Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS199767.roa
File:                     AS199767.roa (raw, json)
Hash identifier:          kSefgix7mEhSD5GIxPoyWKJmoBigNWQhUKguFzjtWO8=
Subject key identifier:   21:69:2D:82:76:CF:EA:C9:8A:BE:0B:05:C8:70:3D:86:2A:69:66:35
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       6091BE8CA5F0BAEBFB8DA91A54EF52190A87930D
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS199767.roa
Signing time:             Sat 27 Jan 2024 11:44:24 +0000
ROA not before:           Sat 27 Jan 2024 11:39:24 +0000
ROA not after:            Sat 25 Jan 2025 11:44:24 +0000
asID:                     199767
IP address blocks:        2a06:a005:2390::/44 maxlen: 48
                          2a06:a005:2cb0::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 12:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            60:91:be:8c:a5:f0:ba:eb:fb:8d:a9:1a:54:ef:52:19:0a:87:93:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Jan 27 11:39:24 2024 GMT
            Not After : Jan 25 11:44:24 2025 GMT
        Subject: CN=21692D8276CFEAC98ABE0B05C8703D862A696635
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:c2:cc:e4:f9:16:da:06:fd:50:ac:f2:fa:4c:
                    40:b7:b4:7e:68:45:6f:3a:31:c0:a7:25:7a:3a:e0:
                    db:7a:5f:bb:2f:0d:2f:18:e4:b9:63:48:1e:7b:8c:
                    0d:a4:81:e4:e1:67:d1:89:ac:e7:34:2e:53:bc:7c:
                    81:e5:76:96:0f:a8:51:8f:7c:3b:47:2a:eb:17:0a:
                    c9:89:2d:5a:95:1e:99:6d:c7:90:09:5d:ea:db:21:
                    ca:4e:bb:e1:49:b1:12:1b:ea:09:c6:fd:0a:95:6a:
                    e4:30:07:e8:2e:b9:ea:d5:61:8b:a2:66:d7:2f:e8:
                    92:02:25:66:ca:28:c0:c3:66:e7:91:82:0c:ad:de:
                    52:d5:c3:c2:01:65:e2:79:a2:9e:9b:35:17:ec:dc:
                    0b:22:7c:db:04:2a:5d:3e:8d:ee:b8:8d:32:b3:b9:
                    ab:68:e1:64:6e:c6:47:ae:1c:c8:3a:63:45:26:be:
                    af:8c:f6:35:98:82:2a:f4:e7:f6:6a:74:34:ac:d1:
                    f9:3a:25:37:cf:35:a9:2f:7f:5b:ca:0b:7a:3e:43:
                    56:99:61:a4:03:65:2f:c3:dc:ee:69:af:19:25:55:
                    84:f2:06:4e:fa:56:61:4f:23:da:4b:65:f7:b0:c8:
                    e0:6d:bb:6a:37:a2:0d:cb:62:ba:ed:1e:bc:0c:e9:
                    9f:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:69:2D:82:76:CF:EA:C9:8A:BE:0B:05:C8:70:3D:86:2A:69:66:35
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS199767.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:2390::/44
                  2a06:a005:2cb0::/44

    Signature Algorithm: sha256WithRSAEncryption
         13:97:2c:bf:98:0d:17:ec:43:11:07:0b:86:ce:a2:62:cb:2f:
         2f:0c:75:3d:e7:87:1f:fc:68:a6:a9:b3:4d:4b:58:af:99:61:
         ce:8a:05:35:a8:c3:c6:39:98:f1:6a:86:b9:2b:d8:45:86:d8:
         30:aa:7d:1d:1a:bb:3e:1f:f7:9c:1d:98:23:9a:fb:40:d8:ce:
         97:bd:8b:15:d5:25:ea:91:23:ed:70:96:7b:f0:3d:50:33:66:
         de:e6:bb:f6:24:84:4f:dd:78:b0:e2:78:69:d3:9a:5c:48:02:
         53:48:10:65:d1:ef:6a:ad:ff:06:a7:0d:c7:eb:33:84:9e:aa:
         82:82:26:9c:5d:d1:9e:e0:30:2b:a0:35:e2:8e:94:e3:2d:00:
         08:7a:35:97:4d:3e:34:40:66:03:67:81:17:8e:8b:07:90:8b:
         fd:58:6f:c4:8e:ee:1e:05:76:f6:e9:d2:0c:4b:c3:78:3b:ce:
         ca:7d:01:77:f6:18:39:fd:68:03:0f:c3:1f:c5:eb:c5:f1:65:
         fa:1e:e3:79:08:e7:70:57:27:d2:c5:a0:b7:c7:70:05:c7:c8:
         0a:05:0d:23:9e:1d:d9:76:b9:e4:5e:6b:16:14:a0:15:9a:aa:
         a1:5f:78:37:d9:54:0b:11:32:df:e7:8d:5e:54:a7:a7:26:ec:
         19:9a:47:cf
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIUYJG+jKXwuuv7jakaVO9SGQqHkw0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDAxMjcxMTM5MjRaFw0yNTAxMjUxMTQ0MjRaMDMxMTAvBgNV
BAMTKDIxNjkyRDgyNzZDRkVBQzk4QUJFMEIwNUM4NzAzRDg2MkE2OTY2MzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLwszk+RbaBv1QrPL6TEC3tH5o
RW86McCnJXo64Nt6X7svDS8Y5LljSB57jA2kgeThZ9GJrOc0LlO8fIHldpYPqFGP
fDtHKusXCsmJLVqVHpltx5AJXerbIcpOu+FJsRIb6gnG/QqVauQwB+guuerVYYui
Ztcv6JICJWbKKMDDZueRggyt3lLVw8IBZeJ5op6bNRfs3AsifNsEKl0+je64jTKz
uato4WRuxkeuHMg6Y0Umvq+M9jWYgir05/ZqdDSs0fk6JTfPNakvf1vKC3o+Q1aZ
YaQDZS/D3O5prxklVYTyBk76VmFPI9pLZfewyOBtu2o3og3LYrrtHrwM6Z9vAgMB
AAGjggH7MIIB9zAdBgNVHQ4EFgQUIWktgnbP6smKvgsFyHA9hippZjUwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MTk5NzY3LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEH
AQH/BBwwGjAYBAIAAjASAwcEKgagBSOQAwcEKgagBSywMA0GCSqGSIb3DQEBCwUA
A4IBAQATlyy/mA0X7EMRBwuGzqJiyy8vDHU954cf/GimqbNNS1ivmWHOigU1qMPG
OZjxaoa5K9hFhtgwqn0dGrs+H/ecHZgjmvtA2M6XvYsV1SXqkSPtcJZ78D1QM2be
5rv2JIRP3Xiw4nhp05pcSAJTSBBl0e9qrf8Gpw3H6zOEnqqCgiacXdGe4DAroDXi
jpTjLQAIejWXTT40QGYDZ4EXjosHkIv9WG/Eju4eBXb26dIMS8N4O87KfQF39hg5
/WgDD8MfxevF8WX6HuN5COdwVyfSxaC3x3AFx8gKBQ0jnh3ZdrnkXmsWFKAVmqqh
X3g32VQLETLf541eVKenJuwZmkfP
-----END CERTIFICATE-----
Generated at Fri Nov 22 16:45:52 2024 by rpki-client on console-ams.rpki-client.org