Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS199691.roa
File:                     AS199691.roa (raw, json)
Hash identifier:          Q8oQT1o8nwnmvHvRwafV/F21gayXK2yxfKW1Ied7t9U=
Subject key identifier:   48:E3:A8:5D:9B:5B:9B:51:20:4A:3E:B7:4E:AB:C8:07:B1:A3:0A:17
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       412DF4548D17D167E2345DD49771B21C492F19BB
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS199691.roa
Signing time:             Tue 30 Jan 2024 07:44:24 +0000
ROA not before:           Tue 30 Jan 2024 07:39:24 +0000
ROA not after:            Tue 28 Jan 2025 07:44:24 +0000
asID:                     199691
IP address blocks:        2a06:a005:2d30::/44 maxlen: 48
                          2a06:a005:2d40::/44 maxlen: 48
                          2a06:a005:2d50::/44 maxlen: 48
                          2a06:a005:2d60::/44 maxlen: 48
                          2a06:a005:2d70::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 17:16:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            41:2d:f4:54:8d:17:d1:67:e2:34:5d:d4:97:71:b2:1c:49:2f:19:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Jan 30 07:39:24 2024 GMT
            Not After : Jan 28 07:44:24 2025 GMT
        Subject: CN=48E3A85D9B5B9B51204A3EB74EABC807B1A30A17
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:f7:90:cf:46:07:ea:73:6f:a1:9a:1b:2d:84:
                    64:64:f3:79:54:c3:0c:ca:a5:2c:cb:b7:59:45:93:
                    3c:a2:34:82:10:dc:25:59:0b:5e:98:14:ce:8f:44:
                    89:f9:6d:68:44:c8:c1:1e:2f:78:29:ad:d5:e3:77:
                    3b:ac:62:e6:d4:b4:98:e9:73:c3:b6:cd:d1:54:4f:
                    56:8d:7b:ea:24:92:fe:ae:16:90:03:17:7e:df:b5:
                    1f:e1:d8:43:4b:26:29:16:2a:1f:46:92:d6:b1:e2:
                    52:c2:59:a2:25:b8:18:40:96:7e:1d:4c:16:20:92:
                    b9:ad:6a:a5:42:5f:a0:2a:fe:29:02:20:7f:0b:19:
                    95:11:fb:81:93:74:e4:88:47:36:56:d1:71:3f:17:
                    bf:c3:51:bb:cd:c2:7d:6c:9f:e2:c9:57:1b:32:8c:
                    ac:92:cd:f9:b4:4b:85:d7:58:fc:bc:05:99:e7:d4:
                    33:6d:a8:e3:c8:9d:9b:f5:1d:78:d3:4e:e0:3d:de:
                    b1:b7:c3:93:c1:53:e1:03:85:74:6e:9e:52:ea:b2:
                    b9:f3:47:7a:a9:17:03:a9:a9:44:3f:0f:fd:f2:6d:
                    09:5d:bb:7b:3e:4b:71:6e:c1:dc:a4:12:fd:75:9b:
                    cf:cd:fe:fd:a7:04:32:e3:d1:73:3a:84:2f:11:76:
                    bb:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:E3:A8:5D:9B:5B:9B:51:20:4A:3E:B7:4E:AB:C8:07:B1:A3:0A:17
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS199691.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:2d30::-2a06:a005:2d7f:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         75:ad:cb:05:a4:8e:6c:8c:0c:ef:c6:dd:0b:f6:65:00:16:6e:
         b4:86:96:50:bc:8b:64:b7:11:e4:a6:89:e1:7b:76:48:e5:79:
         9e:64:6d:b2:a0:93:dc:d0:ab:5d:f9:5a:08:19:e4:31:f0:c3:
         79:3b:a0:7d:71:c8:42:e2:00:cd:ca:42:d0:4d:a0:14:11:dc:
         a4:d8:ef:d1:f9:6e:d5:27:dd:e6:9f:9e:a0:5f:42:f4:e3:91:
         20:a2:aa:b8:e1:53:09:ee:22:63:47:df:79:0d:f1:86:b1:37:
         48:fd:82:59:49:2f:e5:b4:aa:0f:8c:2a:d0:fd:d6:4c:9a:45:
         b6:a3:3b:2a:9c:57:d0:48:09:15:e7:12:ce:1a:46:10:6e:88:
         72:79:3e:8e:cb:34:0f:a2:c0:ed:8a:4d:f1:91:9d:58:73:09:
         07:3d:46:99:0b:32:6b:a6:f7:58:6c:a9:81:78:25:e6:f2:3c:
         1e:00:56:1b:e1:83:06:12:02:1b:dd:fd:91:02:6a:21:c7:aa:
         81:9b:62:c6:6b:1a:48:59:ae:09:43:43:46:2f:f8:ef:b7:24:
         38:21:58:6d:7c:e1:02:64:e4:f1:e4:44:6a:b5:b8:38:2b:52:
         25:1b:d9:06:ae:ed:19:21:4d:2e:26:cb:43:a2:81:51:85:e2:
         1c:67:c4:a2
-----BEGIN CERTIFICATE-----
MIIE8zCCA9ugAwIBAgIUQS30VI0X0WfiNF3Ul3GyHEkvGbswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDAxMzAwNzM5MjRaFw0yNTAxMjgwNzQ0MjRaMDMxMTAvBgNV
BAMTKDQ4RTNBODVEOUI1QjlCNTEyMDRBM0VCNzRFQUJDODA3QjFBMzBBMTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCr95DPRgfqc2+hmhsthGRk83lU
wwzKpSzLt1lFkzyiNIIQ3CVZC16YFM6PRIn5bWhEyMEeL3gprdXjdzusYubUtJjp
c8O2zdFUT1aNe+okkv6uFpADF37ftR/h2ENLJikWKh9Gktax4lLCWaIluBhAln4d
TBYgkrmtaqVCX6Aq/ikCIH8LGZUR+4GTdOSIRzZW0XE/F7/DUbvNwn1sn+LJVxsy
jKySzfm0S4XXWPy8BZnn1DNtqOPInZv1HXjTTuA93rG3w5PBU+EDhXRunlLqsrnz
R3qpFwOpqUQ/D/3ybQldu3s+S3FuwdykEv11m8/N/v2nBDLj0XM6hC8RdrsnAgMB
AAGjggH9MIIB+TAdBgNVHQ4EFgQUSOOoXZtbm1EgSj63TqvIB7GjChcwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MTk5NjkxLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEH
AQH/BB4wHDAaBAIAAjAUMBIDBwQqBqAFLTADBwcqBqAFLQAwDQYJKoZIhvcNAQEL
BQADggEBAHWtywWkjmyMDO/G3Qv2ZQAWbrSGllC8i2S3EeSmieF7dkjleZ5kbbKg
k9zQq135WggZ5DHww3k7oH1xyELiAM3KQtBNoBQR3KTY79H5btUn3eafnqBfQvTj
kSCiqrjhUwnuImNH33kN8YaxN0j9gllJL+W0qg+MKtD91kyaRbajOyqcV9BICRXn
Es4aRhBuiHJ5Po7LNA+iwO2KTfGRnVhzCQc9RpkLMmum91hsqYF4JebyPB4AVhvh
gwYSAhvd/ZECaiHHqoGbYsZrGkhZrglDQ0Yv+O+3JDghWG184QJk5PHkRGq1uDgr
UiUb2Qau7RkhTS4my0OigVGF4hxnxKI=
-----END CERTIFICATE-----