Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS59474.roa
File:                     AS59474.roa (raw, json)
Hash identifier:          FrqfIMBmjwcpMixCICmBxcCN7TsGptvdWN4aC8nuHyA=
Subject key identifier:   39:7A:72:AF:67:69:AA:93:FB:45:30:2E:E4:43:E6:12:4E:71:A2:97
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       20DFF52FEBC3649F91F7D9270A82A066BAA42E48
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS59474.roa
Signing time:             Tue 05 Dec 2023 02:44:13 +0000
ROA not before:           Tue 05 Dec 2023 02:39:13 +0000
ROA not after:            Tue 03 Dec 2024 02:44:13 +0000
asID:                     59474
IP address blocks:        2a06:a005:f30::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 04 May 2024 14:41:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            20:df:f5:2f:eb:c3:64:9f:91:f7:d9:27:0a:82:a0:66:ba:a4:2e:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Dec  5 02:39:13 2023 GMT
            Not After : Dec  3 02:44:13 2024 GMT
        Subject: CN=397A72AF6769AA93FB45302EE443E6124E71A297
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:42:b9:d4:25:0b:79:ad:22:54:f6:f3:55:6f:
                    24:c8:61:a4:39:69:8b:76:43:7a:18:50:51:0c:e9:
                    79:1c:60:06:e3:6c:ed:75:71:c7:8a:51:05:82:c9:
                    c4:97:90:3d:ff:e2:7c:84:5c:30:18:84:39:67:3e:
                    4d:e9:70:75:af:00:ce:12:9d:5d:36:b6:e3:a5:b1:
                    a5:4f:6d:a1:82:23:90:a9:09:8f:0f:31:7b:2d:fd:
                    be:16:c1:ef:02:16:85:4d:b1:2b:5b:13:fb:6c:3a:
                    9f:f0:44:ea:10:94:61:d2:fe:c6:86:6e:77:12:a6:
                    9b:63:9a:67:db:c5:f9:89:25:c3:91:93:47:83:e7:
                    2d:68:9b:76:65:dc:88:7f:87:a7:89:2a:31:a7:44:
                    6f:0e:f3:5a:ad:6d:7f:92:83:6d:ee:cb:70:98:43:
                    f6:90:f8:3a:6c:13:e1:81:a8:79:d2:d7:69:95:be:
                    78:48:d0:17:82:d8:78:e3:fa:04:15:fd:d4:06:d1:
                    a1:d5:90:f7:3e:9a:bd:ac:cf:da:09:e7:c1:7a:67:
                    72:35:ae:48:46:1d:73:72:e1:ca:dd:4f:ff:38:a0:
                    d9:b7:72:08:e6:8e:bc:25:f3:8f:6c:66:0b:02:30:
                    73:96:f4:65:f1:80:48:99:ae:61:bd:06:01:28:29:
                    99:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:7A:72:AF:67:69:AA:93:FB:45:30:2E:E4:43:E6:12:4E:71:A2:97
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS59474.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:f30::/44

    Signature Algorithm: sha256WithRSAEncryption
         78:87:f4:d2:1e:c0:e9:69:94:3a:75:73:50:8e:2b:22:46:b1:
         74:a8:f2:9d:8f:8a:e9:21:e0:3f:71:39:31:85:d3:75:45:b7:
         06:70:44:4a:89:4a:56:56:fc:b3:01:99:d1:fe:c0:1a:03:49:
         a8:a7:6d:0e:01:a8:ca:b4:ba:f3:cb:67:f6:0d:e9:ae:e8:0f:
         80:ea:2b:50:b2:a3:e8:42:e3:72:cd:d8:55:c7:ae:a1:09:ed:
         a2:2d:d7:82:b8:d1:28:9d:16:06:a4:38:b8:d6:59:ba:ea:02:
         a0:d5:fb:b6:a5:06:a7:c8:34:81:ec:be:57:ca:6b:2d:40:07:
         28:88:b9:af:6a:ba:6c:12:47:67:e1:ea:f7:ae:dc:4e:ee:64:
         c5:21:47:ad:23:6b:8e:d5:e1:d9:bd:cb:f1:64:d5:d2:22:79:
         ac:37:43:83:14:eb:bb:d3:62:a1:e4:ea:f1:13:d1:4d:ed:f9:
         92:6d:19:40:01:a6:5f:7b:8d:b6:26:7a:be:5b:b1:0b:47:a3:
         bf:85:65:0c:af:59:e7:88:9d:30:a7:ff:13:52:c8:61:5b:5f:
         51:52:a9:40:87:8e:37:f1:4c:f2:fb:ce:b9:42:7e:60:bd:76:
         91:4e:0f:75:5f:21:5e:2e:e6:c8:11:18:ab:1c:da:c1:24:f9:
         23:69:2a:19
-----BEGIN CERTIFICATE-----
MIIE5zCCA8+gAwIBAgIUIN/1L+vDZJ+R99knCoKgZrqkLkgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzEyMDUwMjM5MTNaFw0yNDEyMDMwMjQ0MTNaMDMxMTAvBgNV
BAMTKDM5N0E3MkFGNjc2OUFBOTNGQjQ1MzAyRUU0NDNFNjEyNEU3MUEyOTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2QrnUJQt5rSJU9vNVbyTIYaQ5
aYt2Q3oYUFEM6XkcYAbjbO11cceKUQWCycSXkD3/4nyEXDAYhDlnPk3pcHWvAM4S
nV02tuOlsaVPbaGCI5CpCY8PMXst/b4Wwe8CFoVNsStbE/tsOp/wROoQlGHS/saG
bncSpptjmmfbxfmJJcORk0eD5y1om3Zl3Ih/h6eJKjGnRG8O81qtbX+Sg23uy3CY
Q/aQ+DpsE+GBqHnS12mVvnhI0BeC2Hjj+gQV/dQG0aHVkPc+mr2sz9oJ58F6Z3I1
rkhGHXNy4crdT/84oNm3cgjmjrwl849sZgsCMHOW9GXxgEiZrmG9BgEoKZmVAgMB
AAGjggHxMIIB7TAdBgNVHQ4EFgQUOXpyr2dpqpP7RTAu5EPmEk5xopcwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBvBggrBgEF
BQcBCwRjMGEwXwYIKwYBBQUHMAuGU3JzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
NTk0NzQucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcB
Af8EEzARMA8EAgACMAkDBwQqBqAFDzAwDQYJKoZIhvcNAQELBQADggEBAHiH9NIe
wOlplDp1c1COKyJGsXSo8p2Piukh4D9xOTGF03VFtwZwREqJSlZW/LMBmdH+wBoD
SainbQ4BqMq0uvPLZ/YN6a7oD4DqK1Cyo+hC43LN2FXHrqEJ7aIt14K40SidFgak
OLjWWbrqAqDV+7alBqfINIHsvlfKay1AByiIua9qumwSR2fh6veu3E7uZMUhR60j
a47V4dm9y/Fk1dIieaw3Q4MU67vTYqHk6vET0U3t+ZJtGUABpl97jbYmer5bsQtH
o7+FZQyvWeeInTCn/xNSyGFbX1FSqUCHjjfxTPL7zrlCfmC9dpFOD3VfIV4u5sgR
GKsc2sEk+SNpKhk=
-----END CERTIFICATE-----