Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS200447.roa
File:                     AS200447.roa (raw, json)
Hash identifier:          8Rasz5uc3WhjnxFi6k3LjIYsVj6owt2Yh1UChassS54=
Subject key identifier:   CB:C9:D6:4E:1E:97:11:E8:0F:0E:7F:9B:60:40:2C:87:92:9E:85:48
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       777D6FAC0EA625165B4FB95D918BC1037F682A44
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS200447.roa
Signing time:             Tue 05 Dec 2023 02:44:18 +0000
ROA not before:           Tue 05 Dec 2023 02:39:18 +0000
ROA not after:            Tue 03 Dec 2024 02:44:18 +0000
asID:                     200447
IP address blocks:        2a06:a005:a16::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 05 May 2024 05:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            77:7d:6f:ac:0e:a6:25:16:5b:4f:b9:5d:91:8b:c1:03:7f:68:2a:44
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Dec  5 02:39:18 2023 GMT
            Not After : Dec  3 02:44:18 2024 GMT
        Subject: CN=CBC9D64E1E9711E80F0E7F9B60402C87929E8548
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:75:f4:95:00:33:0f:bd:75:74:09:3b:95:a7:
                    83:28:77:3a:58:19:b0:a1:06:24:88:13:7e:81:39:
                    a0:9f:a1:b9:b6:a8:55:a0:4b:67:74:38:ff:9a:51:
                    c4:81:68:30:5d:8f:67:47:72:20:42:c4:36:46:24:
                    09:c4:b1:80:f7:37:0f:e5:dd:32:58:28:ef:e9:6b:
                    45:a1:ae:40:a4:11:d3:d7:fd:c1:7f:21:0d:7a:65:
                    ef:d2:35:5a:22:68:52:0f:4e:04:20:28:45:fc:fe:
                    4b:d2:5b:fe:0d:4c:4a:de:6b:99:74:82:f1:b5:e2:
                    c8:3a:35:0b:5f:69:c9:6e:ee:0c:f1:b2:ac:e1:e2:
                    4d:4c:b4:ed:04:6d:e8:b8:c4:f9:54:44:48:b7:12:
                    39:df:b7:18:3e:14:c1:76:ff:72:69:70:bd:45:dc:
                    e2:d5:e9:1b:22:69:75:34:ef:be:98:46:6c:c9:29:
                    2f:ef:ec:c5:9f:4b:c0:eb:e2:6b:f2:a6:d6:c8:8a:
                    db:3e:7a:d6:4a:90:ff:91:ae:49:3e:7d:05:44:ec:
                    cd:f0:b3:db:de:a0:ec:c5:38:4d:c9:de:a2:fb:87:
                    ff:71:4a:ff:48:e4:5b:e1:5b:92:d6:a9:0c:7f:43:
                    f5:66:bc:5d:1e:57:f4:f0:a0:9e:62:fc:c6:c6:b3:
                    66:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:C9:D6:4E:1E:97:11:E8:0F:0E:7F:9B:60:40:2C:87:92:9E:85:48
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS200447.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:a16::/48

    Signature Algorithm: sha256WithRSAEncryption
         90:27:70:2b:15:13:5b:69:d6:22:41:a2:13:8b:3f:7b:7d:cd:
         ca:23:c8:07:ae:7f:75:2b:a7:cf:10:1e:50:b0:46:a0:f3:89:
         da:4f:d8:c9:5b:f4:cc:44:d4:57:71:fa:fd:57:dd:3f:43:0c:
         c7:9f:7f:ab:22:3b:f8:d1:39:83:29:66:2f:9d:1f:e3:eb:84:
         11:2c:b6:b4:c4:10:9e:61:03:68:7d:e4:0f:3c:09:16:42:78:
         53:27:21:36:a3:66:69:14:b4:67:d7:38:b2:b8:6d:35:c4:0c:
         7e:92:c9:92:4e:0c:0e:29:97:05:a9:7d:82:98:b8:d7:a8:f6:
         23:c6:eb:3b:34:da:ca:c7:56:6e:5a:76:79:18:52:07:24:07:
         6d:83:53:5d:bf:42:fa:45:bc:94:21:4c:6d:ab:4a:90:c6:d0:
         44:b6:54:41:25:1d:4d:3f:39:34:f5:00:23:00:d4:99:db:82:
         5f:b0:05:68:ba:c4:cb:7a:49:b3:16:f5:39:8c:de:86:70:e8:
         79:81:c7:83:ca:6c:da:f0:c3:5a:cd:7c:27:28:ba:05:41:1f:
         ca:27:af:22:f7:47:3f:10:b5:8c:41:0a:65:3a:14:01:11:c7:
         d8:41:4a:1e:c0:88:1d:fa:32:32:8f:d5:67:43:3e:74:05:07:
         77:eb:d1:62
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUd31vrA6mJRZbT7ldkYvBA39oKkQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzEyMDUwMjM5MThaFw0yNDEyMDMwMjQ0MThaMDMxMTAvBgNV
BAMTKENCQzlENjRFMUU5NzExRTgwRjBFN0Y5QjYwNDAyQzg3OTI5RTg1NDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGdfSVADMPvXV0CTuVp4ModzpY
GbChBiSIE36BOaCfobm2qFWgS2d0OP+aUcSBaDBdj2dHciBCxDZGJAnEsYD3Nw/l
3TJYKO/pa0WhrkCkEdPX/cF/IQ16Ze/SNVoiaFIPTgQgKEX8/kvSW/4NTErea5l0
gvG14sg6NQtfaclu7gzxsqzh4k1MtO0Ebei4xPlUREi3Ejnftxg+FMF2/3JpcL1F
3OLV6RsiaXU0776YRmzJKS/v7MWfS8Dr4mvyptbIits+etZKkP+Rrkk+fQVE7M3w
s9veoOzFOE3J3qL7h/9xSv9I5FvhW5LWqQx/Q/VmvF0eV/TwoJ5i/MbGs2YRAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUy8nWTh6XEegPDn+bYEAsh5KehUgwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjAwNDQ3LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcAKgagBQoWMA0GCSqGSIb3DQEBCwUAA4IBAQCQJ3Ar
FRNbadYiQaITiz97fc3KI8gHrn91K6fPEB5QsEag84naT9jJW/TMRNRXcfr9V90/
QwzHn3+rIjv40TmDKWYvnR/j64QRLLa0xBCeYQNofeQPPAkWQnhTJyE2o2ZpFLRn
1ziyuG01xAx+ksmSTgwOKZcFqX2CmLjXqPYjxus7NNrKx1ZuWnZ5GFIHJAdtg1Nd
v0L6RbyUIUxtq0qQxtBEtlRBJR1NPzk09QAjANSZ24JfsAVousTLekmzFvU5jN6G
cOh5gceDymza8MNazXwnKLoFQR/KJ68i90c/ELWMQQplOhQBEcfYQUoewIgd+jIy
j9VnQz50BQd369Fi
-----END CERTIFICATE-----