Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS59730.roa
File:                     AS59730.roa (raw, json)
Hash identifier:          WWJzNd7rvmTNDdXMg+DFs/bfmAdyNL5TAP+kN7zhm6Q=
Subject key identifier:   31:33:82:A9:B2:57:BC:0C:3D:A0:21:D6:3E:3F:DB:A2:20:6D:3F:9D
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       4B902C3BCF9090153665F0B90840387AC9BDA19F
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS59730.roa
Signing time:             Tue 06 Feb 2024 14:44:24 +0000
ROA not before:           Tue 06 Feb 2024 14:39:24 +0000
ROA not after:            Tue 04 Feb 2025 14:44:24 +0000
asID:                     59730
IP address blocks:        2a06:a005:1d57::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 29 Mar 2024 12:00:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4b:90:2c:3b:cf:90:90:15:36:65:f0:b9:08:40:38:7a:c9:bd:a1:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Feb  6 14:39:24 2024 GMT
            Not After : Feb  4 14:44:24 2025 GMT
        Subject: CN=313382A9B257BC0C3DA021D63E3FDBA2206D3F9D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:40:3d:a8:c4:a5:ac:ae:fe:42:c3:7d:81:18:
                    e1:e8:53:d0:0d:52:c2:64:7b:64:b5:70:f4:f2:f8:
                    b3:25:fd:ca:9c:b4:bf:81:d2:f0:a6:d9:07:83:ad:
                    82:73:f0:54:9c:80:51:52:5f:5b:71:ca:1c:f3:6b:
                    51:54:1d:42:e4:af:c2:95:48:ab:00:5c:3f:3d:bd:
                    cb:0d:a7:63:b7:b4:15:03:37:5e:24:f6:1b:7e:66:
                    d7:d9:50:05:b3:2e:a3:46:44:cd:dc:3a:ad:53:83:
                    49:63:40:83:45:07:fa:62:32:b8:15:ae:1c:d9:67:
                    f6:cc:27:56:83:7d:48:4c:58:94:00:1c:76:ea:7e:
                    39:ea:ff:06:5f:48:25:50:f2:e1:8c:bb:a1:db:0e:
                    51:f3:14:23:af:a8:2c:c5:9a:96:aa:a5:da:97:6b:
                    50:02:36:9f:32:fa:0e:07:ab:44:71:a3:33:cf:80:
                    ad:11:a4:ff:af:fa:cf:1a:ba:e5:ed:ea:60:64:2a:
                    a9:6a:56:a9:13:2f:00:5f:a6:e9:cc:a2:a9:46:e7:
                    72:c8:3a:c2:10:cd:57:31:e0:19:23:dd:b3:ee:29:
                    9b:ea:c0:a8:a7:f3:b3:4f:a7:e6:30:8f:a0:18:fa:
                    de:2b:00:b5:ad:4d:3c:bc:03:c3:5c:71:e7:75:8c:
                    e5:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:33:82:A9:B2:57:BC:0C:3D:A0:21:D6:3E:3F:DB:A2:20:6D:3F:9D
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS59730.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:1d57::/48

    Signature Algorithm: sha256WithRSAEncryption
         85:59:6e:4b:6b:18:3a:53:95:d1:3f:a7:41:39:f7:f8:48:0b:
         b0:a4:dd:dd:fb:37:b0:00:bc:9d:69:89:a5:24:5e:d1:52:6d:
         f8:af:98:bd:95:7f:fa:51:4b:d9:24:b6:33:ab:0b:a2:a1:76:
         55:ca:e9:cd:a1:2b:cb:88:e9:01:2a:50:59:8f:96:18:a1:4d:
         e9:a8:e5:49:e5:d3:a1:dd:b8:46:b9:6c:48:bc:9f:1d:e2:f3:
         38:db:56:28:5b:b2:23:03:18:bf:ac:6a:0f:85:3c:5e:e4:25:
         d5:62:07:40:73:e9:5c:7f:ef:36:ef:5b:99:2d:a8:d6:dd:3c:
         39:68:5b:77:63:b2:8e:24:37:d4:93:7e:f8:0b:05:46:a0:53:
         2d:44:89:36:52:4d:59:27:e8:80:52:84:e3:51:d3:c0:b5:72:
         a9:ca:cd:e4:44:9e:5b:e8:5a:5e:26:1d:f2:87:fc:bf:4d:d3:
         47:65:63:06:64:ba:6d:61:0d:84:69:68:61:c8:2f:d1:88:a5:
         2b:b5:fe:13:be:77:ad:b1:3d:bb:b6:23:b3:61:b8:2f:d9:2e:
         12:11:98:3d:23:27:18:e8:c0:42:75:04:55:14:5e:68:dc:0a:
         e9:52:c0:98:b1:5b:a0:19:9a:d1:c6:15:4e:ea:fd:61:b9:9e:
         34:a1:c6:ba
-----BEGIN CERTIFICATE-----
MIIE5zCCA8+gAwIBAgIUS5AsO8+QkBU2ZfC5CEA4esm9oZ8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDAyMDYxNDM5MjRaFw0yNTAyMDQxNDQ0MjRaMDMxMTAvBgNV
BAMTKDMxMzM4MkE5QjI1N0JDMEMzREEwMjFENjNFM0ZEQkEyMjA2RDNGOUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgQD2oxKWsrv5Cw32BGOHoU9AN
UsJke2S1cPTy+LMl/cqctL+B0vCm2QeDrYJz8FScgFFSX1txyhzza1FUHULkr8KV
SKsAXD89vcsNp2O3tBUDN14k9ht+ZtfZUAWzLqNGRM3cOq1Tg0ljQINFB/piMrgV
rhzZZ/bMJ1aDfUhMWJQAHHbqfjnq/wZfSCVQ8uGMu6HbDlHzFCOvqCzFmpaqpdqX
a1ACNp8y+g4Hq0RxozPPgK0RpP+v+s8auuXt6mBkKqlqVqkTLwBfpunMoqlG53LI
OsIQzVcx4Bkj3bPuKZvqwKin87NPp+Ywj6AY+t4rALWtTTy8A8Ncced1jOXHAgMB
AAGjggHxMIIB7TAdBgNVHQ4EFgQUMTOCqbJXvAw9oCHWPj/boiBtP50wHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBvBggrBgEF
BQcBCwRjMGEwXwYIKwYBBQUHMAuGU3JzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
NTk3MzAucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcB
Af8EEzARMA8EAgACMAkDBwAqBqAFHVcwDQYJKoZIhvcNAQELBQADggEBAIVZbktr
GDpTldE/p0E59/hIC7Ck3d37N7AAvJ1piaUkXtFSbfivmL2Vf/pRS9kktjOrC6Kh
dlXK6c2hK8uI6QEqUFmPlhihTemo5Unl06HduEa5bEi8nx3i8zjbVihbsiMDGL+s
ag+FPF7kJdViB0Bz6Vx/7zbvW5ktqNbdPDloW3djso4kN9STfvgLBUagUy1EiTZS
TVkn6IBShONR08C1cqnKzeREnlvoWl4mHfKH/L9N00dlYwZkum1hDYRpaGHIL9GI
pSu1/hO+d62xPbu2I7NhuC/ZLhIRmD0jJxjowEJ1BFUUXmjcCulSwJixW6AZmtHG
FU7q/WG5njShxro=
-----END CERTIFICATE-----
Generated at Thu Mar 28 16:06:53 2024 by rpki-client on console-ams.rpki-client.org