Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS213327.roa
File:                     AS213327.roa (raw, json)
Hash identifier:          7lguUlinE6ElDA6/9vN9CiPO7dSiGX0xpkO7dGPBJbY=
Subject key identifier:   87:D1:E0:55:EE:AF:FF:BB:1A:28:65:92:76:40:E9:DD:6F:7F:1E:CE
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       3AC3AE1D78F339C2A2F8A97EC0C7743C4CEEDECF
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS213327.roa
Signing time:             Tue 05 Dec 2023 02:44:19 +0000
ROA not before:           Tue 05 Dec 2023 02:39:19 +0000
ROA not after:            Tue 03 Dec 2024 02:44:19 +0000
asID:                     213327
IP address blocks:        2a06:a005:1272::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 10 Oct 2024 14:16:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3a:c3:ae:1d:78:f3:39:c2:a2:f8:a9:7e:c0:c7:74:3c:4c:ee:de:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Dec  5 02:39:19 2023 GMT
            Not After : Dec  3 02:44:19 2024 GMT
        Subject: CN=87D1E055EEAFFFBB1A2865927640E9DD6F7F1ECE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:72:79:0e:f2:b4:51:05:ea:d1:5f:d9:47:6c:
                    74:4f:59:39:4c:4e:9b:b8:6d:92:a3:e8:2d:77:ff:
                    43:76:3a:e3:56:b3:4f:7c:bb:48:1e:8e:e6:88:83:
                    8b:88:06:fd:f2:92:39:52:07:dd:33:5c:59:d1:a7:
                    77:53:d8:55:6d:82:ac:fc:de:62:a2:43:7f:cb:1e:
                    63:f4:6a:a0:f6:08:58:d3:c6:7a:f0:a9:e2:8f:29:
                    83:b7:b7:8b:c1:d9:fd:34:6e:74:84:3b:57:81:da:
                    d6:0b:43:80:ef:01:2e:02:33:55:df:12:7a:e0:b9:
                    a4:8c:17:34:db:ec:8c:b1:8a:a4:ec:4c:e8:35:97:
                    23:15:6a:c3:2c:55:a9:b6:47:ba:06:b6:3f:97:d7:
                    ce:74:65:6c:47:8b:cb:da:65:cc:8e:f2:87:ff:79:
                    65:0b:72:25:c4:34:d1:2f:74:61:46:cc:f3:85:cc:
                    36:44:26:c8:0a:dd:0d:d0:c6:60:2a:a4:c1:ec:18:
                    68:cb:ba:a0:aa:ad:d8:26:be:ec:fa:93:a2:ee:d5:
                    3f:b8:6f:72:62:82:e3:c6:89:e7:a7:8e:f7:9b:fd:
                    11:5b:8a:c3:b8:77:3a:41:bd:a6:7b:1b:bd:42:ec:
                    b5:71:b7:b9:5a:a5:99:30:25:95:f7:42:6a:75:fa:
                    2e:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:D1:E0:55:EE:AF:FF:BB:1A:28:65:92:76:40:E9:DD:6F:7F:1E:CE
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS213327.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:1272::/48

    Signature Algorithm: sha256WithRSAEncryption
         9f:a3:6f:e0:58:87:a7:fa:5f:c9:0e:3a:87:c1:42:b6:f4:d9:
         97:9c:4e:21:0b:fd:f0:5c:3b:88:6c:a9:8d:b5:5f:45:3a:34:
         b9:a2:87:92:d5:66:83:a4:d1:5f:7d:90:25:7f:9f:d9:aa:5d:
         c0:8f:e4:ca:2e:0a:86:26:49:2d:45:64:2c:7e:34:e3:0d:0b:
         f7:48:c7:57:2e:eb:aa:68:37:bb:d5:72:48:37:de:07:8f:39:
         c2:79:5b:55:ef:51:83:61:7c:56:b5:fc:0a:f6:f6:de:88:63:
         34:c6:b3:35:9d:47:a7:3d:cf:f9:34:2c:a3:02:78:dc:17:4f:
         cf:f0:99:d7:86:ce:c7:6b:0d:4a:03:4c:f1:55:86:3d:40:b8:
         4f:50:45:97:47:6e:0d:ba:ec:62:30:65:aa:b4:7d:93:df:26:
         e8:e6:0b:fe:27:2a:80:a5:fa:e6:75:46:4e:c0:b9:4e:72:06:
         63:2e:eb:0b:32:2b:f7:5b:2e:17:5d:67:a8:8d:32:4b:0e:e2:
         a4:2b:88:36:92:69:d1:2f:40:9e:f6:b1:26:11:ea:a3:61:13:
         04:a8:6d:5a:52:58:2b:54:38:98:df:68:cd:4d:1b:63:b0:ad:
         72:68:52:fc:8c:7a:94:68:e9:41:65:b3:ba:3d:ca:d8:dc:de:
         96:29:9a:bc
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUOsOuHXjzOcKi+Kl+wMd0PEzu3s8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzEyMDUwMjM5MTlaFw0yNDEyMDMwMjQ0MTlaMDMxMTAvBgNV
BAMTKDg3RDFFMDU1RUVBRkZGQkIxQTI4NjU5Mjc2NDBFOURENkY3RjFFQ0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3cnkO8rRRBerRX9lHbHRPWTlM
Tpu4bZKj6C13/0N2OuNWs098u0gejuaIg4uIBv3ykjlSB90zXFnRp3dT2FVtgqz8
3mKiQ3/LHmP0aqD2CFjTxnrwqeKPKYO3t4vB2f00bnSEO1eB2tYLQ4DvAS4CM1Xf
EnrguaSMFzTb7IyxiqTsTOg1lyMVasMsVam2R7oGtj+X1850ZWxHi8vaZcyO8of/
eWULciXENNEvdGFGzPOFzDZEJsgK3Q3QxmAqpMHsGGjLuqCqrdgmvuz6k6Lu1T+4
b3JiguPGieenjveb/RFbisO4dzpBvaZ7G71C7LVxt7lapZkwJZX3Qmp1+i4dAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUh9HgVe6v/7saKGWSdkDp3W9/Hs4wHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjEzMzI3LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcAKgagBRJyMA0GCSqGSIb3DQEBCwUAA4IBAQCfo2/g
WIen+l/JDjqHwUK29NmXnE4hC/3wXDuIbKmNtV9FOjS5ooeS1WaDpNFffZAlf5/Z
ql3Aj+TKLgqGJkktRWQsfjTjDQv3SMdXLuuqaDe71XJIN94HjznCeVtV71GDYXxW
tfwK9vbeiGM0xrM1nUenPc/5NCyjAnjcF0/P8JnXhs7Haw1KA0zxVYY9QLhPUEWX
R24NuuxiMGWqtH2T3ybo5gv+JyqApfrmdUZOwLlOcgZjLusLMiv3Wy4XXWeojTJL
DuKkK4g2kmnRL0Ce9rEmEeqjYRMEqG1aUlgrVDiY32jNTRtjsK1yaFL8jHqUaOlB
ZbO6PcrY3N6WKZq8
-----END CERTIFICATE-----
Generated at Wed Oct 9 16:36:36 2024 by rpki-client on console-ams.rpki-client.org