Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS51856.roa
File:                     AS51856.roa (raw, json)
Hash identifier:          eemoX2EGVsexrgUqMvRFSbGSJnHqyKmMtuL2fws9d+c=
Subject key identifier:   D4:5E:AC:68:D3:ED:B0:2E:1A:5F:71:29:EB:41:2C:A1:92:8B:77:4C
Certificate issuer:       /CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Certificate serial:       519C4FCB5660CA9E69B598FD77122F93133A5F
Authority key identifier: D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS51856.roa
Signing time:             Thu 03 Jul 2025 15:52:36 +0000
ROA not before:           Thu 03 Jul 2025 15:47:36 +0000
ROA not after:            Thu 02 Jul 2026 15:52:36 +0000
asID:                     51856
IP address blocks:        2a06:a005:1310::/44 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 05 Jul 2025 17:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            51:9c:4f:cb:56:60:ca:9e:69:b5:98:fd:77:12:2f:93:13:3a:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
        Validity
            Not Before: Jul  3 15:47:36 2025 GMT
            Not After : Jul  2 15:52:36 2026 GMT
        Subject: CN=D45EAC68D3EDB02E1A5F7129EB412CA1928B774C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:20:fb:14:4e:48:b9:05:dd:e9:46:0b:2d:b3:
                    c3:87:88:86:89:c6:28:86:00:89:bb:87:69:28:60:
                    9a:4d:c8:51:a8:f5:78:ec:b2:6f:08:17:b3:39:00:
                    85:a6:46:fb:39:27:75:b5:fc:4d:e8:87:15:e9:b9:
                    21:31:c7:fe:d8:3b:73:92:d2:78:5e:a5:ed:a0:f1:
                    0d:ed:ea:4b:80:fd:da:77:e9:36:aa:cc:2a:0e:4c:
                    5a:ce:a0:49:3a:a3:c1:a6:ad:42:2a:f4:33:17:70:
                    e7:18:b6:49:35:f5:f9:b6:62:c6:71:b4:d8:91:7d:
                    49:1a:a6:9b:87:ed:ae:2d:78:c7:c6:d3:cf:a2:75:
                    5d:5d:d5:12:99:2f:2b:ab:64:46:85:db:9c:1e:d1:
                    03:f3:b0:6f:10:6b:c1:67:96:88:fe:ac:50:37:51:
                    b8:69:35:35:ab:cb:c1:92:26:c8:68:48:d8:e3:5e:
                    2c:74:6f:0b:6e:56:46:4f:98:7b:19:0d:40:55:7d:
                    15:11:55:15:23:89:c4:3d:3f:3e:68:68:cf:c9:1e:
                    cf:c7:2c:f5:1a:22:da:fe:20:4a:6d:73:74:4e:86:
                    f5:63:bf:aa:13:34:39:64:50:45:78:35:b3:a1:32:
                    92:2c:a0:f2:61:bd:8e:11:db:96:0e:e9:89:09:03:
                    83:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:5E:AC:68:D3:ED:B0:2E:1A:5F:71:29:EB:41:2C:A1:92:8B:77:4C
            X509v3 Authority Key Identifier:
                keyid:D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS51856.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:1310::/44

    Signature Algorithm: sha256WithRSAEncryption
         8d:a6:3f:c9:35:36:0e:d7:ac:89:04:98:33:bd:ce:5b:e1:34:
         ed:1c:7e:3f:5b:61:19:6b:f5:fa:b1:65:80:9f:31:ad:50:d2:
         55:b3:29:3d:22:ce:d5:97:04:8b:01:0f:99:17:7c:5e:01:b4:
         98:f7:7c:96:aa:2d:f0:a4:c4:f2:34:c8:ad:07:5d:40:83:9e:
         67:11:36:b5:3c:c4:49:8b:ff:61:86:56:d4:c8:dd:8e:1a:03:
         36:9d:1f:6d:8c:f1:13:3f:54:4e:ee:7c:15:8e:17:47:15:f5:
         6a:c4:38:e0:bc:da:17:12:d5:f4:c7:b3:5f:1b:5d:1a:51:d1:
         48:33:2d:c0:ca:22:73:a6:73:ef:e3:af:e2:aa:ae:a8:53:ec:
         2e:bf:bb:fb:92:14:82:47:6d:90:57:25:cd:32:50:71:ad:ff:
         00:ce:48:59:a4:3d:92:ec:12:8d:8c:01:70:5f:7b:1b:72:11:
         34:99:82:f3:e9:c6:17:58:ae:6b:64:a5:48:17:14:b4:97:88:
         f6:65:86:26:73:7c:0b:61:83:77:5b:8c:07:15:87:d8:39:e1:
         11:50:54:6a:ed:73:0c:7c:ce:16:86:e4:3b:71:6f:ce:6b:df:
         89:ed:ee:eb:14:dc:e6:a3:b2:c6:ec:dd:87:f7:71:87:39:0a:
         59:95:71:48
-----BEGIN CERTIFICATE-----
MIIE5jCCA86gAwIBAgITUZxPy1Zgyp5ptZj9dxIvkxM6XzANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEyhkMTRiNmZjZjJiMmM2OWJlMDg1ZTlmOTU5ODcyZGNiZThl
YTU0MTc3MB4XDTI1MDcwMzE1NDczNloXDTI2MDcwMjE1NTIzNlowMzExMC8GA1UE
AxMoRDQ1RUFDNjhEM0VEQjAyRTFBNUY3MTI5RUI0MTJDQTE5MjhCNzc0QzCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANsg+xROSLkF3elGCy2zw4eIhonG
KIYAibuHaShgmk3IUaj1eOyybwgXszkAhaZG+zkndbX8TeiHFem5ITHH/tg7c5LS
eF6l7aDxDe3qS4D92nfpNqrMKg5MWs6gSTqjwaatQir0Mxdw5xi2STX1+bZixnG0
2JF9SRqmm4ftri14x8bTz6J1XV3VEpkvK6tkRoXbnB7RA/OwbxBrwWeWiP6sUDdR
uGk1NavLwZImyGhI2ONeLHRvC25WRk+YexkNQFV9FRFVFSOJxD0/Pmhoz8kez8cs
9Roi2v4gSm1zdE6G9WO/qhM0OWRQRXg1s6Eykiyg8mG9jhHblg7piQkDg+kCAwEA
AaOCAfEwggHtMB0GA1UdDgQWBBTUXqxo0+2wLhpfcSnrQSyhkot3TDAfBgNVHSME
GDAWgBTRS2/PKyxpvghen5WYcty+jqVBdzAOBgNVHQ8BAf8EBAMCB4AwgYUGA1Ud
HwR+MHwweqB4oHaGdHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQvcmVwb3NpdG9y
eS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC83L0QxNEI2RkNGMkIy
QzY5QkUwODVFOUY5NTk4NzJEQ0JFOEVBNTQxNzcuY3JsMGQGCCsGAQUFBwEBBFgw
VjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8wVXR2enlzc2FiNElYcC1WbUhMY3ZvNmxRWGMuY2VyMG8GCCsGAQUF
BwELBGMwYTBfBggrBgEFBQcwC4ZTcnN5bmM6Ly9ycGtpLXJwcy5hcmluLm5ldC9y
ZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1YzkxYmUzZjlkLzcvQVM1
MTg1Ni5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB
/wQTMBEwDwQCAAIwCQMHBCoGoAUTEDANBgkqhkiG9w0BAQsFAAOCAQEAjaY/yTU2
DtesiQSYM73OW+E07Rx+P1thGWv1+rFlgJ8xrVDSVbMpPSLO1ZcEiwEPmRd8XgG0
mPd8lqot8KTE8jTIrQddQIOeZxE2tTzESYv/YYZW1MjdjhoDNp0fbYzxEz9UTu58
FY4XRxX1asQ44LzaFxLV9MezXxtdGlHRSDMtwMoic6Zz7+Ov4qquqFPsLr+7+5IU
gkdtkFclzTJQca3/AM5IWaQ9kuwSjYwBcF97G3IRNJmC8+nGF1iua2SlSBcUtJeI
9mWGJnN8C2GDd1uMBxWH2DnhEVBUau1zDHzOFobkO3Fvzmvfie3u6xTc5qOyxuzd
h/dxhzkKWZVxSA==
-----END CERTIFICATE-----