Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS199962.roa
File:                     AS199962.roa (raw, json)
Hash identifier:          ONcEpwhmw0J/iSm+2H4QAkGaVisKZf1WDQAYqTseRIc=
Subject key identifier:   AE:C8:D5:69:A5:56:11:AF:DB:A4:36:2B:16:6B:79:4D:FF:7F:96:67
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       0CC9AA33C8374B262657E2C88DE98A13396A9EC2
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS199962.roa
Signing time:             Wed 07 Feb 2024 12:44:24 +0000
ROA not before:           Wed 07 Feb 2024 12:39:24 +0000
ROA not after:            Wed 05 Feb 2025 12:44:24 +0000
asID:                     199962
IP address blocks:        2a06:a005:2990::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 05 May 2024 05:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0c:c9:aa:33:c8:37:4b:26:26:57:e2:c8:8d:e9:8a:13:39:6a:9e:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Feb  7 12:39:24 2024 GMT
            Not After : Feb  5 12:44:24 2025 GMT
        Subject: CN=AEC8D569A55611AFDBA4362B166B794DFF7F9667
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:7b:86:6d:04:62:16:18:f9:8e:51:4d:3a:ce:
                    33:8c:d5:2c:49:23:44:b3:f6:26:22:64:71:59:5c:
                    ed:ef:3b:d0:f9:2b:fe:5c:35:bc:2b:94:ac:6b:ba:
                    38:5a:82:18:53:99:8a:b7:01:4e:65:3c:bb:5c:d2:
                    d9:82:6f:c7:eb:41:97:1f:a4:2d:ed:02:7b:47:49:
                    2c:b8:4e:98:51:d5:ee:a5:93:15:60:a0:23:b0:2f:
                    ca:bf:e8:e9:cc:08:34:4c:20:7c:17:0e:fd:de:e1:
                    f7:33:85:a4:15:8a:4a:f2:d4:76:86:39:00:89:bb:
                    4b:51:ed:63:b7:9e:84:8f:5a:e0:4b:de:ea:a5:44:
                    f4:a0:61:68:d8:8a:a5:ff:a6:30:1f:ad:89:a8:2e:
                    f4:c7:e6:33:cd:6a:e4:b7:71:70:c0:04:1f:4b:4b:
                    c7:61:3f:b8:8e:33:5e:1d:3c:29:12:9d:94:89:e3:
                    73:bc:d5:62:1d:8b:9c:10:ac:c5:3c:b6:13:64:d7:
                    53:4e:6f:64:5e:e9:d1:89:74:42:b2:8d:7e:4e:13:
                    96:a3:3d:55:a9:6b:41:e0:c7:6e:11:15:79:62:f3:
                    0c:aa:6a:7a:e1:d6:e5:35:2f:ad:23:e3:4f:51:4e:
                    c6:51:18:2c:f9:1b:7d:e5:39:ef:83:e2:33:32:66:
                    74:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:C8:D5:69:A5:56:11:AF:DB:A4:36:2B:16:6B:79:4D:FF:7F:96:67
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS199962.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:2990::/44

    Signature Algorithm: sha256WithRSAEncryption
         ca:ca:5a:bd:7a:5e:d7:e3:30:d3:26:6f:a9:6f:d7:d0:49:77:
         48:2a:90:85:ad:16:70:e2:66:95:da:48:85:0c:60:6a:b1:e7:
         6e:06:9b:11:8c:c5:fe:9b:b9:53:7f:77:5e:b0:a4:c3:27:3f:
         d5:d5:11:09:49:dc:d3:56:cc:06:40:0b:01:15:db:2f:14:30:
         f7:d4:2f:95:8d:3a:41:8d:82:f0:3a:13:2b:06:f2:c9:19:e0:
         2b:55:8d:ca:0c:56:6a:08:1f:05:76:e3:a5:43:e6:b9:f6:21:
         4d:3c:f2:04:1d:49:cb:43:26:45:dd:27:d2:8e:24:05:17:46:
         19:79:0a:f3:14:7a:1e:67:3a:f5:98:5c:e8:5c:05:4b:05:10:
         b0:b6:32:0e:ce:4f:a7:5b:2e:8f:88:fa:34:4e:24:96:02:c3:
         6a:16:6b:ba:da:77:1b:12:29:15:e2:72:c7:86:3e:f6:be:c4:
         a6:56:45:74:e2:88:b0:37:e9:35:c1:a0:1b:e8:2c:ab:95:d7:
         d1:8e:fd:98:6b:ee:f1:d5:f7:e7:71:97:53:1e:54:97:07:b7:
         4c:f4:8e:14:58:f3:6b:a3:e2:08:b2:ed:da:d9:c8:83:cc:dc:
         5c:f6:0e:7c:d6:0b:0b:dd:ad:e4:f8:c2:16:83:fe:fa:ff:0b:
         3e:9e:6e:75
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUDMmqM8g3SyYmV+LIjemKEzlqnsIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDAyMDcxMjM5MjRaFw0yNTAyMDUxMjQ0MjRaMDMxMTAvBgNV
BAMTKEFFQzhENTY5QTU1NjExQUZEQkE0MzYyQjE2NkI3OTRERkY3Rjk2NjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJe4ZtBGIWGPmOUU06zjOM1SxJ
I0Sz9iYiZHFZXO3vO9D5K/5cNbwrlKxrujhaghhTmYq3AU5lPLtc0tmCb8frQZcf
pC3tAntHSSy4TphR1e6lkxVgoCOwL8q/6OnMCDRMIHwXDv3e4fczhaQVikry1HaG
OQCJu0tR7WO3noSPWuBL3uqlRPSgYWjYiqX/pjAfrYmoLvTH5jPNauS3cXDABB9L
S8dhP7iOM14dPCkSnZSJ43O81WIdi5wQrMU8thNk11NOb2Re6dGJdEKyjX5OE5aj
PVWpa0Hgx24RFXli8wyqanrh1uU1L60j409RTsZRGCz5G33lOe+D4jMyZnSnAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUrsjVaaVWEa/bpDYrFmt5Tf9/lmcwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MTk5OTYyLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcEKgagBSmQMA0GCSqGSIb3DQEBCwUAA4IBAQDKylq9
el7X4zDTJm+pb9fQSXdIKpCFrRZw4maV2kiFDGBqseduBpsRjMX+m7lTf3desKTD
Jz/V1REJSdzTVswGQAsBFdsvFDD31C+VjTpBjYLwOhMrBvLJGeArVY3KDFZqCB8F
duOlQ+a59iFNPPIEHUnLQyZF3SfSjiQFF0YZeQrzFHoeZzr1mFzoXAVLBRCwtjIO
zk+nWy6PiPo0TiSWAsNqFmu62ncbEikV4nLHhj72vsSmVkV04oiwN+k1waAb6Cyr
ldfRjv2Ya+7x1ffncZdTHlSXB7dM9I4UWPNro+IIsu3a2ciDzNxc9g581gsL3a3k
+MIWg/76/ws+nm51
-----END CERTIFICATE-----