Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS7018.roa
File:                     AS7018.roa (raw, json)
Hash identifier:          Tvm+QyqjcaNk5oYUEw8G/I6OZsSosknMga+QgZFQ50M=
Subject key identifier:   82:1C:68:58:AD:48:69:54:A7:CD:0B:8F:C2:69:85:28:35:A6:30:12
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       50F6C3549DE39FA1C125D6115F13DC6B57233C99
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS7018.roa
Signing time:             Tue 19 Nov 2024 19:21:35 +0000
ROA not before:           Tue 19 Nov 2024 19:16:35 +0000
ROA not after:            Tue 18 Nov 2025 19:21:35 +0000
asID:                     7018
IP address blocks:        2a06:a005:3070::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 17:16:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            50:f6:c3:54:9d:e3:9f:a1:c1:25:d6:11:5f:13:dc:6b:57:23:3c:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Nov 19 19:16:35 2024 GMT
            Not After : Nov 18 19:21:35 2025 GMT
        Subject: CN=821C6858AD486954A7CD0B8FC269852835A63012
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:50:62:99:c3:a8:dd:05:bc:67:43:a3:4f:fe:
                    31:85:cb:2b:84:a6:c2:06:34:cd:a2:13:4f:72:e7:
                    ef:29:e8:b7:62:1a:77:85:fc:c4:21:da:30:13:10:
                    b9:1b:1a:92:42:0d:f7:9a:76:17:4a:51:84:17:33:
                    01:f4:24:62:60:1a:a6:7b:9a:7c:30:f9:ca:78:f1:
                    34:d7:01:07:31:35:54:74:8d:aa:21:19:a6:77:81:
                    02:00:1d:7e:67:7b:38:bb:c0:87:20:2e:6b:36:ae:
                    80:3e:31:79:9a:36:f8:ea:00:57:0e:11:2b:dc:64:
                    62:72:48:de:21:f4:cd:5b:57:33:b5:5c:f9:56:d3:
                    56:c4:5a:94:3a:53:22:27:22:7b:99:2e:d2:f3:98:
                    f9:e7:f2:86:a7:08:4f:ef:c5:8c:4f:ae:7f:b7:e0:
                    91:12:de:3e:d6:e7:1a:45:96:fe:a0:02:76:4a:29:
                    7e:f3:83:4f:1f:6d:9d:49:80:2c:5a:2a:d2:20:07:
                    00:70:be:31:d3:46:fd:7d:73:a1:2d:a6:b4:e0:52:
                    c5:51:84:e2:e5:83:20:31:5d:ae:c6:0b:9e:8f:d5:
                    ea:aa:2d:c3:14:52:14:38:08:ae:16:78:7f:4a:f4:
                    47:13:db:72:db:06:ef:5b:c8:4c:0c:25:fc:bd:23:
                    10:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:1C:68:58:AD:48:69:54:A7:CD:0B:8F:C2:69:85:28:35:A6:30:12
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS7018.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:3070::/44

    Signature Algorithm: sha256WithRSAEncryption
         c5:59:5d:3c:2d:a8:b5:bc:00:77:14:64:9e:bc:d7:9f:5b:1f:
         27:a4:e1:a4:f9:7a:da:6c:88:ed:f7:fd:e0:cb:6e:59:f2:1a:
         77:ec:6c:08:5a:1c:02:34:46:5d:d5:c3:f5:5a:b8:94:2e:42:
         c2:8e:2c:77:62:4b:55:b3:55:fb:e0:52:8d:03:1b:61:f7:f3:
         02:34:7c:64:0c:15:d8:f5:5d:e0:4e:ee:66:f3:f9:e0:fc:b5:
         99:03:97:be:07:4a:f7:7d:d6:3f:4d:8a:f9:28:a1:db:a8:15:
         9d:f5:72:e8:85:91:b1:96:3b:f0:52:b0:14:c5:85:6d:0e:db:
         34:ca:47:82:b5:67:10:0a:1a:92:c9:00:dd:d6:05:02:2d:2b:
         2b:67:03:73:b6:14:b4:10:19:3f:ee:48:ce:3e:d5:5d:2c:8f:
         c9:0f:ee:7d:58:f6:31:02:ed:e3:da:ee:88:d6:a1:83:fe:b5:
         da:51:a1:dc:f2:e1:d3:e6:ed:4f:37:e1:69:17:22:97:6b:14:
         38:95:80:33:1e:76:b7:a9:87:42:12:e3:ef:87:e9:5d:b8:ed:
         c2:1b:1c:5c:17:be:da:9d:12:eb:6e:67:42:36:bb:7c:d9:e4:
         cb:55:86:5c:69:f2:4d:d6:21:9e:c2:14:73:76:24:66:7f:72:
         41:fc:52:fd
-----BEGIN CERTIFICATE-----
MIIE5jCCA86gAwIBAgIUUPbDVJ3jn6HBJdYRXxPca1cjPJkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDExMTkxOTE2MzVaFw0yNTExMTgxOTIxMzVaMDMxMTAvBgNV
BAMTKDgyMUM2ODU4QUQ0ODY5NTRBN0NEMEI4RkMyNjk4NTI4MzVBNjMwMTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDUGKZw6jdBbxnQ6NP/jGFyyuE
psIGNM2iE09y5+8p6LdiGneF/MQh2jATELkbGpJCDfeadhdKUYQXMwH0JGJgGqZ7
mnww+cp48TTXAQcxNVR0jaohGaZ3gQIAHX5nezi7wIcgLms2roA+MXmaNvjqAFcO
ESvcZGJySN4h9M1bVzO1XPlW01bEWpQ6UyInInuZLtLzmPnn8oanCE/vxYxPrn+3
4JES3j7W5xpFlv6gAnZKKX7zg08fbZ1JgCxaKtIgBwBwvjHTRv19c6EtprTgUsVR
hOLlgyAxXa7GC56P1eqqLcMUUhQ4CK4WeH9K9EcT23LbBu9byEwMJfy9IxCTAgMB
AAGjggHwMIIB7DAdBgNVHQ4EFgQUghxoWK1IaVSnzQuPwmmFKDWmMBIwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBuBggrBgEF
BQcBCwRiMGAwXgYIKwYBBQUHMAuGUnJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
NzAxOC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB
/wQTMBEwDwQCAAIwCQMHBCoGoAUwcDANBgkqhkiG9w0BAQsFAAOCAQEAxVldPC2o
tbwAdxRknrzXn1sfJ6ThpPl62myI7ff94MtuWfIad+xsCFocAjRGXdXD9Vq4lC5C
wo4sd2JLVbNV++BSjQMbYffzAjR8ZAwV2PVd4E7uZvP54Py1mQOXvgdK933WP02K
+Sih26gVnfVy6IWRsZY78FKwFMWFbQ7bNMpHgrVnEAoakskA3dYFAi0rK2cDc7YU
tBAZP+5Izj7VXSyPyQ/ufVj2MQLt49ruiNahg/612lGh3PLh0+btTzfhaRcil2sU
OJWAMx52t6mHQhLj74fpXbjtwhscXBe+2p0S625nQja7fNnky1WGXGnyTdYhnsIU
c3YkZn9yQfxS/Q==
-----END CERTIFICATE-----