Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS215085.roa
File:                     AS215085.roa (raw, json)
Hash identifier:          wSWJDImB9uJYDfTzx2lPRjNy2QRu2Vk3BpwVhGZYSOw=
Subject key identifier:   5A:95:A2:E7:91:FE:7F:93:A9:11:FC:3B:14:28:FA:FA:E9:AA:F7:68
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       49A4E04454754421E4548FAE8E14E21B0C366A0A
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS215085.roa
Signing time:             Thu 23 Jan 2025 22:06:06 +0000
ROA not before:           Thu 23 Jan 2025 22:01:06 +0000
ROA not after:            Thu 22 Jan 2026 22:06:06 +0000
asID:                     215085
IP address blocks:        83.142.31.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 03 Apr 2025 21:50:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            49:a4:e0:44:54:75:44:21:e4:54:8f:ae:8e:14:e2:1b:0c:36:6a:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Jan 23 22:01:06 2025 GMT
            Not After : Jan 22 22:06:06 2026 GMT
        Subject: CN=5A95A2E791FE7F93A911FC3B1428FAFAE9AAF768
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:1d:be:0d:1e:47:83:01:93:a4:42:f4:a3:7f:
                    de:0a:c6:ea:e6:08:bc:49:2f:39:62:ac:7b:f7:02:
                    35:23:92:57:dc:7c:8f:40:d2:47:70:6c:45:31:bb:
                    de:50:de:19:a9:05:bd:51:c7:83:ed:6c:15:38:50:
                    97:0e:c5:3e:75:e6:ce:5b:9d:1a:31:77:1d:ad:2b:
                    a8:ce:c1:6b:d4:ff:ab:ee:93:2b:10:7f:56:2d:1e:
                    e4:6c:65:70:8d:be:ee:44:bc:08:fe:4a:3c:04:13:
                    c1:71:d1:a6:d7:ad:b0:e3:b5:92:6d:f6:ed:08:d3:
                    91:33:5e:54:35:3e:83:1d:7d:06:f7:f9:12:c9:73:
                    a1:6a:f5:8a:ca:81:46:a5:d5:38:2c:54:b2:13:05:
                    66:92:07:a1:2d:9b:07:1c:aa:7a:3a:f1:a3:7c:16:
                    c8:71:32:64:0f:5f:74:14:30:9d:c6:b1:97:ec:ee:
                    e3:ab:65:f0:27:12:08:88:83:d7:76:1d:0d:7a:63:
                    7e:91:44:1e:44:24:0f:41:d6:56:ac:8e:43:5e:02:
                    e4:ed:f1:e1:13:50:c5:a9:eb:d6:99:c3:73:32:ae:
                    2a:bc:9e:d8:c7:d1:78:3b:bb:1d:72:25:24:0e:72:
                    79:a9:6d:50:7c:24:0e:2d:c8:a7:5a:d1:6f:27:0d:
                    66:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:95:A2:E7:91:FE:7F:93:A9:11:FC:3B:14:28:FA:FA:E9:AA:F7:68
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS215085.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.142.31.0/24

    Signature Algorithm: sha256WithRSAEncryption
         32:93:af:c8:42:2e:2c:16:24:92:c9:a8:78:a0:5f:a6:c8:90:
         8f:60:34:6c:2c:92:fb:aa:99:91:f1:d3:90:e7:b9:46:c8:bd:
         e9:13:5a:74:cd:11:09:35:e0:2a:0b:55:b9:05:e0:36:fc:ff:
         19:ce:1a:18:a2:f8:3e:66:4c:1b:76:44:7f:20:64:c8:41:87:
         46:8e:96:63:18:c7:5e:cb:09:ee:d4:0a:35:97:1f:63:c6:f4:
         1e:3b:eb:82:b7:63:0d:be:c4:70:c2:79:84:4b:2a:73:dc:e5:
         96:ef:f0:93:93:b6:1b:20:b2:a7:e2:d3:9c:f5:04:2c:c6:b8:
         df:c1:fb:e0:74:0d:12:be:7c:24:a4:3b:5b:c1:6e:d6:d5:ad:
         4f:b6:1d:78:c8:83:72:de:79:06:31:37:a2:1e:3c:61:e8:61:
         a4:28:e9:58:e3:cb:fb:86:08:14:06:92:a1:dc:d6:5d:d4:d2:
         95:89:09:b4:5b:e1:a3:fe:66:3a:19:52:68:3b:db:73:f2:1d:
         da:84:2a:1f:61:ca:4e:c1:5d:42:cf:af:25:ac:eb:8c:9f:9a:
         2e:58:cb:eb:52:27:6c:07:eb:4a:f2:29:ac:a1:8a:c4:98:ca:
         73:57:f0:e2:cd:81:81:3a:f5:6f:bd:ad:c3:71:da:4f:23:eb:
         fe:80:e2:c8
-----BEGIN CERTIFICATE-----
MIIE5TCCA82gAwIBAgIUSaTgRFR1RCHkVI+ujhTiGww2agowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNTAxMjMyMjAxMDZaFw0yNjAxMjIyMjA2MDZaMDMxMTAvBgNV
BAMTKDVBOTVBMkU3OTFGRTdGOTNBOTExRkMzQjE0MjhGQUZBRTlBQUY3NjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6Hb4NHkeDAZOkQvSjf94Kxurm
CLxJLzlirHv3AjUjklfcfI9A0kdwbEUxu95Q3hmpBb1Rx4PtbBU4UJcOxT515s5b
nRoxdx2tK6jOwWvU/6vukysQf1YtHuRsZXCNvu5EvAj+SjwEE8Fx0abXrbDjtZJt
9u0I05EzXlQ1PoMdfQb3+RLJc6Fq9YrKgUal1TgsVLITBWaSB6Etmwccqno68aN8
FshxMmQPX3QUMJ3GsZfs7uOrZfAnEgiIg9d2HQ16Y36RRB5EJA9B1lasjkNeAuTt
8eETUMWp69aZw3Myriq8ntjH0Xg7ux1yJSQOcnmpbVB8JA4tyKda0W8nDWY9AgMB
AAGjggHvMIIB6zAdBgNVHQ4EFgQUWpWi55H+f5OpEfw7FCj6+umq92gwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjE1MDg1LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEH
AQH/BBAwDjAMBAIAATAGAwQAU44fMA0GCSqGSIb3DQEBCwUAA4IBAQAyk6/IQi4s
FiSSyah4oF+myJCPYDRsLJL7qpmR8dOQ57lGyL3pE1p0zREJNeAqC1W5BeA2/P8Z
zhoYovg+ZkwbdkR/IGTIQYdGjpZjGMdeywnu1Ao1lx9jxvQeO+uCt2MNvsRwwnmE
Sypz3OWW7/CTk7YbILKn4tOc9QQsxrjfwfvgdA0SvnwkpDtbwW7W1a1Pth14yINy
3nkGMTeiHjxh6GGkKOlY48v7hggUBpKh3NZd1NKViQm0W+Gj/mY6GVJoO9tz8h3a
hCofYcpOwV1Cz68lrOuMn5ouWMvrUidsB+tK8imsoYrEmMpzV/DizYGBOvVvva3D
cdpPI+v+gOLI
-----END CERTIFICATE-----