Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS201242.roa
File:                     AS201242.roa (raw, json)
Hash identifier:          u+Cysl5q+fEj8oU+Cn1LoxX9CUozDoeITkSRsa7UR+I=
Subject key identifier:   1C:BA:43:74:50:7B:40:FA:D5:1A:D3:C1:DA:7F:67:0F:A5:1A:EF:5A
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       79A53DABE8885E32154A37FB0E137C45A1080145
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS201242.roa
Signing time:             Fri 22 Dec 2023 05:44:21 +0000
ROA not before:           Fri 22 Dec 2023 05:39:21 +0000
ROA not after:            Fri 20 Dec 2024 05:44:21 +0000
asID:                     201242
IP address blocks:        2a06:a005:ba3::/48 maxlen: 48
                          2a06:a005:1084::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 17:16:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            79:a5:3d:ab:e8:88:5e:32:15:4a:37:fb:0e:13:7c:45:a1:08:01:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Dec 22 05:39:21 2023 GMT
            Not After : Dec 20 05:44:21 2024 GMT
        Subject: CN=1CBA4374507B40FAD51AD3C1DA7F670FA51AEF5A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:83:f9:1e:c4:02:1f:95:8d:de:32:5a:85:6b:
                    5e:86:2c:6d:a8:bb:c9:e7:9a:7e:b6:82:5d:e8:24:
                    32:d8:c3:9e:70:77:4a:50:83:e2:16:e3:e3:93:8c:
                    98:6f:25:d0:5e:2b:79:50:ec:57:cc:c9:91:2b:d7:
                    24:e8:92:ca:f3:2d:f2:0a:dc:9f:38:f2:f4:34:fd:
                    82:de:e0:52:ed:1e:f2:aa:18:04:35:b8:81:50:c8:
                    8c:1d:04:37:5c:61:f4:6d:d2:04:db:6d:3d:39:3b:
                    37:3a:e4:5c:04:d1:f4:69:9e:46:ce:00:2d:ab:a6:
                    f2:ca:76:ce:b9:08:a7:ec:5a:cf:74:b5:e7:fc:a5:
                    5f:87:b2:b5:18:ab:ca:46:15:a9:5c:ff:32:13:e3:
                    ec:77:38:ab:e3:c9:de:18:80:33:11:01:e0:01:61:
                    e8:54:28:73:1a:23:50:94:cf:a6:62:8c:88:6b:cb:
                    95:4b:0a:25:23:5b:fd:29:35:5f:34:b6:ea:c3:ec:
                    b4:61:67:ed:11:2e:40:82:75:d2:96:5f:d7:32:2a:
                    39:34:6b:8b:b1:90:1c:c6:f1:20:6c:3b:03:73:24:
                    80:c1:71:bc:b9:a8:26:24:f5:34:e2:de:2f:06:0b:
                    19:4e:d1:2e:e6:22:b6:0c:b7:eb:5e:fe:e9:23:93:
                    cb:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:BA:43:74:50:7B:40:FA:D5:1A:D3:C1:DA:7F:67:0F:A5:1A:EF:5A
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS201242.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:ba3::/48
                  2a06:a005:1084::/48

    Signature Algorithm: sha256WithRSAEncryption
         66:b9:e0:8a:76:42:de:71:d7:15:06:55:a4:1c:9a:fd:55:8c:
         aa:d3:37:a3:51:7c:cb:ec:2f:4c:08:a8:76:29:9d:2f:b5:02:
         cf:b1:45:1c:40:bc:46:08:8f:1d:4f:f1:8b:b4:19:7a:93:8e:
         43:06:19:e2:f5:e9:03:db:de:f6:5b:56:64:b8:56:f9:47:4d:
         e1:4b:3e:8a:2b:77:4c:4b:67:dc:b2:72:7c:74:47:44:88:58:
         2e:0f:c2:e3:c8:45:e6:94:09:4a:42:32:9e:5c:68:4f:33:d2:
         76:a8:99:4a:cb:b6:57:58:a6:ce:f1:a6:6f:1b:c2:9b:f8:ca:
         67:2c:aa:57:94:aa:75:0c:30:50:11:d1:da:39:27:3f:64:ec:
         63:11:ba:c4:92:47:57:6c:e3:ed:2c:c8:92:d3:6b:5b:ac:cc:
         9f:25:67:7c:d7:9f:c8:21:68:73:47:7c:fe:d8:45:73:c8:03:
         e2:f1:bb:0a:c7:3a:d6:f9:3f:b1:37:5c:1b:c8:bd:8b:57:1e:
         80:c1:da:7e:c2:bb:93:3f:03:50:c3:0f:38:5f:3e:9d:36:2b:
         f5:2b:de:6e:e2:49:7d:5a:44:ee:33:26:dd:dc:df:eb:8e:fb:
         c3:34:74:c7:71:17:67:81:70:bc:c8:4f:62:0c:b8:a3:92:fc:
         76:50:36:bd
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIUeaU9q+iIXjIVSjf7DhN8RaEIAUUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzEyMjIwNTM5MjFaFw0yNDEyMjAwNTQ0MjFaMDMxMTAvBgNV
BAMTKDFDQkE0Mzc0NTA3QjQwRkFENTFBRDNDMURBN0Y2NzBGQTUxQUVGNUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCug/kexAIflY3eMlqFa16GLG2o
u8nnmn62gl3oJDLYw55wd0pQg+IW4+OTjJhvJdBeK3lQ7FfMyZEr1yToksrzLfIK
3J848vQ0/YLe4FLtHvKqGAQ1uIFQyIwdBDdcYfRt0gTbbT05Ozc65FwE0fRpnkbO
AC2rpvLKds65CKfsWs90tef8pV+HsrUYq8pGFalc/zIT4+x3OKvjyd4YgDMRAeAB
YehUKHMaI1CUz6ZijIhry5VLCiUjW/0pNV80turD7LRhZ+0RLkCCddKWX9cyKjk0
a4uxkBzG8SBsOwNzJIDBcby5qCYk9TTi3i8GCxlO0S7mIrYMt+te/ukjk8tPAgMB
AAGjggH7MIIB9zAdBgNVHQ4EFgQUHLpDdFB7QPrVGtPB2n9nD6Ua71owHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjAxMjQyLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEH
AQH/BBwwGjAYBAIAAjASAwcAKgagBQujAwcAKgagBRCEMA0GCSqGSIb3DQEBCwUA
A4IBAQBmueCKdkLecdcVBlWkHJr9VYyq0zejUXzL7C9MCKh2KZ0vtQLPsUUcQLxG
CI8dT/GLtBl6k45DBhni9ekD2972W1ZkuFb5R03hSz6KK3dMS2fcsnJ8dEdEiFgu
D8LjyEXmlAlKQjKeXGhPM9J2qJlKy7ZXWKbO8aZvG8Kb+MpnLKpXlKp1DDBQEdHa
OSc/ZOxjEbrEkkdXbOPtLMiS02tbrMyfJWd815/IIWhzR3z+2EVzyAPi8bsKxzrW
+T+xN1wbyL2LVx6Awdp+wruTPwNQww84Xz6dNiv1K95u4kl9WkTuMybd3N/rjvvD
NHTHcRdngXC8yE9iDLijkvx2UDa9
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:22 2024 by rpki-client on console-fra.rpki-client.org