Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS39753.roa
File:                     AS39753.roa (raw, json)
Hash identifier:          YSpr1Nz/7TWOBENXg8TTG9MULEgQhYPtytdjR5kRfZ4=
Subject key identifier:   5B:74:20:94:6A:05:17:DE:99:DC:23:59:7B:8F:0A:49:B4:1A:2C:3A
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       4FAE449ABBA1E95A90739CE26ACC02E11EC31876
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS39753.roa
Signing time:             Tue 05 Nov 2024 03:40:04 +0000
ROA not before:           Tue 05 Nov 2024 03:35:04 +0000
ROA not after:            Tue 04 Nov 2025 03:40:04 +0000
asID:                     39753
IP address blocks:        2a06:a005:22a0::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 17:16:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4f:ae:44:9a:bb:a1:e9:5a:90:73:9c:e2:6a:cc:02:e1:1e:c3:18:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Nov  5 03:35:04 2024 GMT
            Not After : Nov  4 03:40:04 2025 GMT
        Subject: CN=5B7420946A0517DE99DC23597B8F0A49B41A2C3A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:4f:12:1e:84:a5:8d:74:53:15:aa:e3:5e:8a:
                    bf:13:0e:0f:79:57:30:68:9e:5c:2e:d3:77:a8:31:
                    2e:68:63:e3:d4:c0:6c:27:de:26:22:35:91:71:66:
                    50:7d:b2:05:2c:b5:43:0b:bb:dd:2d:4f:86:98:f5:
                    dd:ef:de:d9:7a:84:fc:9f:ab:7e:81:2b:f3:9f:9c:
                    a0:b6:ce:4b:e1:2f:f5:f3:77:92:a7:5a:de:72:86:
                    6d:6d:2a:02:ff:90:eb:c3:a9:6f:a8:71:c5:be:d7:
                    c9:5e:91:70:b0:8a:ee:c0:8a:26:2f:cd:68:f9:19:
                    ec:6e:6b:dd:81:e0:32:15:29:be:30:bc:11:fa:ad:
                    e9:17:f5:e4:20:c7:ee:e0:74:16:be:f2:74:85:d9:
                    78:6a:9e:5f:a3:14:35:b4:a6:25:76:98:07:94:78:
                    c5:f0:5e:69:65:b1:d8:8f:41:e7:8f:5e:98:b0:97:
                    86:c0:3e:c9:c0:9c:19:b5:b9:06:16:fd:1a:ef:36:
                    d3:e2:4b:98:15:99:05:c2:e1:13:c5:ef:98:72:7a:
                    6a:52:a8:84:28:80:bf:98:c6:da:70:1c:0f:b0:e1:
                    ca:bf:8a:3e:a3:95:ad:37:15:08:6e:1f:f8:34:45:
                    dc:61:a1:75:e7:e6:b1:8f:13:3c:4e:25:e7:14:f9:
                    70:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:74:20:94:6A:05:17:DE:99:DC:23:59:7B:8F:0A:49:B4:1A:2C:3A
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS39753.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:22a0::/44

    Signature Algorithm: sha256WithRSAEncryption
         94:ad:8f:db:c2:56:05:83:94:bd:63:b4:5f:f8:0a:5f:2a:8d:
         5b:11:bb:7c:83:8a:e1:ef:09:a0:56:0a:0e:50:c5:60:e7:dc:
         4d:cc:ec:00:4f:f8:49:2d:a0:2d:5c:c3:9f:b2:c8:46:d3:72:
         77:71:5b:74:08:53:b7:cc:73:3a:e0:38:1a:2e:94:33:d9:52:
         62:fb:73:ba:07:99:34:44:b9:74:bd:b7:7d:ee:9d:f7:d1:87:
         10:a4:6b:ce:95:54:11:a4:95:b0:de:38:ad:67:0f:71:68:66:
         b8:08:7d:00:ae:d7:cd:c4:ff:20:44:1e:fa:6c:7f:ad:57:63:
         b9:86:2d:d4:eb:b3:49:61:cc:69:74:da:bc:63:bc:28:ad:d4:
         cc:7d:1d:c8:34:a4:b7:99:bf:87:fc:ff:86:07:f5:01:f7:57:
         05:71:85:ff:81:f1:31:b1:11:27:26:b1:59:63:86:59:48:0b:
         6a:87:28:ad:24:9b:57:33:fe:ae:87:0e:58:f6:d2:d7:bd:26:
         c2:e4:bf:1b:56:00:fb:ba:03:53:ac:05:a0:5a:e4:00:3b:03:
         78:b7:f0:7c:31:e4:f2:e9:b0:da:3d:c3:dd:8a:84:33:86:96:
         35:3e:30:c6:8c:94:17:d7:90:d4:5c:b5:2d:c9:cb:d6:b5:2d:
         ed:3a:7b:92
-----BEGIN CERTIFICATE-----
MIIE5zCCA8+gAwIBAgIUT65Emruh6VqQc5ziaswC4R7DGHYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDExMDUwMzM1MDRaFw0yNTExMDQwMzQwMDRaMDMxMTAvBgNV
BAMTKDVCNzQyMDk0NkEwNTE3REU5OURDMjM1OTdCOEYwQTQ5QjQxQTJDM0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjTxIehKWNdFMVquNeir8TDg95
VzBonlwu03eoMS5oY+PUwGwn3iYiNZFxZlB9sgUstUMLu90tT4aY9d3v3tl6hPyf
q36BK/OfnKC2zkvhL/Xzd5KnWt5yhm1tKgL/kOvDqW+occW+18lekXCwiu7AiiYv
zWj5Gexua92B4DIVKb4wvBH6rekX9eQgx+7gdBa+8nSF2Xhqnl+jFDW0piV2mAeU
eMXwXmllsdiPQeePXpiwl4bAPsnAnBm1uQYW/RrvNtPiS5gVmQXC4RPF75hyempS
qIQogL+YxtpwHA+w4cq/ij6jla03FQhuH/g0RdxhoXXn5rGPEzxOJecU+XBFAgMB
AAGjggHxMIIB7TAdBgNVHQ4EFgQUW3QglGoFF96Z3CNZe48KSbQaLDowHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBvBggrBgEF
BQcBCwRjMGEwXwYIKwYBBQUHMAuGU3JzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
Mzk3NTMucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcB
Af8EEzARMA8EAgACMAkDBwQqBqAFIqAwDQYJKoZIhvcNAQELBQADggEBAJStj9vC
VgWDlL1jtF/4Cl8qjVsRu3yDiuHvCaBWCg5QxWDn3E3M7ABP+EktoC1cw5+yyEbT
cndxW3QIU7fMczrgOBoulDPZUmL7c7oHmTREuXS9t33unffRhxCka86VVBGklbDe
OK1nD3FoZrgIfQCu183E/yBEHvpsf61XY7mGLdTrs0lhzGl02rxjvCit1Mx9Hcg0
pLeZv4f8/4YH9QH3VwVxhf+B8TGxEScmsVljhllIC2qHKK0km1cz/q6HDlj20te9
JsLkvxtWAPu6A1OsBaBa5AA7A3i38Hwx5PLpsNo9w92KhDOGljU+MMaMlBfXkNRc
tS3Jy9a1Le06e5I=
-----END CERTIFICATE-----