Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS57883.roa
File:                     AS57883.roa (raw, json)
Hash identifier:          FsXK96MWgPksVs9hUsx0Seh9Sz4ukFqG256yTGTZEGY=
Subject key identifier:   7E:6F:2C:F7:6C:0B:D6:A2:8F:7D:C0:AB:20:4C:1A:E2:2B:54:65:92
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       2910509CEEC82919F2A0DCE545E2A943EF4157CE
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS57883.roa
Signing time:             Tue 05 Dec 2023 02:44:16 +0000
ROA not before:           Tue 05 Dec 2023 02:39:16 +0000
ROA not after:            Tue 03 Dec 2024 02:44:16 +0000
asID:                     57883
IP address blocks:        2a06:a005:110::/44 maxlen: 48
                          2a06:a005:120::/44 maxlen: 48
                          2a06:a005:130::/44 maxlen: 48
                          2a06:a005:140::/44 maxlen: 48
                          2a06:a005:150::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 05 May 2024 05:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            29:10:50:9c:ee:c8:29:19:f2:a0:dc:e5:45:e2:a9:43:ef:41:57:ce
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Dec  5 02:39:16 2023 GMT
            Not After : Dec  3 02:44:16 2024 GMT
        Subject: CN=7E6F2CF76C0BD6A28F7DC0AB204C1AE22B546592
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:5f:81:05:cc:5b:4f:c2:cf:f4:11:1b:67:1b:
                    79:90:6d:93:1b:ab:0b:81:da:2d:07:da:7d:ad:c8:
                    dc:55:9f:05:5f:6f:6d:44:7a:e0:40:ff:ef:78:e0:
                    9f:1b:1f:b1:e7:4d:f8:31:8c:ec:a6:e2:b3:e3:d1:
                    e2:58:02:2d:0e:40:09:8a:c8:12:e4:6d:6d:b1:b2:
                    dc:8d:05:d8:27:61:40:9b:c8:dc:81:2a:d3:55:b7:
                    a2:6d:72:e1:17:ec:f7:fc:96:6e:94:90:2b:3c:3e:
                    2f:00:36:1a:e8:3f:58:03:9e:da:71:bb:4b:65:46:
                    bc:eb:25:75:28:90:f6:bf:bc:6d:4b:9e:e0:08:80:
                    33:ce:7f:77:8f:73:59:d0:8e:ab:50:01:a5:30:8e:
                    0b:3d:45:b2:7b:ff:fd:62:0f:dd:33:9a:5a:64:37:
                    13:a7:bb:90:0d:69:c7:53:e7:45:22:9b:be:9e:cc:
                    69:bd:97:bc:b4:d2:ca:26:f1:f9:3c:78:80:d8:27:
                    00:6a:2c:55:cb:13:ae:1b:f5:0d:62:b9:0f:7f:70:
                    28:9f:19:b5:16:dc:45:de:d7:82:59:df:33:b2:7f:
                    ee:75:22:b2:06:f2:71:7b:09:a8:e6:32:c0:3e:49:
                    ef:46:d6:15:c6:28:b7:c5:25:8d:ef:9f:92:c9:2c:
                    55:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:6F:2C:F7:6C:0B:D6:A2:8F:7D:C0:AB:20:4C:1A:E2:2B:54:65:92
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS57883.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:110::-2a06:a005:15f:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         97:bf:f8:c8:f8:7f:50:2d:b8:2d:c7:51:8f:91:16:a2:45:f7:
         12:bf:68:59:5e:d4:62:be:39:d6:3f:ff:d1:0d:62:e5:da:97:
         df:67:fa:85:03:db:88:74:c3:c1:7a:a0:2b:31:ad:f3:29:53:
         00:8c:52:9d:a3:0f:f0:23:99:a7:46:0d:55:80:55:79:65:e3:
         7b:fc:01:b2:cb:9e:86:66:37:8a:75:ac:e3:cc:19:45:7f:19:
         d2:01:30:5e:4c:ec:25:a6:34:2f:17:89:a2:ab:d9:6a:84:8e:
         7e:76:d6:df:f2:c8:99:8a:f1:20:89:da:a7:7b:92:56:8c:3f:
         d1:f2:54:35:a7:29:e5:1d:38:cb:f4:e6:e7:58:7b:21:e9:a0:
         9e:39:40:30:20:a9:55:bb:3c:b8:5c:ab:09:96:01:61:b8:d0:
         98:21:46:12:44:8a:b0:cf:65:be:b1:6b:70:2b:d2:47:5b:b7:
         13:8d:b4:69:f4:5a:2d:5f:cb:4c:75:1a:5b:01:c6:ea:ca:df:
         67:c2:c1:a0:56:74:1d:93:b4:48:02:c9:79:84:c1:02:42:63:
         c6:76:95:2e:a1:8b:ff:4d:e5:2b:4b:7c:0d:23:ca:59:82:96:
         d4:73:38:9e:73:52:5f:69:7b:8c:2d:6a:15:11:e9:a5:1f:f3:
         d2:10:d6:5e
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIUKRBQnO7IKRnyoNzlReKpQ+9BV84wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzEyMDUwMjM5MTZaFw0yNDEyMDMwMjQ0MTZaMDMxMTAvBgNV
BAMTKDdFNkYyQ0Y3NkMwQkQ2QTI4RjdEQzBBQjIwNEMxQUUyMkI1NDY1OTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFX4EFzFtPws/0ERtnG3mQbZMb
qwuB2i0H2n2tyNxVnwVfb21EeuBA/+944J8bH7HnTfgxjOym4rPj0eJYAi0OQAmK
yBLkbW2xstyNBdgnYUCbyNyBKtNVt6JtcuEX7Pf8lm6UkCs8Pi8ANhroP1gDntpx
u0tlRrzrJXUokPa/vG1LnuAIgDPOf3ePc1nQjqtQAaUwjgs9RbJ7//1iD90zmlpk
NxOnu5ANacdT50Uim76ezGm9l7y00som8fk8eIDYJwBqLFXLE64b9Q1iuQ9/cCif
GbUW3EXe14JZ3zOyf+51IrIG8nF7CajmMsA+Se9G1hXGKLfFJY3vn5LJLFWRAgMB
AAGjggH8MIIB+DAdBgNVHQ4EFgQUfm8s92wL1qKPfcCrIEwa4itUZZIwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBvBggrBgEF
BQcBCwRjMGEwXwYIKwYBBQUHMAuGU3JzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
NTc4ODMucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwLQYIKwYBBQUHAQcB
Af8EHjAcMBoEAgACMBQwEgMHBCoGoAUBEAMHBSoGoAUBQDANBgkqhkiG9w0BAQsF
AAOCAQEAl7/4yPh/UC24LcdRj5EWokX3Er9oWV7UYr451j//0Q1i5dqX32f6hQPb
iHTDwXqgKzGt8ylTAIxSnaMP8COZp0YNVYBVeWXje/wBssuehmY3inWs48wZRX8Z
0gEwXkzsJaY0LxeJoqvZaoSOfnbW3/LImYrxIInap3uSVow/0fJUNacp5R04y/Tm
51h7IemgnjlAMCCpVbs8uFyrCZYBYbjQmCFGEkSKsM9lvrFrcCvSR1u3E420afRa
LV/LTHUaWwHG6srfZ8LBoFZ0HZO0SALJeYTBAkJjxnaVLqGL/03lK0t8DSPKWYKW
1HM4nnNSX2l7jC1qFRHppR/z0hDWXg==
-----END CERTIFICATE-----