Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS47311.roa
File:                     AS47311.roa (raw, json)
Hash identifier:          WBvaVZN1jAzR8u4VvysdpChzg4Eff5TX2pvn2X3o6KI=
Subject key identifier:   96:C6:A1:04:6B:A7:89:DC:C6:41:1A:8E:45:8C:5F:B3:44:69:B7:D7
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       7E7E4EC76988B9EB88AC93FFEED5CFCA6E62245C
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS47311.roa
Signing time:             Mon 02 Sep 2024 15:56:11 +0000
ROA not before:           Mon 02 Sep 2024 15:51:11 +0000
ROA not after:            Mon 01 Sep 2025 15:56:11 +0000
asID:                     47311
IP address blocks:        2a06:9f44:f170::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 26 Nov 2024 16:12:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7e:7e:4e:c7:69:88:b9:eb:88:ac:93:ff:ee:d5:cf:ca:6e:62:24:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Sep  2 15:51:11 2024 GMT
            Not After : Sep  1 15:56:11 2025 GMT
        Subject: CN=96C6A1046BA789DCC6411A8E458C5FB34469B7D7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:54:fa:09:04:03:98:29:fd:75:e8:5a:cf:68:
                    7a:a0:cd:a4:fe:b1:bd:2a:3e:e8:71:bd:82:15:9d:
                    db:42:2e:b1:79:4d:e5:43:a5:8c:c3:b8:83:e9:1d:
                    b0:8a:45:4a:73:04:92:36:b0:87:5a:59:3f:dc:17:
                    6b:4d:41:a0:f7:db:bd:99:96:ea:b5:94:c0:e0:c4:
                    21:c3:ed:68:a1:45:5b:b2:12:d3:23:48:05:11:74:
                    38:7a:29:59:d8:f2:52:d1:b5:8f:76:16:fb:ba:b1:
                    de:c5:63:fc:db:06:fa:8e:c9:65:5c:c0:07:bf:82:
                    93:5e:07:42:6e:39:80:81:83:ce:d9:c5:01:09:35:
                    0a:29:00:99:31:b2:53:74:27:90:f6:27:10:c7:42:
                    67:1c:d1:a5:56:8a:78:19:fb:1a:be:be:8c:91:02:
                    d0:b4:76:53:07:1e:52:c1:84:32:94:97:0f:0a:77:
                    76:ac:e1:6e:e1:cd:cc:4a:db:e4:74:05:57:ac:e6:
                    85:80:39:27:6f:31:9d:db:e1:4f:8f:0f:93:5e:b2:
                    fe:d1:41:36:4b:96:22:75:25:a7:37:e6:e4:61:ef:
                    c8:2c:74:8f:f1:1d:32:f5:37:e1:06:23:f6:54:19:
                    88:34:77:0f:cf:97:7f:95:d6:32:02:8e:ec:a3:7d:
                    87:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:C6:A1:04:6B:A7:89:DC:C6:41:1A:8E:45:8C:5F:B3:44:69:B7:D7
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS47311.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:9f44:f170::/44

    Signature Algorithm: sha256WithRSAEncryption
         a5:23:6c:df:fc:fd:7b:d3:49:88:24:3b:ef:e5:8a:95:43:46:
         f5:d9:4f:b3:c2:1e:10:aa:a8:16:0a:e5:84:18:bc:42:d8:c0:
         61:c0:6b:3a:1f:94:b8:1c:5e:70:a7:18:9e:d2:b4:58:92:72:
         df:d0:21:19:02:a5:d0:b6:36:53:8e:03:20:b7:29:f7:2a:46:
         b1:ea:a9:89:42:58:61:f4:19:81:9d:50:53:4e:46:a2:70:3f:
         c0:d0:f1:73:6d:5e:c8:09:d5:99:56:d5:42:2e:3b:76:58:f1:
         e2:a8:3c:67:67:44:39:38:1e:85:b1:41:df:a7:7d:91:88:c2:
         ca:d3:11:8f:50:2e:8a:68:59:d1:d1:db:e2:25:24:90:6e:9d:
         51:fc:eb:1a:8c:21:36:0c:a1:fc:1b:bf:67:db:6b:12:d8:91:
         74:6b:7d:be:2f:09:ae:60:cb:ae:3a:4e:23:9c:f1:51:a6:f2:
         d9:3a:ad:7e:29:b2:ce:19:d7:8f:09:74:61:cf:54:e0:21:6e:
         06:23:9a:19:30:dc:22:10:58:ca:8b:6e:c7:54:94:e9:fd:b6:
         60:72:87:3b:27:04:44:45:86:49:bf:59:6e:5d:71:b0:91:c1:
         3c:d2:81:19:3d:67:0a:60:7e:73:7a:35:05:77:aa:9b:11:f9:
         8c:36:f2:fb
-----BEGIN CERTIFICATE-----
MIIE5zCCA8+gAwIBAgIUfn5Ox2mIueuIrJP/7tXPym5iJFwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDA5MDIxNTUxMTFaFw0yNTA5MDExNTU2MTFaMDMxMTAvBgNV
BAMTKDk2QzZBMTA0NkJBNzg5RENDNjQxMUE4RTQ1OEM1RkIzNDQ2OUI3RDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDnVPoJBAOYKf116FrPaHqgzaT+
sb0qPuhxvYIVndtCLrF5TeVDpYzDuIPpHbCKRUpzBJI2sIdaWT/cF2tNQaD3272Z
luq1lMDgxCHD7WihRVuyEtMjSAURdDh6KVnY8lLRtY92Fvu6sd7FY/zbBvqOyWVc
wAe/gpNeB0JuOYCBg87ZxQEJNQopAJkxslN0J5D2JxDHQmcc0aVWingZ+xq+voyR
AtC0dlMHHlLBhDKUlw8Kd3as4W7hzcxK2+R0BVes5oWAOSdvMZ3b4U+PD5Nesv7R
QTZLliJ1Jac35uRh78gsdI/xHTL1N+EGI/ZUGYg0dw/Pl3+V1jICjuyjfYeJAgMB
AAGjggHxMIIB7TAdBgNVHQ4EFgQUlsahBGunidzGQRqORYxfs0Rpt9cwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBvBggrBgEF
BQcBCwRjMGEwXwYIKwYBBQUHMAuGU3JzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
NDczMTEucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcB
Af8EEzARMA8EAgACMAkDBwQqBp9E8XAwDQYJKoZIhvcNAQELBQADggEBAKUjbN/8
/XvTSYgkO+/lipVDRvXZT7PCHhCqqBYK5YQYvELYwGHAazoflLgcXnCnGJ7StFiS
ct/QIRkCpdC2NlOOAyC3KfcqRrHqqYlCWGH0GYGdUFNORqJwP8DQ8XNtXsgJ1ZlW
1UIuO3ZY8eKoPGdnRDk4HoWxQd+nfZGIwsrTEY9QLopoWdHR2+IlJJBunVH86xqM
ITYMofwbv2fbaxLYkXRrfb4vCa5gy646TiOc8VGm8tk6rX4pss4Z148JdGHPVOAh
bgYjmhkw3CIQWMqLbsdUlOn9tmByhzsnBERFhkm/WW5dcbCRwTzSgRk9ZwpgfnN6
NQV3qpsR+Yw28vs=
-----END CERTIFICATE-----