Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS58270.roa
File:                     AS58270.roa (raw, json)
Hash identifier:          MjQ/eKuXYOZ9MBKpcGIkF6rtdP0t+qqfqHcvCDvFoNI=
Subject key identifier:   15:7D:B4:CD:4F:5C:50:A0:CF:25:F8:92:A4:70:3E:24:C6:EB:0F:4B
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       086D22C7D95B9D30CBD91EC28CF40891BFAEAF39
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS58270.roa
Signing time:             Sat 24 Feb 2024 03:44:24 +0000
ROA not before:           Sat 24 Feb 2024 03:39:24 +0000
ROA not after:            Sat 22 Feb 2025 03:44:24 +0000
asID:                     58270
IP address blocks:        2a06:a004:2000::/36 maxlen: 48
                          2a06:a004:3000::/36 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 23:17:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            08:6d:22:c7:d9:5b:9d:30:cb:d9:1e:c2:8c:f4:08:91:bf:ae:af:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Feb 24 03:39:24 2024 GMT
            Not After : Feb 22 03:44:24 2025 GMT
        Subject: CN=157DB4CD4F5C50A0CF25F892A4703E24C6EB0F4B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:a5:1b:c9:6e:5d:d3:d3:d7:21:1d:77:48:b3:
                    97:7e:ae:d3:7c:08:6b:03:50:83:67:b9:3b:f3:54:
                    55:1f:a7:6c:9b:38:f2:4c:4b:27:3e:1b:cd:66:fa:
                    36:b3:77:51:5b:e3:14:74:9f:a9:13:97:2d:27:63:
                    29:1b:f6:d2:18:d8:6c:fd:49:78:f2:4c:46:d6:cb:
                    5c:99:3e:68:d4:41:3a:b1:56:64:08:ca:ed:dd:1c:
                    bd:7e:d3:6c:95:a2:42:ab:3e:0e:1c:32:86:f8:80:
                    16:bf:8b:3f:cc:d2:b5:4e:b9:b3:94:94:46:e7:bc:
                    89:5f:5c:04:71:62:14:40:ed:af:ab:af:29:de:a6:
                    2e:2f:80:91:af:37:cb:0a:6b:b8:3a:86:a9:4d:6f:
                    5c:9a:db:4d:99:df:3e:58:ba:ff:2a:e8:19:86:74:
                    9a:02:ab:e5:36:67:d3:70:3c:b3:5d:af:f9:b0:e4:
                    19:db:00:55:94:65:5c:fd:1e:30:3d:c5:64:40:38:
                    df:19:c8:84:15:cf:84:63:e0:25:67:75:91:28:6d:
                    b1:37:2a:84:d1:fd:29:6f:50:cf:be:86:55:56:35:
                    9f:1a:a8:a5:30:64:21:7b:a5:5e:f3:59:08:fe:3e:
                    86:f2:4c:04:68:51:47:54:10:b9:56:81:20:15:de:
                    3b:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:7D:B4:CD:4F:5C:50:A0:CF:25:F8:92:A4:70:3E:24:C6:EB:0F:4B
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS58270.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a004:2000::/35

    Signature Algorithm: sha256WithRSAEncryption
         12:cc:41:b6:b3:e9:df:b0:ee:83:b3:83:83:54:fb:e2:37:2d:
         9c:89:e5:3a:b5:f9:2b:69:6b:85:31:8f:3d:59:cf:40:e9:ca:
         18:dd:91:1b:bd:e1:12:1b:46:ba:ad:27:0b:b7:70:0c:e7:37:
         2f:87:a7:54:e1:ae:4c:5a:df:d4:d2:35:6d:55:08:22:87:ea:
         65:e0:55:e0:3c:24:63:b0:fd:47:1c:13:0f:1d:02:12:85:3d:
         b5:42:e1:75:db:dc:87:b7:ad:d7:68:2d:c4:8c:8f:bd:30:8c:
         e4:77:fa:b6:f6:5e:f0:27:2c:ce:20:dc:3c:21:c0:21:01:2c:
         e2:52:28:16:55:77:7a:d8:d9:bd:2c:b6:a0:27:ea:d7:3f:b6:
         74:4e:a6:78:27:e5:f3:42:af:f3:a1:8a:5a:17:d7:26:af:a4:
         20:ac:94:16:35:12:e5:c5:d1:65:e7:f0:17:d2:7d:fe:04:5c:
         82:b7:d9:2b:c2:e8:74:08:da:80:0d:d5:3e:99:f2:ba:3c:83:
         40:3c:52:72:2a:88:2e:45:7b:5c:04:0b:f5:8d:0a:5b:d8:01:
         ca:c3:f4:49:94:e0:59:8a:1b:2d:f9:85:64:e6:68:95:b5:12:
         f8:f3:ee:d5:60:fe:05:7b:e2:30:7d:2a:24:da:b1:b6:5f:97:
         f1:2f:99:2b
-----BEGIN CERTIFICATE-----
MIIE5jCCA86gAwIBAgIUCG0ix9lbnTDL2R7CjPQIkb+urzkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDAyMjQwMzM5MjRaFw0yNTAyMjIwMzQ0MjRaMDMxMTAvBgNV
BAMTKDE1N0RCNENENEY1QzUwQTBDRjI1Rjg5MkE0NzAzRTI0QzZFQjBGNEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3pRvJbl3T09chHXdIs5d+rtN8
CGsDUINnuTvzVFUfp2ybOPJMSyc+G81m+jazd1Fb4xR0n6kTly0nYykb9tIY2Gz9
SXjyTEbWy1yZPmjUQTqxVmQIyu3dHL1+02yVokKrPg4cMob4gBa/iz/M0rVOubOU
lEbnvIlfXARxYhRA7a+rrynepi4vgJGvN8sKa7g6hqlNb1ya202Z3z5Yuv8q6BmG
dJoCq+U2Z9NwPLNdr/mw5BnbAFWUZVz9HjA9xWRAON8ZyIQVz4Rj4CVndZEobbE3
KoTR/SlvUM++hlVWNZ8aqKUwZCF7pV7zWQj+PobyTARoUUdUELlWgSAV3ju/AgMB
AAGjggHwMIIB7DAdBgNVHQ4EFgQUFX20zU9cUKDPJfiSpHA+JMbrD0swHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBvBggrBgEF
BQcBCwRjMGEwXwYIKwYBBQUHMAuGU3JzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
NTgyNzAucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcB
Af8EEjAQMA4EAgACMAgDBgUqBqAEIDANBgkqhkiG9w0BAQsFAAOCAQEAEsxBtrPp
37Dug7ODg1T74jctnInlOrX5K2lrhTGPPVnPQOnKGN2RG73hEhtGuq0nC7dwDOc3
L4enVOGuTFrf1NI1bVUIIofqZeBV4DwkY7D9RxwTDx0CEoU9tULhddvch7et12gt
xIyPvTCM5Hf6tvZe8CcsziDcPCHAIQEs4lIoFlV3etjZvSy2oCfq1z+2dE6meCfl
80Kv86GKWhfXJq+kIKyUFjUS5cXRZefwF9J9/gRcgrfZK8LodAjagA3VPpnyujyD
QDxSciqILkV7XAQL9Y0KW9gBysP0SZTgWYobLfmFZOZolbUS+PPu1WD+BXviMH0q
JNqxtl+X8S+ZKw==
-----END CERTIFICATE-----