Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS150184.roa
File:                     AS150184.roa (raw, json)
Hash identifier:          Jr45qoPEKGyVZdDO2/n4bFfA/dzHBBrSQsgRpWROT9g=
Subject key identifier:   15:78:D5:A6:3D:D8:3A:66:B7:5C:1A:48:A5:87:7B:15:8F:D7:1E:9F
Certificate issuer:       /CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Certificate serial:       673137FCEE37538AA8BBE495DDDD51661D7D8B1A
Authority key identifier: D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS150184.roa
Signing time:             Thu 03 Jul 2025 15:52:34 +0000
ROA not before:           Thu 03 Jul 2025 15:47:34 +0000
ROA not after:            Thu 02 Jul 2026 15:52:34 +0000
asID:                     150184
IP address blocks:        2a06:a005:5f4::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 05 Jul 2025 17:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            67:31:37:fc:ee:37:53:8a:a8:bb:e4:95:dd:dd:51:66:1d:7d:8b:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
        Validity
            Not Before: Jul  3 15:47:34 2025 GMT
            Not After : Jul  2 15:52:34 2026 GMT
        Subject: CN=1578D5A63DD83A66B75C1A48A5877B158FD71E9F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:9a:a0:2f:2a:b5:fd:b4:11:16:86:55:c5:13:
                    e5:67:04:16:59:bb:0e:78:44:c5:ef:4a:fe:7e:eb:
                    e2:dd:ba:97:c9:7c:ca:6f:03:8a:73:24:d3:5e:7f:
                    1b:08:12:27:0a:4b:10:f7:14:01:9f:f8:e7:4f:fb:
                    7f:4a:9b:9d:fd:80:ef:2f:84:08:4a:90:b7:5e:6f:
                    11:5b:52:8d:78:33:0d:1c:6a:0d:49:6c:35:da:34:
                    0c:53:4d:04:6f:b6:9f:02:ac:b0:27:39:e5:c6:1a:
                    21:b8:55:04:5d:d5:f9:bb:91:15:0b:26:4c:9a:c5:
                    b8:4a:52:72:09:f5:97:b3:d5:78:5d:98:80:23:76:
                    08:97:b4:34:2e:ae:e2:03:0d:93:e6:d3:92:ff:0c:
                    eb:95:30:d5:0e:98:d8:de:a2:41:d3:ed:20:0f:86:
                    08:49:15:84:1f:41:76:68:32:01:b9:2e:fe:3b:89:
                    68:e5:ba:b0:0b:76:a5:5a:b2:06:a4:46:b7:1e:a1:
                    51:e1:a3:e7:c1:8e:b2:62:7b:44:6c:21:ba:41:d6:
                    a9:12:e5:dc:86:56:3f:0b:ad:fd:80:52:a2:62:32:
                    58:c8:03:73:75:a8:f8:f9:70:75:c5:f4:77:10:8a:
                    48:53:87:81:87:05:c4:e9:1b:50:fd:23:b4:f7:e4:
                    5c:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:78:D5:A6:3D:D8:3A:66:B7:5C:1A:48:A5:87:7B:15:8F:D7:1E:9F
            X509v3 Authority Key Identifier:
                keyid:D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS150184.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:5f4::/48

    Signature Algorithm: sha256WithRSAEncryption
         0f:3f:c0:93:f8:0b:34:31:3a:cb:74:bc:11:53:bc:83:75:f9:
         77:6e:8a:4a:4a:00:4b:7c:34:67:4b:24:c9:12:f9:be:98:bf:
         15:5b:d4:07:75:b3:10:13:9b:3c:16:8f:df:09:73:e0:3c:24:
         bd:79:6a:05:6c:25:de:fc:43:77:1d:5f:30:36:9b:1d:d3:06:
         68:e8:b9:c5:13:bf:72:85:44:3c:b5:27:16:51:f2:37:38:fa:
         06:72:35:5a:53:c3:3d:ea:11:ec:02:2b:d5:d2:46:65:6b:19:
         8c:86:83:68:3c:4b:32:50:65:ca:93:d0:35:c7:a3:0a:44:9e:
         97:5e:41:4b:98:04:20:bc:90:74:ab:0a:0a:6a:d6:2d:2b:7b:
         19:a5:1e:b5:73:c5:28:31:14:61:c7:e4:d9:7a:fc:2f:0f:d5:
         45:98:4d:a2:4a:cd:48:a4:4d:1e:88:8e:26:d5:79:cc:4a:c7:
         cb:9d:e4:8a:1e:39:4b:9b:89:5d:e7:27:81:ae:43:e4:1b:e3:
         84:fb:17:87:99:e0:3f:00:43:34:7c:09:4d:e4:9e:27:32:63:
         33:e5:96:2f:2d:43:ce:d9:d3:6e:ad:67:12:28:10:26:fb:a7:
         63:55:9c:56:84:a9:17:c7:61:33:5e:a1:51:33:8b:9d:9a:ff:
         cf:7b:36:b4
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUZzE3/O43U4qou+SV3d1RZh19ixowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDE0YjZmY2YyYjJjNjliZTA4NWU5Zjk1OTg3MmRjYmU4
ZWE1NDE3NzAeFw0yNTA3MDMxNTQ3MzRaFw0yNjA3MDIxNTUyMzRaMDMxMTAvBgNV
BAMTKDE1NzhENUE2M0REODNBNjZCNzVDMUE0OEE1ODc3QjE1OEZENzFFOUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXmqAvKrX9tBEWhlXFE+VnBBZZ
uw54RMXvSv5+6+LdupfJfMpvA4pzJNNefxsIEicKSxD3FAGf+OdP+39Km539gO8v
hAhKkLdebxFbUo14Mw0cag1JbDXaNAxTTQRvtp8CrLAnOeXGGiG4VQRd1fm7kRUL
JkyaxbhKUnIJ9Zez1XhdmIAjdgiXtDQuruIDDZPm05L/DOuVMNUOmNjeokHT7SAP
hghJFYQfQXZoMgG5Lv47iWjlurALdqVasgakRrceoVHho+fBjrJie0RsIbpB1qkS
5dyGVj8Lrf2AUqJiMljIA3N1qPj5cHXF9HcQikhTh4GHBcTpG1D9I7T35FwFAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUFXjVpj3YOma3XBpIpYd7FY/XHp8wHwYDVR0j
BBgwFoAU0Utvzyssab4IXp+VmHLcvo6lQXcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvNy9EMTRCNkZDRjJC
MkM2OUJFMDg1RTlGOTU5ODcyRENCRThFQTU0MTc3LmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMFV0dnp5c3NhYjRJWHAtVm1ITGN2bzZsUVhjLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC83L0FT
MTUwMTg0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcAKgagBQX0MA0GCSqGSIb3DQEBCwUAA4IBAQAPP8CT
+As0MTrLdLwRU7yDdfl3bopKSgBLfDRnSyTJEvm+mL8VW9QHdbMQE5s8Fo/fCXPg
PCS9eWoFbCXe/EN3HV8wNpsd0wZo6LnFE79yhUQ8tScWUfI3OPoGcjVaU8M96hHs
AivV0kZlaxmMhoNoPEsyUGXKk9A1x6MKRJ6XXkFLmAQgvJB0qwoKatYtK3sZpR61
c8UoMRRhx+TZevwvD9VFmE2iSs1IpE0eiI4m1XnMSsfLneSKHjlLm4ld5yeBrkPk
G+OE+xeHmeA/AEM0fAlN5J4nMmMz5ZYvLUPO2dNurWcSKBAm+6djVZxWhKkXx2Ez
XqFRM4udmv/Peza0
-----END CERTIFICATE-----