Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS142289.roa
File:                     AS142289.roa (raw, json)
Hash identifier:          UVEZJLPvszWjlGRYSY7WRtVdDHCUlr+dfp3+LN2RGUg=
Subject key identifier:   55:33:68:43:DF:21:87:ED:C1:53:8B:80:64:7B:22:AA:2B:A8:AF:90
Certificate issuer:       /CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Certificate serial:       69E3669A0152F217F780D08B77F095D839EDCF4A
Authority key identifier: D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS142289.roa
Signing time:             Thu 03 Jul 2025 15:51:24 +0000
ROA not before:           Thu 03 Jul 2025 15:46:24 +0000
ROA not after:            Thu 02 Jul 2026 15:51:24 +0000
asID:                     142289
IP address blocks:        2a06:a005:700::/44 maxlen: 48
                          2a06:a005:a30::/44 maxlen: 48
                          2a06:a005:a40::/44 maxlen: 48
                          2a06:a005:a50::/44 maxlen: 48
                          2a06:a005:a60::/44 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 05 Jul 2025 17:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            69:e3:66:9a:01:52:f2:17:f7:80:d0:8b:77:f0:95:d8:39:ed:cf:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
        Validity
            Not Before: Jul  3 15:46:24 2025 GMT
            Not After : Jul  2 15:51:24 2026 GMT
        Subject: CN=55336843DF2187EDC1538B80647B22AA2BA8AF90
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:69:98:a8:89:7d:1c:ec:24:07:44:11:3f:e9:
                    37:bc:3f:67:f0:03:63:3d:fd:39:af:42:25:e8:e4:
                    73:88:31:ca:2c:ec:be:d4:4a:16:9a:a5:71:cc:9a:
                    6a:c1:5c:32:f8:2a:05:7b:d5:05:5c:c3:e7:3b:f8:
                    53:af:99:f3:5a:f8:2b:cd:c3:ee:b6:16:21:7e:9a:
                    5f:87:10:33:ab:e6:f8:47:cb:e4:33:e8:bf:0e:45:
                    94:5a:07:3d:22:bc:d0:d1:61:6d:9e:6a:40:94:c5:
                    ff:be:0c:b8:16:cd:bd:94:b5:6c:47:5d:ac:38:d0:
                    9c:03:58:8b:a3:66:79:15:47:54:8c:13:61:a9:d6:
                    17:9f:26:3f:27:31:ce:3e:13:d5:d2:6b:32:c6:41:
                    ea:82:f7:ee:0a:66:22:35:3a:06:11:34:22:52:2a:
                    5f:e4:21:38:c3:4a:0b:6d:41:05:31:08:bf:4d:e3:
                    9f:d7:85:bc:f3:42:c5:13:7c:5b:9f:2a:b2:a5:b1:
                    57:6e:e9:52:01:64:59:46:10:53:2d:d7:9d:30:fb:
                    20:1e:1a:9b:c6:bc:54:cf:c9:d9:e8:1d:43:ca:7c:
                    d7:e5:d4:a7:79:80:45:25:a7:eb:d6:72:47:60:a3:
                    51:44:92:1b:29:ce:46:7c:14:2c:92:3a:69:2a:e0:
                    2f:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:33:68:43:DF:21:87:ED:C1:53:8B:80:64:7B:22:AA:2B:A8:AF:90
            X509v3 Authority Key Identifier:
                keyid:D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS142289.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:700::/44
                  2a06:a005:a30::-2a06:a005:a6f:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         07:a2:3f:11:14:fd:77:bd:21:b0:e9:98:ed:d5:ce:53:ba:76:
         37:e5:1e:06:0a:6c:3f:35:f7:61:f9:a7:df:28:68:5b:f0:43:
         e0:a0:32:5d:7d:f0:3f:36:6f:e1:57:80:0c:63:3e:2f:25:bc:
         9c:a0:73:4c:06:b1:e0:16:5f:81:a5:27:b5:89:8f:81:b8:d1:
         cc:d4:bf:cb:1a:6c:0e:2c:f4:d2:c2:79:bc:85:ee:63:4f:69:
         79:93:80:43:d4:ab:10:b9:dc:a8:b1:e1:41:d5:4d:b1:db:5b:
         ec:2d:2e:f9:f9:06:6c:e4:db:8c:f3:4d:98:6d:d9:01:9d:1c:
         fe:95:24:fd:5e:83:5b:c8:28:7a:24:e9:1d:b1:e3:62:58:94:
         fa:e6:47:7b:6b:62:8b:e6:cc:6e:7c:8a:f4:69:f2:92:72:01:
         3e:69:1b:06:8c:43:48:05:28:28:0d:d8:b0:49:5d:ef:12:74:
         c1:b9:80:ab:9a:d9:17:ca:21:08:e0:53:63:9f:de:df:d5:dc:
         78:a8:1d:06:75:9a:c7:6a:3c:94:05:1e:18:52:d4:4a:dc:84:
         b5:00:8d:86:a1:3b:ed:48:62:15:ee:12:51:d4:8a:79:9a:f7:
         6f:06:37:79:a6:57:aa:34:5c:29:f4:ea:cc:40:63:3a:27:e1:
         e6:3f:fc:86
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgIUaeNmmgFS8hf3gNCLd/CV2Dntz0owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDE0YjZmY2YyYjJjNjliZTA4NWU5Zjk1OTg3MmRjYmU4
ZWE1NDE3NzAeFw0yNTA3MDMxNTQ2MjRaFw0yNjA3MDIxNTUxMjRaMDMxMTAvBgNV
BAMTKDU1MzM2ODQzREYyMTg3RURDMTUzOEI4MDY0N0IyMkFBMkJBOEFGOTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCPaZioiX0c7CQHRBE/6Te8P2fw
A2M9/TmvQiXo5HOIMcos7L7UShaapXHMmmrBXDL4KgV71QVcw+c7+FOvmfNa+CvN
w+62FiF+ml+HEDOr5vhHy+Qz6L8ORZRaBz0ivNDRYW2eakCUxf++DLgWzb2UtWxH
Xaw40JwDWIujZnkVR1SME2Gp1hefJj8nMc4+E9XSazLGQeqC9+4KZiI1OgYRNCJS
Kl/kITjDSgttQQUxCL9N45/XhbzzQsUTfFufKrKlsVdu6VIBZFlGEFMt150w+yAe
GpvGvFTPydnoHUPKfNfl1Kd5gEUlp+vWckdgo1FEkhspzkZ8FCySOmkq4C8pAgMB
AAGjggIGMIICAjAdBgNVHQ4EFgQUVTNoQ98hh+3BU4uAZHsiqiuor5AwHwYDVR0j
BBgwFoAU0Utvzyssab4IXp+VmHLcvo6lQXcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvNy9EMTRCNkZDRjJC
MkM2OUJFMDg1RTlGOTU5ODcyRENCRThFQTU0MTc3LmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMFV0dnp5c3NhYjRJWHAtVm1ITGN2bzZsUVhjLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC83L0FT
MTQyMjg5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEH
AQH/BCcwJTAjBAIAAjAdAwcEKgagBQcAMBIDBwQqBqAFCjADBwQqBqAFCmAwDQYJ
KoZIhvcNAQELBQADggEBAAeiPxEU/Xe9IbDpmO3VzlO6djflHgYKbD8192H5p98o
aFvwQ+CgMl198D82b+FXgAxjPi8lvJygc0wGseAWX4GlJ7WJj4G40czUv8sabA4s
9NLCebyF7mNPaXmTgEPUqxC53Kix4UHVTbHbW+wtLvn5Bmzk24zzTZht2QGdHP6V
JP1eg1vIKHok6R2x42JYlPrmR3trYovmzG58ivRp8pJyAT5pGwaMQ0gFKCgN2LBJ
Xe8SdMG5gKua2RfKIQjgU2Of3t/V3HioHQZ1msdqPJQFHhhS1ErchLUAjYahO+1I
YhXuElHUinma928GN3mmV6o0XCn06sxAYzon4eY//IY=
-----END CERTIFICATE-----