Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS23428.roa
File:                     AS23428.roa (raw, json)
Hash identifier:          hxFt+a0jxdXNRaafXCVWfh9wKMRPI69EMuLe+v19aqg=
Subject key identifier:   00:45:E9:98:38:D2:FB:7F:F7:79:C7:0D:F0:0F:E7:D5:FD:5D:04:21
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       0F32D61C5909CC81D55144E8A4EF2910761A961C
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS23428.roa
Signing time:             Sun 21 Jan 2024 22:44:24 +0000
ROA not before:           Sun 21 Jan 2024 22:39:24 +0000
ROA not after:            Sun 19 Jan 2025 22:44:24 +0000
asID:                     23428
IP address blocks:        2a06:a005:1180::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 23:17:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0f:32:d6:1c:59:09:cc:81:d5:51:44:e8:a4:ef:29:10:76:1a:96:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Jan 21 22:39:24 2024 GMT
            Not After : Jan 19 22:44:24 2025 GMT
        Subject: CN=0045E99838D2FB7FF779C70DF00FE7D5FD5D0421
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:9e:48:e1:65:08:f9:65:db:50:17:4b:b0:c4:
                    92:1a:66:02:1e:d7:64:63:b9:5f:a5:95:dd:70:d3:
                    2f:06:f6:4a:14:36:84:ab:43:2f:fe:67:16:65:87:
                    45:8b:48:6a:d1:c9:d4:ed:b3:75:fb:43:60:46:bb:
                    9e:39:c8:95:9a:cd:e0:88:d3:4b:b5:00:8e:50:ed:
                    02:dd:0d:00:0f:ee:b6:c3:60:59:b7:55:28:6c:c0:
                    27:b8:b1:cf:57:66:92:16:22:c1:c2:8e:6b:8e:9f:
                    6d:8f:2a:01:3f:a1:2e:cd:2c:7b:fc:e7:97:10:db:
                    60:d8:72:4c:74:4a:fc:60:19:6e:d9:21:94:37:19:
                    59:d2:c8:1b:60:e7:e7:f0:5c:15:a4:38:eb:1a:1a:
                    84:a0:7a:45:b0:94:c1:7e:d7:ae:4e:65:19:44:7b:
                    1b:fd:28:eb:02:22:c4:66:86:43:b9:91:1e:99:83:
                    cc:3f:3f:2f:68:e0:f6:5b:b0:c8:29:ff:2e:7e:de:
                    61:09:7c:a4:d8:3c:b4:a7:0f:37:b8:c6:40:17:44:
                    ad:15:d0:35:f4:03:65:79:59:5b:3f:40:d7:6f:f3:
                    16:8e:5c:f1:f4:4e:cc:74:85:2e:42:45:59:3f:28:
                    2d:98:bd:b4:d9:db:52:58:f5:62:1f:f7:c0:7e:4b:
                    a9:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:45:E9:98:38:D2:FB:7F:F7:79:C7:0D:F0:0F:E7:D5:FD:5D:04:21
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS23428.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:1180::/44

    Signature Algorithm: sha256WithRSAEncryption
         21:39:a7:e6:82:b9:5e:04:6f:62:e0:2a:85:04:04:d9:56:81:
         9b:09:73:44:b3:b0:aa:89:3f:9b:26:00:fb:5d:ff:54:b5:db:
         53:27:4c:d7:68:3c:22:ce:cf:cc:89:c2:d6:17:8c:f1:a8:13:
         17:ef:74:95:a2:33:60:3f:df:0f:b0:9b:24:fb:ec:fa:64:cf:
         04:3f:07:26:9f:d4:2c:e7:1a:e1:97:54:47:47:eb:99:db:ce:
         39:2b:2d:60:af:33:92:ec:2e:a2:c2:0f:48:45:19:2d:2f:6c:
         3b:3c:41:47:10:e0:5f:cc:3a:a8:5b:9f:95:fd:c5:88:57:24:
         e2:37:85:73:b7:e7:ef:4d:26:65:22:b8:6c:56:73:64:cb:5b:
         53:34:5d:2d:c7:ad:cd:47:48:f5:b1:10:ba:01:27:30:25:26:
         1b:2b:23:8b:31:fc:d8:2e:f1:b4:32:be:1f:ae:99:8c:e5:dc:
         b0:5a:0c:dc:e9:c8:ee:f7:52:84:04:e3:b6:55:3e:fe:7b:c4:
         c7:c3:ad:cb:50:dd:e5:2b:3a:e4:b3:33:5e:2f:b7:1b:e3:9d:
         4b:1e:8c:d6:78:f7:ae:63:49:c0:7e:21:ae:68:da:72:2b:2d:
         60:ed:e1:88:80:91:98:72:e5:cd:4d:c4:45:99:44:89:e9:5f:
         ca:73:fe:a7
-----BEGIN CERTIFICATE-----
MIIE5zCCA8+gAwIBAgIUDzLWHFkJzIHVUUTopO8pEHYalhwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDAxMjEyMjM5MjRaFw0yNTAxMTkyMjQ0MjRaMDMxMTAvBgNV
BAMTKDAwNDVFOTk4MzhEMkZCN0ZGNzc5QzcwREYwMEZFN0Q1RkQ1RDA0MjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCynkjhZQj5ZdtQF0uwxJIaZgIe
12RjuV+lld1w0y8G9koUNoSrQy/+ZxZlh0WLSGrRydTts3X7Q2BGu545yJWazeCI
00u1AI5Q7QLdDQAP7rbDYFm3VShswCe4sc9XZpIWIsHCjmuOn22PKgE/oS7NLHv8
55cQ22DYckx0SvxgGW7ZIZQ3GVnSyBtg5+fwXBWkOOsaGoSgekWwlMF+165OZRlE
exv9KOsCIsRmhkO5kR6Zg8w/Py9o4PZbsMgp/y5+3mEJfKTYPLSnDze4xkAXRK0V
0DX0A2V5WVs/QNdv8xaOXPH0Tsx0hS5CRVk/KC2YvbTZ21JY9WIf98B+S6nZAgMB
AAGjggHxMIIB7TAdBgNVHQ4EFgQUAEXpmDjS+3/3eccN8A/n1f1dBCEwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBvBggrBgEF
BQcBCwRjMGEwXwYIKwYBBQUHMAuGU3JzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjM0Mjgucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcB
Af8EEzARMA8EAgACMAkDBwQqBqAFEYAwDQYJKoZIhvcNAQELBQADggEBACE5p+aC
uV4Eb2LgKoUEBNlWgZsJc0SzsKqJP5smAPtd/1S121MnTNdoPCLOz8yJwtYXjPGo
ExfvdJWiM2A/3w+wmyT77PpkzwQ/Byaf1CznGuGXVEdH65nbzjkrLWCvM5LsLqLC
D0hFGS0vbDs8QUcQ4F/MOqhbn5X9xYhXJOI3hXO35+9NJmUiuGxWc2TLW1M0XS3H
rc1HSPWxELoBJzAlJhsrI4sx/Ngu8bQyvh+umYzl3LBaDNzpyO73UoQE47ZVPv57
xMfDrctQ3eUrOuSzM14vtxvjnUsejNZ4965jScB+Ia5o2nIrLWDt4YiAkZhy5c1N
xEWZRInpX8pz/qc=
-----END CERTIFICATE-----
Generated at Fri Nov 22 08:01:55 2024 by rpki-client on console-ams.rpki-client.org