Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS60326.roa
File:                     AS60326.roa (raw, json)
Hash identifier:          0TECBqaTCyGA1W/uln4HXmlb/alECZCwemOcheS+IPM=
Subject key identifier:   9E:B0:82:45:BE:B0:A7:C3:0C:EA:3B:85:9D:C5:20:AD:2C:85:58:FE
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       5FECFDF17D45A12AEC51EF1DB7DE817C45728285
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS60326.roa
Signing time:             Fri 13 Dec 2024 02:56:30 +0000
ROA not before:           Fri 13 Dec 2024 02:51:30 +0000
ROA not after:            Fri 12 Dec 2025 02:56:30 +0000
asID:                     60326
IP address blocks:        2a06:a005:8f0::/44 maxlen: 48
                          2a06:a005:1060::/44 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 13 Mar 2025 15:28:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5f:ec:fd:f1:7d:45:a1:2a:ec:51:ef:1d:b7:de:81:7c:45:72:82:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Dec 13 02:51:30 2024 GMT
            Not After : Dec 12 02:56:30 2025 GMT
        Subject: CN=9EB08245BEB0A7C30CEA3B859DC520AD2C8558FE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:90:0d:15:7d:61:da:8f:f8:e1:1a:a1:ec:99:
                    bc:79:1c:0e:bc:e3:10:ec:fb:7b:b3:85:3d:ea:f6:
                    0c:e3:b2:18:17:54:d3:63:c7:ce:51:4b:2d:00:4d:
                    d4:66:ae:7d:80:13:80:08:2c:75:f7:bb:76:85:b9:
                    c7:9e:32:a4:0e:c7:4a:29:bc:1a:a2:ee:04:6c:f4:
                    08:c4:05:eb:e5:02:cf:0d:eb:0d:f7:72:fb:77:ea:
                    8d:cf:16:c1:f3:94:58:67:02:02:f1:f2:34:0c:46:
                    31:a3:59:5a:13:fe:29:2a:b8:51:71:7a:af:bb:2d:
                    1b:ee:d1:2e:28:7b:7e:f1:1e:ef:fa:86:7b:62:27:
                    de:d5:b5:37:31:40:f5:f4:22:eb:82:5d:9d:a5:b9:
                    9e:97:71:19:7e:99:69:24:38:e4:bf:70:44:89:6f:
                    04:86:94:93:a6:5e:75:7c:89:e1:fc:97:92:ee:cd:
                    77:f5:35:7d:37:41:b6:98:ba:1b:70:2c:37:9f:c0:
                    7d:45:e3:98:04:0a:46:25:f4:75:96:46:55:07:bf:
                    0f:1e:fa:a1:a0:2c:09:60:65:4b:a1:88:92:cb:1f:
                    e5:a0:28:d1:0e:f0:dc:b2:83:20:dc:a0:fa:22:52:
                    a6:f8:b0:2b:67:e1:cf:71:d1:48:58:cb:39:fb:05:
                    81:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:B0:82:45:BE:B0:A7:C3:0C:EA:3B:85:9D:C5:20:AD:2C:85:58:FE
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS60326.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:8f0::/44
                  2a06:a005:1060::/44

    Signature Algorithm: sha256WithRSAEncryption
         34:e7:4a:c0:0a:ad:ec:c7:65:e6:01:7e:6f:04:08:59:2f:1b:
         f5:5b:64:68:b4:6d:1e:5d:cc:ec:15:54:15:48:7a:dc:a1:76:
         54:4d:d4:e3:83:9e:01:62:9f:43:bc:ea:01:cd:59:a1:67:8c:
         9a:ed:42:3b:43:3f:ca:8c:85:57:54:80:77:70:8c:ad:08:4c:
         3c:1a:92:5b:20:1c:40:c0:7c:0a:07:14:5f:f2:f3:69:6d:cc:
         79:62:68:db:89:3a:10:bc:92:cf:66:c4:d2:78:ca:58:95:19:
         a0:58:a2:4e:0d:28:5d:ba:d6:cc:a5:df:73:11:a7:6e:8e:ac:
         54:7f:8a:c9:db:da:1a:e9:29:55:76:83:a9:80:6c:73:5c:1f:
         46:78:74:7c:ca:cb:bc:c5:50:d9:bb:7f:12:d8:68:4c:ec:cc:
         b4:30:2e:4d:b4:01:33:4d:8d:7b:ec:0e:23:64:0a:04:87:fe:
         ac:50:6b:80:3c:10:bd:9a:f1:d0:6a:0f:1a:e4:9b:11:c3:47:
         87:ca:22:4a:0c:e3:dd:44:10:9c:09:8d:c7:c6:f1:32:68:08:
         5c:03:d2:46:b4:eb:a8:ab:0f:89:ca:6f:ea:f2:7d:b6:6e:6f:
         bc:64:df:83:e6:5e:56:a6:49:7a:c8:2c:6b:04:fd:0c:25:06:
         be:4b:49:c9
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIUX+z98X1FoSrsUe8dt96BfEVygoUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDEyMTMwMjUxMzBaFw0yNTEyMTIwMjU2MzBaMDMxMTAvBgNV
BAMTKDlFQjA4MjQ1QkVCMEE3QzMwQ0VBM0I4NTlEQzUyMEFEMkM4NTU4RkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHkA0VfWHaj/jhGqHsmbx5HA68
4xDs+3uzhT3q9gzjshgXVNNjx85RSy0ATdRmrn2AE4AILHX3u3aFuceeMqQOx0op
vBqi7gRs9AjEBevlAs8N6w33cvt36o3PFsHzlFhnAgLx8jQMRjGjWVoT/ikquFFx
eq+7LRvu0S4oe37xHu/6hntiJ97VtTcxQPX0IuuCXZ2luZ6XcRl+mWkkOOS/cESJ
bwSGlJOmXnV8ieH8l5LuzXf1NX03QbaYuhtwLDefwH1F45gECkYl9HWWRlUHvw8e
+qGgLAlgZUuhiJLLH+WgKNEO8NyygyDcoPoiUqb4sCtn4c9x0UhYyzn7BYH9AgMB
AAGjggH6MIIB9jAdBgNVHQ4EFgQUnrCCRb6wp8MM6juFncUgrSyFWP4wHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBvBggrBgEF
BQcBCwRjMGEwXwYIKwYBBQUHMAuGU3JzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
NjAzMjYucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwKwYIKwYBBQUHAQcB
Af8EHDAaMBgEAgACMBIDBwQqBqAFCPADBwQqBqAFEGAwDQYJKoZIhvcNAQELBQAD
ggEBADTnSsAKrezHZeYBfm8ECFkvG/VbZGi0bR5dzOwVVBVIetyhdlRN1OODngFi
n0O86gHNWaFnjJrtQjtDP8qMhVdUgHdwjK0ITDwaklsgHEDAfAoHFF/y82ltzHli
aNuJOhC8ks9mxNJ4yliVGaBYok4NKF261syl33MRp26OrFR/isnb2hrpKVV2g6mA
bHNcH0Z4dHzKy7zFUNm7fxLYaEzszLQwLk20ATNNjXvsDiNkCgSH/qxQa4A8EL2a
8dBqDxrkmxHDR4fKIkoM491EEJwJjcfG8TJoCFwD0ka066irD4nKb+ryfbZub7xk
34PmXlamSXrILGsE/QwlBr5LSck=
-----END CERTIFICATE-----