Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS200731.roa
File:                     AS200731.roa (raw, json)
Hash identifier:          xVavRX+AOGU7+zxywfuOTi6o9eVOu+1OTa+oIgY5WWI=
Subject key identifier:   0E:24:BE:2C:C6:5F:26:4B:FC:D6:55:CD:9F:D2:40:0D:56:D2:A5:70
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       1617FE6F81F5DD126F22285900DABE47CDFD4E7A
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS200731.roa
Signing time:             Tue 05 Dec 2023 02:44:13 +0000
ROA not before:           Tue 05 Dec 2023 02:39:13 +0000
ROA not after:            Tue 03 Dec 2024 02:44:13 +0000
asID:                     200731
IP address blocks:        2a06:a005:116c::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 05 May 2024 05:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            16:17:fe:6f:81:f5:dd:12:6f:22:28:59:00:da:be:47:cd:fd:4e:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Dec  5 02:39:13 2023 GMT
            Not After : Dec  3 02:44:13 2024 GMT
        Subject: CN=0E24BE2CC65F264BFCD655CD9FD2400D56D2A570
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:13:78:55:9f:ae:0e:d2:ba:8a:27:61:0b:98:
                    3d:dd:40:7b:a8:2e:f2:5a:af:83:5f:00:07:98:3a:
                    52:24:14:82:66:ed:14:63:25:01:25:d1:fe:85:4b:
                    c3:c0:06:50:8c:bc:5a:38:e9:59:6e:25:3a:f6:8d:
                    ab:d0:ca:0a:63:8f:7f:50:9a:46:aa:fc:97:13:ed:
                    23:0b:73:7c:fa:ab:c6:79:cc:04:12:9d:3d:e5:e7:
                    9b:f3:86:c1:61:71:b7:ee:76:7f:20:cb:28:e7:46:
                    d1:8d:28:63:cb:4d:06:3c:29:7c:43:42:f8:8d:31:
                    79:a3:8f:0e:fd:77:08:55:16:6b:46:d1:89:64:88:
                    c9:d8:40:86:24:36:88:21:83:5b:6d:89:31:ff:66:
                    70:a1:96:67:0d:a0:5a:f4:a7:37:82:d3:ea:3d:07:
                    55:f2:84:73:1a:e8:5e:22:47:59:89:57:c0:4f:ab:
                    6c:c2:44:c5:c9:8f:16:bd:ed:36:8b:0d:41:b6:b5:
                    02:cf:fc:71:7a:91:ef:f8:bb:40:52:ca:77:e4:4b:
                    58:29:67:f6:7b:61:27:6e:e2:f6:a0:29:51:ce:8a:
                    1c:5e:6f:29:2c:ba:22:55:ea:7f:4b:0b:d8:c0:8c:
                    14:e5:65:7b:09:74:95:70:0d:ff:ec:eb:04:e5:c2:
                    44:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:24:BE:2C:C6:5F:26:4B:FC:D6:55:CD:9F:D2:40:0D:56:D2:A5:70
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS200731.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:116c::/48

    Signature Algorithm: sha256WithRSAEncryption
         c1:64:71:3d:bb:ae:b7:fb:3a:c8:ea:a2:23:ef:f0:b3:b6:c0:
         96:58:f0:f0:3b:57:7a:e8:b2:29:03:14:6e:25:bd:4f:cb:03:
         32:5e:63:54:da:59:aa:61:d4:a5:2a:7d:04:44:1a:25:9d:40:
         03:8b:c8:c3:32:29:86:1a:8e:01:43:b2:e5:e6:6a:12:b1:90:
         e8:92:10:27:08:08:97:02:27:2f:9e:8d:81:bf:51:7a:aa:a8:
         5e:e1:00:8a:3a:df:5e:07:87:ed:e8:e4:f0:28:a8:f5:1f:44:
         ff:4b:3d:c4:39:9b:ae:e9:49:80:70:02:01:ad:e3:93:f1:af:
         7d:89:a1:31:ff:86:c3:58:35:5f:b7:57:29:a6:b2:2b:51:4d:
         35:da:b9:1f:bc:ac:22:07:08:86:8f:73:b0:56:bc:2a:f1:c0:
         9b:81:d1:e7:0b:ee:4a:31:46:87:df:fb:8d:be:95:55:fe:96:
         19:e1:63:3b:dd:ca:51:02:b2:76:93:c9:e5:91:af:39:a1:28:
         4c:5f:fc:fc:89:5a:41:fb:3d:d4:c6:71:2d:32:a4:02:ac:7d:
         fa:5f:f7:fd:b5:ac:66:d1:88:88:c9:30:48:81:34:5b:1c:9a:
         a3:e7:ca:49:bf:12:3c:bd:64:2e:ae:22:b3:83:fb:aa:a7:bd:
         50:04:28:aa
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUFhf+b4H13RJvIihZANq+R839TnowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzEyMDUwMjM5MTNaFw0yNDEyMDMwMjQ0MTNaMDMxMTAvBgNV
BAMTKDBFMjRCRTJDQzY1RjI2NEJGQ0Q2NTVDRDlGRDI0MDBENTZEMkE1NzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVE3hVn64O0rqKJ2ELmD3dQHuo
LvJar4NfAAeYOlIkFIJm7RRjJQEl0f6FS8PABlCMvFo46VluJTr2javQygpjj39Q
mkaq/JcT7SMLc3z6q8Z5zAQSnT3l55vzhsFhcbfudn8gyyjnRtGNKGPLTQY8KXxD
QviNMXmjjw79dwhVFmtG0YlkiMnYQIYkNoghg1ttiTH/ZnChlmcNoFr0pzeC0+o9
B1XyhHMa6F4iR1mJV8BPq2zCRMXJjxa97TaLDUG2tQLP/HF6ke/4u0BSynfkS1gp
Z/Z7YSdu4vagKVHOihxebyksuiJV6n9LC9jAjBTlZXsJdJVwDf/s6wTlwkRXAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUDiS+LMZfJkv81lXNn9JADVbSpXAwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjAwNzMxLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcAKgagBRFsMA0GCSqGSIb3DQEBCwUAA4IBAQDBZHE9
u663+zrI6qIj7/CztsCWWPDwO1d66LIpAxRuJb1PywMyXmNU2lmqYdSlKn0ERBol
nUADi8jDMimGGo4BQ7Ll5moSsZDokhAnCAiXAicvno2Bv1F6qqhe4QCKOt9eB4ft
6OTwKKj1H0T/Sz3EOZuu6UmAcAIBreOT8a99iaEx/4bDWDVft1cpprIrUU012rkf
vKwiBwiGj3OwVrwq8cCbgdHnC+5KMUaH3/uNvpVV/pYZ4WM73cpRArJ2k8nlka85
oShMX/z8iVpB+z3UxnEtMqQCrH36X/f9taxm0YiIyTBIgTRbHJqj58pJvxI8vWQu
riKzg/uqp71QBCiq
-----END CERTIFICATE-----