Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS49791.roa
File:                     AS49791.roa (raw, json)
Hash identifier:          OdA7xLx5VJkKHq0UlFRjYu7qF1CuV0yMmkAymm8CwzU=
Subject key identifier:   FF:11:FF:4D:C6:23:BF:96:1A:71:FD:58:5D:6F:41:F3:07:58:C4:DC
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       63C60C97702410879D056D89141CBD54CFD00782
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS49791.roa
Signing time:             Sun 22 Sep 2024 02:48:53 +0000
ROA not before:           Sun 22 Sep 2024 02:43:53 +0000
ROA not after:            Sun 21 Sep 2025 02:48:53 +0000
asID:                     49791
IP address blocks:        81.31.213.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 13 Mar 2025 15:28:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            63:c6:0c:97:70:24:10:87:9d:05:6d:89:14:1c:bd:54:cf:d0:07:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Sep 22 02:43:53 2024 GMT
            Not After : Sep 21 02:48:53 2025 GMT
        Subject: CN=FF11FF4DC623BF961A71FD585D6F41F30758C4DC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:fe:12:cd:d9:2b:b4:f5:31:35:58:93:68:af:
                    a9:7a:61:4f:45:6a:4d:ff:3e:77:5c:32:14:52:e7:
                    b1:42:ca:dd:4a:6d:87:a6:a9:f6:10:e7:e8:d0:a9:
                    0d:9e:49:62:cb:9d:58:f3:9c:7e:66:9c:28:47:50:
                    f5:32:3d:87:b8:e6:b6:45:59:b6:f9:7f:38:b8:81:
                    71:a0:b4:94:f3:20:d1:43:a4:d4:62:9b:a2:27:9f:
                    c4:a2:46:ed:f3:3d:63:ab:66:04:47:18:d7:ea:42:
                    db:63:e9:60:ca:e4:25:e8:19:91:c3:4d:b0:8b:21:
                    8b:a2:58:e3:e0:5c:43:8d:35:98:82:46:77:a0:4c:
                    af:e3:09:ed:54:84:51:0c:ab:ec:6b:ed:6a:82:2e:
                    4d:6d:ec:71:df:94:72:46:c4:d9:e5:19:1f:82:02:
                    68:6c:fe:e4:62:30:7c:78:09:4e:e1:a6:88:20:2f:
                    45:c6:54:4f:2f:eb:49:89:a8:d8:8f:1f:2a:bd:23:
                    da:b9:fc:a8:44:67:62:cb:04:f5:29:86:47:a8:8b:
                    a6:c9:3c:52:10:5f:98:b1:cd:38:95:47:a3:72:35:
                    c5:2c:59:d0:4c:0a:86:99:b6:3e:2e:29:b9:2a:2e:
                    ad:b9:e4:7b:65:db:4a:24:f7:58:42:66:d7:9e:da:
                    f9:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:11:FF:4D:C6:23:BF:96:1A:71:FD:58:5D:6F:41:F3:07:58:C4:DC
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS49791.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.31.213.0/24

    Signature Algorithm: sha256WithRSAEncryption
         af:4c:6a:37:22:7e:9c:57:59:63:f9:78:23:26:f0:67:0a:ef:
         8a:4a:fc:c8:be:3f:a8:e2:38:dd:8b:50:d6:b1:d7:d3:1f:f5:
         95:85:50:a3:b3:fe:e7:59:39:33:dc:f8:56:83:c8:91:c3:c0:
         9e:6d:3a:89:39:59:73:54:49:cd:ed:45:6a:95:d2:0a:1d:ca:
         00:42:53:d8:36:25:cb:2d:dd:17:19:ac:bf:f6:c4:5e:56:a4:
         2d:c6:64:c9:36:49:40:3c:8b:c0:1a:b4:c8:43:4c:5b:70:d6:
         08:96:83:fe:20:06:b7:51:14:8a:c2:49:72:ce:81:06:18:f0:
         21:39:f4:44:64:13:7c:69:ca:e2:4d:fe:30:92:58:a8:a3:b0:
         96:a0:3a:7f:75:87:60:f0:67:c1:32:56:ae:08:3f:bd:a9:8a:
         d5:80:24:55:da:04:a9:1b:87:c0:ae:48:af:58:cc:91:11:7b:
         99:02:42:1c:f2:77:bb:1b:c6:3d:e4:7b:dd:44:22:3f:2a:97:
         3e:14:02:36:1e:3d:b8:75:a3:55:de:12:7b:fd:26:09:75:00:
         bb:27:05:f3:9a:55:06:be:6d:cf:16:f0:7c:ef:fe:cc:21:62:
         d6:29:e4:89:ae:5e:0d:14:16:3d:f5:0d:25:94:b7:3c:6c:7a:
         4e:2e:31:88
-----BEGIN CERTIFICATE-----
MIIE5DCCA8ygAwIBAgIUY8YMl3AkEIedBW2JFBy9VM/QB4IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDA5MjIwMjQzNTNaFw0yNTA5MjEwMjQ4NTNaMDMxMTAvBgNV
BAMTKEZGMTFGRjREQzYyM0JGOTYxQTcxRkQ1ODVENkY0MUYzMDc1OEM0REMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC//hLN2Su09TE1WJNor6l6YU9F
ak3/PndcMhRS57FCyt1KbYemqfYQ5+jQqQ2eSWLLnVjznH5mnChHUPUyPYe45rZF
Wbb5fzi4gXGgtJTzINFDpNRim6Inn8SiRu3zPWOrZgRHGNfqQttj6WDK5CXoGZHD
TbCLIYuiWOPgXEONNZiCRnegTK/jCe1UhFEMq+xr7WqCLk1t7HHflHJGxNnlGR+C
Amhs/uRiMHx4CU7hpoggL0XGVE8v60mJqNiPHyq9I9q5/KhEZ2LLBPUphkeoi6bJ
PFIQX5ixzTiVR6NyNcUsWdBMCoaZtj4uKbkqLq255Htl20ok91hCZtee2vkpAgMB
AAGjggHuMIIB6jAdBgNVHQ4EFgQU/xH/TcYjv5Yacf1YXW9B8wdYxNwwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBvBggrBgEF
BQcBCwRjMGEwXwYIKwYBBQUHMAuGU3JzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
NDk3OTEucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcB
Af8EEDAOMAwEAgABMAYDBABRH9UwDQYJKoZIhvcNAQELBQADggEBAK9MajcifpxX
WWP5eCMm8GcK74pK/Mi+P6jiON2LUNax19Mf9ZWFUKOz/udZOTPc+FaDyJHDwJ5t
Ook5WXNUSc3tRWqV0godygBCU9g2Jcst3RcZrL/2xF5WpC3GZMk2SUA8i8AatMhD
TFtw1giWg/4gBrdRFIrCSXLOgQYY8CE59ERkE3xpyuJN/jCSWKijsJagOn91h2Dw
Z8EyVq4IP72pitWAJFXaBKkbh8CuSK9YzJERe5kCQhzyd7sbxj3ke91EIj8qlz4U
AjYePbh1o1XeEnv9Jgl1ALsnBfOaVQa+bc8W8Hzv/swhYtYp5ImuXg0UFj31DSWU
tzxsek4uMYg=
-----END CERTIFICATE-----