Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS200890.roa
File:                     AS200890.roa (raw, json)
Hash identifier:          wSxJnTl2hnzUkM1UV0SxotSFNWL+opeqJwyKb1c03gA=
Subject key identifier:   89:00:DB:87:9E:F2:5E:D1:8B:40:86:B2:6D:AA:EE:16:FD:72:18:50
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       560629BC1FD0824A0E224D2200C53308B93BCE57
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS200890.roa
Signing time:             Tue 05 Dec 2023 02:44:15 +0000
ROA not before:           Tue 05 Dec 2023 02:39:15 +0000
ROA not after:            Tue 03 Dec 2024 02:44:15 +0000
asID:                     200890
IP address blocks:        2a06:a005:1b60::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 05 May 2024 05:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            56:06:29:bc:1f:d0:82:4a:0e:22:4d:22:00:c5:33:08:b9:3b:ce:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Dec  5 02:39:15 2023 GMT
            Not After : Dec  3 02:44:15 2024 GMT
        Subject: CN=8900DB879EF25ED18B4086B26DAAEE16FD721850
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:06:77:eb:f0:5d:c9:3a:44:3c:06:6b:23:99:
                    0d:1d:a3:e5:c8:66:6b:53:69:b0:44:98:e2:e5:21:
                    78:56:2d:51:0b:4e:4a:db:cd:12:62:50:40:64:f4:
                    7a:09:86:7b:ad:48:f6:9a:a0:86:f6:07:e5:e9:fe:
                    1b:f1:3d:93:e0:77:75:37:be:6e:60:78:6e:ad:51:
                    27:dd:44:64:0f:1a:05:84:75:f7:1c:03:36:1d:b6:
                    d8:90:ab:bb:a0:b5:1d:20:76:97:58:ff:57:a6:a0:
                    af:1e:f7:c7:ea:4f:ce:b8:f8:69:d8:96:f8:36:d7:
                    9f:58:2b:fd:66:a4:04:68:1d:f3:d3:d4:8c:32:06:
                    38:7e:28:ae:4c:d2:d9:49:7d:70:71:9c:b2:b1:4b:
                    c8:7b:ce:f6:6a:8e:92:1f:43:0e:19:f9:27:2b:e7:
                    93:f3:6b:ea:1a:01:f7:1b:94:31:5d:6a:ff:77:79:
                    a3:b1:dd:9c:4d:57:16:46:79:c9:02:80:0e:a5:5a:
                    65:2a:e4:48:21:5a:bd:56:6b:48:f9:01:12:0b:fb:
                    f0:6b:79:b3:83:af:7f:be:3f:fe:84:2c:fe:b4:28:
                    5c:f0:9c:87:7a:8d:86:4f:ef:ee:fb:5e:0e:9e:d6:
                    bc:4c:68:3e:3b:b2:31:59:fb:7a:d8:d8:02:41:23:
                    27:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:00:DB:87:9E:F2:5E:D1:8B:40:86:B2:6D:AA:EE:16:FD:72:18:50
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS200890.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:1b60::/44

    Signature Algorithm: sha256WithRSAEncryption
         59:8b:83:16:bc:d4:77:3b:89:c3:00:c5:bb:68:1e:3d:28:c2:
         79:23:23:0c:7a:e4:89:2a:06:6f:f0:b8:62:aa:f2:be:45:57:
         38:65:b6:18:88:57:1d:72:43:58:c0:e2:0d:18:cf:9c:6c:77:
         63:8c:99:e5:c8:41:82:82:e0:d8:cb:6e:af:51:89:27:c8:c3:
         ad:c3:f5:eb:7a:65:15:6d:d6:8e:cf:6a:22:1c:03:10:f4:0e:
         c8:3a:d0:83:31:a9:36:24:42:c5:b0:81:d2:23:08:26:97:d3:
         17:d4:d6:60:18:f1:ef:cf:d8:55:ed:ed:42:02:48:fc:56:a9:
         45:be:d2:b3:5a:16:d3:2d:ab:83:7b:c0:7f:b9:ba:cf:31:ff:
         8b:35:4d:39:d3:5d:67:7d:b5:92:e9:5c:b7:9a:f5:48:52:c2:
         ca:64:81:fd:55:9d:e3:af:fa:ee:6c:67:21:25:c5:1f:a5:fd:
         48:fd:cb:33:74:63:f5:a9:41:3d:79:50:c7:3a:33:69:35:d5:
         55:9e:28:b6:c4:08:2e:f2:75:63:98:0c:19:59:ca:f9:c5:cc:
         34:a4:85:9d:f1:21:24:1a:9b:8a:2e:2b:ec:80:cf:eb:08:10:
         c4:03:a3:50:62:9c:81:3a:00:03:50:c2:0d:f0:dc:a2:87:20:
         7d:e2:79:be
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUVgYpvB/QgkoOIk0iAMUzCLk7zlcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzEyMDUwMjM5MTVaFw0yNDEyMDMwMjQ0MTVaMDMxMTAvBgNV
BAMTKDg5MDBEQjg3OUVGMjVFRDE4QjQwODZCMjZEQUFFRTE2RkQ3MjE4NTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFBnfr8F3JOkQ8BmsjmQ0do+XI
ZmtTabBEmOLlIXhWLVELTkrbzRJiUEBk9HoJhnutSPaaoIb2B+Xp/hvxPZPgd3U3
vm5geG6tUSfdRGQPGgWEdfccAzYdttiQq7ugtR0gdpdY/1emoK8e98fqT864+GnY
lvg2159YK/1mpARoHfPT1IwyBjh+KK5M0tlJfXBxnLKxS8h7zvZqjpIfQw4Z+Scr
55Pza+oaAfcblDFdav93eaOx3ZxNVxZGeckCgA6lWmUq5EghWr1Wa0j5ARIL+/Br
ebODr3++P/6ELP60KFzwnId6jYZP7+77Xg6e1rxMaD47sjFZ+3rY2AJBIycfAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUiQDbh57yXtGLQIaybaruFv1yGFAwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjAwODkwLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcEKgagBRtgMA0GCSqGSIb3DQEBCwUAA4IBAQBZi4MW
vNR3O4nDAMW7aB49KMJ5IyMMeuSJKgZv8LhiqvK+RVc4ZbYYiFcdckNYwOINGM+c
bHdjjJnlyEGCguDYy26vUYknyMOtw/XremUVbdaOz2oiHAMQ9A7IOtCDMak2JELF
sIHSIwgml9MX1NZgGPHvz9hV7e1CAkj8VqlFvtKzWhbTLauDe8B/ubrPMf+LNU05
011nfbWS6Vy3mvVIUsLKZIH9VZ3jr/rubGchJcUfpf1I/cszdGP1qUE9eVDHOjNp
NdVVnii2xAgu8nVjmAwZWcr5xcw0pIWd8SEkGpuKLivsgM/rCBDEA6NQYpyBOgAD
UMIN8NyihyB94nm+
-----END CERTIFICATE-----