Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS200952.roa
File:                     AS200952.roa (raw, json)
Hash identifier:          EYuKUijmTtGT8i2yo4bY39W+RnmgweiZNGwF+o/1T0g=
Subject key identifier:   0B:EC:96:00:61:C4:BD:FE:66:02:73:D7:78:80:E9:04:C6:48:5C:E4
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       6166A06A2E9C4277A1CD1CC219572AB48197A2C4
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS200952.roa
Signing time:             Tue 05 Nov 2024 03:40:00 +0000
ROA not before:           Tue 05 Nov 2024 03:35:00 +0000
ROA not after:            Tue 04 Nov 2025 03:40:00 +0000
asID:                     200952
IP address blocks:        2a06:a005:2570::/44 maxlen: 48
                          2a06:a005:2630::/44 maxlen: 48
                          2a06:a005:2640::/44 maxlen: 48
                          2a06:a005:2650::/44 maxlen: 48
                          2a06:a005:2660::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 23:17:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            61:66:a0:6a:2e:9c:42:77:a1:cd:1c:c2:19:57:2a:b4:81:97:a2:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Nov  5 03:35:00 2024 GMT
            Not After : Nov  4 03:40:00 2025 GMT
        Subject: CN=0BEC960061C4BDFE660273D77880E904C6485CE4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:3f:dd:04:27:87:fd:fe:dc:58:91:a4:a2:15:
                    88:de:dd:88:c6:33:9a:31:e8:ab:74:c0:20:eb:f1:
                    82:77:76:b1:3f:fa:9e:5e:f6:d2:95:02:c2:3b:ab:
                    43:f7:1c:13:b5:32:83:f5:a0:b4:83:ad:f2:c4:e6:
                    48:51:31:ce:7f:0a:7b:f7:90:60:40:11:ba:de:b0:
                    7e:5f:d9:e3:52:f9:a9:51:d9:67:63:68:e7:4d:b0:
                    24:34:96:65:b9:f0:72:22:9e:d4:d0:8b:60:b5:88:
                    54:c3:ec:cf:62:90:ac:84:95:0e:14:00:90:e7:93:
                    b9:0b:9a:cb:d8:b1:8c:78:56:1c:8c:5e:f5:f5:9f:
                    1a:85:e3:d4:47:e7:ce:15:cd:ef:74:c1:a0:38:ee:
                    75:d6:18:7f:b1:f1:c0:c9:75:86:f2:37:6e:44:c4:
                    0a:25:4b:29:6d:ae:89:71:e4:05:c5:91:43:5f:d5:
                    58:7f:dd:6a:e8:6b:d9:4a:45:32:ec:73:31:8a:6b:
                    6f:b6:38:95:41:08:c7:7b:63:b4:0a:46:b7:02:67:
                    5a:a9:74:e0:28:33:00:c0:60:d4:9c:ae:76:b4:e3:
                    5e:7e:b1:64:05:78:87:bb:00:d6:ed:6a:2d:fc:04:
                    ad:98:b6:19:80:f6:4c:bf:91:19:70:eb:75:43:1b:
                    8c:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:EC:96:00:61:C4:BD:FE:66:02:73:D7:78:80:E9:04:C6:48:5C:E4
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS200952.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:2570::/44
                  2a06:a005:2630::-2a06:a005:266f:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         a6:55:03:94:7c:95:08:77:51:4c:95:07:5b:7a:77:24:af:ff:
         ae:57:b0:f7:fd:73:df:e7:d1:b0:ee:ac:16:6d:79:35:2d:3c:
         80:80:e6:05:de:3c:f6:1e:d5:a6:c3:f5:64:5c:81:a9:96:2c:
         49:56:28:d4:31:0d:10:99:97:5d:bb:7d:32:93:c2:37:5b:82:
         7a:07:9b:15:9e:c4:d3:02:66:77:62:80:cf:ed:17:57:c0:11:
         f5:36:fe:60:d7:e2:b6:bd:25:81:be:13:39:5e:c9:cc:4e:3a:
         b1:81:29:59:0a:20:fe:66:b3:cd:21:49:0b:d0:20:38:4e:02:
         c8:10:3c:7f:e6:bd:35:eb:20:00:d2:bd:34:a3:9a:3e:59:f3:
         2f:bb:65:4a:88:82:39:8c:91:1b:10:41:07:7e:39:fc:ac:d5:
         b1:4f:bc:3b:24:ea:85:54:1f:ea:b6:4d:8f:8d:a8:01:20:9a:
         88:be:56:7b:bb:40:b5:92:5d:a0:75:5a:20:54:2f:11:f3:5e:
         cf:4c:86:0f:8f:32:23:32:e4:2b:99:f6:e6:c4:d6:bd:f4:23:
         bf:73:25:38:28:1d:13:ce:55:eb:2a:a3:f9:67:44:20:5c:a7:
         c3:54:35:67:d3:3d:a0:eb:65:74:f0:07:a2:ea:e1:f5:1d:fe:
         49:1e:14:db
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgIUYWagai6cQnehzRzCGVcqtIGXosQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDExMDUwMzM1MDBaFw0yNTExMDQwMzQwMDBaMDMxMTAvBgNV
BAMTKDBCRUM5NjAwNjFDNEJERkU2NjAyNzNENzc4ODBFOTA0QzY0ODVDRTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDmP90EJ4f9/txYkaSiFYje3YjG
M5ox6Kt0wCDr8YJ3drE/+p5e9tKVAsI7q0P3HBO1MoP1oLSDrfLE5khRMc5/Cnv3
kGBAEbresH5f2eNS+alR2WdjaOdNsCQ0lmW58HIintTQi2C1iFTD7M9ikKyElQ4U
AJDnk7kLmsvYsYx4VhyMXvX1nxqF49RH584Vze90waA47nXWGH+x8cDJdYbyN25E
xAolSyltrolx5AXFkUNf1Vh/3Wroa9lKRTLsczGKa2+2OJVBCMd7Y7QKRrcCZ1qp
dOAoMwDAYNScrna0415+sWQFeIe7ANbtai38BK2YthmA9ky/kRlw63VDG4yJAgMB
AAGjggIGMIICAjAdBgNVHQ4EFgQUC+yWAGHEvf5mAnPXeIDpBMZIXOQwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjAwOTUyLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEH
AQH/BCcwJTAjBAIAAjAdAwcEKgagBSVwMBIDBwQqBqAFJjADBwQqBqAFJmAwDQYJ
KoZIhvcNAQELBQADggEBAKZVA5R8lQh3UUyVB1t6dySv/65XsPf9c9/n0bDurBZt
eTUtPICA5gXePPYe1abD9WRcgamWLElWKNQxDRCZl127fTKTwjdbgnoHmxWexNMC
ZndigM/tF1fAEfU2/mDX4ra9JYG+EzleycxOOrGBKVkKIP5ms80hSQvQIDhOAsgQ
PH/mvTXrIADSvTSjmj5Z8y+7ZUqIgjmMkRsQQQd+Ofys1bFPvDsk6oVUH+q2TY+N
qAEgmoi+Vnu7QLWSXaB1WiBULxHzXs9Mhg+PMiMy5CuZ9ubE1r30I79zJTgoHRPO
Vesqo/lnRCBcp8NUNWfTPaDrZXTwB6Lq4fUd/kkeFNs=
-----END CERTIFICATE-----
Generated at Fri Nov 22 08:13:35 2024 by rpki-client on console-fra.rpki-client.org