Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS39753.roa
File:                     AS39753.roa (raw, json)
Hash identifier:          c+74LCA9RMFNr8rZZf3mr7MMFtme4pDrV/t0XdWfkJU=
Subject key identifier:   9E:4C:08:FE:19:EC:76:C9:95:6D:36:5D:1A:6A:D4:1A:60:1F:3D:82
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       2A0FB704F435AB0B33E5705D79F99CF7334D8144
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS39753.roa
Signing time:             Tue 05 Dec 2023 02:44:15 +0000
ROA not before:           Tue 05 Dec 2023 02:39:15 +0000
ROA not after:            Tue 03 Dec 2024 02:44:15 +0000
asID:                     39753
IP address blocks:        2a06:a005:22a0::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 04 May 2024 14:41:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2a:0f:b7:04:f4:35:ab:0b:33:e5:70:5d:79:f9:9c:f7:33:4d:81:44
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Dec  5 02:39:15 2023 GMT
            Not After : Dec  3 02:44:15 2024 GMT
        Subject: CN=9E4C08FE19EC76C9956D365D1A6AD41A601F3D82
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:e5:fd:f0:5e:df:96:c9:65:d9:8c:c6:e5:69:
                    d0:8f:6c:f3:37:b2:19:d6:bf:6d:59:12:da:fd:34:
                    64:d6:c2:c0:53:22:d1:75:06:a2:cc:62:15:85:61:
                    05:8e:1d:61:f3:14:d0:63:ae:cd:08:d8:41:3c:c8:
                    9e:0f:eb:93:86:e3:a2:95:1a:87:a0:c4:23:e9:f3:
                    86:97:12:3c:0d:03:d5:be:95:a0:39:e4:48:44:f8:
                    be:ae:eb:28:61:eb:ee:bb:3d:c3:41:c7:e0:e7:8f:
                    9d:13:ee:3d:de:97:e0:ac:cb:30:b9:35:87:b9:d3:
                    be:0e:96:d4:df:89:6e:ce:50:2f:4d:aa:64:76:16:
                    84:27:15:2e:3a:d4:e4:38:76:bf:98:81:8e:ae:c0:
                    a6:15:f0:23:ee:a2:95:72:11:d9:09:3e:cf:5a:45:
                    e9:e8:cf:87:08:68:fa:b9:1f:3e:8c:83:2a:a6:76:
                    a4:4e:1d:23:2c:62:66:9a:86:98:51:e8:4b:02:9e:
                    8b:2f:3e:c3:1b:d2:36:57:34:2a:75:a4:7d:76:3a:
                    76:9e:38:39:4d:14:dc:a2:46:27:b7:1c:10:7e:66:
                    66:9c:f1:bc:93:c7:53:90:6b:ea:f2:3f:c1:b9:bb:
                    d0:3f:17:7e:38:2a:88:b4:9a:47:49:33:b2:58:c9:
                    5f:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:4C:08:FE:19:EC:76:C9:95:6D:36:5D:1A:6A:D4:1A:60:1F:3D:82
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS39753.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:22a0::/44

    Signature Algorithm: sha256WithRSAEncryption
         32:7e:63:74:63:57:c7:12:09:ba:1c:dd:4c:ab:1a:b9:64:62:
         53:84:d1:9d:84:8f:c9:f7:cc:f1:96:a5:c1:ce:79:48:b5:fc:
         e8:b4:fa:4b:fc:e0:c5:5a:69:26:49:3c:ec:c8:1d:d1:2d:40:
         22:1c:e8:43:e4:df:b3:2a:b1:7c:63:e5:e6:80:85:ab:58:62:
         21:c4:3a:70:c1:58:37:c7:8f:b3:95:30:ca:65:fe:e4:db:99:
         9a:40:70:9d:27:e3:cb:66:40:f6:3d:c9:89:11:51:ad:b9:16:
         a3:27:eb:4a:62:a9:1e:5d:cb:03:39:9b:ac:a3:93:c7:20:99:
         46:99:e9:37:7c:46:fe:0d:74:9c:0a:57:f7:0b:4d:f1:f4:2e:
         d4:ff:88:5d:70:6e:09:3b:ad:34:e0:b8:24:b5:8b:aa:fa:71:
         49:d7:84:22:3a:dd:12:ff:38:d2:f3:56:e4:c9:e1:78:b7:9d:
         67:f1:8f:de:13:d3:30:34:71:22:63:07:95:72:e0:ed:91:c2:
         91:c0:c1:f3:85:c0:12:e6:64:54:d5:ee:27:be:45:8c:bb:86:
         25:85:e1:ed:7b:6e:30:3a:19:c3:cc:80:b2:d8:03:a4:5a:c3:
         f6:fc:70:a8:7b:71:93:f9:00:5b:10:38:5b:98:ec:c8:2a:95:
         bc:dc:5c:34
-----BEGIN CERTIFICATE-----
MIIE5zCCA8+gAwIBAgIUKg+3BPQ1qwsz5XBdefmc9zNNgUQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzEyMDUwMjM5MTVaFw0yNDEyMDMwMjQ0MTVaMDMxMTAvBgNV
BAMTKDlFNEMwOEZFMTlFQzc2Qzk5NTZEMzY1RDFBNkFENDFBNjAxRjNEODIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCz5f3wXt+WyWXZjMbladCPbPM3
shnWv21ZEtr9NGTWwsBTItF1BqLMYhWFYQWOHWHzFNBjrs0I2EE8yJ4P65OG46KV
GoegxCPp84aXEjwNA9W+laA55EhE+L6u6yhh6+67PcNBx+Dnj50T7j3el+CsyzC5
NYe5074OltTfiW7OUC9NqmR2FoQnFS461OQ4dr+YgY6uwKYV8CPuopVyEdkJPs9a
Renoz4cIaPq5Hz6MgyqmdqROHSMsYmaahphR6EsCnosvPsMb0jZXNCp1pH12Onae
ODlNFNyiRie3HBB+Zmac8byTx1OQa+ryP8G5u9A/F344Koi0mkdJM7JYyV/lAgMB
AAGjggHxMIIB7TAdBgNVHQ4EFgQUnkwI/hnsdsmVbTZdGmrUGmAfPYIwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBvBggrBgEF
BQcBCwRjMGEwXwYIKwYBBQUHMAuGU3JzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
Mzk3NTMucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcB
Af8EEzARMA8EAgACMAkDBwQqBqAFIqAwDQYJKoZIhvcNAQELBQADggEBADJ+Y3Rj
V8cSCboc3UyrGrlkYlOE0Z2Ej8n3zPGWpcHOeUi1/Oi0+kv84MVaaSZJPOzIHdEt
QCIc6EPk37MqsXxj5eaAhatYYiHEOnDBWDfHj7OVMMpl/uTbmZpAcJ0n48tmQPY9
yYkRUa25FqMn60piqR5dywM5m6yjk8cgmUaZ6Td8Rv4NdJwKV/cLTfH0LtT/iF1w
bgk7rTTguCS1i6r6cUnXhCI63RL/ONLzVuTJ4Xi3nWfxj94T0zA0cSJjB5Vy4O2R
wpHAwfOFwBLmZFTV7ie+RYy7hiWF4e17bjA6GcPMgLLYA6Raw/b8cKh7cZP5AFsQ
OFuY7MgqlbzcXDQ=
-----END CERTIFICATE-----