Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS64264.roa
File:                     AS64264.roa (raw, json)
Hash identifier:          KWC0BlPxZzyCx+cBTIiVnXwC9fkhcgaA5QxArxS7zI8=
Subject key identifier:   A3:9E:22:C0:C1:1A:E5:0B:B8:AB:7C:A3:09:B7:C9:17:DE:75:88:88
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       2591611F0FE010706005F15CB5FA273A59EF12DC
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS64264.roa
Signing time:             Sun 14 Jan 2024 16:44:21 +0000
ROA not before:           Sun 14 Jan 2024 16:39:21 +0000
ROA not after:            Sun 12 Jan 2025 16:44:21 +0000
asID:                     64264
IP address blocks:        2a06:a005:11a0::/44 maxlen: 48
                          2a06:a005:11b0::/44 maxlen: 48
                          2a06:a005:11c0::/44 maxlen: 48
                          2a06:a005:11d0::/44 maxlen: 48
                          2a06:a005:11e0::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 04 May 2024 14:41:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            25:91:61:1f:0f:e0:10:70:60:05:f1:5c:b5:fa:27:3a:59:ef:12:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Jan 14 16:39:21 2024 GMT
            Not After : Jan 12 16:44:21 2025 GMT
        Subject: CN=A39E22C0C11AE50BB8AB7CA309B7C917DE758888
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:ff:e1:03:59:bd:58:04:7a:3e:9a:62:9f:95:
                    ff:2c:70:77:d0:e5:7a:41:5f:3f:25:f3:e2:6b:41:
                    70:9e:c8:5a:43:0a:0d:9d:6e:4f:d3:42:cc:e1:df:
                    56:70:40:b3:26:02:9e:2b:1a:53:f4:c4:6d:e6:e3:
                    28:ee:51:40:b3:b8:be:b4:96:19:a1:5d:12:f7:1d:
                    cc:40:a3:cd:e6:4c:8d:62:12:bb:34:20:c6:c7:ed:
                    46:14:4e:36:84:9d:ab:f8:be:f6:87:1f:fc:82:68:
                    68:95:2b:96:48:d6:38:28:fc:3d:1f:21:95:34:bb:
                    91:32:27:a9:dd:c1:0a:43:32:ea:36:e1:45:28:60:
                    31:c2:e3:9a:f4:f0:ad:5a:a6:6d:0d:0e:8d:56:f7:
                    17:05:1a:8d:a0:f6:41:f2:73:62:3d:b0:75:81:96:
                    36:93:01:ac:42:d2:88:bc:b8:92:b9:b3:07:41:78:
                    01:fe:a9:1d:b3:7e:d4:f1:cf:e0:d0:fc:5a:c7:12:
                    1d:83:b6:e8:5a:30:82:01:19:1e:a2:f8:45:a5:f7:
                    ee:00:c8:7a:ef:07:4e:81:0f:d6:bd:48:85:0c:7a:
                    90:8f:1e:ca:5e:26:17:da:41:74:1d:e8:65:44:d6:
                    a2:2b:28:09:8c:82:cc:bb:72:4c:72:97:99:79:d8:
                    0a:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:9E:22:C0:C1:1A:E5:0B:B8:AB:7C:A3:09:B7:C9:17:DE:75:88:88
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS64264.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:11a0::-2a06:a005:11ef:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         a7:f8:6e:a3:d0:c0:79:8a:95:5b:72:d2:26:29:7f:e6:21:a6:
         4e:64:32:25:2b:81:c3:9e:e9:97:61:f3:f2:6f:32:62:98:ac:
         e5:b5:8c:86:47:34:85:d2:ef:65:a3:9a:cc:5f:2f:ce:79:60:
         c1:c8:98:62:04:ed:38:e6:1d:76:4e:63:5b:22:c7:7d:86:61:
         9d:03:5b:8c:05:44:e7:9b:86:f0:9a:44:ac:14:28:10:26:2c:
         1c:0c:ab:45:13:cd:97:84:30:1b:8b:11:4f:28:45:9d:a0:4e:
         af:72:04:2e:27:46:48:1f:ee:a8:27:22:7c:fc:4c:0e:3f:fd:
         f2:c1:5d:36:0f:95:d9:23:3c:94:65:8d:52:39:c8:0e:cc:85:
         08:83:3a:db:68:13:6d:dd:ba:93:53:2b:82:3c:6b:b5:2b:35:
         e8:10:1e:e5:b0:74:83:1f:0e:93:28:ac:69:6d:2e:2f:c1:06:
         a4:1d:b6:e0:d2:24:18:fd:39:bf:d7:b5:72:24:60:d4:6c:9e:
         76:29:d3:79:55:20:45:0d:4a:30:cb:29:f3:b5:32:79:aa:bd:
         90:3e:87:57:bd:85:06:ec:54:42:50:74:62:01:29:71:34:63:
         05:fe:98:ec:8f:bc:14:74:0b:cf:a2:77:15:1d:52:00:93:d2:
         23:da:7a:00
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIUJZFhHw/gEHBgBfFctfonOlnvEtwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDAxMTQxNjM5MjFaFw0yNTAxMTIxNjQ0MjFaMDMxMTAvBgNV
BAMTKEEzOUUyMkMwQzExQUU1MEJCOEFCN0NBMzA5QjdDOTE3REU3NTg4ODgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDb/+EDWb1YBHo+mmKflf8scHfQ
5XpBXz8l8+JrQXCeyFpDCg2dbk/TQszh31ZwQLMmAp4rGlP0xG3m4yjuUUCzuL60
lhmhXRL3HcxAo83mTI1iErs0IMbH7UYUTjaEnav4vvaHH/yCaGiVK5ZI1jgo/D0f
IZU0u5EyJ6ndwQpDMuo24UUoYDHC45r08K1apm0NDo1W9xcFGo2g9kHyc2I9sHWB
ljaTAaxC0oi8uJK5swdBeAH+qR2zftTxz+DQ/FrHEh2DtuhaMIIBGR6i+EWl9+4A
yHrvB06BD9a9SIUMepCPHspeJhfaQXQd6GVE1qIrKAmMgsy7ckxyl5l52AqjAgMB
AAGjggH8MIIB+DAdBgNVHQ4EFgQUo54iwMEa5Qu4q3yjCbfJF951iIgwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBvBggrBgEF
BQcBCwRjMGEwXwYIKwYBBQUHMAuGU3JzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
NjQyNjQucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwLQYIKwYBBQUHAQcB
Af8EHjAcMBoEAgACMBQwEgMHBSoGoAURoAMHBCoGoAUR4DANBgkqhkiG9w0BAQsF
AAOCAQEAp/huo9DAeYqVW3LSJil/5iGmTmQyJSuBw57pl2Hz8m8yYpis5bWMhkc0
hdLvZaOazF8vznlgwciYYgTtOOYddk5jWyLHfYZhnQNbjAVE55uG8JpErBQoECYs
HAyrRRPNl4QwG4sRTyhFnaBOr3IELidGSB/uqCcifPxMDj/98sFdNg+V2SM8lGWN
UjnIDsyFCIM622gTbd26k1MrgjxrtSs16BAe5bB0gx8OkyisaW0uL8EGpB224NIk
GP05v9e1ciRg1GyedinTeVUgRQ1KMMsp87Uyeaq9kD6HV72FBuxUQlB0YgEpcTRj
Bf6Y7I+8FHQLz6J3FR1SAJPSI9p6AA==
-----END CERTIFICATE-----