Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS199651.roa
File:                     AS199651.roa (raw, json)
Hash identifier:          k00Kecoqu7LTldVUmJDDjgZnXjPEK/uMjZcUOw1z9u0=
Subject key identifier:   62:C3:01:CA:E6:66:CC:A9:53:72:A1:9D:8A:8B:FC:6F:68:22:3E:EF
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       0B5B9268B268343B5C14DEB27D07B40E0446F5EA
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS199651.roa
Signing time:             Mon 05 Feb 2024 23:44:24 +0000
ROA not before:           Mon 05 Feb 2024 23:39:24 +0000
ROA not after:            Mon 03 Feb 2025 23:44:24 +0000
asID:                     199651
IP address blocks:        2a06:a005:d4b::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 23:17:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0b:5b:92:68:b2:68:34:3b:5c:14:de:b2:7d:07:b4:0e:04:46:f5:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Feb  5 23:39:24 2024 GMT
            Not After : Feb  3 23:44:24 2025 GMT
        Subject: CN=62C301CAE666CCA95372A19D8A8BFC6F68223EEF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f1:a1:da:8e:84:41:04:ea:1f:db:20:45:df:7a:
                    14:60:fa:3f:6c:6c:b6:88:73:9a:c4:d1:2c:f6:98:
                    f1:6a:0c:8d:3d:4c:e5:84:0c:72:d4:9c:99:39:d9:
                    07:6a:29:f8:e7:8b:c7:0c:16:20:0d:88:bf:81:5a:
                    88:fb:07:56:c3:c3:8d:c2:ef:69:4a:ee:f5:cf:25:
                    f6:c7:4d:4f:c7:e3:d3:8c:c1:e0:69:f5:cb:91:09:
                    35:12:58:0b:a4:70:34:f3:f2:c6:cb:47:ab:d3:54:
                    3e:28:c7:2c:3e:0c:65:40:29:be:a6:4e:6c:59:43:
                    c9:1f:8a:ae:e8:01:c9:0d:cd:54:21:0b:e6:06:97:
                    f7:ac:98:a9:33:9f:54:22:0d:81:19:93:28:f9:70:
                    b6:04:07:f7:f4:b8:4b:9c:2a:38:bc:22:1e:a0:81:
                    ac:e1:fb:58:47:dd:26:c5:2d:59:16:9d:d6:28:37:
                    c7:c5:08:08:88:4a:45:86:5d:0c:15:99:78:e0:1c:
                    bc:e5:a5:28:cf:05:d5:91:dd:4e:55:5e:ca:cc:d3:
                    63:34:91:85:6e:43:9a:e3:39:ac:c3:86:91:e8:81:
                    a2:0c:27:b8:19:f4:3d:6c:0e:b0:fa:44:4a:87:0b:
                    90:21:e6:6d:84:c4:07:3e:b3:a0:f6:dd:81:05:78:
                    85:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:C3:01:CA:E6:66:CC:A9:53:72:A1:9D:8A:8B:FC:6F:68:22:3E:EF
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS199651.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:d4b::/48

    Signature Algorithm: sha256WithRSAEncryption
         a6:4c:00:04:e1:46:14:e4:0c:8d:3d:22:10:09:d3:d7:8a:06:
         20:97:2e:47:2d:95:35:12:95:79:91:57:3e:2d:a5:e4:6d:bb:
         da:66:47:ce:3d:39:bb:4d:25:07:37:b0:b7:be:55:91:ca:e1:
         cd:13:f5:de:d8:1f:a0:6f:b4:fe:85:54:bc:cc:b8:38:57:bf:
         84:0d:cd:90:a8:c3:a1:81:fd:44:a2:3c:5b:7f:2c:da:40:05:
         5c:f1:e9:d1:02:f5:c5:b2:dc:9e:b3:5b:22:28:b5:72:b0:e1:
         b3:fb:c0:64:59:26:9f:f2:5e:bd:5c:8d:02:42:6e:86:fe:30:
         60:be:89:33:ac:24:1d:c2:cb:59:f9:c4:62:1f:99:0f:19:0b:
         82:72:c3:6b:5d:aa:bd:9f:78:ed:26:0d:7a:1e:57:41:76:5c:
         f2:c4:3f:3e:20:4b:83:94:57:b4:02:24:b7:3f:2b:d1:02:b7:
         9e:63:da:37:9a:95:d6:bc:a7:ec:21:fb:79:53:c9:7d:f7:c0:
         4b:f7:95:89:2c:92:5f:37:59:e9:e7:99:9e:bd:45:f3:ac:47:
         c3:c5:5f:b9:95:68:12:64:a7:d2:7c:3b:18:ca:f6:e9:ab:af:
         a9:92:be:1f:26:5e:25:18:3e:26:60:dc:cd:e4:de:fa:14:c5:
         03:44:44:0a
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUC1uSaLJoNDtcFN6yfQe0DgRG9eowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDAyMDUyMzM5MjRaFw0yNTAyMDMyMzQ0MjRaMDMxMTAvBgNV
BAMTKDYyQzMwMUNBRTY2NkNDQTk1MzcyQTE5RDhBOEJGQzZGNjgyMjNFRUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDxodqOhEEE6h/bIEXfehRg+j9s
bLaIc5rE0Sz2mPFqDI09TOWEDHLUnJk52QdqKfjni8cMFiANiL+BWoj7B1bDw43C
72lK7vXPJfbHTU/H49OMweBp9cuRCTUSWAukcDTz8sbLR6vTVD4oxyw+DGVAKb6m
TmxZQ8kfiq7oAckNzVQhC+YGl/esmKkzn1QiDYEZkyj5cLYEB/f0uEucKji8Ih6g
gazh+1hH3SbFLVkWndYoN8fFCAiISkWGXQwVmXjgHLzlpSjPBdWR3U5VXsrM02M0
kYVuQ5rjOazDhpHogaIMJ7gZ9D1sDrD6REqHC5Ah5m2ExAc+s6D23YEFeIWrAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUYsMByuZmzKlTcqGdiov8b2giPu8wHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MTk5NjUxLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcAKgagBQ1LMA0GCSqGSIb3DQEBCwUAA4IBAQCmTAAE
4UYU5AyNPSIQCdPXigYgly5HLZU1EpV5kVc+LaXkbbvaZkfOPTm7TSUHN7C3vlWR
yuHNE/Xe2B+gb7T+hVS8zLg4V7+EDc2QqMOhgf1EojxbfyzaQAVc8enRAvXFstye
s1siKLVysOGz+8BkWSaf8l69XI0CQm6G/jBgvokzrCQdwstZ+cRiH5kPGQuCcsNr
Xaq9n3jtJg16HldBdlzyxD8+IEuDlFe0AiS3PyvRAreeY9o3mpXWvKfsIft5U8l9
98BL95WJLJJfN1np55mevUXzrEfDxV+5lWgSZKfSfDsYyvbpq6+pkr4fJl4lGD4m
YNzN5N76FMUDREQK
-----END CERTIFICATE-----