Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS56655.roa
File:                     AS56655.roa (raw, json)
Hash identifier:          9gKM9RV5/mu9sT74BzHYacEyWZc1BU4gBWOr+nRpK1g=
Subject key identifier:   56:46:F0:5E:A4:B0:52:FC:67:C5:91:6E:B1:48:6D:18:39:AE:DB:6E
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       639EBD00F45C1F274D5C894E9A59F3FB54CB5C00
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS56655.roa
Signing time:             Wed 29 Jan 2025 18:49:31 +0000
ROA not before:           Wed 29 Jan 2025 18:44:31 +0000
ROA not after:            Wed 28 Jan 2026 18:49:31 +0000
asID:                     56655
IP address blocks:        202.50.55.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 05 Apr 2025 09:24:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            63:9e:bd:00:f4:5c:1f:27:4d:5c:89:4e:9a:59:f3:fb:54:cb:5c:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Jan 29 18:44:31 2025 GMT
            Not After : Jan 28 18:49:31 2026 GMT
        Subject: CN=5646F05EA4B052FC67C5916EB1486D1839AEDB6E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:fa:43:60:21:b8:32:9b:7c:9b:29:3c:49:88:
                    35:ff:05:58:96:c1:c2:a6:79:d9:2a:b0:f5:95:07:
                    8c:20:8f:b7:a7:05:99:9a:8e:d6:96:67:f4:24:de:
                    19:82:94:6a:35:f3:2c:ed:75:a4:9f:63:b5:cb:c3:
                    9e:6f:27:16:ca:9b:bd:02:a8:19:19:fa:ba:17:97:
                    7d:d6:cd:07:1d:f7:3e:6f:bc:89:47:e8:e5:15:30:
                    77:e1:0b:e4:dc:13:30:95:b3:38:54:a9:68:41:2b:
                    09:26:eb:16:ac:36:40:17:c3:79:48:6b:82:5e:8c:
                    19:22:16:94:fc:8d:e1:aa:50:67:ba:b2:e5:24:3b:
                    14:5e:22:1a:a7:d2:59:15:ae:5d:7d:6e:77:c6:bf:
                    ce:14:58:21:73:4b:7c:c4:d0:7b:10:4b:75:5c:a6:
                    14:db:6c:00:5d:80:7d:a0:e6:e8:4e:ce:74:8b:6a:
                    54:9b:51:bb:57:1c:11:e3:d3:6a:e2:3b:9f:c1:7b:
                    fc:b3:a4:f1:bb:de:e8:e9:ab:b8:61:b2:95:ab:31:
                    9f:40:1f:b8:93:bf:5c:38:e6:bf:57:5f:a0:65:09:
                    d8:08:a7:24:eb:53:07:2e:6d:63:3c:77:3f:e5:4e:
                    fd:43:b1:28:6a:1c:52:df:94:b0:33:c0:ef:97:86:
                    b1:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:46:F0:5E:A4:B0:52:FC:67:C5:91:6E:B1:48:6D:18:39:AE:DB:6E
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS56655.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.50.55.0/24

    Signature Algorithm: sha256WithRSAEncryption
         bd:28:ce:7d:6e:7b:d0:a5:7f:fd:b1:40:f0:37:71:be:51:d9:
         ca:e5:f7:6d:f1:c0:82:d9:b0:bd:0a:9a:42:aa:63:e2:b3:6e:
         c0:fb:f2:b4:20:a9:93:aa:83:68:9d:4c:f6:30:58:9a:50:7f:
         e1:9d:02:77:58:0b:fa:d5:dc:8d:c5:20:7e:3c:69:85:32:a7:
         32:12:1d:0a:5f:9f:9b:dc:29:01:2f:a9:fb:d6:e5:6b:27:3b:
         0a:e3:56:95:a8:d9:90:c9:ac:46:53:f3:47:09:8b:fd:95:eb:
         36:3b:b7:ab:30:bf:84:38:44:f9:b8:bb:bd:6c:71:46:4b:be:
         32:d6:d8:f9:60:45:93:65:be:80:71:b6:fc:44:b8:30:a8:d3:
         40:29:95:59:da:f1:91:04:38:a0:5e:c0:0a:8e:21:5a:67:9a:
         79:46:95:ac:56:c4:0a:d0:d0:33:0d:3b:ef:7d:50:a6:ed:ed:
         02:4c:1f:f4:77:49:67:8f:b3:64:73:be:f3:1e:a4:75:8a:3b:
         45:d1:fb:67:eb:99:f7:f4:ed:84:ba:82:46:36:86:35:d3:c5:
         f1:94:54:0e:c1:1c:c5:a7:1a:ea:c4:17:75:4d:bc:16:65:c2:
         a0:b3:e6:f1:7f:9b:5b:69:20:6c:1e:80:c2:14:5c:1f:ab:fc:
         d9:66:29:90
-----BEGIN CERTIFICATE-----
MIIE5DCCA8ygAwIBAgIUY569APRcHydNXIlOmlnz+1TLXAAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNTAxMjkxODQ0MzFaFw0yNjAxMjgxODQ5MzFaMDMxMTAvBgNV
BAMTKDU2NDZGMDVFQTRCMDUyRkM2N0M1OTE2RUIxNDg2RDE4MzlBRURCNkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0+kNgIbgym3ybKTxJiDX/BViW
wcKmedkqsPWVB4wgj7enBZmajtaWZ/Qk3hmClGo18yztdaSfY7XLw55vJxbKm70C
qBkZ+roXl33WzQcd9z5vvIlH6OUVMHfhC+TcEzCVszhUqWhBKwkm6xasNkAXw3lI
a4JejBkiFpT8jeGqUGe6suUkOxReIhqn0lkVrl19bnfGv84UWCFzS3zE0HsQS3Vc
phTbbABdgH2g5uhOznSLalSbUbtXHBHj02riO5/Be/yzpPG73ujpq7hhspWrMZ9A
H7iTv1w45r9XX6BlCdgIpyTrUwcubWM8dz/lTv1DsShqHFLflLAzwO+XhrGDAgMB
AAGjggHuMIIB6jAdBgNVHQ4EFgQUVkbwXqSwUvxnxZFusUhtGDmu224wHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBvBggrBgEF
BQcBCwRjMGEwXwYIKwYBBQUHMAuGU3JzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
NTY2NTUucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcB
Af8EEDAOMAwEAgABMAYDBADKMjcwDQYJKoZIhvcNAQELBQADggEBAL0ozn1ue9Cl
f/2xQPA3cb5R2crl923xwILZsL0KmkKqY+KzbsD78rQgqZOqg2idTPYwWJpQf+Gd
AndYC/rV3I3FIH48aYUypzISHQpfn5vcKQEvqfvW5WsnOwrjVpWo2ZDJrEZT80cJ
i/2V6zY7t6swv4Q4RPm4u71scUZLvjLW2PlgRZNlvoBxtvxEuDCo00AplVna8ZEE
OKBewAqOIVpnmnlGlaxWxArQ0DMNO+99UKbt7QJMH/R3SWePs2RzvvMepHWKO0XR
+2frmff07YS6gkY2hjXTxfGUVA7BHMWnGurEF3VNvBZlwqCz5vF/m1tpIGwegMIU
XB+r/NlmKZA=
-----END CERTIFICATE-----