Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS56808.roa
File:                     AS56808.roa (raw, json)
Hash identifier:          7nEdKOx2xvImvDwsx08F3Wq9fT7tLZfvlTQGY6bzOGA=
Subject key identifier:   3B:78:CE:E5:E7:F9:AB:F0:73:BC:4F:F1:81:67:23:CB:7F:61:43:4F
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       4B60E515BF3122D0E8984D8C0F1EBDBA4AF870A7
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS56808.roa
Signing time:             Thu 04 Jan 2024 09:44:21 +0000
ROA not before:           Thu 04 Jan 2024 09:39:21 +0000
ROA not after:            Thu 02 Jan 2025 09:44:21 +0000
asID:                     56808
IP address blocks:        2a06:a005:1273::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 05 May 2024 05:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4b:60:e5:15:bf:31:22:d0:e8:98:4d:8c:0f:1e:bd:ba:4a:f8:70:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Jan  4 09:39:21 2024 GMT
            Not After : Jan  2 09:44:21 2025 GMT
        Subject: CN=3B78CEE5E7F9ABF073BC4FF1816723CB7F61434F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f3:44:d8:05:a5:0c:73:22:c0:f5:f5:ff:2e:ff:
                    8b:cb:0e:ca:ef:36:25:22:14:06:76:96:e1:13:4c:
                    b3:d0:6f:c0:4f:23:d6:7d:c5:2b:53:af:54:ae:1b:
                    ca:b4:5f:3f:c5:8a:38:d2:03:31:b9:b6:71:d8:c0:
                    d7:34:46:2c:c7:65:04:f0:4d:5b:b4:a8:97:f2:82:
                    e3:cf:4f:1a:bd:1b:9a:b1:16:33:44:8b:b3:fc:78:
                    9d:99:a8:45:7e:33:88:ff:f7:7a:0e:6a:fd:45:d3:
                    98:d3:be:ed:cf:d0:cf:32:a5:fc:38:35:15:42:34:
                    f9:3e:a8:e0:ed:d5:62:8b:3a:7b:c7:11:77:08:21:
                    dc:f9:cf:1f:35:8f:d6:65:4a:60:de:b9:fe:7d:22:
                    b9:5d:ac:5b:90:63:91:4d:cb:1a:78:e8:0d:07:6b:
                    66:ca:3a:25:a0:3d:d5:49:eb:98:37:35:4f:74:e2:
                    62:c4:c0:25:20:0d:45:91:4c:8c:61:19:fb:66:77:
                    02:54:f4:d3:bd:0f:c6:e1:eb:a4:2c:01:6e:c4:8f:
                    87:54:6a:7a:8c:3f:17:54:3e:37:ea:be:2b:99:c5:
                    7d:dc:8e:31:1f:c3:5d:fd:f1:0d:09:b3:e9:fe:8a:
                    50:88:94:86:60:99:91:86:21:01:b4:a1:12:65:32:
                    6f:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:78:CE:E5:E7:F9:AB:F0:73:BC:4F:F1:81:67:23:CB:7F:61:43:4F
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS56808.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:1273::/48

    Signature Algorithm: sha256WithRSAEncryption
         6c:1a:f6:c3:de:f2:a2:28:40:ce:0c:26:00:21:26:f9:66:04:
         f3:3f:0f:02:78:31:14:1c:c4:3a:2c:a5:7d:c0:87:3b:15:d1:
         0b:d7:63:6f:91:ca:72:e5:af:5c:7c:88:e4:10:6f:23:61:25:
         a7:2d:74:0d:e8:5f:10:0a:6e:d7:3b:ac:43:56:3a:23:39:6f:
         ef:39:3a:88:16:08:b3:7b:91:ed:89:00:e4:37:c7:03:5d:16:
         a1:be:44:d4:82:bf:94:d4:17:0b:c3:3e:95:9c:69:db:db:2f:
         35:f0:d5:c8:b3:d8:7e:ee:94:0a:2a:1f:cc:16:d6:f2:79:00:
         dd:84:c0:10:92:55:aa:76:a9:79:3d:39:03:ba:cf:3e:f8:06:
         b9:6e:3d:c0:2f:74:b7:43:86:6f:7b:5f:b0:be:8f:1c:25:41:
         d3:fa:c9:8c:3a:f9:2d:5c:11:49:8a:81:8b:a2:71:7a:7b:30:
         63:dd:03:15:5d:a5:92:87:9f:31:9b:1e:d1:49:ed:77:d6:2b:
         93:2c:99:ec:71:09:cf:da:fe:ac:a2:f1:30:ef:f4:fb:be:df:
         50:ba:13:13:1f:3f:29:8b:87:5a:24:38:ca:60:92:fd:ac:94:
         ae:8d:05:4f:b6:48:a6:89:08:92:b5:75:04:17:e2:e7:b8:68:
         08:24:c6:e2
-----BEGIN CERTIFICATE-----
MIIE5zCCA8+gAwIBAgIUS2DlFb8xItDomE2MDx69ukr4cKcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDAxMDQwOTM5MjFaFw0yNTAxMDIwOTQ0MjFaMDMxMTAvBgNV
BAMTKDNCNzhDRUU1RTdGOUFCRjA3M0JDNEZGMTgxNjcyM0NCN0Y2MTQzNEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDzRNgFpQxzIsD19f8u/4vLDsrv
NiUiFAZ2luETTLPQb8BPI9Z9xStTr1SuG8q0Xz/FijjSAzG5tnHYwNc0RizHZQTw
TVu0qJfyguPPTxq9G5qxFjNEi7P8eJ2ZqEV+M4j/93oOav1F05jTvu3P0M8ypfw4
NRVCNPk+qODt1WKLOnvHEXcIIdz5zx81j9ZlSmDeuf59IrldrFuQY5FNyxp46A0H
a2bKOiWgPdVJ65g3NU904mLEwCUgDUWRTIxhGftmdwJU9NO9D8bh66QsAW7Ej4dU
anqMPxdUPjfqviuZxX3cjjEfw1398Q0Js+n+ilCIlIZgmZGGIQG0oRJlMm/5AgMB
AAGjggHxMIIB7TAdBgNVHQ4EFgQUO3jO5ef5q/BzvE/xgWcjy39hQ08wHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBvBggrBgEF
BQcBCwRjMGEwXwYIKwYBBQUHMAuGU3JzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
NTY4MDgucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcB
Af8EEzARMA8EAgACMAkDBwAqBqAFEnMwDQYJKoZIhvcNAQELBQADggEBAGwa9sPe
8qIoQM4MJgAhJvlmBPM/DwJ4MRQcxDospX3AhzsV0QvXY2+RynLlr1x8iOQQbyNh
JactdA3oXxAKbtc7rENWOiM5b+85OogWCLN7ke2JAOQ3xwNdFqG+RNSCv5TUFwvD
PpWcadvbLzXw1ciz2H7ulAoqH8wW1vJ5AN2EwBCSVap2qXk9OQO6zz74BrluPcAv
dLdDhm97X7C+jxwlQdP6yYw6+S1cEUmKgYuicXp7MGPdAxVdpZKHnzGbHtFJ7XfW
K5MsmexxCc/a/qyi8TDv9Pu+31C6ExMfPymLh1okOMpgkv2slK6NBU+2SKaJCJK1
dQQX4ue4aAgkxuI=
-----END CERTIFICATE-----