Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS200975.roa
File:                     AS200975.roa (raw, json)
Hash identifier:          04rLIkp+4qdpfwex0olnTI6VG5OPqwaIfeleox9j+40=
Subject key identifier:   2C:9B:87:42:D9:08:45:98:A6:93:92:09:E7:C7:37:08:AD:FC:D1:6E
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       3E216D2E5038F8F9A5E4CCCBFE1B6BF9076E2BE8
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS200975.roa
Signing time:             Sun 18 Feb 2024 14:44:24 +0000
ROA not before:           Sun 18 Feb 2024 14:39:24 +0000
ROA not after:            Sun 16 Feb 2025 14:44:24 +0000
asID:                     200975
IP address blocks:        2a06:a005:3010::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 04 May 2024 11:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3e:21:6d:2e:50:38:f8:f9:a5:e4:cc:cb:fe:1b:6b:f9:07:6e:2b:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Feb 18 14:39:24 2024 GMT
            Not After : Feb 16 14:44:24 2025 GMT
        Subject: CN=2C9B8742D9084598A6939209E7C73708ADFCD16E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:e7:85:ec:6b:84:cd:59:69:3a:e3:e4:69:92:
                    39:e2:05:83:cb:a7:e9:d4:da:21:5a:28:59:a7:1f:
                    f1:3a:03:3b:80:b2:ea:97:1b:8f:ef:ba:a6:ac:89:
                    c4:8c:04:90:3a:c0:ed:02:62:e9:5e:ab:25:19:37:
                    cb:ed:22:f7:34:4a:d4:6b:f2:65:48:ee:85:44:c5:
                    2f:5a:7b:01:3a:e6:26:a6:09:7c:6e:42:0c:d0:9d:
                    f1:d9:63:bb:00:8d:aa:89:87:60:3f:ac:8f:c0:0c:
                    c5:57:2d:86:09:64:42:5d:40:4c:d4:84:e3:73:80:
                    d3:80:ba:dd:1d:42:e0:b2:38:44:81:87:30:7a:7f:
                    bb:d0:b6:cc:61:03:41:dd:e8:e8:00:3f:b4:c6:47:
                    bc:cb:f3:78:d4:32:ee:96:16:d2:db:4c:8f:f7:98:
                    23:8c:a0:39:fa:28:c3:56:22:c7:8a:5b:3b:07:73:
                    54:bc:f5:e3:ea:1a:63:4a:05:a4:d7:9a:d0:ea:83:
                    7e:36:d8:df:73:f0:66:6f:1f:aa:70:c0:e2:93:a1:
                    55:82:c2:59:48:73:77:d3:4f:1f:05:90:2f:66:3e:
                    b9:44:7c:83:2b:7a:db:39:95:a1:38:fe:89:5a:5b:
                    d7:aa:05:1e:98:a8:83:d4:c6:86:cf:24:fb:db:2c:
                    9c:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:9B:87:42:D9:08:45:98:A6:93:92:09:E7:C7:37:08:AD:FC:D1:6E
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS200975.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:3010::/44

    Signature Algorithm: sha256WithRSAEncryption
         ae:60:3e:a0:66:1a:63:49:db:b1:87:b7:77:36:0b:8b:6d:19:
         0b:9e:b5:b6:59:e1:83:94:07:e4:ea:ac:66:1a:75:57:ca:93:
         31:3c:6b:07:9c:fd:b3:31:cd:43:bb:ef:14:96:e8:fc:2a:a5:
         d3:64:88:29:85:bf:ba:f3:e6:c6:e2:83:96:c2:c0:6c:5d:eb:
         ab:b2:58:3a:f4:e6:ea:a2:fc:0a:9e:bf:3d:33:30:dd:dd:ee:
         85:d8:53:c0:dc:6c:2f:ce:e7:eb:7a:29:5e:fe:03:b6:21:59:
         e9:93:f4:cf:75:0e:3c:ef:c7:d1:73:b8:41:07:fb:70:c6:c6:
         3b:44:34:16:19:0e:42:95:c8:57:27:de:f9:ab:57:18:f4:41:
         04:ff:bb:e2:aa:cd:67:00:97:86:70:ec:e3:9a:20:87:bf:3f:
         69:d2:3d:74:fc:c1:da:03:85:4c:87:cd:12:c9:f1:ae:16:ea:
         97:5a:ff:4c:42:02:e2:ae:f4:68:12:40:97:bc:07:ff:06:f1:
         31:e9:e2:fb:13:07:3f:6d:1a:4e:d6:13:07:62:de:e0:00:f1:
         c3:9a:b8:5e:9e:82:9c:a6:20:7d:c7:44:8e:90:3c:d2:f6:16:
         7c:31:1a:14:1b:d3:0f:c8:86:1e:2d:4e:11:d5:a8:21:1f:d1:
         6a:53:4f:f9
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUPiFtLlA4+Pml5MzL/htr+QduK+gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDAyMTgxNDM5MjRaFw0yNTAyMTYxNDQ0MjRaMDMxMTAvBgNV
BAMTKDJDOUI4NzQyRDkwODQ1OThBNjkzOTIwOUU3QzczNzA4QURGQ0QxNkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDK54Xsa4TNWWk64+RpkjniBYPL
p+nU2iFaKFmnH/E6AzuAsuqXG4/vuqasicSMBJA6wO0CYuleqyUZN8vtIvc0StRr
8mVI7oVExS9aewE65iamCXxuQgzQnfHZY7sAjaqJh2A/rI/ADMVXLYYJZEJdQEzU
hONzgNOAut0dQuCyOESBhzB6f7vQtsxhA0Hd6OgAP7TGR7zL83jUMu6WFtLbTI/3
mCOMoDn6KMNWIseKWzsHc1S89ePqGmNKBaTXmtDqg3422N9z8GZvH6pwwOKToVWC
wllIc3fTTx8FkC9mPrlEfIMrets5laE4/olaW9eqBR6YqIPUxobPJPvbLJydAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQULJuHQtkIRZimk5IJ58c3CK380W4wHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjAwOTc1LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcEKgagBTAQMA0GCSqGSIb3DQEBCwUAA4IBAQCuYD6g
ZhpjSduxh7d3NguLbRkLnrW2WeGDlAfk6qxmGnVXypMxPGsHnP2zMc1Du+8Uluj8
KqXTZIgphb+68+bG4oOWwsBsXeurslg69ObqovwKnr89MzDd3e6F2FPA3Gwvzufr
eile/gO2IVnpk/TPdQ4878fRc7hBB/twxsY7RDQWGQ5ClchXJ975q1cY9EEE/7vi
qs1nAJeGcOzjmiCHvz9p0j10/MHaA4VMh80SyfGuFuqXWv9MQgLirvRoEkCXvAf/
BvEx6eL7Ewc/bRpO1hMHYt7gAPHDmrhenoKcpiB9x0SOkDzS9hZ8MRoUG9MPyIYe
LU4R1aghH9FqU0/5
-----END CERTIFICATE-----