Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS210779.roa
File:                     AS210779.roa (raw, json)
Hash identifier:          fl+HE60EdXfPl+IhM/cMYQmOsKJe/k2BXHtD2STuXTQ=
Subject key identifier:   40:C6:EB:37:2F:D6:A4:E3:DB:94:0D:6A:C0:13:97:D6:7D:23:60:4F
Certificate issuer:       /CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Certificate serial:       5B797E07EACD5236640C0C7E43B748123B086C6C
Authority key identifier: D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS210779.roa
Signing time:             Thu 03 Jul 2025 15:51:59 +0000
ROA not before:           Thu 03 Jul 2025 15:46:59 +0000
ROA not after:            Thu 02 Jul 2026 15:51:59 +0000
asID:                     210779
IP address blocks:        2a06:a005:2::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 05 Jul 2025 17:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5b:79:7e:07:ea:cd:52:36:64:0c:0c:7e:43:b7:48:12:3b:08:6c:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
        Validity
            Not Before: Jul  3 15:46:59 2025 GMT
            Not After : Jul  2 15:51:59 2026 GMT
        Subject: CN=40C6EB372FD6A4E3DB940D6AC01397D67D23604F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:7a:8f:17:6d:5c:e2:5c:3f:d7:4c:98:33:e9:
                    af:bf:c0:11:db:4d:c0:af:e1:59:bf:4f:c6:7f:0a:
                    2d:25:de:48:42:29:8e:b5:5c:65:e9:56:df:39:ab:
                    c4:52:57:64:ed:91:96:9b:89:f7:dd:cc:e4:a8:f4:
                    9e:48:e5:f5:bf:a9:71:ad:6c:1c:c5:e0:1b:08:9e:
                    29:3b:e4:78:a6:a4:59:ec:4e:5a:51:33:b5:8f:94:
                    44:85:10:8e:84:d9:49:b4:55:ee:d4:46:99:db:10:
                    df:42:4b:db:b0:aa:38:39:fd:92:7c:51:a5:0d:14:
                    8c:8a:ee:1e:36:39:28:19:d4:d5:ce:b7:4e:76:b8:
                    e7:b0:20:1c:bd:04:bf:a7:fc:eb:bb:44:e9:d9:36:
                    b1:bb:d0:ff:c6:da:bf:b8:1c:b6:40:59:7d:0c:60:
                    c5:27:87:7f:3d:2c:c6:0b:f6:04:47:2a:db:ed:42:
                    50:77:0a:2d:b2:2d:f7:ca:6a:83:07:aa:63:b0:78:
                    f8:3a:19:cf:34:09:ff:b0:8b:f4:10:a6:3e:5e:9a:
                    e9:19:d1:89:5b:46:d3:93:81:be:d9:9d:bc:8c:5c:
                    c1:40:f8:ea:f5:80:a9:36:f3:c0:6a:8d:92:30:7c:
                    7b:8a:6b:a1:76:64:43:0a:44:0b:53:c1:5f:6a:d5:
                    8b:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:C6:EB:37:2F:D6:A4:E3:DB:94:0D:6A:C0:13:97:D6:7D:23:60:4F
            X509v3 Authority Key Identifier:
                keyid:D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS210779.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:2::/48

    Signature Algorithm: sha256WithRSAEncryption
         01:55:1d:be:78:72:76:79:10:90:b7:3d:b0:ff:e0:16:fe:36:
         4c:fc:f0:87:2a:72:1a:d2:5a:c5:06:50:75:f2:f4:9f:5c:7d:
         ac:9a:28:f4:bc:55:60:7f:93:cb:eb:4d:ed:54:be:00:0e:b7:
         b7:b4:c3:08:31:88:17:7c:72:39:b0:2e:ad:ec:d9:20:da:d6:
         8b:e1:d2:12:30:76:36:6d:83:90:1a:95:93:e0:84:87:78:b7:
         f9:7c:32:c1:cc:7f:b5:ab:09:fe:c8:d8:ab:b9:2b:2b:91:4c:
         b8:69:13:8d:32:aa:b6:8a:c2:ba:1e:3c:1b:9e:b3:8e:94:a3:
         19:84:c9:76:5a:26:f4:c4:c8:d8:a0:23:d1:ae:a4:07:cc:e6:
         65:04:23:62:c5:d9:1b:c5:4f:10:01:c9:2c:41:0c:8c:3a:ae:
         6b:25:c2:dd:85:94:ea:db:a0:c7:f1:96:ef:ab:5d:be:55:fc:
         2f:0c:73:1d:2c:53:55:89:65:32:63:7b:78:3a:7e:a8:bb:f4:
         9d:a0:f2:9e:15:57:11:70:0f:1f:91:24:74:33:eb:1a:2b:48:
         f3:b9:96:95:5d:0f:40:f6:21:69:be:ff:9f:e5:83:96:00:5a:
         db:bb:4d:29:87:79:e0:8a:4b:ad:3f:8d:06:82:5a:1b:6e:df:
         c7:40:06:c4
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUW3l+B+rNUjZkDAx+Q7dIEjsIbGwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDE0YjZmY2YyYjJjNjliZTA4NWU5Zjk1OTg3MmRjYmU4
ZWE1NDE3NzAeFw0yNTA3MDMxNTQ2NTlaFw0yNjA3MDIxNTUxNTlaMDMxMTAvBgNV
BAMTKDQwQzZFQjM3MkZENkE0RTNEQjk0MEQ2QUMwMTM5N0Q2N0QyMzYwNEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCieo8XbVziXD/XTJgz6a+/wBHb
TcCv4Vm/T8Z/Ci0l3khCKY61XGXpVt85q8RSV2TtkZabiffdzOSo9J5I5fW/qXGt
bBzF4BsInik75HimpFnsTlpRM7WPlESFEI6E2Um0Ve7URpnbEN9CS9uwqjg5/ZJ8
UaUNFIyK7h42OSgZ1NXOt052uOewIBy9BL+n/Ou7ROnZNrG70P/G2r+4HLZAWX0M
YMUnh389LMYL9gRHKtvtQlB3Ci2yLffKaoMHqmOwePg6Gc80Cf+wi/QQpj5emukZ
0YlbRtOTgb7ZnbyMXMFA+Or1gKk288BqjZIwfHuKa6F2ZEMKRAtTwV9q1YvhAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUQMbrNy/WpOPblA1qwBOX1n0jYE8wHwYDVR0j
BBgwFoAU0Utvzyssab4IXp+VmHLcvo6lQXcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvNy9EMTRCNkZDRjJC
MkM2OUJFMDg1RTlGOTU5ODcyRENCRThFQTU0MTc3LmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMFV0dnp5c3NhYjRJWHAtVm1ITGN2bzZsUVhjLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC83L0FT
MjEwNzc5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcAKgagBQACMA0GCSqGSIb3DQEBCwUAA4IBAQABVR2+
eHJ2eRCQtz2w/+AW/jZM/PCHKnIa0lrFBlB18vSfXH2smij0vFVgf5PL603tVL4A
Dre3tMMIMYgXfHI5sC6t7Nkg2taL4dISMHY2bYOQGpWT4ISHeLf5fDLBzH+1qwn+
yNiruSsrkUy4aRONMqq2isK6HjwbnrOOlKMZhMl2Wib0xMjYoCPRrqQHzOZlBCNi
xdkbxU8QAcksQQyMOq5rJcLdhZTq26DH8Zbvq12+VfwvDHMdLFNViWUyY3t4On6o
u/SdoPKeFVcRcA8fkSR0M+saK0jzuZaVXQ9A9iFpvv+f5YOWAFrbu00ph3ngikut
P40Gglobbt/HQAbE
-----END CERTIFICATE-----