Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS198125.roa
File:                     AS198125.roa (raw, json)
Hash identifier:          G0JPG0YLDBwfYvUcUwhT047AT+aefg59k6357W38wZw=
Subject key identifier:   51:05:6A:78:9A:E5:46:26:D8:3F:A7:48:E2:A2:11:4A:2F:67:62:BC
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       26E376E3EEB65A7B2B532017960F10B020B5BFB4
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS198125.roa
Signing time:             Fri 09 Feb 2024 20:15:45 +0000
ROA not before:           Fri 09 Feb 2024 20:10:45 +0000
ROA not after:            Fri 07 Feb 2025 20:15:45 +0000
asID:                     198125
IP address blocks:        27.0.233.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 05 May 2024 05:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            26:e3:76:e3:ee:b6:5a:7b:2b:53:20:17:96:0f:10:b0:20:b5:bf:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Feb  9 20:10:45 2024 GMT
            Not After : Feb  7 20:15:45 2025 GMT
        Subject: CN=51056A789AE54626D83FA748E2A2114A2F6762BC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:80:d2:5e:12:7d:6e:3b:46:c5:03:c7:f3:ec:
                    c4:90:e5:67:e3:ad:85:87:0c:4a:c3:2e:4a:7c:c0:
                    06:d5:ae:43:0b:59:07:a8:5a:d6:ba:84:f8:ef:f0:
                    ce:9e:ed:df:e3:50:c7:85:5c:84:13:b6:92:b7:57:
                    ad:36:98:1e:82:a9:68:13:7a:db:6d:e4:8b:f9:68:
                    42:f1:2b:8e:85:00:3b:1f:89:64:f9:7d:dd:7f:3b:
                    19:d3:a4:0b:bd:16:a3:90:bd:28:d2:5c:4c:59:ca:
                    d9:d1:8d:62:a2:b2:4e:15:d4:7e:02:8c:31:c6:75:
                    60:1f:f5:f7:61:94:72:ab:31:6a:f3:e0:89:f4:db:
                    fd:d1:5e:19:66:16:7c:8c:39:15:a2:33:22:bf:b2:
                    cb:be:49:ec:bf:8d:3d:c7:bd:c2:62:5d:72:74:c6:
                    11:71:1f:db:6c:e0:25:34:10:17:90:22:da:94:3a:
                    8e:a2:6f:02:ac:a0:d3:32:c0:f7:93:6b:f4:ce:e5:
                    1e:2e:e4:6b:50:69:2d:a4:21:57:ec:8e:4a:5f:32:
                    39:db:3a:4e:f5:79:e4:2d:b6:9a:41:19:55:96:20:
                    d0:e6:a6:a9:26:f1:c8:9e:c0:8f:bb:5a:f0:30:58:
                    be:bf:7d:74:2f:b5:65:42:53:ba:6e:70:fc:26:3b:
                    85:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:05:6A:78:9A:E5:46:26:D8:3F:A7:48:E2:A2:11:4A:2F:67:62:BC
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS198125.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  27.0.233.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a5:36:5c:7b:89:eb:20:73:4f:2b:f2:70:5b:ae:91:76:ed:1e:
         aa:21:e0:b2:30:47:22:af:e3:6f:df:c0:42:0a:e2:f8:7f:ae:
         67:52:2d:4c:dd:8c:40:14:78:6d:d5:9f:83:b1:97:35:2a:98:
         ce:b6:8a:4b:88:75:bf:db:20:f0:b2:7f:69:08:42:73:41:3f:
         9c:6d:12:a6:97:ed:b1:b7:8a:5f:9a:b3:47:38:3b:02:d8:3b:
         08:ee:d7:e2:f7:a8:d1:e5:a8:f5:cd:d8:43:71:49:66:94:d4:
         66:54:a9:61:4e:68:a8:77:96:ad:72:1e:b9:b1:ea:5e:29:f3:
         39:c4:5a:cf:4b:31:44:22:99:2f:09:ee:89:02:82:7a:51:fe:
         b2:98:a6:98:c0:69:41:29:98:de:c4:3e:06:72:ad:ac:89:9c:
         30:dd:d8:c2:0c:5b:3c:da:b8:6b:57:3f:d2:d5:45:13:ec:6c:
         80:00:33:58:55:cf:08:a5:6a:23:c5:71:2f:6c:a6:3c:14:00:
         81:ff:2f:a1:7c:c3:b1:1b:0c:7a:fd:8d:d1:e2:a9:e6:45:a2:
         50:68:12:29:e2:bb:b4:1c:73:22:0f:d4:af:8e:9b:a1:83:16:
         4d:92:bc:01:9e:ed:b2:c9:60:d1:6e:c4:60:67:1d:e8:31:d9:
         e3:34:c3:30
-----BEGIN CERTIFICATE-----
MIIE5TCCA82gAwIBAgIUJuN24+62WnsrUyAXlg8QsCC1v7QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDAyMDkyMDEwNDVaFw0yNTAyMDcyMDE1NDVaMDMxMTAvBgNV
BAMTKDUxMDU2QTc4OUFFNTQ2MjZEODNGQTc0OEUyQTIxMTRBMkY2NzYyQkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCagNJeEn1uO0bFA8fz7MSQ5Wfj
rYWHDErDLkp8wAbVrkMLWQeoWta6hPjv8M6e7d/jUMeFXIQTtpK3V602mB6CqWgT
ettt5Iv5aELxK46FADsfiWT5fd1/OxnTpAu9FqOQvSjSXExZytnRjWKisk4V1H4C
jDHGdWAf9fdhlHKrMWrz4In02/3RXhlmFnyMORWiMyK/ssu+Sey/jT3HvcJiXXJ0
xhFxH9ts4CU0EBeQItqUOo6ibwKsoNMywPeTa/TO5R4u5GtQaS2kIVfsjkpfMjnb
Ok71eeQttppBGVWWINDmpqkm8ciewI+7WvAwWL6/fXQvtWVCU7pucPwmO4V3AgMB
AAGjggHvMIIB6zAdBgNVHQ4EFgQUUQVqeJrlRibYP6dI4qIRSi9nYrwwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MTk4MTI1LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEH
AQH/BBAwDjAMBAIAATAGAwQAGwDpMA0GCSqGSIb3DQEBCwUAA4IBAQClNlx7iesg
c08r8nBbrpF27R6qIeCyMEcir+Nv38BCCuL4f65nUi1M3YxAFHht1Z+DsZc1KpjO
topLiHW/2yDwsn9pCEJzQT+cbRKml+2xt4pfmrNHODsC2DsI7tfi96jR5aj1zdhD
cUlmlNRmVKlhTmiod5atch65sepeKfM5xFrPSzFEIpkvCe6JAoJ6Uf6ymKaYwGlB
KZjexD4Gcq2siZww3djCDFs82rhrVz/S1UUT7GyAADNYVc8IpWojxXEvbKY8FACB
/y+hfMOxGwx6/Y3R4qnmRaJQaBIp4ru0HHMiD9SvjpuhgxZNkrwBnu2yyWDRbsRg
Zx3oMdnjNMMw
-----END CERTIFICATE-----