Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS199676.roa
File:                     AS199676.roa (raw, json)
Hash identifier:          0Gz/vbyfnuaUqEpzl7XQcw1KY4Warz+NaN9m1DjHWEE=
Subject key identifier:   8C:59:F5:6C:14:AE:6C:6E:A2:F3:70:3B:3D:3A:4C:EE:69:E2:FA:B5
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       5255FA82DAEAAA588DE5BA1ADD932845E88D6D52
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS199676.roa
Signing time:             Thu 02 Jan 2025 12:40:12 +0000
ROA not before:           Thu 02 Jan 2025 12:35:12 +0000
ROA not after:            Thu 01 Jan 2026 12:40:12 +0000
asID:                     199676
IP address blocks:        2a06:a005:1877::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 11:21:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            52:55:fa:82:da:ea:aa:58:8d:e5:ba:1a:dd:93:28:45:e8:8d:6d:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Jan  2 12:35:12 2025 GMT
            Not After : Jan  1 12:40:12 2026 GMT
        Subject: CN=8C59F56C14AE6C6EA2F3703B3D3A4CEE69E2FAB5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:9f:dd:81:ab:69:06:37:71:1d:51:24:e2:8b:
                    75:e0:4e:9f:f3:30:7c:67:e1:75:73:6f:25:c0:b7:
                    60:7c:e5:25:1b:54:12:e3:bf:a1:c1:ef:ae:8b:04:
                    a2:ca:e8:98:d6:27:80:4b:c6:b6:0d:41:0c:32:34:
                    ac:dd:f9:3c:2d:fd:bd:48:ed:f7:6c:5f:b9:10:58:
                    1f:e8:bb:56:83:99:7d:be:f4:84:9b:3f:3c:09:b8:
                    6d:0c:1c:bb:3a:57:bd:3d:ee:09:5a:e5:02:2e:12:
                    3f:c7:10:3a:44:27:21:c0:42:2b:26:27:e2:ef:13:
                    0a:e6:e7:94:60:29:6d:90:e6:67:44:e4:ef:da:60:
                    9a:8d:10:df:d0:87:b0:60:ba:24:1e:51:a0:10:f8:
                    6b:39:68:8c:5b:17:ca:bb:d7:27:97:98:61:2a:08:
                    6e:e3:16:16:eb:f6:84:1d:d8:3a:7c:d8:7d:96:61:
                    25:5e:89:6b:6c:1d:dc:c3:20:1e:98:0d:6e:8c:4b:
                    f0:69:19:33:17:af:d5:78:32:ff:76:1a:87:11:4c:
                    95:e3:6f:85:b0:0c:1a:a1:60:7e:24:d1:26:4f:36:
                    d1:6e:06:81:16:3b:ba:a8:6f:db:88:90:eb:86:61:
                    7e:69:0e:87:c7:53:20:65:a9:d4:a8:52:e8:3b:de:
                    00:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:59:F5:6C:14:AE:6C:6E:A2:F3:70:3B:3D:3A:4C:EE:69:E2:FA:B5
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS199676.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:1877::/48

    Signature Algorithm: sha256WithRSAEncryption
         0a:0b:16:d1:f4:4f:d9:4c:e0:63:9d:8b:78:33:f7:96:02:26:
         fa:54:67:e4:78:7c:bb:88:f2:3c:6b:ad:f6:d7:9f:80:74:51:
         d5:18:51:8d:f6:72:6d:69:ff:1d:a7:24:41:f6:58:d4:46:20:
         3c:4b:8c:2a:cc:0e:fc:a6:7c:5f:55:ed:23:52:57:ab:3d:88:
         11:84:12:90:b1:85:90:b7:39:8d:50:ca:34:0c:bc:14:66:0d:
         f8:a6:d1:c1:10:4d:74:c0:3c:9b:02:cc:3b:78:35:af:3e:8b:
         3d:28:ba:2d:22:3b:44:ef:50:f2:9e:a5:65:14:ab:23:53:6b:
         30:8a:ff:76:17:6e:a8:61:0e:d2:08:8b:37:d3:56:8f:89:39:
         0c:10:7f:e9:34:d2:47:d3:b7:5f:59:a6:6b:4b:29:ac:dc:3d:
         3d:de:7b:2a:2e:0b:68:5f:aa:1c:8e:f2:b4:9a:2b:e4:72:30:
         06:d3:53:12:29:27:64:06:e9:10:5a:5c:df:f9:ef:37:4f:06:
         77:ab:46:80:a4:e9:fc:71:b6:ef:f3:24:a9:d2:ce:02:e7:a7:
         9d:e2:65:a3:b9:7c:43:42:a3:4a:2d:77:53:a3:d5:ed:0f:05:
         58:5d:cb:d6:7f:1e:d2:08:14:0f:8d:ed:5e:a9:41:18:a4:a8:
         ca:e1:c8:6b
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUUlX6gtrqqliN5boa3ZMoReiNbVIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNTAxMDIxMjM1MTJaFw0yNjAxMDExMjQwMTJaMDMxMTAvBgNV
BAMTKDhDNTlGNTZDMTRBRTZDNkVBMkYzNzAzQjNEM0E0Q0VFNjlFMkZBQjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFn92Bq2kGN3EdUSTii3XgTp/z
MHxn4XVzbyXAt2B85SUbVBLjv6HB766LBKLK6JjWJ4BLxrYNQQwyNKzd+Twt/b1I
7fdsX7kQWB/ou1aDmX2+9ISbPzwJuG0MHLs6V7097gla5QIuEj/HEDpEJyHAQism
J+LvEwrm55RgKW2Q5mdE5O/aYJqNEN/Qh7BguiQeUaAQ+Gs5aIxbF8q71yeXmGEq
CG7jFhbr9oQd2Dp82H2WYSVeiWtsHdzDIB6YDW6MS/BpGTMXr9V4Mv92GocRTJXj
b4WwDBqhYH4k0SZPNtFuBoEWO7qob9uIkOuGYX5pDofHUyBlqdSoUug73gCjAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUjFn1bBSubG6i83A7PTpM7mni+rUwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MTk5Njc2LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcAKgagBRh3MA0GCSqGSIb3DQEBCwUAA4IBAQAKCxbR
9E/ZTOBjnYt4M/eWAib6VGfkeHy7iPI8a63215+AdFHVGFGN9nJtaf8dpyRB9ljU
RiA8S4wqzA78pnxfVe0jUlerPYgRhBKQsYWQtzmNUMo0DLwUZg34ptHBEE10wDyb
Asw7eDWvPos9KLotIjtE71DynqVlFKsjU2swiv92F26oYQ7SCIs301aPiTkMEH/p
NNJH07dfWaZrSyms3D093nsqLgtoX6ocjvK0mivkcjAG01MSKSdkBukQWlzf+e83
TwZ3q0aApOn8cbbv8ySp0s4C56ed4mWjuXxDQqNKLXdTo9XtDwVYXcvWfx7SCBQP
je1eqUEYpKjK4chr
-----END CERTIFICATE-----