Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS57883.roa
File:                     AS57883.roa (raw, json)
Hash identifier:          sz1CehlIHD5lpRu+E29h7qtyiJ27ofP0iPosAF4AABQ=
Subject key identifier:   08:6F:86:58:23:F0:4F:58:07:38:EA:F9:3B:E9:84:9A:16:30:5A:BB
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       6AA2ED2648077B21D4CEF795329AB13583FC32C0
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS57883.roa
Signing time:             Tue 05 Nov 2024 03:40:08 +0000
ROA not before:           Tue 05 Nov 2024 03:35:08 +0000
ROA not after:            Tue 04 Nov 2025 03:40:08 +0000
asID:                     57883
IP address blocks:        2a06:a005:110::/44 maxlen: 48
                          2a06:a005:120::/44 maxlen: 48
                          2a06:a005:130::/44 maxlen: 48
                          2a06:a005:140::/44 maxlen: 48
                          2a06:a005:150::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 23:17:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6a:a2:ed:26:48:07:7b:21:d4:ce:f7:95:32:9a:b1:35:83:fc:32:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Nov  5 03:35:08 2024 GMT
            Not After : Nov  4 03:40:08 2025 GMT
        Subject: CN=086F865823F04F580738EAF93BE9849A16305ABB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fe:99:e1:ef:1e:53:4d:6a:8a:6f:28:26:a9:63:
                    ef:c0:4d:38:e0:e4:1d:0a:da:75:91:34:d8:f2:59:
                    c3:f0:d2:0e:eb:1e:54:09:a8:57:3c:28:ca:6a:f3:
                    d8:8e:6a:7c:40:4b:23:80:78:6b:f3:93:ae:d9:f2:
                    3f:0c:77:62:fe:2c:2f:2c:a4:83:19:fd:a2:3c:82:
                    d1:94:05:64:a8:51:1d:ee:73:a2:16:fd:b2:78:38:
                    1e:e2:09:dd:ae:31:a4:85:19:cb:bc:ef:86:8e:f1:
                    b1:63:22:81:9d:b6:3f:ff:86:2f:e3:f3:f9:71:db:
                    7f:11:ab:af:3f:03:9d:bd:a8:8b:8f:34:a3:b5:6f:
                    2a:62:24:23:83:12:1e:1d:95:ea:9b:2f:ee:1d:24:
                    b1:ea:d5:10:94:03:77:0b:f9:22:c5:f3:92:e1:f0:
                    be:39:ac:96:85:4c:a1:72:37:be:42:8a:3b:ca:00:
                    0d:45:99:8d:23:29:4a:ef:62:16:04:bc:c8:ef:4e:
                    7e:39:90:02:a1:ce:b2:8a:b1:1f:d2:c7:ae:fe:c3:
                    2b:6b:3b:66:a6:fa:0c:fc:30:8a:f0:d6:d3:54:db:
                    ab:7b:e4:64:91:6e:c2:7c:82:f3:3e:55:64:6a:b0:
                    d6:47:1a:f7:0c:c6:88:61:7e:43:c2:e0:7b:9e:03:
                    a2:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:6F:86:58:23:F0:4F:58:07:38:EA:F9:3B:E9:84:9A:16:30:5A:BB
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS57883.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:110::-2a06:a005:15f:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         a5:57:da:e2:88:15:ec:57:ad:c1:8a:da:f4:1d:b7:f5:31:3c:
         14:73:6c:a8:e5:51:00:89:24:18:81:40:42:e9:72:2a:dd:96:
         4d:f4:ff:a3:52:ba:34:22:1b:de:d7:72:a2:46:2d:21:42:5b:
         0e:ff:e1:b0:1d:d5:c9:64:58:58:c6:20:3b:3d:42:8b:7b:a8:
         56:cf:70:1f:61:57:a9:44:56:ae:a2:fa:3a:07:68:e1:f4:2a:
         af:a3:0c:ca:a0:84:28:bd:38:2a:a8:c0:02:a2:12:9d:f2:a0:
         eb:0e:3e:ec:fa:11:7e:71:43:96:ae:0d:eb:5c:c7:b9:fb:25:
         93:09:17:5e:f0:f4:d5:13:bb:a9:da:a8:06:16:e0:cf:3f:9b:
         2b:5b:e5:39:26:1e:b8:2f:ec:f5:76:d4:dc:c6:ba:b6:ab:9c:
         87:30:f1:f9:d6:c9:a6:05:20:a5:7a:b6:ce:ff:2b:96:c5:f5:
         ee:c2:31:88:c8:b1:91:94:a0:f5:a9:fa:25:2d:2c:11:44:75:
         02:9d:f8:ba:69:06:86:52:3c:ed:7c:8d:c8:75:0a:23:54:2f:
         ce:da:93:69:1d:29:81:98:32:19:93:a9:a3:a8:3c:13:6c:db:
         b6:dd:98:a1:8d:31:72:1d:d0:fa:0f:cb:15:73:f0:30:2e:82:
         54:d6:1d:ee
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIUaqLtJkgHeyHUzveVMpqxNYP8MsAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDExMDUwMzM1MDhaFw0yNTExMDQwMzQwMDhaMDMxMTAvBgNV
BAMTKDA4NkY4NjU4MjNGMDRGNTgwNzM4RUFGOTNCRTk4NDlBMTYzMDVBQkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD+meHvHlNNaopvKCapY+/ATTjg
5B0K2nWRNNjyWcPw0g7rHlQJqFc8KMpq89iOanxASyOAeGvzk67Z8j8Md2L+LC8s
pIMZ/aI8gtGUBWSoUR3uc6IW/bJ4OB7iCd2uMaSFGcu874aO8bFjIoGdtj//hi/j
8/lx238Rq68/A529qIuPNKO1bypiJCODEh4dleqbL+4dJLHq1RCUA3cL+SLF85Lh
8L45rJaFTKFyN75CijvKAA1FmY0jKUrvYhYEvMjvTn45kAKhzrKKsR/Sx67+wytr
O2am+gz8MIrw1tNU26t75GSRbsJ8gvM+VWRqsNZHGvcMxohhfkPC4HueA6IHAgMB
AAGjggH8MIIB+DAdBgNVHQ4EFgQUCG+GWCPwT1gHOOr5O+mEmhYwWrswHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBvBggrBgEF
BQcBCwRjMGEwXwYIKwYBBQUHMAuGU3JzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
NTc4ODMucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwLQYIKwYBBQUHAQcB
Af8EHjAcMBoEAgACMBQwEgMHBCoGoAUBEAMHBSoGoAUBQDANBgkqhkiG9w0BAQsF
AAOCAQEApVfa4ogV7FetwYra9B239TE8FHNsqOVRAIkkGIFAQulyKt2WTfT/o1K6
NCIb3tdyokYtIUJbDv/hsB3VyWRYWMYgOz1Ci3uoVs9wH2FXqURWrqL6Ogdo4fQq
r6MMyqCEKL04KqjAAqISnfKg6w4+7PoRfnFDlq4N61zHufslkwkXXvD01RO7qdqo
Bhbgzz+bK1vlOSYeuC/s9XbU3Ma6tquchzDx+dbJpgUgpXq2zv8rlsX17sIxiMix
kZSg9an6JS0sEUR1Ap34umkGhlI87XyNyHUKI1QvztqTaR0pgZgyGZOpo6g8E2zb
tt2YoY0xch3Q+g/LFXPwMC6CVNYd7g==
-----END CERTIFICATE-----