Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS58132.roa
File:                     AS58132.roa (raw, json)
Hash identifier:          bDbq1i7r5JxAKYRBL0dZY9E1JeNVBcV2jzDaRKqgmZk=
Subject key identifier:   1F:B1:7C:EC:D8:D7:F9:2E:41:91:81:28:44:79:AE:2F:A3:05:5E:98
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       7A7DDC16070ECEAEC80905EAD6653B015D1FE96E
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS58132.roa
Signing time:             Tue 05 Nov 2024 03:40:03 +0000
ROA not before:           Tue 05 Nov 2024 03:35:03 +0000
ROA not after:            Tue 04 Nov 2025 03:40:03 +0000
asID:                     58132
IP address blocks:        2a06:a005:2d9::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 13 Mar 2025 15:28:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7a:7d:dc:16:07:0e:ce:ae:c8:09:05:ea:d6:65:3b:01:5d:1f:e9:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Nov  5 03:35:03 2024 GMT
            Not After : Nov  4 03:40:03 2025 GMT
        Subject: CN=1FB17CECD8D7F92E419181284479AE2FA3055E98
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:39:d3:32:d8:9f:bf:b3:45:47:50:8b:7e:13:
                    bf:0c:d7:69:43:74:36:2c:b3:ab:b6:16:a7:a0:e2:
                    47:b4:30:00:f8:8a:0e:b6:15:34:0b:49:ec:41:b4:
                    3c:c1:16:f7:c4:cc:ed:37:e5:94:94:1e:cc:97:57:
                    ca:e3:17:47:75:2a:69:54:56:e2:85:99:8f:cb:e1:
                    f7:6b:e5:da:ea:cc:95:a9:b7:ec:97:ef:c0:b0:75:
                    02:c3:8e:97:80:6b:93:2f:ff:b9:f5:e1:33:50:f8:
                    2e:3c:e1:bc:8c:06:98:51:38:40:1f:96:e8:1a:0b:
                    8b:09:b5:f2:e2:5e:14:da:07:00:f8:7e:be:d4:00:
                    e6:c5:e2:37:98:80:7c:9b:4c:69:12:53:e2:bd:55:
                    52:22:17:88:3b:ed:85:d5:1f:a7:0f:10:6d:d5:a3:
                    4d:07:cb:aa:19:17:e7:85:19:54:50:0e:54:65:b4:
                    15:5f:3a:a3:0e:bb:b8:90:6d:2e:1a:4b:70:58:96:
                    f9:4b:88:91:83:ba:14:5d:3b:60:1c:e2:68:db:82:
                    04:56:65:f5:6d:43:27:98:8e:97:58:13:9d:ae:0c:
                    eb:75:a7:5f:66:bd:44:1e:4c:5b:bd:c5:6e:3c:3b:
                    3a:06:8c:ac:e3:f2:4b:5f:0c:ad:f9:c1:ca:34:83:
                    cd:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:B1:7C:EC:D8:D7:F9:2E:41:91:81:28:44:79:AE:2F:A3:05:5E:98
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS58132.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:2d9::/48

    Signature Algorithm: sha256WithRSAEncryption
         49:d9:65:4c:8c:12:2a:32:af:ed:e0:d7:f1:f0:1a:fc:9a:87:
         51:10:41:62:7b:ed:34:5f:84:1f:a2:9d:75:7f:3f:7f:7a:fe:
         2e:6d:cd:9b:49:a8:87:cc:f2:c2:76:40:b9:a5:ae:2d:7e:30:
         87:bc:83:b4:c5:67:e3:c6:04:53:d3:e8:07:b3:ff:54:e7:f1:
         1c:1e:e3:95:56:58:61:e9:fd:a0:38:7b:61:87:d4:81:57:b1:
         f6:57:3c:1a:49:0d:0e:4d:7f:f8:a6:ae:f6:30:47:10:46:f8:
         90:32:9b:d8:09:f3:51:2f:64:4d:60:6b:42:0c:3e:13:f3:b2:
         3f:42:6c:b9:c1:ff:7c:0c:e5:cf:7a:8b:11:71:54:40:5d:9a:
         a5:00:a1:ac:e8:42:80:5a:2c:36:0d:77:67:78:3d:0f:b3:f8:
         24:5f:75:be:83:69:6c:58:cc:0f:2c:be:60:46:6e:67:71:dd:
         19:c2:cb:03:98:52:79:df:14:43:79:93:7d:f9:dd:be:a9:22:
         8f:76:66:c8:bc:50:07:10:b7:7d:07:80:66:72:e9:32:2c:58:
         96:80:39:16:5d:01:f5:4e:6b:66:1d:8d:3c:63:d1:d4:82:05:
         f0:ad:88:c0:56:bb:76:e3:17:aa:74:c4:c1:01:97:16:67:05:
         fa:07:fd:6c
-----BEGIN CERTIFICATE-----
MIIE5zCCA8+gAwIBAgIUen3cFgcOzq7ICQXq1mU7AV0f6W4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDExMDUwMzM1MDNaFw0yNTExMDQwMzQwMDNaMDMxMTAvBgNV
BAMTKDFGQjE3Q0VDRDhEN0Y5MkU0MTkxODEyODQ0NzlBRTJGQTMwNTVFOTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBOdMy2J+/s0VHUIt+E78M12lD
dDYss6u2Fqeg4ke0MAD4ig62FTQLSexBtDzBFvfEzO035ZSUHsyXV8rjF0d1KmlU
VuKFmY/L4fdr5drqzJWpt+yX78CwdQLDjpeAa5Mv/7n14TNQ+C484byMBphROEAf
lugaC4sJtfLiXhTaBwD4fr7UAObF4jeYgHybTGkSU+K9VVIiF4g77YXVH6cPEG3V
o00Hy6oZF+eFGVRQDlRltBVfOqMOu7iQbS4aS3BYlvlLiJGDuhRdO2Ac4mjbggRW
ZfVtQyeYjpdYE52uDOt1p19mvUQeTFu9xW48OzoGjKzj8ktfDK35wco0g81fAgMB
AAGjggHxMIIB7TAdBgNVHQ4EFgQUH7F87NjX+S5BkYEoRHmuL6MFXpgwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBvBggrBgEF
BQcBCwRjMGEwXwYIKwYBBQUHMAuGU3JzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
NTgxMzIucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcB
Af8EEzARMA8EAgACMAkDBwAqBqAFAtkwDQYJKoZIhvcNAQELBQADggEBAEnZZUyM
Eioyr+3g1/HwGvyah1EQQWJ77TRfhB+inXV/P396/i5tzZtJqIfM8sJ2QLmlri1+
MIe8g7TFZ+PGBFPT6Aez/1Tn8Rwe45VWWGHp/aA4e2GH1IFXsfZXPBpJDQ5Nf/im
rvYwRxBG+JAym9gJ81EvZE1ga0IMPhPzsj9CbLnB/3wM5c96ixFxVEBdmqUAoazo
QoBaLDYNd2d4PQ+z+CRfdb6DaWxYzA8svmBGbmdx3RnCywOYUnnfFEN5k3353b6p
Io92Zsi8UAcQt30HgGZy6TIsWJaAORZdAfVOa2YdjTxj0dSCBfCtiMBWu3bjF6p0
xMEBlxZnBfoH/Ww=
-----END CERTIFICATE-----