Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS60438.roa
File:                     AS60438.roa (raw, json)
Hash identifier:          IIKX4zo/k0ihrief9e+gAODXG5QkmzQQ0fpRPoSecBo=
Subject key identifier:   14:D8:89:1C:9E:43:42:2F:05:2B:83:9F:93:3A:B6:9C:51:2D:C9:2A
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       74ECBA294D2E9C26298146FEBCE74871FB5B3390
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS60438.roa
Signing time:             Fri 08 Nov 2024 12:40:12 +0000
ROA not before:           Fri 08 Nov 2024 12:35:12 +0000
ROA not after:            Fri 07 Nov 2025 12:40:12 +0000
asID:                     60438
IP address blocks:        2a06:a005:26c0::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 23:17:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            74:ec:ba:29:4d:2e:9c:26:29:81:46:fe:bc:e7:48:71:fb:5b:33:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Nov  8 12:35:12 2024 GMT
            Not After : Nov  7 12:40:12 2025 GMT
        Subject: CN=14D8891C9E43422F052B839F933AB69C512DC92A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:79:6c:4e:ac:bd:53:f6:72:25:ac:98:f3:78:
                    d7:25:47:92:5f:df:c0:ef:cf:63:f5:26:94:7f:45:
                    5a:73:87:52:15:bb:8a:99:7e:87:01:ed:1c:41:0d:
                    cf:ee:08:2b:6f:e0:1f:82:67:e3:49:68:d5:0f:c9:
                    33:36:e5:23:04:f0:21:4b:76:1a:20:9d:de:89:9e:
                    d3:b7:41:d4:08:4b:bc:8e:7d:dd:33:95:6a:39:17:
                    64:fc:70:4d:eb:32:53:53:7d:c6:a0:29:0a:b9:18:
                    d3:b3:94:89:5a:49:8b:a9:f0:a6:90:02:7d:b0:85:
                    72:88:6e:8e:c9:f1:65:8d:1d:b3:83:1a:6d:7c:c9:
                    9a:91:ff:a4:8f:4f:1e:b2:86:c2:70:d1:46:c8:a0:
                    36:99:17:6f:36:4b:8f:b5:f4:18:70:cb:12:63:90:
                    99:99:6f:d7:84:e9:9c:31:6d:7e:61:79:74:fd:ce:
                    de:07:b4:02:4a:fa:4a:bb:4f:28:df:c8:d9:0d:80:
                    4b:17:a9:54:ab:76:7e:e4:8d:5d:70:b4:38:3f:f5:
                    19:8e:3f:99:d0:cd:1b:4f:e9:a7:96:72:47:37:62:
                    e8:4e:01:a7:84:72:ac:44:3b:75:7c:72:e4:a3:c7:
                    2b:37:c4:51:d8:85:64:84:71:b4:cc:0d:02:cb:2f:
                    a2:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:D8:89:1C:9E:43:42:2F:05:2B:83:9F:93:3A:B6:9C:51:2D:C9:2A
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS60438.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:26c0::/48

    Signature Algorithm: sha256WithRSAEncryption
         94:bb:2c:93:78:68:64:f3:b6:9a:71:7d:b7:30:42:37:b5:65:
         fc:b7:bb:18:a4:e5:65:71:c0:31:14:90:e8:68:e7:60:c5:14:
         56:b9:fd:65:97:92:2a:81:9d:c7:81:ec:b6:d8:93:f0:3a:cc:
         cd:25:aa:5f:a4:b1:4b:19:31:ce:23:f2:25:f2:a8:9b:b4:f4:
         7d:10:42:dc:3c:b9:a8:1f:65:fb:1b:1f:59:c5:90:45:a3:6a:
         81:cf:87:96:a8:97:bd:7d:90:7c:a3:27:f2:7e:56:d9:82:c9:
         8f:34:75:09:b8:12:ce:97:10:da:e9:10:77:e4:54:69:ae:90:
         c2:f5:06:71:d1:66:9a:5f:80:1e:4f:17:7d:70:bd:04:1d:cd:
         56:a6:3f:d1:80:df:5c:89:2c:76:aa:d0:72:fd:29:df:48:a0:
         a0:f8:1e:77:e7:c6:39:f5:b1:e8:97:c5:6e:d5:b5:5e:a2:5f:
         ce:b0:dd:93:e4:4e:44:48:7b:45:bb:7d:32:c3:48:f0:f2:9b:
         60:0c:99:61:4f:fd:e4:fd:5a:48:f3:4d:27:83:d6:ad:74:02:
         cc:de:cb:d1:58:57:0e:58:9c:59:f5:8c:0d:bd:42:e7:cb:39:
         39:a2:60:43:a8:a9:f0:d9:c4:9c:03:fc:ed:e4:58:9a:e9:b3:
         96:93:c8:8b
-----BEGIN CERTIFICATE-----
MIIE5zCCA8+gAwIBAgIUdOy6KU0unCYpgUb+vOdIcftbM5AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDExMDgxMjM1MTJaFw0yNTExMDcxMjQwMTJaMDMxMTAvBgNV
BAMTKDE0RDg4OTFDOUU0MzQyMkYwNTJCODM5RjkzM0FCNjlDNTEyREM5MkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAeWxOrL1T9nIlrJjzeNclR5Jf
38Dvz2P1JpR/RVpzh1IVu4qZfocB7RxBDc/uCCtv4B+CZ+NJaNUPyTM25SME8CFL
dhognd6JntO3QdQIS7yOfd0zlWo5F2T8cE3rMlNTfcagKQq5GNOzlIlaSYup8KaQ
An2whXKIbo7J8WWNHbODGm18yZqR/6SPTx6yhsJw0UbIoDaZF282S4+19BhwyxJj
kJmZb9eE6ZwxbX5heXT9zt4HtAJK+kq7TyjfyNkNgEsXqVSrdn7kjV1wtDg/9RmO
P5nQzRtP6aeWckc3YuhOAaeEcqxEO3V8cuSjxys3xFHYhWSEcbTMDQLLL6LpAgMB
AAGjggHxMIIB7TAdBgNVHQ4EFgQUFNiJHJ5DQi8FK4Ofkzq2nFEtySowHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBvBggrBgEF
BQcBCwRjMGEwXwYIKwYBBQUHMAuGU3JzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
NjA0Mzgucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcB
Af8EEzARMA8EAgACMAkDBwAqBqAFJsAwDQYJKoZIhvcNAQELBQADggEBAJS7LJN4
aGTztppxfbcwQje1Zfy3uxik5WVxwDEUkOho52DFFFa5/WWXkiqBnceB7LbYk/A6
zM0lql+ksUsZMc4j8iXyqJu09H0QQtw8uagfZfsbH1nFkEWjaoHPh5aol719kHyj
J/J+VtmCyY80dQm4Es6XENrpEHfkVGmukML1BnHRZppfgB5PF31wvQQdzVamP9GA
31yJLHaq0HL9Kd9IoKD4Hnfnxjn1seiXxW7VtV6iX86w3ZPkTkRIe0W7fTLDSPDy
m2AMmWFP/eT9WkjzTSeD1q10Aszey9FYVw5YnFn1jA29QufLOTmiYEOoqfDZxJwD
/O3kWJrps5aTyIs=
-----END CERTIFICATE-----