Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS200255.roa
File:                     AS200255.roa (raw, json)
Hash identifier:          tVrTBd+Ay/lIv5zvJXywvtvM1Cz0qdkvGrv3UOInm3o=
Subject key identifier:   90:67:06:A4:A0:62:FF:66:BA:55:B0:DC:98:65:AC:0A:38:02:F2:85
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       4DDE8EF08A4E907CAF845316D39E21B8970B3E17
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS200255.roa
Signing time:             Tue 05 Dec 2023 02:44:17 +0000
ROA not before:           Tue 05 Dec 2023 02:39:17 +0000
ROA not after:            Tue 03 Dec 2024 02:44:17 +0000
asID:                     200255
IP address blocks:        2a06:a005:a00::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 05 May 2024 05:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4d:de:8e:f0:8a:4e:90:7c:af:84:53:16:d3:9e:21:b8:97:0b:3e:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Dec  5 02:39:17 2023 GMT
            Not After : Dec  3 02:44:17 2024 GMT
        Subject: CN=906706A4A062FF66BA55B0DC9865AC0A3802F285
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:1c:35:5f:9a:18:26:1c:21:37:52:77:62:57:
                    06:c8:0e:00:65:b4:00:bc:b8:a6:8b:3e:60:59:42:
                    0f:ec:8e:e7:aa:05:a0:55:6d:2c:ea:08:8f:d9:c7:
                    7e:51:95:29:54:98:df:28:69:6b:e4:74:67:a6:74:
                    d3:ed:e0:38:dc:d3:8c:1d:0b:64:9b:67:88:03:05:
                    eb:f2:5d:7e:c8:75:8a:15:54:54:4d:3b:3c:2e:b0:
                    2a:a4:19:13:d6:98:53:9e:c1:c6:15:b2:73:35:03:
                    42:c0:d3:a1:ab:57:0a:0b:3a:53:1c:9f:58:f5:2a:
                    ab:af:9a:8a:c9:2d:79:30:ad:db:f5:3b:db:51:0f:
                    b8:36:21:70:06:e5:11:49:0a:04:24:46:5e:96:8a:
                    88:f5:1e:b2:e0:b7:1b:82:de:8b:94:f6:14:49:78:
                    a9:14:28:53:86:68:8a:dd:d1:13:89:72:a6:ad:0b:
                    54:e3:f9:aa:76:9a:c3:19:0e:9a:35:e4:a2:0f:c1:
                    3f:2e:93:1d:e4:cf:d7:1d:67:75:0e:82:73:b6:0f:
                    85:8d:a4:d0:e0:f4:a5:40:6c:08:c7:5a:61:42:9a:
                    cb:0c:4d:6f:6e:30:86:25:1b:33:6f:1d:23:76:66:
                    c4:39:83:dc:e2:09:9c:97:a1:b4:3d:fa:44:0a:54:
                    8c:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:67:06:A4:A0:62:FF:66:BA:55:B0:DC:98:65:AC:0A:38:02:F2:85
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS200255.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:a00::/48

    Signature Algorithm: sha256WithRSAEncryption
         20:5d:c5:6f:f9:d4:e6:69:3a:b7:f7:ab:e0:49:39:7d:d9:71:
         72:de:37:5d:2c:e9:24:2e:aa:96:c1:d5:c7:28:4b:2c:1e:e2:
         bf:b7:17:b3:fe:55:c6:13:de:47:02:cc:f9:1c:52:73:fb:14:
         ef:8b:b2:bb:43:fb:32:bd:de:c6:32:9e:44:67:c8:65:53:9a:
         f1:df:fd:0b:d9:75:78:93:b1:c5:c5:0a:16:02:00:e5:a3:27:
         71:c8:74:68:59:94:41:5b:b5:62:a4:df:54:fe:ae:f6:8e:6b:
         ca:e0:25:87:0a:46:6a:cf:c2:04:60:bb:1e:07:cf:68:74:c0:
         4f:03:f0:66:e5:41:26:84:88:4b:6c:c0:f2:61:2e:4b:62:80:
         20:f3:ad:32:3f:27:c8:5b:36:04:2e:dc:ae:67:12:de:8e:eb:
         09:cc:fd:89:32:24:03:3f:2a:ee:c6:3e:d4:f1:71:33:f3:3f:
         92:56:91:ae:81:21:24:ff:f1:c8:11:4d:82:5b:eb:66:69:3e:
         05:9c:fb:0d:2a:55:b3:31:83:90:c0:13:73:f7:7d:85:54:24:
         a3:07:ac:8f:96:d8:8c:ec:d6:4b:c7:01:2a:2d:33:1c:f1:4c:
         30:74:3d:fd:0e:a5:17:29:5a:bf:c5:03:1c:14:a1:e8:50:48:
         29:2d:e7:a8
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUTd6O8IpOkHyvhFMW054huJcLPhcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzEyMDUwMjM5MTdaFw0yNDEyMDMwMjQ0MTdaMDMxMTAvBgNV
BAMTKDkwNjcwNkE0QTA2MkZGNjZCQTU1QjBEQzk4NjVBQzBBMzgwMkYyODUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsHDVfmhgmHCE3UndiVwbIDgBl
tAC8uKaLPmBZQg/sjueqBaBVbSzqCI/Zx35RlSlUmN8oaWvkdGemdNPt4Djc04wd
C2SbZ4gDBevyXX7IdYoVVFRNOzwusCqkGRPWmFOewcYVsnM1A0LA06GrVwoLOlMc
n1j1KquvmorJLXkwrdv1O9tRD7g2IXAG5RFJCgQkRl6Wioj1HrLgtxuC3ouU9hRJ
eKkUKFOGaIrd0ROJcqatC1Tj+ap2msMZDpo15KIPwT8ukx3kz9cdZ3UOgnO2D4WN
pNDg9KVAbAjHWmFCmssMTW9uMIYlGzNvHSN2ZsQ5g9ziCZyXobQ9+kQKVIyVAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUkGcGpKBi/2a6VbDcmGWsCjgC8oUwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjAwMjU1LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcAKgagBQoAMA0GCSqGSIb3DQEBCwUAA4IBAQAgXcVv
+dTmaTq396vgSTl92XFy3jddLOkkLqqWwdXHKEssHuK/txez/lXGE95HAsz5HFJz
+xTvi7K7Q/syvd7GMp5EZ8hlU5rx3/0L2XV4k7HFxQoWAgDloydxyHRoWZRBW7Vi
pN9U/q72jmvK4CWHCkZqz8IEYLseB89odMBPA/Bm5UEmhIhLbMDyYS5LYoAg860y
PyfIWzYELtyuZxLejusJzP2JMiQDPyruxj7U8XEz8z+SVpGugSEk//HIEU2CW+tm
aT4FnPsNKlWzMYOQwBNz932FVCSjB6yPltiM7NZLxwEqLTMc8UwwdD39DqUXKVq/
xQMcFKHoUEgpLeeo
-----END CERTIFICATE-----