Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS63279.roa
File:                     AS63279.roa (raw, json)
Hash identifier:          dl2LoiCfy/D3PQ9XnYE3J6koyAfEsk8DQ8rvSsaerwE=
Subject key identifier:   68:B1:83:CC:02:BC:0D:F5:BE:30:6A:AC:FD:E2:AB:C0:EC:42:CD:94
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       1F5598C067EDF5CF3AECBD3BD7CB6519603A05B9
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS63279.roa
Signing time:             Wed 10 Jan 2024 04:44:21 +0000
ROA not before:           Wed 10 Jan 2024 04:39:21 +0000
ROA not after:            Wed 08 Jan 2025 04:44:21 +0000
asID:                     63279
IP address blocks:        2a06:a005:1d90::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 04 May 2024 11:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1f:55:98:c0:67:ed:f5:cf:3a:ec:bd:3b:d7:cb:65:19:60:3a:05:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Jan 10 04:39:21 2024 GMT
            Not After : Jan  8 04:44:21 2025 GMT
        Subject: CN=68B183CC02BC0DF5BE306AACFDE2ABC0EC42CD94
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:43:f6:78:04:cc:04:4a:09:82:3e:20:18:ba:
                    1e:08:2a:86:eb:06:33:ba:c3:fa:58:68:ff:f8:b9:
                    57:b8:9a:ae:92:be:39:98:5c:ea:77:0b:ac:03:f8:
                    85:50:b4:d6:cf:49:69:dd:b6:c3:2c:57:52:e3:86:
                    82:d9:8d:94:72:f9:02:65:8f:1f:46:11:a7:ec:0c:
                    ea:4a:1d:54:b4:0c:98:f1:bd:fa:49:30:c2:47:a5:
                    7a:90:c7:7e:94:73:15:b6:64:e9:3d:ec:c9:f2:d4:
                    f6:cb:e5:b7:4c:41:bc:4c:b7:b0:6f:1a:b6:19:3e:
                    87:3d:7b:76:83:93:6f:e6:e4:39:29:42:cd:b3:9d:
                    93:88:95:b7:bd:3f:7e:6d:27:3d:bd:88:eb:bb:f7:
                    e2:9a:57:f5:17:75:97:90:c1:5b:6f:58:cc:8a:c1:
                    fd:4c:9c:cc:f9:7d:fb:65:78:0b:dd:23:71:4b:56:
                    86:62:97:3b:26:9f:69:8f:d6:b2:28:87:20:a2:c5:
                    51:d4:d4:50:ba:d2:78:49:71:88:b2:fe:83:3e:b1:
                    ad:f6:0d:4a:96:49:1c:60:51:40:8b:e0:c2:05:8e:
                    2d:0e:fd:47:48:e1:04:b9:fa:66:73:bc:8d:df:d8:
                    06:7c:f2:27:ad:f5:8c:36:f2:0c:e4:39:aa:46:67:
                    72:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:B1:83:CC:02:BC:0D:F5:BE:30:6A:AC:FD:E2:AB:C0:EC:42:CD:94
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS63279.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:1d90::/44

    Signature Algorithm: sha256WithRSAEncryption
         96:42:ce:2f:1a:88:8f:f9:3e:3c:26:27:0a:1c:d1:0c:fd:88:
         18:c9:d2:d1:9a:10:9b:2f:b4:99:db:70:80:1a:3a:aa:18:00:
         12:9a:62:2e:cd:66:ef:78:29:ae:c5:52:3b:f8:d9:a4:33:22:
         96:b6:f6:a9:3a:0d:16:bb:c0:46:f8:96:0e:4c:dc:c8:2f:fa:
         74:83:49:0b:4b:35:f5:c5:57:d8:ae:e6:fb:e0:19:54:94:52:
         0d:aa:8f:8e:0e:97:17:4d:2d:b7:68:47:ff:33:1b:c8:9d:89:
         fe:ad:42:3e:80:05:59:15:70:1d:8f:f8:6a:c5:d2:d2:86:45:
         99:8f:7b:5d:cd:7d:fd:1f:9b:05:b7:b9:00:6c:9d:90:dc:0e:
         4a:84:dd:02:32:62:55:80:25:50:14:a5:62:ca:38:f1:e6:2c:
         2c:a6:fc:d3:69:29:d3:30:4b:91:17:28:90:e6:de:d9:23:0d:
         15:d0:e9:42:27:28:98:72:41:5f:b8:1f:8c:e1:09:05:7d:91:
         fa:09:b6:98:74:7b:59:83:83:9c:a2:dd:f9:ea:c1:15:85:51:
         bd:08:fd:30:28:86:ac:03:4a:51:d2:db:5c:3e:64:f5:e4:ff:
         13:77:be:11:a9:68:bc:48:0b:86:4b:22:4d:d7:b3:46:57:b1:
         6c:9c:8c:8b
-----BEGIN CERTIFICATE-----
MIIE5zCCA8+gAwIBAgIUH1WYwGft9c867L0718tlGWA6BbkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDAxMTAwNDM5MjFaFw0yNTAxMDgwNDQ0MjFaMDMxMTAvBgNV
BAMTKDY4QjE4M0NDMDJCQzBERjVCRTMwNkFBQ0ZERTJBQkMwRUM0MkNEOTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+Q/Z4BMwESgmCPiAYuh4IKobr
BjO6w/pYaP/4uVe4mq6SvjmYXOp3C6wD+IVQtNbPSWndtsMsV1LjhoLZjZRy+QJl
jx9GEafsDOpKHVS0DJjxvfpJMMJHpXqQx36UcxW2ZOk97Mny1PbL5bdMQbxMt7Bv
GrYZPoc9e3aDk2/m5DkpQs2znZOIlbe9P35tJz29iOu79+KaV/UXdZeQwVtvWMyK
wf1MnMz5fftleAvdI3FLVoZilzsmn2mP1rIohyCixVHU1FC60nhJcYiy/oM+sa32
DUqWSRxgUUCL4MIFji0O/UdI4QS5+mZzvI3f2AZ88iet9Yw28gzkOapGZ3JtAgMB
AAGjggHxMIIB7TAdBgNVHQ4EFgQUaLGDzAK8DfW+MGqs/eKrwOxCzZQwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBvBggrBgEF
BQcBCwRjMGEwXwYIKwYBBQUHMAuGU3JzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
NjMyNzkucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcB
Af8EEzARMA8EAgACMAkDBwQqBqAFHZAwDQYJKoZIhvcNAQELBQADggEBAJZCzi8a
iI/5PjwmJwoc0Qz9iBjJ0tGaEJsvtJnbcIAaOqoYABKaYi7NZu94Ka7FUjv42aQz
Ipa29qk6DRa7wEb4lg5M3Mgv+nSDSQtLNfXFV9iu5vvgGVSUUg2qj44OlxdNLbdo
R/8zG8idif6tQj6ABVkVcB2P+GrF0tKGRZmPe13Nff0fmwW3uQBsnZDcDkqE3QIy
YlWAJVAUpWLKOPHmLCym/NNpKdMwS5EXKJDm3tkjDRXQ6UInKJhyQV+4H4zhCQV9
kfoJtph0e1mDg5yi3fnqwRWFUb0I/TAohqwDSlHS21w+ZPXk/xN3vhGpaLxIC4ZL
Ik3Xs0ZXsWycjIs=
-----END CERTIFICATE-----