAwUAKgYSgTANBgkqhkiG9w0BAQsFAAOCAQEAYq1OhW5N
2bX5WSbOryEG1mBImoQ48zPcC5pmF4Mfy5/o0pPTtWHJbKpWMLcsVxnD1/teBG6D
Er9J3pehQuJXoE5DTlUEjIwqhaMD2377iD+k831wsLD0pjAIVrf4t72J18cJCZnE
Y369s2bCnFH/dJPZmrC/jqlMlWWLmIl0SK7sHN9w5/c0zLPNolwCrXCraH7fWYjo
PHQsOySNCsJbQ3KU6ev03z/tw9rwieE/eaEeOzV59Jh0ke1Zp58ozzZcAwV0OfNf
bQZ3W9JitpI9h6Bj6RdA4j5Pnonx+tG+tnPZ7StACcxZ0CAHKcJjsnUuqcWQqn7g
J2L6snHuvtb/dw==
-----END CERTIFICATE-----