Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS200351.roa
File:                     AS200351.roa (raw, json)
Hash identifier:          KjDoOrZZAATirX0pFy2tDjtkwsOuY/7ph9XC9rSWm1c=
Subject key identifier:   A2:71:7B:E7:65:04:B7:5F:09:38:C8:62:E6:3F:9D:03:15:4D:10:7C
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       04B6A10E3B56B42F867478ADEDD6C404A3001854
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS200351.roa
Signing time:             Thu 22 Feb 2024 08:44:24 +0000
ROA not before:           Thu 22 Feb 2024 08:39:24 +0000
ROA not after:            Thu 20 Feb 2025 08:44:24 +0000
asID:                     200351
IP address blocks:        2a06:a005:1e90::/44 maxlen: 48
                          2a06:a005:26c8::/46 maxlen: 48
                          2a06:a005:2720::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 00:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:b6:a1:0e:3b:56:b4:2f:86:74:78:ad:ed:d6:c4:04:a3:00:18:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Feb 22 08:39:24 2024 GMT
            Not After : Feb 20 08:44:24 2025 GMT
        Subject: CN=A2717BE76504B75F0938C862E63F9D03154D107C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:91:6a:fa:c0:88:98:a7:0d:a1:fc:99:e0:0e:
                    52:f0:30:1e:af:67:4f:f3:9b:0a:c9:82:d0:28:10:
                    b7:8d:46:55:05:ec:7d:52:f5:fb:ea:6c:0f:73:01:
                    22:3a:38:03:c8:15:d2:21:d7:65:32:a8:91:62:84:
                    85:d7:20:f7:26:6a:f5:b5:8d:b2:c7:52:3e:bb:d2:
                    e5:17:d3:7f:35:87:98:c2:38:01:9a:53:37:2b:85:
                    0a:01:b1:7d:e9:98:99:6b:98:32:db:40:d2:07:17:
                    af:83:0b:a4:31:84:71:44:45:c0:a7:5b:84:de:44:
                    2a:33:46:e8:ac:86:a8:b5:cc:19:13:dd:a7:ef:45:
                    0e:ec:93:da:ab:bd:64:14:65:1b:d9:dd:10:00:a4:
                    d5:5d:f2:c5:39:8c:1e:7b:e8:58:99:d3:50:42:34:
                    4c:b5:04:09:9d:ee:a1:26:bc:3c:02:86:ce:85:bc:
                    da:f1:fa:bf:76:db:49:6b:45:da:8d:63:37:f9:5e:
                    fd:94:57:3f:17:68:24:8e:18:a6:3f:8b:d0:34:4f:
                    5b:0c:f9:5d:3d:31:f3:01:01:95:be:97:89:e0:78:
                    d1:b1:ac:3f:4c:3b:ec:98:aa:f2:f5:2d:1b:00:e7:
                    58:5f:b1:fd:0d:3a:d4:75:35:6b:75:a3:a4:7c:1f:
                    1a:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:71:7B:E7:65:04:B7:5F:09:38:C8:62:E6:3F:9D:03:15:4D:10:7C
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS200351.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:1e90::/44
                  2a06:a005:26c8::/46
                  2a06:a005:2720::/44

    Signature Algorithm: sha256WithRSAEncryption
         a3:d7:99:a4:09:f8:2b:7a:d7:d6:0a:04:05:2a:82:39:59:b2:
         56:93:f0:74:f9:f6:4d:89:73:d4:a3:af:11:ab:a3:53:61:22:
         0c:bf:45:d9:f5:19:91:95:fe:ac:ef:08:2b:e9:1b:60:76:7a:
         e0:76:ca:ab:65:24:68:2e:9a:19:af:a8:7f:03:a1:ba:27:37:
         69:62:43:6f:5c:ef:6a:44:77:07:e9:7c:ed:fd:71:3c:05:ee:
         d7:8f:bd:ca:a3:91:05:a8:f2:34:4b:5b:72:e1:8c:d5:0d:67:
         3e:9e:7a:99:a1:34:1b:90:c2:0d:61:d3:76:ce:a3:8b:00:9b:
         98:68:06:a5:63:75:c4:67:91:83:77:39:25:7f:7b:a8:49:1d:
         eb:af:2d:7d:ba:8e:56:97:ba:21:31:0a:79:3f:31:fe:08:07:
         b6:41:5f:d1:6d:0c:04:0b:49:8a:2b:12:a3:5a:57:77:58:26:
         60:6d:82:3e:cd:2a:94:92:d2:7d:8d:1a:dd:4d:e6:5c:7a:71:
         f7:df:fb:1a:52:97:01:f9:cb:05:39:e1:39:18:39:bb:b9:e0:
         1d:b8:68:1a:06:5b:d9:e1:ad:c9:03:b2:0c:7f:08:b3:02:ca:
         8f:85:e2:5a:f0:fe:4b:68:f6:94:69:8b:d6:69:0b:36:6c:ce:
         29:ef:5e:54
-----BEGIN CERTIFICATE-----
MIIE+jCCA+KgAwIBAgIUBLahDjtWtC+GdHit7dbEBKMAGFQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDAyMjIwODM5MjRaFw0yNTAyMjAwODQ0MjRaMDMxMTAvBgNV
BAMTKEEyNzE3QkU3NjUwNEI3NUYwOTM4Qzg2MkU2M0Y5RDAzMTU0RDEwN0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSkWr6wIiYpw2h/JngDlLwMB6v
Z0/zmwrJgtAoELeNRlUF7H1S9fvqbA9zASI6OAPIFdIh12UyqJFihIXXIPcmavW1
jbLHUj670uUX0381h5jCOAGaUzcrhQoBsX3pmJlrmDLbQNIHF6+DC6QxhHFERcCn
W4TeRCozRuishqi1zBkT3afvRQ7sk9qrvWQUZRvZ3RAApNVd8sU5jB576FiZ01BC
NEy1BAmd7qEmvDwChs6FvNrx+r9220lrRdqNYzf5Xv2UVz8XaCSOGKY/i9A0T1sM
+V09MfMBAZW+l4ngeNGxrD9MO+yYqvL1LRsA51hfsf0NOtR1NWt1o6R8HxrhAgMB
AAGjggIEMIICADAdBgNVHQ4EFgQUonF752UEt18JOMhi5j+dAxVNEHwwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjAwMzUxLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEH
AQH/BCUwIzAhBAIAAjAbAwcEKgagBR6QAwcCKgagBSbIAwcEKgagBScgMA0GCSqG
SIb3DQEBCwUAA4IBAQCj15mkCfgretfWCgQFKoI5WbJWk/B0+fZNiXPUo68Rq6NT
YSIMv0XZ9RmRlf6s7wgr6RtgdnrgdsqrZSRoLpoZr6h/A6G6JzdpYkNvXO9qRHcH
6Xzt/XE8Be7Xj73Ko5EFqPI0S1ty4YzVDWc+nnqZoTQbkMINYdN2zqOLAJuYaAal
Y3XEZ5GDdzklf3uoSR3rry19uo5Wl7ohMQp5PzH+CAe2QV/RbQwEC0mKKxKjWld3
WCZgbYI+zSqUktJ9jRrdTeZcenH33/saUpcB+csFOeE5GDm7ueAduGgaBlvZ4a3J
A7IMfwizAsqPheJa8P5LaPaUaYvWaQs2bM4p715U
-----END CERTIFICATE-----
Generated at Thu Nov 21 05:05:43 2024 by rpki-client on console-fra.rpki-client.org