Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS59730.roa
File:                     AS59730.roa (raw, json)
Hash identifier:          enIbDXwfyV8CLqeFwy2eGOTUbQsrmspGtu3XLdSPqV0=
Subject key identifier:   C9:25:36:BA:97:B8:A4:79:6C:69:41:BE:32:35:0B:6C:3A:5F:A8:65
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       363CF5B4B47BC81D0DC60664EA3BE6A38D15773B
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS59730.roa
Signing time:             Tue 07 Mar 2023 14:42:32 +0000
ROA not before:           Tue 07 Mar 2023 14:37:32 +0000
ROA not after:            Tue 05 Mar 2024 14:42:32 +0000
asID:                     59730
IP address blocks:        2a06:a005:1d57::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
                          rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
                          rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 20 Jul 2023 12:09:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            36:3c:f5:b4:b4:7b:c8:1d:0d:c6:06:64:ea:3b:e6:a3:8d:15:77:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Mar  7 14:37:32 2023 GMT
            Not After : Mar  5 14:42:32 2024 GMT
        Subject: CN=C92536BA97B8A4796C6941BE32350B6C3A5FA865
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:63:99:dc:9a:cc:a4:8c:f1:e4:04:68:27:7c:
                    04:bd:1f:a7:86:14:3c:a3:51:2f:46:8e:9c:72:06:
                    a1:cc:f5:05:0f:5a:fb:f7:21:56:75:47:b7:50:bb:
                    14:e0:c4:ee:9e:90:a5:1b:8f:90:1c:56:5c:87:e0:
                    af:fd:43:c2:4d:95:28:49:ee:bb:03:1e:1e:b4:cc:
                    27:9f:2d:1c:cc:2c:e5:7f:71:e7:18:6f:80:fe:93:
                    7c:39:eb:cc:12:aa:d1:9e:59:22:09:68:77:11:0d:
                    56:c0:e9:d7:aa:49:19:37:62:4b:ac:16:9f:1c:37:
                    08:f3:ec:9a:7c:eb:d0:3b:04:0e:c4:58:ea:65:44:
                    aa:0d:42:81:6b:7e:e7:2f:e6:d7:57:98:a0:f5:d8:
                    1f:9a:d0:15:52:f7:16:ea:c9:8d:21:a1:52:d9:6e:
                    28:79:c0:6c:38:b6:f5:a4:f5:c9:11:f0:79:33:3c:
                    91:46:73:c4:e2:43:d2:6c:99:21:e2:c0:ba:bf:b5:
                    07:0d:25:dc:e8:3b:4d:d9:1d:e5:43:3f:e5:90:de:
                    83:62:c6:7f:ed:5f:cb:2a:83:90:8c:08:39:5f:82:
                    5e:5d:96:8f:65:4c:48:5f:a3:bf:dc:e8:74:e4:f8:
                    8e:43:9d:8f:4e:b1:f5:10:de:d2:13:80:f2:53:49:
                    13:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:25:36:BA:97:B8:A4:79:6C:69:41:BE:32:35:0B:6C:3A:5F:A8:65
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS59730.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:1d57::/48

    Signature Algorithm: sha256WithRSAEncryption
         16:94:52:7e:e3:4a:a0:e1:8e:b2:14:4c:cb:45:f9:a7:53:18:
         9f:88:e9:8c:ff:fa:49:51:be:8f:ce:aa:e2:09:40:a0:9c:d6:
         40:46:29:3f:44:aa:f1:2b:37:ca:54:8d:94:1c:09:3b:9c:df:
         87:f8:3f:dc:a1:9d:c9:9d:8c:8d:d3:e8:4f:36:00:26:9c:a2:
         75:20:d3:b7:df:c5:25:9c:8b:c1:8e:17:08:7b:d7:cc:b5:fc:
         5e:43:f7:14:b0:0d:43:81:49:78:0a:23:ec:d7:f7:54:68:f0:
         9c:f5:fa:f1:d8:ec:13:72:1c:7f:b9:6d:33:6c:b9:e8:cd:de:
         d2:a3:16:ac:d4:39:f9:0a:34:b7:b7:b1:ee:b1:5a:41:fc:8a:
         2a:2e:c3:5e:ec:31:80:ed:09:92:e8:78:5e:25:9c:d6:69:bb:
         71:e1:0c:99:72:8a:82:12:1e:18:3d:0b:0b:51:fb:f6:58:94:
         71:92:e4:b9:9f:9e:b6:47:e6:a7:84:1c:ba:f9:37:f1:90:d2:
         52:f8:cf:7b:e0:9e:2f:c6:51:fe:ac:10:89:f2:be:7f:6a:c8:
         77:1f:4c:5d:0a:08:2b:2d:bf:5f:31:91:a7:ce:2c:ec:01:8c:
         1a:a0:38:08:5a:c0:07:e5:80:9e:ab:cf:08:b8:a9:37:61:af:
         44:c4:61:63
-----BEGIN CERTIFICATE-----
MIIE5zCCA8+gAwIBAgIUNjz1tLR7yB0NxgZk6jvmo40VdzswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzAzMDcxNDM3MzJaFw0yNDAzMDUxNDQyMzJaMDMxMTAvBgNV
BAMTKEM5MjUzNkJBOTdCOEE0Nzk2QzY5NDFCRTMyMzUwQjZDM0E1RkE4NjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDiY5ncmsykjPHkBGgnfAS9H6eG
FDyjUS9GjpxyBqHM9QUPWvv3IVZ1R7dQuxTgxO6ekKUbj5AcVlyH4K/9Q8JNlShJ
7rsDHh60zCefLRzMLOV/cecYb4D+k3w568wSqtGeWSIJaHcRDVbA6deqSRk3Ykus
Fp8cNwjz7Jp869A7BA7EWOplRKoNQoFrfucv5tdXmKD12B+a0BVS9xbqyY0hoVLZ
bih5wGw4tvWk9ckR8HkzPJFGc8TiQ9JsmSHiwLq/tQcNJdzoO03ZHeVDP+WQ3oNi
xn/tX8sqg5CMCDlfgl5dlo9lTEhfo7/c6HTk+I5DnY9OsfUQ3tITgPJTSRP9AgMB
AAGjggHxMIIB7TAdBgNVHQ4EFgQUySU2upe4pHlsaUG+MjULbDpfqGUwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBvBggrBgEF
BQcBCwRjMGEwXwYIKwYBBQUHMAuGU3JzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
NTk3MzAucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcB
Af8EEzARMA8EAgACMAkDBwAqBqAFHVcwDQYJKoZIhvcNAQELBQADggEBABaUUn7j
SqDhjrIUTMtF+adTGJ+I6Yz/+klRvo/OquIJQKCc1kBGKT9EqvErN8pUjZQcCTuc
34f4P9yhncmdjI3T6E82ACaconUg07ffxSWci8GOFwh718y1/F5D9xSwDUOBSXgK
I+zX91Ro8Jz1+vHY7BNyHH+5bTNsuejN3tKjFqzUOfkKNLe3se6xWkH8iiouw17s
MYDtCZLoeF4lnNZpu3HhDJlyioISHhg9CwtR+/ZYlHGS5LmfnrZH5qeEHLr5N/GQ
0lL4z3vgni/GUf6sEInyvn9qyHcfTF0KCCstv18xkafOLOwBjBqgOAhawAflgJ6r
zwi4qTdhr0TEYWM=
-----END CERTIFICATE-----