Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS200266.roa
File:                     AS200266.roa (raw, json)
Hash identifier:          q9gHjKNjqgbeF1ThOK8a5eQIFwxPMGyseqnfLRE5oeo=
Subject key identifier:   18:B3:39:63:FE:7E:FE:04:BC:64:BE:5C:87:CF:2A:20:60:A8:9C:C2
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       43EB46E249192F568DBF459F3E3F1121375A00B4
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS200266.roa
Signing time:             Tue 05 Dec 2023 02:44:17 +0000
ROA not before:           Tue 05 Dec 2023 02:39:17 +0000
ROA not after:            Tue 03 Dec 2024 02:44:17 +0000
asID:                     200266
IP address blocks:        2a06:a005:ba1::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 04 May 2024 14:41:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            43:eb:46:e2:49:19:2f:56:8d:bf:45:9f:3e:3f:11:21:37:5a:00:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Dec  5 02:39:17 2023 GMT
            Not After : Dec  3 02:44:17 2024 GMT
        Subject: CN=18B33963FE7EFE04BC64BE5C87CF2A2060A89CC2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:68:e4:77:45:0c:1c:07:6e:7a:bd:3b:5d:69:
                    a1:29:f4:16:45:7f:e2:25:74:41:44:57:8b:99:c8:
                    56:aa:9f:93:47:78:d0:8f:b5:9e:44:25:34:c8:cb:
                    c3:67:25:11:b4:60:96:96:0a:b3:b9:77:e4:b0:46:
                    6f:ab:36:e4:42:8f:0d:fa:e3:f2:e6:c6:9e:d4:56:
                    32:61:e3:2b:e6:9b:6a:3e:1e:cb:6d:bd:7d:d8:fd:
                    4f:04:49:80:d3:e9:a4:2a:15:d3:11:51:37:a7:7c:
                    c4:78:14:21:d5:7c:06:1e:83:79:dd:f9:dd:8e:9c:
                    87:d7:95:52:ca:97:e3:5b:32:51:57:48:dc:a7:e6:
                    ac:e2:f9:d3:f7:34:89:8f:85:96:7c:d9:66:2f:6b:
                    c5:f3:85:aa:86:93:34:ad:91:30:f4:74:2d:dc:ca:
                    b4:79:0e:8f:79:03:02:c3:f7:9c:f6:86:6c:d8:b1:
                    3c:b3:83:f6:7f:f2:de:c2:18:04:7b:05:6e:7a:23:
                    de:20:67:de:ad:23:61:58:09:2c:4c:f2:20:bf:19:
                    de:35:b3:12:40:4a:11:8a:a5:00:19:56:92:b7:0c:
                    b2:e1:2f:72:dd:46:aa:93:e1:75:61:7a:8e:11:19:
                    ea:2d:c4:8e:4a:3d:3a:f3:ef:79:8a:c9:28:9c:9d:
                    d3:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:B3:39:63:FE:7E:FE:04:BC:64:BE:5C:87:CF:2A:20:60:A8:9C:C2
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS200266.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:ba1::/48

    Signature Algorithm: sha256WithRSAEncryption
         52:c3:f3:06:34:0a:ef:08:a9:cf:5a:f9:7d:0a:54:e6:19:2d:
         ae:75:51:c2:d4:62:90:45:ae:d4:73:4f:2d:0f:f9:88:bd:78:
         58:0d:29:d5:cd:29:96:c4:60:c5:4b:44:1d:2f:f5:14:67:ad:
         a8:79:20:5c:cf:8e:7d:68:70:d1:91:8f:fc:e5:3f:c9:d5:75:
         73:a2:92:f3:37:69:80:55:04:63:dc:a9:49:d6:7b:cf:d6:a2:
         ef:cb:c1:4a:cc:46:4c:b7:66:3b:dc:c8:e3:50:da:0c:a0:54:
         e5:91:3f:e7:0a:b1:f3:18:2a:2e:67:07:7c:87:75:e2:1c:ff:
         57:cf:28:f2:89:2f:fb:12:57:2b:95:bd:82:a6:1f:4c:5a:48:
         6b:07:1b:3f:d2:db:ff:5a:fb:ff:65:27:9d:78:46:5b:70:00:
         b2:71:f9:7b:4e:dd:28:d0:29:70:3d:0b:52:0b:4e:89:36:31:
         8a:cc:04:d7:51:2d:10:94:c4:e2:e3:d1:7a:75:14:b4:57:e7:
         d8:1f:7b:78:dc:d6:2b:b2:65:d3:24:da:54:a4:54:4d:e8:23:
         9f:cd:92:1c:06:e4:fd:78:74:fa:32:5b:73:0b:0e:ac:0c:00:
         e0:f3:d8:dc:db:d1:04:4f:c9:20:b0:16:b6:da:8a:6e:96:34:
         9a:9f:5e:e6
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUQ+tG4kkZL1aNv0WfPj8RITdaALQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzEyMDUwMjM5MTdaFw0yNDEyMDMwMjQ0MTdaMDMxMTAvBgNV
BAMTKDE4QjMzOTYzRkU3RUZFMDRCQzY0QkU1Qzg3Q0YyQTIwNjBBODlDQzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBaOR3RQwcB256vTtdaaEp9BZF
f+IldEFEV4uZyFaqn5NHeNCPtZ5EJTTIy8NnJRG0YJaWCrO5d+SwRm+rNuRCjw36
4/Lmxp7UVjJh4yvmm2o+HsttvX3Y/U8ESYDT6aQqFdMRUTenfMR4FCHVfAYeg3nd
+d2OnIfXlVLKl+NbMlFXSNyn5qzi+dP3NImPhZZ82WYva8XzhaqGkzStkTD0dC3c
yrR5Do95AwLD95z2hmzYsTyzg/Z/8t7CGAR7BW56I94gZ96tI2FYCSxM8iC/Gd41
sxJAShGKpQAZVpK3DLLhL3LdRqqT4XVheo4RGeotxI5KPTrz73mKySicndPTAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUGLM5Y/5+/gS8ZL5ch88qIGConMIwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjAwMjY2LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcAKgagBQuhMA0GCSqGSIb3DQEBCwUAA4IBAQBSw/MG
NArvCKnPWvl9ClTmGS2udVHC1GKQRa7Uc08tD/mIvXhYDSnVzSmWxGDFS0QdL/UU
Z62oeSBcz459aHDRkY/85T/J1XVzopLzN2mAVQRj3KlJ1nvP1qLvy8FKzEZMt2Y7
3MjjUNoMoFTlkT/nCrHzGCouZwd8h3XiHP9XzyjyiS/7Elcrlb2Cph9MWkhrBxs/
0tv/Wvv/ZSedeEZbcACycfl7Tt0o0ClwPQtSC06JNjGKzATXUS0QlMTi49F6dRS0
V+fYH3t43NYrsmXTJNpUpFRN6COfzZIcBuT9eHT6MltzCw6sDADg89jc29EET8kg
sBa22opuljSan17m
-----END CERTIFICATE-----