Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS49791.roa
File:                     AS49791.roa (raw, json)
Hash identifier:          dgSKXGqnJPPKFufvq3pfCK82i+XiuC0ANyPGwbBZ9l0=
Subject key identifier:   52:F4:06:30:F5:3E:D7:05:A3:49:31:DC:78:BF:E7:62:C7:9E:A0:01
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       760018D90AB152B6AF154A2776FCE76B6E120D2F
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS49791.roa
Signing time:             Tue 14 May 2024 00:22:21 +0000
ROA not before:           Tue 14 May 2024 00:17:21 +0000
ROA not after:            Tue 13 May 2025 00:22:21 +0000
asID:                     49791
IP address blocks:        81.31.213.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Jun 2024 04:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            76:00:18:d9:0a:b1:52:b6:af:15:4a:27:76:fc:e7:6b:6e:12:0d:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: May 14 00:17:21 2024 GMT
            Not After : May 13 00:22:21 2025 GMT
        Subject: CN=52F40630F53ED705A34931DC78BFE762C79EA001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:a1:19:6f:ae:e3:ce:d8:a5:8d:9e:81:41:5c:
                    b4:19:57:9b:6b:6f:8f:6c:bc:3a:f0:df:af:cf:c3:
                    d7:57:83:66:bf:a6:31:24:75:c0:b5:e9:2a:fe:0b:
                    31:14:00:67:dc:d7:87:75:fa:21:4d:a0:2f:0b:ef:
                    26:b2:ec:af:2e:9c:3e:bd:d8:2c:d9:5b:35:78:66:
                    be:81:be:7f:f1:79:05:93:ac:86:d9:2e:90:8b:b9:
                    f9:92:c4:79:2d:13:38:e6:4f:2a:22:c6:f5:ae:30:
                    7b:2e:b2:ba:a5:87:33:12:15:cf:33:16:23:4d:66:
                    9c:d3:9a:43:69:e9:ee:b4:c7:a3:94:7e:76:a7:79:
                    67:9d:92:c7:bf:e3:39:c3:2a:31:be:d6:99:6a:a5:
                    83:15:80:07:63:6c:14:23:3b:05:fe:45:e5:d0:a1:
                    5e:32:38:ba:c5:5f:88:6f:6f:f0:e5:4b:f9:ab:19:
                    b9:aa:5b:88:9b:48:7f:07:54:5c:9b:a1:fd:3d:89:
                    e7:d4:0f:bd:ae:29:b8:4b:e1:2d:c2:f5:31:e7:9e:
                    0b:ab:89:6d:9c:da:49:34:0b:6a:99:1b:1a:cf:3f:
                    b4:dc:8b:49:62:e4:b8:1e:8c:37:7a:e1:02:44:47:
                    a7:ae:36:b4:4d:91:c3:2f:89:1e:53:3d:f8:c9:4b:
                    3c:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:F4:06:30:F5:3E:D7:05:A3:49:31:DC:78:BF:E7:62:C7:9E:A0:01
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS49791.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.31.213.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c7:97:41:c8:22:39:6b:36:1c:ba:10:0f:cc:85:8a:9d:ab:c0:
         65:16:86:c4:e3:16:9c:3f:f5:30:93:9d:6d:c9:16:7d:7b:16:
         8d:cb:a2:79:4f:dc:86:9a:ab:ef:d1:cb:c5:52:ec:c2:ae:3e:
         fc:0a:1c:32:2d:f9:9c:fb:b8:8a:36:9b:19:2e:8e:20:68:98:
         07:8c:62:b1:df:23:ed:1a:da:f2:57:98:09:a4:cc:6b:8e:da:
         86:e2:aa:21:57:a3:00:dc:50:c7:28:49:e5:c1:de:cb:2b:c4:
         70:ad:23:b6:dd:0b:b0:39:d4:b9:cd:01:7d:01:14:53:3d:29:
         51:fe:9f:ee:72:94:87:31:5e:df:de:be:9c:e3:50:48:b9:4d:
         ee:c3:39:a2:b1:25:2e:48:ee:62:ab:b7:e8:98:60:bb:7b:e3:
         2a:33:04:4a:bc:3e:11:fe:56:a3:d7:6c:37:60:c0:87:41:5e:
         fd:c2:32:59:7d:33:cb:f5:e2:44:ba:45:30:76:6b:7a:d7:b2:
         c0:93:de:64:ff:f6:a0:ba:56:b1:e7:88:03:ce:9c:fe:e3:55:
         d4:7e:e1:da:1f:67:91:f5:fb:2d:95:66:d7:cc:7c:c7:56:15:
         a2:60:a7:28:1d:21:61:a6:56:e7:b5:a3:a9:68:c5:0e:79:95:
         98:aa:ce:18
-----BEGIN CERTIFICATE-----
MIIE5DCCA8ygAwIBAgIUdgAY2QqxUravFUondvzna24SDS8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDA1MTQwMDE3MjFaFw0yNTA1MTMwMDIyMjFaMDMxMTAvBgNV
BAMTKDUyRjQwNjMwRjUzRUQ3MDVBMzQ5MzFEQzc4QkZFNzYyQzc5RUEwMDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCoRlvruPO2KWNnoFBXLQZV5tr
b49svDrw36/Pw9dXg2a/pjEkdcC16Sr+CzEUAGfc14d1+iFNoC8L7yay7K8unD69
2CzZWzV4Zr6Bvn/xeQWTrIbZLpCLufmSxHktEzjmTyoixvWuMHsusrqlhzMSFc8z
FiNNZpzTmkNp6e60x6OUfnaneWedkse/4znDKjG+1plqpYMVgAdjbBQjOwX+ReXQ
oV4yOLrFX4hvb/DlS/mrGbmqW4ibSH8HVFybof09iefUD72uKbhL4S3C9THnngur
iW2c2kk0C2qZGxrPP7Tci0li5LgejDd64QJER6euNrRNkcMviR5TPfjJSzw1AgMB
AAGjggHuMIIB6jAdBgNVHQ4EFgQUUvQGMPU+1wWjSTHceL/nYseeoAEwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBvBggrBgEF
BQcBCwRjMGEwXwYIKwYBBQUHMAuGU3JzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
NDk3OTEucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcB
Af8EEDAOMAwEAgABMAYDBABRH9UwDQYJKoZIhvcNAQELBQADggEBAMeXQcgiOWs2
HLoQD8yFip2rwGUWhsTjFpw/9TCTnW3JFn17Fo3LonlP3Iaaq+/Ry8VS7MKuPvwK
HDIt+Zz7uIo2mxkujiBomAeMYrHfI+0a2vJXmAmkzGuO2obiqiFXowDcUMcoSeXB
3ssrxHCtI7bdC7A51LnNAX0BFFM9KVH+n+5ylIcxXt/evpzjUEi5Te7DOaKxJS5I
7mKrt+iYYLt74yozBEq8PhH+VqPXbDdgwIdBXv3CMll9M8v14kS6RTB2a3rXssCT
3mT/9qC6VrHniAPOnP7jVdR+4dofZ5H1+y2VZtfMfMdWFaJgpygdIWGmVue1o6lo
xQ55lZiqzhg=
-----END CERTIFICATE-----