Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS54148.roa
File:                     AS54148.roa (raw, json)
Hash identifier:          f6pQtnb2KUeoj/sgaQjUSyChPHi4TkBQA6qfcqmQWME=
Subject key identifier:   9B:5D:51:6D:72:9E:09:FC:AD:3E:C6:C8:87:42:18:0B:BE:6D:7B:F1
Certificate issuer:       /CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Certificate serial:       56011BF9CDD75031B68343E81DC6BE9E88EAE6C8
Authority key identifier: D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS54148.roa
Signing time:             Thu 03 Jul 2025 15:51:59 +0000
ROA not before:           Thu 03 Jul 2025 15:46:59 +0000
ROA not after:            Thu 02 Jul 2026 15:51:59 +0000
asID:                     54148
IP address blocks:        2a06:a005:2720::/44 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 05 Jul 2025 17:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            56:01:1b:f9:cd:d7:50:31:b6:83:43:e8:1d:c6:be:9e:88:ea:e6:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
        Validity
            Not Before: Jul  3 15:46:59 2025 GMT
            Not After : Jul  2 15:51:59 2026 GMT
        Subject: CN=9B5D516D729E09FCAD3EC6C88742180BBE6D7BF1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:93:f2:76:0c:a0:19:d3:45:9a:f9:26:60:7f:
                    da:6a:6c:69:e0:44:a9:82:52:07:47:a3:63:4f:cd:
                    be:03:55:86:49:ae:ab:6c:b2:1f:eb:49:c4:60:d6:
                    f0:81:04:3a:8c:23:89:4a:34:4e:65:a8:70:9c:9b:
                    32:5d:37:25:d3:d3:69:81:bf:c9:47:50:ed:9e:00:
                    29:02:03:46:4b:1e:74:00:1d:b3:0c:66:bd:d1:6d:
                    6a:a1:e1:42:9a:74:8b:15:00:cf:f3:b1:09:32:0e:
                    6b:22:d6:40:41:bc:c1:f4:28:28:e7:5f:37:c5:9d:
                    dc:91:0e:0f:75:cc:2e:d1:26:b4:44:b6:43:8b:0b:
                    29:07:fa:18:55:34:6c:b2:14:53:40:54:4c:05:88:
                    96:d2:3f:64:76:32:d7:3f:b2:f7:87:d7:2a:e6:a5:
                    44:1b:7e:19:aa:61:c8:7b:3c:e4:23:82:63:b6:73:
                    29:17:71:e0:aa:65:f9:4a:74:7c:3f:69:30:15:fa:
                    a2:54:36:c6:51:52:16:65:d2:bc:44:84:18:6d:79:
                    cf:00:20:76:7a:0b:15:3b:d8:7f:af:c4:5d:a5:b1:
                    6d:fa:c3:35:c1:18:89:72:df:86:95:d6:70:62:bc:
                    bc:d7:e3:89:a7:0b:51:43:d5:c9:7c:c7:f5:06:fe:
                    22:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:5D:51:6D:72:9E:09:FC:AD:3E:C6:C8:87:42:18:0B:BE:6D:7B:F1
            X509v3 Authority Key Identifier:
                keyid:D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS54148.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:2720::/44

    Signature Algorithm: sha256WithRSAEncryption
         c0:9c:83:f5:96:fa:c0:95:38:da:99:13:2a:71:e5:15:e9:d0:
         3c:92:3a:e0:a6:1f:28:ef:35:63:40:a0:12:4a:a0:f6:35:e7:
         4b:53:57:39:11:57:28:e0:88:2b:cb:96:96:53:58:ed:57:54:
         7f:90:ca:c9:05:8e:37:a9:0d:9a:a6:f1:f0:6a:ce:b8:1e:e5:
         5e:b8:f0:26:73:5c:a1:53:1a:19:10:b3:f0:2c:f8:aa:7b:67:
         c1:a2:a8:97:83:da:51:d0:d3:a3:40:80:43:f3:87:03:eb:6f:
         04:a8:86:2c:cf:9a:7d:53:4b:b5:45:85:cf:3f:5f:d9:80:b5:
         ba:e2:81:c4:8c:6e:9f:a7:21:f5:1a:3d:a5:a0:dc:e6:62:d5:
         80:8e:97:9c:ba:ef:25:1c:01:07:00:38:24:aa:0f:70:4d:9d:
         7f:7f:de:55:94:b8:8d:a2:ec:5b:13:74:be:27:52:8a:2f:56:
         a5:b8:48:e3:45:7b:b3:ae:e1:66:84:5c:cb:90:48:e1:5a:34:
         a3:32:b0:d2:3a:fc:0e:91:3b:92:61:6d:9e:91:ff:88:d1:c2:
         ca:d4:bb:83:1b:c1:88:28:81:ea:17:68:73:20:0c:f2:72:00:
         ff:b5:32:b0:92:34:d7:e5:a7:37:85:ec:85:bc:c2:58:72:32:
         17:28:0c:e1
-----BEGIN CERTIFICATE-----
MIIE5zCCA8+gAwIBAgIUVgEb+c3XUDG2g0PoHca+nojq5sgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDE0YjZmY2YyYjJjNjliZTA4NWU5Zjk1OTg3MmRjYmU4
ZWE1NDE3NzAeFw0yNTA3MDMxNTQ2NTlaFw0yNjA3MDIxNTUxNTlaMDMxMTAvBgNV
BAMTKDlCNUQ1MTZENzI5RTA5RkNBRDNFQzZDODg3NDIxODBCQkU2RDdCRjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbk/J2DKAZ00Wa+SZgf9pqbGng
RKmCUgdHo2NPzb4DVYZJrqtssh/rScRg1vCBBDqMI4lKNE5lqHCcmzJdNyXT02mB
v8lHUO2eACkCA0ZLHnQAHbMMZr3RbWqh4UKadIsVAM/zsQkyDmsi1kBBvMH0KCjn
XzfFndyRDg91zC7RJrREtkOLCykH+hhVNGyyFFNAVEwFiJbSP2R2Mtc/sveH1yrm
pUQbfhmqYch7POQjgmO2cykXceCqZflKdHw/aTAV+qJUNsZRUhZl0rxEhBhtec8A
IHZ6CxU72H+vxF2lsW36wzXBGIly34aV1nBivLzX44mnC1FD1cl8x/UG/iJRAgMB
AAGjggHxMIIB7TAdBgNVHQ4EFgQUm11RbXKeCfytPsbIh0IYC75te/EwHwYDVR0j
BBgwFoAU0Utvzyssab4IXp+VmHLcvo6lQXcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvNy9EMTRCNkZDRjJC
MkM2OUJFMDg1RTlGOTU5ODcyRENCRThFQTU0MTc3LmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMFV0dnp5c3NhYjRJWHAtVm1ITGN2bzZsUVhjLmNlcjBvBggrBgEF
BQcBCwRjMGEwXwYIKwYBBQUHMAuGU3JzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC83L0FT
NTQxNDgucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcB
Af8EEzARMA8EAgACMAkDBwQqBqAFJyAwDQYJKoZIhvcNAQELBQADggEBAMCcg/WW
+sCVONqZEypx5RXp0DySOuCmHyjvNWNAoBJKoPY150tTVzkRVyjgiCvLlpZTWO1X
VH+QyskFjjepDZqm8fBqzrge5V648CZzXKFTGhkQs/As+Kp7Z8GiqJeD2lHQ06NA
gEPzhwPrbwSohizPmn1TS7VFhc8/X9mAtbrigcSMbp+nIfUaPaWg3OZi1YCOl5y6
7yUcAQcAOCSqD3BNnX9/3lWUuI2i7FsTdL4nUoovVqW4SONFe7Ou4WaEXMuQSOFa
NKMysNI6/A6RO5JhbZ6R/4jRwsrUu4MbwYgogeoXaHMgDPJyAP+1MrCSNNflpzeF
7IW8wlhyMhcoDOE=
-----END CERTIFICATE-----