Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS271799.roa
File:                     AS271799.roa (raw, json)
Hash identifier:          jdvj4ILkQfsS7c95lHMNcnIs1ZGaC0umqQ/olbLwbIc=
Subject key identifier:   3D:2C:BA:9F:EF:E2:15:AB:DC:47:37:97:DB:61:8F:3D:F5:AB:A9:9C
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       55E795EEF964F6181AA3C2C6B2F123023CC5A3AC
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS271799.roa
Signing time:             Wed 06 Dec 2023 20:44:21 +0000
ROA not before:           Wed 06 Dec 2023 20:39:21 +0000
ROA not after:            Wed 04 Dec 2024 20:44:21 +0000
asID:                     271799
IP address blocks:        2a06:a005:ba2::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 05 May 2024 05:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            55:e7:95:ee:f9:64:f6:18:1a:a3:c2:c6:b2:f1:23:02:3c:c5:a3:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Dec  6 20:39:21 2023 GMT
            Not After : Dec  4 20:44:21 2024 GMT
        Subject: CN=3D2CBA9FEFE215ABDC473797DB618F3DF5ABA99C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:e5:d0:0b:91:40:4b:72:4c:9d:21:b0:ad:2e:
                    fa:5e:1c:81:74:85:ff:6c:c4:80:cf:43:81:b0:04:
                    c2:b2:44:ad:c5:c3:4f:79:94:c2:88:ac:65:9e:84:
                    f0:a2:10:1f:c5:5d:8e:93:03:3c:9c:5c:c1:da:9e:
                    af:4a:bb:4f:44:23:ff:08:bb:9a:e8:8a:3b:d8:fe:
                    18:42:2b:64:88:1a:58:b4:3f:d9:51:2c:4f:cf:8c:
                    e0:5b:65:e4:4e:f8:26:2c:30:74:fe:74:1e:4c:e7:
                    00:d8:d0:84:7f:a0:a9:78:ad:83:7b:c1:60:fd:eb:
                    31:00:89:08:1b:38:73:af:47:39:76:15:3d:ed:0b:
                    af:be:a7:8a:fa:5f:e2:69:93:81:12:2b:b5:6b:1a:
                    d5:da:9e:48:5a:42:45:f2:eb:c5:2e:fe:8e:ac:84:
                    f8:db:98:d4:b4:d2:e0:7e:a3:4a:54:d8:d0:7d:73:
                    40:15:97:3a:97:46:e0:a2:cf:d7:6c:3c:ee:5a:4f:
                    aa:d2:26:8b:10:8f:e8:c8:ee:85:d5:23:b7:79:85:
                    f6:83:84:f1:3b:fe:8e:6c:9a:54:8e:3c:a4:bf:49:
                    5f:28:76:1f:97:ec:08:b2:5d:bf:74:44:6d:cd:8a:
                    18:51:85:aa:56:7f:ae:f4:a7:3b:26:b9:1c:d4:65:
                    d3:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:2C:BA:9F:EF:E2:15:AB:DC:47:37:97:DB:61:8F:3D:F5:AB:A9:9C
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS271799.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:ba2::/48

    Signature Algorithm: sha256WithRSAEncryption
         39:62:fe:2b:2a:3e:e6:2c:87:bd:10:7b:b0:50:03:0e:42:20:
         b2:cf:86:5e:d0:22:03:9c:05:97:e5:94:86:cc:c4:fe:dc:a3:
         52:2d:07:4a:82:99:83:e2:1e:de:3e:c3:bc:97:f3:3c:71:71:
         99:0a:f6:39:b2:10:8b:ea:13:b0:ba:cc:4b:74:40:74:25:2b:
         1a:b9:9a:85:a9:d1:a2:d4:be:25:8d:5c:c2:94:f8:d1:79:89:
         26:fb:c1:6d:42:99:20:83:1a:5c:2e:1d:7b:73:de:24:94:f9:
         bb:64:cd:33:b7:66:f2:d0:ee:df:ba:0e:d9:55:1f:44:43:4d:
         a2:e1:c9:14:30:e1:c7:de:8e:24:d9:18:a2:a2:77:12:e0:45:
         2c:64:5d:01:44:5b:ca:85:5e:d7:b4:0c:43:be:29:39:3a:61:
         a0:38:1d:b2:f1:20:0c:ad:7b:65:61:f4:18:27:f6:13:96:95:
         b7:29:51:49:fc:5a:57:3c:9c:67:7c:81:6d:df:bf:e3:0f:d6:
         9b:4a:cd:40:57:3c:a8:16:8b:91:35:e9:f3:16:e1:21:9a:31:
         ef:70:27:0d:c4:e7:84:71:b7:49:89:99:f0:78:49:ae:00:8e:
         44:17:6d:dc:e7:ec:70:77:e8:eb:44:ea:5a:78:73:ab:e3:e1:
         33:23:26:91
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUVeeV7vlk9hgao8LGsvEjAjzFo6wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzEyMDYyMDM5MjFaFw0yNDEyMDQyMDQ0MjFaMDMxMTAvBgNV
BAMTKDNEMkNCQTlGRUZFMjE1QUJEQzQ3Mzc5N0RCNjE4RjNERjVBQkE5OUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDi5dALkUBLckydIbCtLvpeHIF0
hf9sxIDPQ4GwBMKyRK3Fw095lMKIrGWehPCiEB/FXY6TAzycXMHanq9Ku09EI/8I
u5roijvY/hhCK2SIGli0P9lRLE/PjOBbZeRO+CYsMHT+dB5M5wDY0IR/oKl4rYN7
wWD96zEAiQgbOHOvRzl2FT3tC6++p4r6X+Jpk4ESK7VrGtXankhaQkXy68Uu/o6s
hPjbmNS00uB+o0pU2NB9c0AVlzqXRuCiz9dsPO5aT6rSJosQj+jI7oXVI7d5hfaD
hPE7/o5smlSOPKS/SV8odh+X7AiyXb90RG3NihhRhapWf670pzsmuRzUZdNFAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUPSy6n+/iFavcRzeX22GPPfWrqZwwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjcxNzk5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcAKgagBQuiMA0GCSqGSIb3DQEBCwUAA4IBAQA5Yv4r
Kj7mLIe9EHuwUAMOQiCyz4Ze0CIDnAWX5ZSGzMT+3KNSLQdKgpmD4h7ePsO8l/M8
cXGZCvY5shCL6hOwusxLdEB0JSsauZqFqdGi1L4ljVzClPjReYkm+8FtQpkggxpc
Lh17c94klPm7ZM0zt2by0O7fug7ZVR9EQ02i4ckUMOHH3o4k2RiioncS4EUsZF0B
RFvKhV7XtAxDvik5OmGgOB2y8SAMrXtlYfQYJ/YTlpW3KVFJ/FpXPJxnfIFt37/j
D9abSs1AVzyoFouRNenzFuEhmjHvcCcNxOeEcbdJiZnweEmuAI5EF23c5+xwd+jr
ROpaeHOr4+EzIyaR
-----END CERTIFICATE-----