Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS200101.roa
File:                     AS200101.roa (raw, json)
Hash identifier:          IeyhqvP/C/5Em7FrmEhwg9PEha2YThgt1Z4Ve1hIKnY=
Subject key identifier:   8D:7F:67:BE:53:E2:38:05:E2:8A:15:9A:D6:B3:A7:47:02:D6:D1:2D
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       61FA5D7BF0A992D0E6008104074903B4EA655A46
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS200101.roa
Signing time:             Tue 02 Jan 2024 19:44:21 +0000
ROA not before:           Tue 02 Jan 2024 19:39:21 +0000
ROA not after:            Tue 31 Dec 2024 19:44:21 +0000
asID:                     200101
IP address blocks:        2a06:a005:458::/48 maxlen: 48
                          2a06:a005:459::/48 maxlen: 48
                          2a06:a005:1620::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 23:17:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            61:fa:5d:7b:f0:a9:92:d0:e6:00:81:04:07:49:03:b4:ea:65:5a:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Jan  2 19:39:21 2024 GMT
            Not After : Dec 31 19:44:21 2024 GMT
        Subject: CN=8D7F67BE53E23805E28A159AD6B3A74702D6D12D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:b5:d9:3a:b0:1c:d3:ea:4a:0b:07:0e:8f:b4:
                    92:8a:07:47:45:f4:44:0a:0b:19:7a:f4:9f:ce:04:
                    5b:14:d9:59:1a:0a:aa:9d:7f:be:46:85:f4:f3:6d:
                    02:65:83:a2:40:41:f1:4b:5f:b0:da:d5:14:14:74:
                    ec:ee:24:f7:a7:c1:20:40:f3:26:82:a4:58:04:d7:
                    84:ee:e5:b5:1a:aa:10:eb:29:44:6a:f8:e3:91:37:
                    ec:b4:83:4c:25:0c:56:93:ec:0b:c9:55:3b:19:77:
                    b6:a0:c3:7e:8c:fe:ae:da:6a:c9:7d:8d:4c:15:f0:
                    c4:05:e9:ac:2e:08:e0:61:42:d5:23:1c:e3:e6:c7:
                    1c:9e:63:81:03:6f:00:6c:b8:f9:42:08:86:67:4f:
                    45:19:42:82:ca:9c:00:7c:51:3a:9a:0c:2b:77:fd:
                    41:cd:df:79:ac:0d:1c:b4:92:8e:d5:af:48:05:14:
                    b8:ad:89:ea:4f:1e:6b:ea:8b:f5:07:e2:ad:e5:f7:
                    92:bf:0c:1c:85:94:0b:9d:b0:06:f4:05:28:f9:ad:
                    06:6a:a2:41:f6:56:4f:54:d3:54:99:18:fd:50:e9:
                    1a:e0:70:c8:01:be:36:29:0d:6e:f7:be:cd:ba:ea:
                    12:9e:f2:a1:97:4b:2a:25:75:cd:2c:61:38:79:b2:
                    76:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:7F:67:BE:53:E2:38:05:E2:8A:15:9A:D6:B3:A7:47:02:D6:D1:2D
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS200101.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:458::/47
                  2a06:a005:1620::/44

    Signature Algorithm: sha256WithRSAEncryption
         53:a7:f4:1d:76:e4:a4:8e:41:22:aa:dd:51:40:fc:ff:60:66:
         c8:7e:f0:da:08:4a:10:44:9d:b6:90:3d:b5:f1:ba:a8:e2:53:
         96:12:9d:0b:1b:5f:d6:fa:ab:e2:e4:bd:5e:ba:62:7e:15:63:
         b5:57:b9:56:a5:1c:94:ef:0c:63:34:a3:d4:2e:79:58:60:3f:
         14:81:1a:b0:7e:37:bc:35:14:ec:a8:23:e9:35:6e:41:45:f3:
         f7:aa:68:a7:68:fb:03:4d:44:72:1e:05:95:54:15:84:99:46:
         df:f5:c3:bb:8f:65:ea:a8:a0:24:82:6e:91:34:bb:0c:f1:88:
         c3:f8:f1:23:4d:35:1d:13:28:ce:13:71:bf:12:7c:fd:c9:d8:
         09:75:fe:18:2b:4a:a0:b1:1d:ac:0d:33:f3:da:29:a2:cf:d7:
         01:c0:42:01:05:f9:1f:13:9c:fc:ef:b4:86:78:43:a9:70:24:
         40:be:b3:7d:84:d9:a0:09:72:91:ad:5e:2b:2b:c9:d5:5a:38:
         8b:2f:62:f1:9e:b9:13:f9:73:6a:87:48:57:c7:2c:78:d6:ec:
         c1:d7:f1:83:65:db:66:30:69:4d:d7:8c:ac:48:20:1d:c6:06:
         4b:cc:59:11:be:e1:ef:95:53:e7:75:0d:46:46:16:e5:91:ef:
         07:a6:8c:1f
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIUYfpde/CpktDmAIEEB0kDtOplWkYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDAxMDIxOTM5MjFaFw0yNDEyMzExOTQ0MjFaMDMxMTAvBgNV
BAMTKDhEN0Y2N0JFNTNFMjM4MDVFMjhBMTU5QUQ2QjNBNzQ3MDJENkQxMkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDtdk6sBzT6koLBw6PtJKKB0dF
9EQKCxl69J/OBFsU2VkaCqqdf75GhfTzbQJlg6JAQfFLX7Da1RQUdOzuJPenwSBA
8yaCpFgE14Tu5bUaqhDrKURq+OORN+y0g0wlDFaT7AvJVTsZd7agw36M/q7aasl9
jUwV8MQF6awuCOBhQtUjHOPmxxyeY4EDbwBsuPlCCIZnT0UZQoLKnAB8UTqaDCt3
/UHN33msDRy0ko7Vr0gFFLitiepPHmvqi/UH4q3l95K/DByFlAudsAb0BSj5rQZq
okH2Vk9U01SZGP1Q6RrgcMgBvjYpDW73vs266hKe8qGXSyoldc0sYTh5snYDAgMB
AAGjggH7MIIB9zAdBgNVHQ4EFgQUjX9nvlPiOAXiihWa1rOnRwLW0S0wHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjAwMTAxLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEH
AQH/BBwwGjAYBAIAAjASAwcBKgagBQRYAwcEKgagBRYgMA0GCSqGSIb3DQEBCwUA
A4IBAQBTp/QdduSkjkEiqt1RQPz/YGbIfvDaCEoQRJ22kD218bqo4lOWEp0LG1/W
+qvi5L1eumJ+FWO1V7lWpRyU7wxjNKPULnlYYD8UgRqwfje8NRTsqCPpNW5BRfP3
qminaPsDTURyHgWVVBWEmUbf9cO7j2XqqKAkgm6RNLsM8YjD+PEjTTUdEyjOE3G/
Enz9ydgJdf4YK0qgsR2sDTPz2imiz9cBwEIBBfkfE5z877SGeEOpcCRAvrN9hNmg
CXKRrV4rK8nVWjiLL2LxnrkT+XNqh0hXxyx41uzB1/GDZdtmMGlN14ysSCAdxgZL
zFkRvuHvlVPndQ1GRhblke8Hpowf
-----END CERTIFICATE-----
Generated at Fri Nov 22 08:13:35 2024 by rpki-client on console-fra.rpki-client.org