Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS398325.roa
File:                     AS398325.roa (raw, json)
Hash identifier:          Wy+VShQiWvO2HzMpaE385vM4pYwugAskc+wiqT0s8yU=
Subject key identifier:   30:CB:79:5C:53:54:E0:55:00:49:2A:4D:DA:36:61:0B:A3:E1:8C:14
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       7E362D87751E05788DCC5D8C4C7523489E0EB35C
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS398325.roa
Signing time:             Tue 05 Nov 2024 03:40:10 +0000
ROA not before:           Tue 05 Nov 2024 03:35:10 +0000
ROA not after:            Tue 04 Nov 2025 03:40:10 +0000
asID:                     398325
IP address blocks:        2a06:a005:5ba::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 23:17:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7e:36:2d:87:75:1e:05:78:8d:cc:5d:8c:4c:75:23:48:9e:0e:b3:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Nov  5 03:35:10 2024 GMT
            Not After : Nov  4 03:40:10 2025 GMT
        Subject: CN=30CB795C5354E05500492A4DDA36610BA3E18C14
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:45:e2:d9:57:81:19:f3:2a:3c:05:66:3d:44:
                    ca:26:ec:76:1c:3c:0d:ca:c1:96:37:0c:19:53:a7:
                    93:f1:53:0e:62:54:2b:3e:8d:cf:f7:30:23:ab:ff:
                    92:83:47:ac:c2:c7:e0:a3:40:48:2d:51:0a:c9:8d:
                    36:c1:a5:79:23:7e:ec:82:94:f0:5c:d1:ab:ce:62:
                    ab:e1:aa:ee:ae:0e:a5:46:c4:74:b2:4b:33:54:33:
                    88:e3:2b:fa:00:17:94:32:a9:e9:4e:43:91:a1:fa:
                    3a:62:28:76:96:f8:65:ec:f8:bd:28:d8:8f:5c:f8:
                    05:81:58:e6:d8:4d:bf:07:14:b7:ca:10:4a:09:ce:
                    2a:36:c4:76:1e:2c:e2:7b:e6:e3:9a:70:54:de:f7:
                    ab:67:fa:ba:f2:41:16:75:ec:03:54:4b:b9:e7:84:
                    2b:25:99:6f:a4:4a:40:05:5e:8d:32:b9:6f:4a:b5:
                    63:f0:31:44:73:0c:d6:dc:df:30:27:11:36:9a:af:
                    bf:f5:53:9f:83:bc:bd:60:8c:7c:8d:55:9c:51:b9:
                    9a:8c:58:50:28:6b:a9:4e:fa:d4:ac:9f:0f:1c:99:
                    95:ae:69:76:2d:f3:9f:37:8b:52:50:5b:25:1d:11:
                    f1:b3:f1:47:a6:89:f7:a2:dc:3d:07:4a:df:83:1f:
                    bb:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:CB:79:5C:53:54:E0:55:00:49:2A:4D:DA:36:61:0B:A3:E1:8C:14
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS398325.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:5ba::/48

    Signature Algorithm: sha256WithRSAEncryption
         5f:da:56:93:c6:1b:ee:51:58:0e:2d:bf:1d:74:1c:a3:c8:e4:
         4a:c8:84:82:c0:1a:0e:d9:5a:1d:fa:11:56:f0:27:a8:32:0a:
         9c:4f:1e:50:b2:41:dd:1f:a6:b3:be:29:88:b5:77:bd:0a:80:
         fe:82:c5:52:94:67:18:8c:25:25:07:e9:51:2a:15:b8:6b:a3:
         4d:20:f5:62:0b:01:5d:28:09:b5:62:cf:da:b9:dc:2c:af:e4:
         4a:91:6e:b2:1c:d1:7a:d2:7c:d5:a9:41:c6:d4:1f:73:12:4c:
         44:c6:44:54:6b:a8:03:93:12:a3:69:c0:12:b9:c6:ce:97:71:
         7d:08:9a:a4:6a:bd:d4:29:63:57:e6:53:ac:f4:cf:6b:20:2d:
         dd:e5:96:87:d4:5f:0e:78:b8:e3:de:e2:c9:6b:fb:f6:df:2c:
         e4:9a:25:8a:c5:bf:9d:64:14:b1:a6:1e:25:bb:a2:9e:f1:f2:
         bd:18:59:3c:7f:a0:bb:0d:47:aa:a2:71:e4:17:b7:61:d7:34:
         b7:6d:84:0c:e1:18:2a:2c:bd:b5:c4:39:0d:a1:ef:a7:15:7d:
         93:75:9d:7b:0d:98:ff:b3:c1:92:db:13:62:3e:cc:b4:85:3c:
         ac:8d:98:a5:51:b3:c2:0b:89:17:c5:17:71:8b:59:28:ef:00:
         83:0c:6b:8d
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUfjYth3UeBXiNzF2MTHUjSJ4Os1wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDExMDUwMzM1MTBaFw0yNTExMDQwMzQwMTBaMDMxMTAvBgNV
BAMTKDMwQ0I3OTVDNTM1NEUwNTUwMDQ5MkE0RERBMzY2MTBCQTNFMThDMTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbReLZV4EZ8yo8BWY9RMom7HYc
PA3KwZY3DBlTp5PxUw5iVCs+jc/3MCOr/5KDR6zCx+CjQEgtUQrJjTbBpXkjfuyC
lPBc0avOYqvhqu6uDqVGxHSySzNUM4jjK/oAF5QyqelOQ5Gh+jpiKHaW+GXs+L0o
2I9c+AWBWObYTb8HFLfKEEoJzio2xHYeLOJ75uOacFTe96tn+rryQRZ17ANUS7nn
hCslmW+kSkAFXo0yuW9KtWPwMURzDNbc3zAnETaar7/1U5+DvL1gjHyNVZxRuZqM
WFAoa6lO+tSsnw8cmZWuaXYt8583i1JQWyUdEfGz8Uemifei3D0HSt+DH7v9AgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUMMt5XFNU4FUASSpN2jZhC6PhjBQwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
Mzk4MzI1LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcAKgagBQW6MA0GCSqGSIb3DQEBCwUAA4IBAQBf2laT
xhvuUVgOLb8ddByjyORKyISCwBoO2Vod+hFW8CeoMgqcTx5QskHdH6azvimItXe9
CoD+gsVSlGcYjCUlB+lRKhW4a6NNIPViCwFdKAm1Ys/audwsr+RKkW6yHNF60nzV
qUHG1B9zEkxExkRUa6gDkxKjacASucbOl3F9CJqkar3UKWNX5lOs9M9rIC3d5ZaH
1F8OeLjj3uLJa/v23yzkmiWKxb+dZBSxph4lu6Ke8fK9GFk8f6C7DUeqonHkF7dh
1zS3bYQM4RgqLL21xDkNoe+nFX2TdZ17DZj/s8GS2xNiPsy0hTysjZilUbPCC4kX
xRdxi1ko7wCDDGuN
-----END CERTIFICATE-----