Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS201517.roa
File:                     AS201517.roa (raw, json)
Hash identifier:          Z2Kxz9vDCATdDnKAJmAiYdQWLfiIfW6S9+VUm9ibFHY=
Subject key identifier:   BA:99:F0:D2:48:C0:18:48:67:F6:3B:3A:60:08:29:A3:25:41:22:B6
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       7A69D00D03D2575A7C782B74F3021F0F2E43D91B
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS201517.roa
Signing time:             Tue 05 Nov 2024 03:39:59 +0000
ROA not before:           Tue 05 Nov 2024 03:34:59 +0000
ROA not after:            Tue 04 Nov 2025 03:39:59 +0000
asID:                     201517
IP address blocks:        2a06:a005:1550::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 17:16:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7a:69:d0:0d:03:d2:57:5a:7c:78:2b:74:f3:02:1f:0f:2e:43:d9:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Nov  5 03:34:59 2024 GMT
            Not After : Nov  4 03:39:59 2025 GMT
        Subject: CN=BA99F0D248C0184867F63B3A600829A3254122B6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:65:04:82:27:d7:4a:ea:fe:94:50:88:12:c7:
                    cc:ec:b9:bc:71:b4:b5:c8:05:68:1b:36:81:6e:46:
                    e6:4e:eb:58:02:00:63:eb:f2:91:68:a6:28:92:75:
                    cc:2f:92:0e:21:67:1d:44:69:df:ab:37:e3:aa:42:
                    43:cf:08:c3:3e:ab:e8:ed:55:96:d5:b7:10:7d:20:
                    38:23:08:66:e7:6e:5c:9a:0f:eb:a8:93:87:ba:cb:
                    e9:dc:b1:2c:c6:46:bf:64:cc:f8:84:d8:1a:93:bc:
                    48:37:13:d7:3d:09:86:e2:5b:47:b5:bd:f9:2f:5a:
                    1a:b7:a5:c6:f6:db:02:ea:6f:07:97:3b:3f:e1:9d:
                    1c:25:5a:c3:2b:07:b8:b4:26:6e:04:f4:be:f9:58:
                    70:00:84:9a:ac:61:2d:6f:f0:fd:d7:d9:6d:68:3e:
                    b2:37:ef:e7:a0:37:92:80:4a:71:4b:5d:cd:43:3b:
                    86:ec:a7:7c:26:49:8e:66:ae:7e:c3:a4:20:3b:f7:
                    ca:87:1f:58:d3:79:57:5d:b3:6e:6d:e0:dd:61:09:
                    49:79:66:5e:50:ee:90:d4:e8:61:36:4c:f0:29:a8:
                    f6:41:79:15:65:69:67:54:f4:d2:02:20:2e:ce:f1:
                    a6:25:9a:40:43:cc:89:ec:b1:f3:e3:a2:00:23:aa:
                    77:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:99:F0:D2:48:C0:18:48:67:F6:3B:3A:60:08:29:A3:25:41:22:B6
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS201517.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:1550::/44

    Signature Algorithm: sha256WithRSAEncryption
         0e:d5:fb:b3:aa:4f:2f:54:0a:cb:49:24:e6:54:1c:31:45:71:
         ab:82:5d:21:e9:e6:3a:8e:64:3f:ea:af:58:57:70:2f:17:e9:
         12:0d:20:e7:43:50:13:36:fd:94:c7:2d:29:19:4b:ac:0a:19:
         37:15:0a:ea:d2:b8:78:db:9a:51:bb:68:f5:56:e0:3d:c2:f2:
         3f:21:1c:90:b1:d9:af:cb:f2:31:55:48:33:c5:99:a4:b2:79:
         bf:9c:ee:6f:38:76:72:f8:7c:f6:d2:b0:0b:01:09:5a:1f:26:
         e9:81:54:f7:86:e2:7d:b9:01:16:a3:42:0c:ec:7a:af:4c:ed:
         af:72:f7:c9:a0:59:0e:f8:87:3c:18:82:9f:10:97:84:b0:19:
         11:f4:96:42:56:50:47:1f:7b:ac:01:57:0e:6b:b2:23:7a:df:
         7a:57:29:bc:f1:68:98:ed:fc:12:d9:4c:9a:df:dd:bc:d9:e7:
         70:fb:88:2b:f3:1c:74:91:cf:33:29:ba:bc:26:ae:81:f0:c2:
         d3:2f:51:7b:54:05:1f:d7:c1:e6:1c:13:4f:c7:27:54:76:21:
         95:c6:1e:6d:c3:17:09:5d:86:56:12:10:0e:67:10:4c:1f:77:
         0c:67:14:9d:34:e0:47:80:d9:4c:0d:7d:db:af:4b:34:d7:f6:
         5d:7c:ff:e5
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUemnQDQPSV1p8eCt08wIfDy5D2RswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDExMDUwMzM0NTlaFw0yNTExMDQwMzM5NTlaMDMxMTAvBgNV
BAMTKEJBOTlGMEQyNDhDMDE4NDg2N0Y2M0IzQTYwMDgyOUEzMjU0MTIyQjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAZQSCJ9dK6v6UUIgSx8zsubxx
tLXIBWgbNoFuRuZO61gCAGPr8pFopiiSdcwvkg4hZx1Ead+rN+OqQkPPCMM+q+jt
VZbVtxB9IDgjCGbnblyaD+uok4e6y+ncsSzGRr9kzPiE2BqTvEg3E9c9CYbiW0e1
vfkvWhq3pcb22wLqbweXOz/hnRwlWsMrB7i0Jm4E9L75WHAAhJqsYS1v8P3X2W1o
PrI37+egN5KASnFLXc1DO4bsp3wmSY5mrn7DpCA798qHH1jTeVdds25t4N1hCUl5
Zl5Q7pDU6GE2TPApqPZBeRVlaWdU9NICIC7O8aYlmkBDzInssfPjogAjqncdAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUupnw0kjAGEhn9js6YAgpoyVBIrYwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjAxNTE3LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcEKgagBRVQMA0GCSqGSIb3DQEBCwUAA4IBAQAO1fuz
qk8vVArLSSTmVBwxRXGrgl0h6eY6jmQ/6q9YV3AvF+kSDSDnQ1ATNv2Uxy0pGUus
Chk3FQrq0rh425pRu2j1VuA9wvI/IRyQsdmvy/IxVUgzxZmksnm/nO5vOHZy+Hz2
0rALAQlaHybpgVT3huJ9uQEWo0IM7HqvTO2vcvfJoFkO+Ic8GIKfEJeEsBkR9JZC
VlBHH3usAVcOa7Ijet96Vym88WiY7fwS2Uya39282edw+4gr8xx0kc8zKbq8Jq6B
8MLTL1F7VAUf18HmHBNPxydUdiGVxh5twxcJXYZWEhAOZxBMH3cMZxSdNOBHgNlM
DX3br0s01/ZdfP/l
-----END CERTIFICATE-----