Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS60781.roa
File:                     AS60781.roa (raw, json)
Hash identifier:          /KdPElOirgJ2+7lIboOHNBfqcXOWxIu12IQs1Uzi3os=
Subject key identifier:   63:EB:F2:D7:92:64:B3:D5:6A:BC:AC:DE:C8:56:99:10:13:87:1B:4C
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       7D667EA3096B2919FF395AEEA95CC17494D32F4E
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS60781.roa
Signing time:             Tue 01 Oct 2024 20:08:38 +0000
ROA not before:           Tue 01 Oct 2024 20:03:38 +0000
ROA not after:            Tue 30 Sep 2025 20:08:38 +0000
asID:                     60781
IP address blocks:        160.202.133.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 17:16:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7d:66:7e:a3:09:6b:29:19:ff:39:5a:ee:a9:5c:c1:74:94:d3:2f:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Oct  1 20:03:38 2024 GMT
            Not After : Sep 30 20:08:38 2025 GMT
        Subject: CN=63EBF2D79264B3D56ABCACDEC856991013871B4C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:e1:0e:fb:b9:5c:a7:6d:72:3c:3c:4a:61:b2:
                    bd:1d:dd:8f:d8:bf:8a:75:ac:dc:5a:b4:b5:eb:07:
                    96:dc:87:47:2f:98:8f:31:cd:4c:a5:db:6b:59:d3:
                    2b:ab:e6:9a:ff:87:ec:35:a8:b2:96:c4:e7:95:26:
                    8f:31:fb:52:81:01:79:ef:3b:c9:bd:86:bf:ed:3a:
                    34:55:ea:78:ea:43:c8:bf:77:71:11:f2:18:83:26:
                    0c:77:b2:12:d1:a1:a6:98:6d:e5:1c:5b:8a:c8:3f:
                    2e:c6:16:6e:a7:d7:cc:77:56:5e:18:fc:de:16:5e:
                    cb:7c:68:54:ce:e3:f3:8b:0b:7e:7a:31:b3:e8:97:
                    b1:e7:0a:bd:e2:e5:a7:54:95:34:6a:95:4d:1b:d7:
                    4b:c5:f8:a6:bb:7c:1b:a8:44:f6:87:f7:46:32:92:
                    2a:7c:0f:30:5c:52:89:41:ad:9d:bf:be:05:98:a4:
                    2b:8d:82:79:a0:91:72:2c:9c:70:5d:34:ab:5e:c8:
                    04:13:c3:74:e4:df:7c:fc:05:cd:d8:00:f0:ee:e4:
                    8f:3a:41:1c:6a:fd:d0:70:e9:c8:79:8e:2d:84:de:
                    0d:14:87:bb:90:69:7b:7f:70:d3:20:6b:cc:38:02:
                    12:ce:3e:a2:78:d1:03:0f:3e:32:3c:4a:0c:4f:58:
                    e6:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:EB:F2:D7:92:64:B3:D5:6A:BC:AC:DE:C8:56:99:10:13:87:1B:4C
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS60781.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.202.133.0/24

    Signature Algorithm: sha256WithRSAEncryption
         69:b0:b0:89:ce:25:d7:c3:14:a6:f7:98:af:ba:1c:ad:d2:d1:
         39:eb:2a:8d:ad:e6:b1:35:1b:38:b6:c4:ba:e5:0b:f1:f1:12:
         4b:34:0c:4f:22:61:ea:b0:56:89:53:98:60:6a:98:1b:5b:48:
         0e:0d:d8:c3:31:8a:f2:df:0a:a0:18:1f:ac:ff:01:86:16:85:
         d7:a5:e8:82:de:33:35:c3:ed:37:70:0b:4e:1d:de:b4:72:1c:
         2e:4a:5b:a3:f5:98:6d:8e:99:14:45:3d:1b:d2:eb:e3:f1:99:
         67:f5:44:9d:95:c0:ba:79:9f:19:d2:a4:c3:a2:65:49:75:dc:
         c1:ad:d5:f2:3a:5c:dc:28:f6:08:db:22:42:f2:8c:73:2e:56:
         4c:9e:aa:2d:40:b9:20:f8:84:54:58:26:a2:7d:8c:64:97:f0:
         8b:20:c4:2c:f1:5e:ba:4f:66:25:69:4b:09:88:07:02:44:54:
         7d:64:6e:20:5f:db:56:1d:27:90:82:95:f5:2e:fb:2b:ae:3f:
         6e:4d:4e:98:fd:41:8b:2c:40:b6:7e:57:e1:c7:00:3a:fb:c4:
         f8:2b:5a:d2:1d:6f:6d:92:73:d1:35:6f:2f:23:b7:ce:4f:51:
         d0:fb:e7:dc:91:6e:b0:75:5e:36:b4:e4:9d:f7:a7:dc:8f:38:
         4d:f2:73:d8
-----BEGIN CERTIFICATE-----
MIIE5DCCA8ygAwIBAgIUfWZ+owlrKRn/OVruqVzBdJTTL04wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDEwMDEyMDAzMzhaFw0yNTA5MzAyMDA4MzhaMDMxMTAvBgNV
BAMTKDYzRUJGMkQ3OTI2NEIzRDU2QUJDQUNERUM4NTY5OTEwMTM4NzFCNEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCy4Q77uVynbXI8PEphsr0d3Y/Y
v4p1rNxatLXrB5bch0cvmI8xzUyl22tZ0yur5pr/h+w1qLKWxOeVJo8x+1KBAXnv
O8m9hr/tOjRV6njqQ8i/d3ER8hiDJgx3shLRoaaYbeUcW4rIPy7GFm6n18x3Vl4Y
/N4WXst8aFTO4/OLC356MbPol7HnCr3i5adUlTRqlU0b10vF+Ka7fBuoRPaH90Yy
kip8DzBcUolBrZ2/vgWYpCuNgnmgkXIsnHBdNKteyAQTw3Tk33z8Bc3YAPDu5I86
QRxq/dBw6ch5ji2E3g0Uh7uQaXt/cNMga8w4AhLOPqJ40QMPPjI8SgxPWOYTAgMB
AAGjggHuMIIB6jAdBgNVHQ4EFgQUY+vy15Jks9VqvKzeyFaZEBOHG0wwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBvBggrBgEF
BQcBCwRjMGEwXwYIKwYBBQUHMAuGU3JzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
NjA3ODEucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcB
Af8EEDAOMAwEAgABMAYDBACgyoUwDQYJKoZIhvcNAQELBQADggEBAGmwsInOJdfD
FKb3mK+6HK3S0TnrKo2t5rE1Gzi2xLrlC/HxEks0DE8iYeqwVolTmGBqmBtbSA4N
2MMxivLfCqAYH6z/AYYWhdel6ILeMzXD7TdwC04d3rRyHC5KW6P1mG2OmRRFPRvS
6+PxmWf1RJ2VwLp5nxnSpMOiZUl13MGt1fI6XNwo9gjbIkLyjHMuVkyeqi1AuSD4
hFRYJqJ9jGSX8IsgxCzxXrpPZiVpSwmIBwJEVH1kbiBf21YdJ5CClfUu+yuuP25N
Tpj9QYssQLZ+V+HHADr7xPgrWtIdb22Sc9E1by8jt85PUdD759yRbrB1Xja05J33
p9yPOE3yc9g=
-----END CERTIFICATE-----