Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS212793.roa
File:                     AS212793.roa (raw, json)
Hash identifier:          Xg0AV1SXn0BAZBAW7UnComaetVfHz+Bn0TyJ/CyKfRg=
Subject key identifier:   E7:1A:1D:8F:31:AC:E5:EB:7B:63:03:00:D1:4D:7C:00:5B:D0:8C:37
Certificate issuer:       /CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Certificate serial:       2087FB1232C05025845BC9B75B0D8866A1905E3A
Authority key identifier: D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS212793.roa
Signing time:             Thu 03 Jul 2025 15:51:57 +0000
ROA not before:           Thu 03 Jul 2025 15:46:57 +0000
ROA not after:            Thu 02 Jul 2026 15:51:57 +0000
asID:                     212793
IP address blocks:        2a06:a005:b69::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 05 Jul 2025 17:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            20:87:fb:12:32:c0:50:25:84:5b:c9:b7:5b:0d:88:66:a1:90:5e:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
        Validity
            Not Before: Jul  3 15:46:57 2025 GMT
            Not After : Jul  2 15:51:57 2026 GMT
        Subject: CN=E71A1D8F31ACE5EB7B630300D14D7C005BD08C37
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:e6:86:6f:cc:c7:f0:60:93:8a:4e:df:13:eb:
                    06:f7:8d:31:3d:8d:aa:47:2a:fc:08:b4:5e:10:82:
                    6d:1e:30:25:ff:82:01:26:cf:6f:4e:1e:00:cb:5e:
                    cf:d5:0b:02:61:a4:eb:26:60:57:ad:fd:13:e1:da:
                    5f:5e:0f:2f:5d:4f:7e:37:8b:53:0c:ca:f9:cc:80:
                    69:6f:a0:f0:38:16:08:be:22:d6:0c:83:8b:83:87:
                    eb:47:80:93:18:f5:57:81:21:37:9b:de:28:c1:32:
                    ee:b4:1b:00:b9:2b:9f:14:ac:0e:3a:d2:ec:c1:65:
                    12:ed:03:be:cc:c2:8e:c4:28:57:f7:01:fa:ce:57:
                    1f:88:2f:da:46:fc:f0:e5:1b:36:e8:fd:82:c8:34:
                    97:39:bd:d9:bb:3a:9e:4c:14:d6:30:ba:8d:e1:a9:
                    42:13:08:50:a5:40:cc:81:06:f9:b2:6c:b8:4c:32:
                    45:fb:16:0c:c1:17:7a:b8:c6:40:36:1c:64:58:2e:
                    66:19:04:7e:f4:ce:1b:40:aa:34:c3:65:2d:ff:c0:
                    21:aa:e1:cc:9f:35:ab:de:43:83:80:8e:63:79:c5:
                    27:c6:8e:a6:e4:2b:76:53:b9:07:2d:b4:32:e4:8a:
                    bd:2b:ae:8d:42:29:40:c8:27:0c:a1:fd:46:34:61:
                    36:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:1A:1D:8F:31:AC:E5:EB:7B:63:03:00:D1:4D:7C:00:5B:D0:8C:37
            X509v3 Authority Key Identifier:
                keyid:D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS212793.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:b69::/48

    Signature Algorithm: sha256WithRSAEncryption
         02:32:8b:d7:71:17:16:20:ed:37:a9:cb:bc:14:16:65:52:fa:
         9d:bd:06:3c:36:1a:5e:73:7a:4e:4d:83:b9:9c:1f:99:0e:94:
         72:12:b7:48:fc:ee:5e:8e:31:15:59:ab:d9:7e:7f:09:f3:b9:
         db:73:4d:ca:30:e4:08:b8:a7:06:3f:53:44:a4:ae:7d:1d:e8:
         8f:a0:f3:65:22:73:05:13:10:c3:3a:93:2a:6c:b8:79:64:f6:
         44:0d:d5:03:80:6c:0c:93:08:86:d0:e4:3f:0a:5f:f9:7d:5b:
         ef:21:76:5c:c3:63:bd:5c:88:4e:d9:30:47:3d:e4:5e:45:30:
         71:f9:b2:07:b2:82:c0:22:ae:84:60:ab:f1:07:e3:8e:3d:ed:
         d3:7e:ef:30:e4:6c:eb:8c:df:9c:74:f3:74:e3:f6:e6:f4:23:
         0f:72:5b:d8:57:38:03:d8:52:7e:4e:44:a3:4d:1b:28:36:ac:
         fc:2e:d3:f8:8d:3c:45:4a:69:5c:24:5e:16:06:65:11:d5:38:
         2c:40:15:be:df:9c:84:f6:c7:fc:bb:48:fd:96:44:32:38:4f:
         b7:24:36:96:c8:4b:8b:03:e8:85:0f:85:f7:99:37:b6:2f:30:
         e3:a8:89:61:8b:5e:ed:1c:c2:8b:8d:ad:7b:00:c5:7e:fd:2e:
         48:73:b0:25
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUIIf7EjLAUCWEW8m3Ww2IZqGQXjowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDE0YjZmY2YyYjJjNjliZTA4NWU5Zjk1OTg3MmRjYmU4
ZWE1NDE3NzAeFw0yNTA3MDMxNTQ2NTdaFw0yNjA3MDIxNTUxNTdaMDMxMTAvBgNV
BAMTKEU3MUExRDhGMzFBQ0U1RUI3QjYzMDMwMEQxNEQ3QzAwNUJEMDhDMzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCY5oZvzMfwYJOKTt8T6wb3jTE9
japHKvwItF4Qgm0eMCX/ggEmz29OHgDLXs/VCwJhpOsmYFet/RPh2l9eDy9dT343
i1MMyvnMgGlvoPA4Fgi+ItYMg4uDh+tHgJMY9VeBITeb3ijBMu60GwC5K58UrA46
0uzBZRLtA77Mwo7EKFf3AfrOVx+IL9pG/PDlGzbo/YLINJc5vdm7Op5MFNYwuo3h
qUITCFClQMyBBvmybLhMMkX7FgzBF3q4xkA2HGRYLmYZBH70zhtAqjTDZS3/wCGq
4cyfNaveQ4OAjmN5xSfGjqbkK3ZTuQcttDLkir0rro1CKUDIJwyh/UY0YTbtAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQU5xodjzGs5et7YwMA0U18AFvQjDcwHwYDVR0j
BBgwFoAU0Utvzyssab4IXp+VmHLcvo6lQXcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvNy9EMTRCNkZDRjJC
MkM2OUJFMDg1RTlGOTU5ODcyRENCRThFQTU0MTc3LmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMFV0dnp5c3NhYjRJWHAtVm1ITGN2bzZsUVhjLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC83L0FT
MjEyNzkzLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcAKgagBQtpMA0GCSqGSIb3DQEBCwUAA4IBAQACMovX
cRcWIO03qcu8FBZlUvqdvQY8Nhpec3pOTYO5nB+ZDpRyErdI/O5ejjEVWavZfn8J
87nbc03KMOQIuKcGP1NEpK59HeiPoPNlInMFExDDOpMqbLh5ZPZEDdUDgGwMkwiG
0OQ/Cl/5fVvvIXZcw2O9XIhO2TBHPeReRTBx+bIHsoLAIq6EYKvxB+OOPe3Tfu8w
5GzrjN+cdPN04/bm9CMPclvYVzgD2FJ+TkSjTRsoNqz8LtP4jTxFSmlcJF4WBmUR
1TgsQBW+35yE9sf8u0j9lkQyOE+3JDaWyEuLA+iFD4X3mTe2LzDjqIlhi17tHMKL
ja17AMV+/S5Ic7Al
-----END CERTIFICATE-----