Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS200219.roa
File:                     AS200219.roa (raw, json)
Hash identifier:          sC7/TRbkddKe73nTYrGBCxtW0HgunUK+CWkknYQHIYw=
Subject key identifier:   6F:BA:AE:CD:76:65:87:AA:5A:37:B4:E5:41:41:B7:2F:0E:C6:B6:B9
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       10A767315ED3EF92B466BFA60DBDA756C002D777
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS200219.roa
Signing time:             Fri 15 Dec 2023 13:44:21 +0000
ROA not before:           Fri 15 Dec 2023 13:39:21 +0000
ROA not after:            Fri 13 Dec 2024 13:44:21 +0000
asID:                     200219
IP address blocks:        2a06:a005:2b10::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 05 May 2024 05:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            10:a7:67:31:5e:d3:ef:92:b4:66:bf:a6:0d:bd:a7:56:c0:02:d7:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Dec 15 13:39:21 2023 GMT
            Not After : Dec 13 13:44:21 2024 GMT
        Subject: CN=6FBAAECD766587AA5A37B4E54141B72F0EC6B6B9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:1c:ed:fa:ca:21:27:5c:5d:ae:ea:48:76:33:
                    af:25:2d:e2:de:17:26:b4:79:33:a4:d2:1b:19:b1:
                    9a:49:f4:e4:09:30:55:68:92:07:ee:f1:30:c4:86:
                    df:7e:a3:76:b5:6b:9a:f5:ef:ca:7a:37:06:30:6f:
                    33:36:d2:4e:a0:6d:d2:75:54:d6:88:aa:21:94:94:
                    5a:a7:02:e1:e9:ea:92:ec:ca:f4:11:9e:bf:ef:6e:
                    86:b3:5d:42:ac:c9:d4:8a:f2:76:ea:4e:9d:c3:33:
                    f3:e6:08:5b:55:07:fc:63:70:6c:44:71:d6:8b:89:
                    02:d8:0e:f7:e6:74:1c:2b:cc:f0:db:38:20:83:2e:
                    cd:e4:a9:5b:1e:7e:6e:60:28:82:35:75:06:c6:62:
                    cd:92:2e:39:fa:c0:bc:0f:63:ec:0f:28:c0:12:89:
                    16:4e:6d:1c:1a:40:78:21:4b:12:aa:f7:9e:fa:0f:
                    52:0e:ab:e8:28:d8:4e:4a:d1:02:27:8a:88:73:2a:
                    2b:13:ef:bf:3d:84:db:37:db:b6:23:54:b2:b0:d6:
                    97:d7:0e:3d:8a:63:66:e3:e5:50:a7:43:90:9b:a1:
                    c2:09:70:d3:c2:8b:a9:cc:0d:b5:00:06:a2:75:fa:
                    d1:f3:8a:30:fc:83:68:21:d5:4e:98:29:6b:68:3a:
                    d9:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:BA:AE:CD:76:65:87:AA:5A:37:B4:E5:41:41:B7:2F:0E:C6:B6:B9
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS200219.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:2b10::/44

    Signature Algorithm: sha256WithRSAEncryption
         36:51:f2:45:50:6c:14:0c:23:9e:37:db:ba:c1:2b:75:6c:17:
         64:2d:13:c3:b0:b6:ba:f9:59:09:6f:7a:49:4f:40:1e:aa:80:
         3e:8f:ce:32:b9:36:e2:14:7c:e1:45:01:e5:e8:3b:06:3c:fd:
         6f:c1:6b:74:e8:5c:f5:ec:0b:24:db:5a:84:86:a0:7c:37:84:
         d3:2f:0b:b4:bb:8d:21:e6:1c:76:e0:66:1e:8b:39:5f:6b:45:
         6d:55:33:30:6f:2b:4b:01:38:2f:d7:4c:e2:c0:42:06:1b:61:
         70:c0:8e:cd:da:5f:e3:27:88:63:f4:c8:e9:44:4f:35:34:1e:
         63:a6:84:bf:4d:52:3e:53:ba:22:b9:b9:ac:66:6c:50:ab:ee:
         3c:90:c1:7c:cf:43:9a:98:b7:1c:14:f3:d8:5a:f8:ed:4a:10:
         9f:02:64:12:f4:89:af:59:81:e6:c8:62:51:6b:ef:9b:76:01:
         23:1d:54:58:78:71:77:a4:60:df:7a:da:32:22:a9:82:73:da:
         f8:1c:54:df:ac:2b:ae:ca:d1:c0:6f:6b:bb:77:f6:c5:8c:c5:
         39:39:11:62:2b:71:ce:94:4c:5e:00:01:ee:ff:00:10:bd:29:
         4f:85:c8:36:8c:0c:22:77:71:dd:25:c4:17:b2:c1:f3:af:e0:
         2f:83:2d:79
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUEKdnMV7T75K0Zr+mDb2nVsAC13cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzEyMTUxMzM5MjFaFw0yNDEyMTMxMzQ0MjFaMDMxMTAvBgNV
BAMTKDZGQkFBRUNENzY2NTg3QUE1QTM3QjRFNTQxNDFCNzJGMEVDNkI2QjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyHO36yiEnXF2u6kh2M68lLeLe
Fya0eTOk0hsZsZpJ9OQJMFVokgfu8TDEht9+o3a1a5r178p6NwYwbzM20k6gbdJ1
VNaIqiGUlFqnAuHp6pLsyvQRnr/vboazXUKsydSK8nbqTp3DM/PmCFtVB/xjcGxE
cdaLiQLYDvfmdBwrzPDbOCCDLs3kqVsefm5gKII1dQbGYs2SLjn6wLwPY+wPKMAS
iRZObRwaQHghSxKq9576D1IOq+go2E5K0QIniohzKisT7789hNs327YjVLKw1pfX
Dj2KY2bj5VCnQ5CbocIJcNPCi6nMDbUABqJ1+tHzijD8g2gh1U6YKWtoOtm1AgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUb7quzXZlh6paN7TlQUG3Lw7GtrkwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjAwMjE5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcEKgagBSsQMA0GCSqGSIb3DQEBCwUAA4IBAQA2UfJF
UGwUDCOeN9u6wSt1bBdkLRPDsLa6+VkJb3pJT0AeqoA+j84yuTbiFHzhRQHl6DsG
PP1vwWt06Fz17Ask21qEhqB8N4TTLwu0u40h5hx24GYeizlfa0VtVTMwbytLATgv
10ziwEIGG2FwwI7N2l/jJ4hj9MjpRE81NB5jpoS/TVI+U7oiubmsZmxQq+48kMF8
z0OamLccFPPYWvjtShCfAmQS9ImvWYHmyGJRa++bdgEjHVRYeHF3pGDfetoyIqmC
c9r4HFTfrCuuytHAb2u7d/bFjMU5ORFiK3HOlExeAAHu/wAQvSlPhcg2jAwid3Hd
JcQXssHzr+Avgy15
-----END CERTIFICATE-----