Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS200866.roa
File:                     AS200866.roa (raw, json)
Hash identifier:          +peub9x07qDRvTXVqTTovJ0j9FfOuHKP2YhV8Qu9Cu4=
Subject key identifier:   38:DC:4F:02:A7:EB:90:F7:03:5B:E8:41:71:12:FC:B4:88:1A:4A:62
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       5E302609B1383ED4CF01E79C6CC2072F4869A5ED
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS200866.roa
Signing time:             Tue 05 Dec 2023 02:44:17 +0000
ROA not before:           Tue 05 Dec 2023 02:39:17 +0000
ROA not after:            Tue 03 Dec 2024 02:44:17 +0000
asID:                     200866
IP address blocks:        2a06:a005:2370::/44 maxlen: 48
                          2a06:a005:26e0::/44 maxlen: 48
                          2a06:a005:26f0::/44 maxlen: 48
                          2a06:a005:2700::/44 maxlen: 48
                          2a06:a005:2710::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 04 May 2024 14:41:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5e:30:26:09:b1:38:3e:d4:cf:01:e7:9c:6c:c2:07:2f:48:69:a5:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Dec  5 02:39:17 2023 GMT
            Not After : Dec  3 02:44:17 2024 GMT
        Subject: CN=38DC4F02A7EB90F7035BE8417112FCB4881A4A62
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:d5:d6:e1:00:5d:6e:17:7c:d5:8a:76:e7:31:
                    6c:f4:c0:b8:7a:a5:ab:04:53:1a:8d:c6:dc:24:bc:
                    e1:91:46:5c:7f:f1:8c:41:e1:e6:81:12:e2:c1:65:
                    e1:c5:ad:e1:69:30:51:a9:bc:80:f6:29:0d:2e:90:
                    7f:98:51:c3:fd:ec:27:5f:f1:08:7d:97:44:5f:fa:
                    df:40:a5:58:b7:62:df:58:d6:5b:38:b9:c5:24:43:
                    b2:b9:09:df:7f:0a:1e:10:c3:38:bb:21:b0:1e:f5:
                    07:cf:f2:d2:1e:6b:60:5e:6d:3c:fe:7e:6a:6b:ec:
                    6f:9a:d3:f4:3a:9d:37:76:7c:80:03:fb:37:c3:54:
                    30:24:e9:5a:67:49:8d:27:20:86:b0:2c:68:c2:80:
                    3d:2d:a2:b4:c4:c0:e9:75:f7:bf:05:72:d7:76:f8:
                    bf:e5:6c:fb:5b:56:92:79:0a:86:35:16:8a:f6:2d:
                    e2:6f:cb:af:2f:b4:f1:ac:38:f1:02:66:50:f8:ca:
                    38:52:55:a1:08:88:32:ae:13:3d:14:7e:fa:30:ef:
                    a1:2c:32:cf:81:9e:2b:a6:42:cd:88:4f:3f:e0:ac:
                    ae:08:55:0e:5d:43:10:e5:77:40:4f:d3:5e:1c:ed:
                    c2:60:63:b2:32:5d:eb:b6:9d:22:80:cf:66:87:83:
                    fe:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:DC:4F:02:A7:EB:90:F7:03:5B:E8:41:71:12:FC:B4:88:1A:4A:62
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS200866.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:2370::/44
                  2a06:a005:26e0::-2a06:a005:271f:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         15:f0:cc:03:f8:94:a1:34:56:db:42:0f:e6:bb:2b:75:0d:a0:
         7e:83:35:a6:ae:8f:13:24:04:cb:67:e7:5a:1e:22:56:e2:7e:
         08:d5:38:c0:1b:21:ac:dd:14:a7:0b:f3:bd:6b:e3:87:78:7e:
         c0:7f:6b:71:a8:cd:00:49:e1:08:a2:92:e8:bd:bd:67:1e:de:
         f0:c2:22:ed:d5:72:36:4d:9f:c4:3e:3f:fb:24:ce:75:23:20:
         5a:21:80:04:0a:a2:d4:ec:74:e9:a4:bc:9d:d7:03:d2:bd:4a:
         37:2b:ce:00:12:7b:18:8b:76:aa:7d:a6:c1:e5:9f:ed:e8:10:
         34:38:00:92:1d:d1:41:00:d0:dc:fa:37:3e:a5:58:50:39:d2:
         73:2a:4e:60:79:4a:5b:09:ed:3a:b6:a5:3e:08:e6:7d:06:3f:
         80:43:b5:51:79:50:55:11:aa:99:3d:8b:d9:71:45:92:ff:6f:
         74:9c:53:48:0e:da:1e:8a:0f:29:c2:61:31:1a:64:5b:93:e0:
         d8:2d:0c:64:90:78:82:d9:e9:3e:52:0d:6a:f6:df:46:df:13:
         67:fe:5a:50:04:ec:33:51:a8:7b:16:00:af:aa:ae:c0:74:9e:
         51:de:17:42:b3:ec:af:af:be:0a:40:c3:5b:95:65:53:e4:16:
         db:29:5d:3f
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgIUXjAmCbE4PtTPAeecbMIHL0hppe0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzEyMDUwMjM5MTdaFw0yNDEyMDMwMjQ0MTdaMDMxMTAvBgNV
BAMTKDM4REM0RjAyQTdFQjkwRjcwMzVCRTg0MTcxMTJGQ0I0ODgxQTRBNjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCd1dbhAF1uF3zVinbnMWz0wLh6
pasEUxqNxtwkvOGRRlx/8YxB4eaBEuLBZeHFreFpMFGpvID2KQ0ukH+YUcP97Cdf
8Qh9l0Rf+t9ApVi3Yt9Y1ls4ucUkQ7K5Cd9/Ch4Qwzi7IbAe9QfP8tIea2BebTz+
fmpr7G+a0/Q6nTd2fIAD+zfDVDAk6VpnSY0nIIawLGjCgD0torTEwOl1978Fctd2
+L/lbPtbVpJ5CoY1For2LeJvy68vtPGsOPECZlD4yjhSVaEIiDKuEz0Ufvow76Es
Ms+BniumQs2ITz/grK4IVQ5dQxDld0BP014c7cJgY7IyXeu2nSKAz2aHg/4rAgMB
AAGjggIGMIICAjAdBgNVHQ4EFgQUONxPAqfrkPcDW+hBcRL8tIgaSmIwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjAwODY2LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEH
AQH/BCcwJTAjBAIAAjAdAwcEKgagBSNwMBIDBwUqBqAFJuADBwUqBqAFJwAwDQYJ
KoZIhvcNAQELBQADggEBABXwzAP4lKE0VttCD+a7K3UNoH6DNaaujxMkBMtn51oe
IlbifgjVOMAbIazdFKcL871r44d4fsB/a3GozQBJ4Qiikui9vWce3vDCIu3VcjZN
n8Q+P/skznUjIFohgAQKotTsdOmkvJ3XA9K9SjcrzgASexiLdqp9psHln+3oEDQ4
AJId0UEA0Nz6Nz6lWFA50nMqTmB5SlsJ7Tq2pT4I5n0GP4BDtVF5UFURqpk9i9lx
RZL/b3ScU0gO2h6KDynCYTEaZFuT4NgtDGSQeILZ6T5SDWr230bfE2f+WlAE7DNR
qHsWAK+qrsB0nlHeF0Kz7K+vvgpAw1uVZVPkFtspXT8=
-----END CERTIFICATE-----