Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS200879.roa
File:                     AS200879.roa (raw, json)
Hash identifier:          /k7yg12MWlEmAbJ1EZ/tiShRBXtAckOwUD9TFYaDunc=
Subject key identifier:   F0:2E:0E:6B:CE:14:EB:B3:C9:A8:88:EA:B0:D7:59:17:96:08:B1:00
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       17F4F4822782D5672E673C83AEB68D281BDD4AFC
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS200879.roa
Signing time:             Wed 07 Feb 2024 11:44:24 +0000
ROA not before:           Wed 07 Feb 2024 11:39:24 +0000
ROA not after:            Wed 05 Feb 2025 11:44:24 +0000
asID:                     200879
IP address blocks:        2a06:a005:b6a::/48 maxlen: 48
                          2a06:a005:1d51::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 17:16:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            17:f4:f4:82:27:82:d5:67:2e:67:3c:83:ae:b6:8d:28:1b:dd:4a:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Feb  7 11:39:24 2024 GMT
            Not After : Feb  5 11:44:24 2025 GMT
        Subject: CN=F02E0E6BCE14EBB3C9A888EAB0D759179608B100
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:41:2d:44:87:b7:7b:8d:91:39:7b:4f:a8:f0:
                    10:8a:6b:cc:3c:b9:0c:0f:cf:83:c1:e1:a9:0c:7f:
                    4a:d4:65:20:ff:68:73:c2:85:67:4d:63:68:15:11:
                    a9:bf:9d:bf:c5:72:37:70:5b:16:58:5d:a8:5c:9a:
                    60:7d:d3:89:7e:c2:ac:5b:ac:ff:b7:37:e9:38:2a:
                    cb:1e:bc:60:fe:ac:e2:87:af:cb:e8:e1:6c:19:2c:
                    a6:c6:97:f1:33:9b:e5:d3:3a:2e:c3:b3:8c:de:0c:
                    b3:a0:da:91:8a:2b:97:a0:00:56:68:e1:48:35:4f:
                    62:1f:3d:14:bb:56:ca:63:ed:d6:93:70:de:8c:f0:
                    bb:8f:35:80:55:c9:75:ac:15:ae:fd:ed:1c:a8:63:
                    6c:66:d2:ae:46:fa:ee:7a:6e:04:86:25:41:42:bd:
                    dd:e2:98:cc:c5:19:6f:0a:5e:ff:97:e3:90:ad:ba:
                    c7:a2:62:31:18:8b:cc:7a:54:d8:08:9c:a6:a7:9d:
                    95:16:55:0d:54:bb:90:62:e7:63:4a:84:d0:2e:69:
                    89:c4:99:1c:d9:5a:ec:3d:a9:4e:b0:44:d1:64:0e:
                    4e:3e:85:08:e6:05:f6:7b:45:fd:12:a4:e1:35:a3:
                    84:06:a9:57:ac:ac:32:86:25:64:5e:08:17:44:33:
                    da:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:2E:0E:6B:CE:14:EB:B3:C9:A8:88:EA:B0:D7:59:17:96:08:B1:00
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS200879.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:b6a::/48
                  2a06:a005:1d51::/48

    Signature Algorithm: sha256WithRSAEncryption
         c4:be:60:73:c1:46:e2:3b:9f:09:e7:e2:ce:be:d9:ca:d4:2c:
         49:c7:5f:e8:0d:1d:33:4f:59:ed:65:df:2c:99:44:41:f4:7d:
         84:9c:e6:8c:31:c3:e9:10:80:58:7b:31:5a:3f:e6:c0:e1:23:
         21:93:f3:dd:30:d3:17:9b:13:de:dc:bc:dd:d5:78:06:35:72:
         d1:34:10:9c:5c:36:b8:3d:e9:cd:fc:c0:02:b1:34:06:62:49:
         2b:56:31:8f:46:d7:df:30:46:a5:d0:3c:7a:44:c0:51:55:aa:
         69:be:45:43:6f:d1:02:35:a8:25:6d:49:e9:3f:3e:c9:b5:06:
         3b:e2:32:f0:06:d1:d6:d9:e5:df:05:9a:2f:b1:ed:4f:31:92:
         33:8d:e0:89:0c:44:f7:ae:ac:da:73:62:79:61:fc:fc:e8:0c:
         3f:d9:bc:1c:9b:2a:06:1e:a9:7c:1f:cd:b3:bc:6c:1b:ea:e6:
         8a:11:3a:a4:f7:cb:3a:40:77:e4:d6:4b:09:5c:a2:bb:7c:cd:
         c8:fc:7b:a5:2c:49:64:27:98:a6:db:03:14:3f:f4:16:31:ec:
         d8:da:d8:b6:0d:73:85:7f:ed:bf:64:a6:1e:93:fd:96:08:5b:
         48:23:c8:d7:d9:57:1b:5a:08:73:15:53:e4:5d:8e:02:e0:4d:
         6e:59:fd:49
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIUF/T0gieC1WcuZzyDrraNKBvdSvwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDAyMDcxMTM5MjRaFw0yNTAyMDUxMTQ0MjRaMDMxMTAvBgNV
BAMTKEYwMkUwRTZCQ0UxNEVCQjNDOUE4ODhFQUIwRDc1OTE3OTYwOEIxMDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSQS1Eh7d7jZE5e0+o8BCKa8w8
uQwPz4PB4akMf0rUZSD/aHPChWdNY2gVEam/nb/FcjdwWxZYXahcmmB904l+wqxb
rP+3N+k4KssevGD+rOKHr8vo4WwZLKbGl/Ezm+XTOi7Ds4zeDLOg2pGKK5egAFZo
4Ug1T2IfPRS7Vspj7daTcN6M8LuPNYBVyXWsFa797RyoY2xm0q5G+u56bgSGJUFC
vd3imMzFGW8KXv+X45CtuseiYjEYi8x6VNgInKannZUWVQ1Uu5Bi52NKhNAuaYnE
mRzZWuw9qU6wRNFkDk4+hQjmBfZ7Rf0SpOE1o4QGqVesrDKGJWReCBdEM9qRAgMB
AAGjggH7MIIB9zAdBgNVHQ4EFgQU8C4Oa84U67PJqIjqsNdZF5YIsQAwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjAwODc5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEH
AQH/BBwwGjAYBAIAAjASAwcAKgagBQtqAwcAKgagBR1RMA0GCSqGSIb3DQEBCwUA
A4IBAQDEvmBzwUbiO58J5+LOvtnK1CxJx1/oDR0zT1ntZd8smURB9H2EnOaMMcPp
EIBYezFaP+bA4SMhk/PdMNMXmxPe3Lzd1XgGNXLRNBCcXDa4PenN/MACsTQGYkkr
VjGPRtffMEal0Dx6RMBRVappvkVDb9ECNaglbUnpPz7JtQY74jLwBtHW2eXfBZov
se1PMZIzjeCJDET3rqzac2J5Yfz86Aw/2bwcmyoGHql8H82zvGwb6uaKETqk98s6
QHfk1ksJXKK7fM3I/HulLElkJ5im2wMUP/QWMezY2ti2DXOFf+2/ZKYek/2WCFtI
I8jX2VcbWghzFVPkXY4C4E1uWf1J
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:40:20 2024 by rpki-client on console-ams.rpki-client.org