Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS202427.roa
File:                     AS202427.roa (raw, json)
Hash identifier:          qEop63mwFJGQgk57Iemm29z9X42wFeXheMZ3BKOaPw8=
Subject key identifier:   B8:63:3F:72:7F:AB:85:E0:97:8C:8C:2F:2D:F4:39:A9:8C:30:89:B8
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       16AC588B4573638385D68714C65A563BADF74E10
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS202427.roa
Signing time:             Sun 11 Feb 2024 20:44:24 +0000
ROA not before:           Sun 11 Feb 2024 20:39:24 +0000
ROA not after:            Sun 09 Feb 2025 20:44:24 +0000
asID:                     202427
IP address blocks:        2a06:a005:28e0::/44 maxlen: 48
                          2a06:a005:2900::/44 maxlen: 48
                          2a06:a005:2ef0::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 23:17:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            16:ac:58:8b:45:73:63:83:85:d6:87:14:c6:5a:56:3b:ad:f7:4e:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Feb 11 20:39:24 2024 GMT
            Not After : Feb  9 20:44:24 2025 GMT
        Subject: CN=B8633F727FAB85E0978C8C2F2DF439A98C3089B8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:58:b5:47:65:a9:f2:3d:33:78:b4:c0:7a:79:
                    10:6c:85:7a:f2:b6:f8:51:aa:2f:15:7d:89:d8:42:
                    a4:6c:bb:d3:96:ec:8c:73:a9:86:ba:4a:e8:00:7f:
                    fa:62:0f:9e:f7:15:46:2c:85:13:8c:ca:3b:cf:05:
                    f3:77:90:1c:be:ce:27:00:e8:87:32:4b:a6:86:b9:
                    2e:a9:9e:cb:c1:18:b4:27:da:1a:d1:24:4f:e4:12:
                    b9:33:b8:98:36:d3:20:8b:b0:76:58:39:e4:fa:75:
                    14:6f:ab:76:36:7b:c3:23:60:76:1d:19:2f:13:f5:
                    a5:57:cc:7d:37:f6:7c:85:ca:c2:96:0a:33:80:8b:
                    d0:57:cc:b2:92:1f:76:45:e9:e3:59:0a:52:22:c0:
                    d8:f8:5a:b8:38:7d:8e:02:27:09:a6:2e:0c:4f:5c:
                    98:6b:c9:ef:47:b2:9a:d3:a5:3a:a9:e6:ff:de:4a:
                    4e:72:9d:5e:9c:ba:98:97:6b:40:01:bf:d1:b9:52:
                    91:64:ea:01:d6:34:06:a5:86:b7:da:7a:01:68:12:
                    c7:3f:ca:f9:a1:cb:b8:3a:5b:1b:eb:c0:48:01:a8:
                    40:2e:e5:76:44:09:dc:32:c1:3e:98:5b:53:c2:a5:
                    43:b3:38:3e:25:b9:1a:c5:69:bd:e4:fa:d6:4b:d6:
                    e5:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:63:3F:72:7F:AB:85:E0:97:8C:8C:2F:2D:F4:39:A9:8C:30:89:B8
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS202427.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:28e0::/44
                  2a06:a005:2900::/44
                  2a06:a005:2ef0::/44

    Signature Algorithm: sha256WithRSAEncryption
         6d:44:68:52:85:8f:bb:41:a5:b7:a4:94:71:dc:cd:d0:c1:c7:
         72:b2:12:f0:f6:f4:88:f8:17:9c:63:7d:a5:93:8c:cd:c1:18:
         8e:30:0b:32:e9:c8:99:f4:ff:2f:a0:2e:ec:4a:7c:69:15:69:
         5f:da:8b:57:91:18:66:72:49:98:63:c0:f1:a2:25:2a:8d:c6:
         34:24:38:a0:81:1f:25:c0:fe:fa:47:0e:ee:74:cf:1f:51:d4:
         6c:86:34:22:8e:19:df:9b:6d:fe:cb:3e:c2:61:bd:be:c4:46:
         6f:59:52:bb:df:f9:c2:4f:5e:9a:d3:ec:30:bd:a6:7b:9e:d7:
         b2:64:55:86:80:c3:94:d5:73:7f:c8:c2:4e:0f:e0:56:52:9b:
         27:97:2f:b7:76:5e:54:35:6c:7d:ed:65:63:c2:e2:91:82:1e:
         bb:1b:81:7c:3f:31:f2:e3:1e:56:b1:69:aa:e6:af:fb:30:04:
         89:09:bc:37:52:9e:e6:6a:ec:91:dd:58:6f:dd:73:1a:b3:b0:
         b8:a9:fe:cf:20:bb:15:e0:05:79:f9:08:48:57:c7:3f:f1:c8:
         4c:86:b1:c9:c9:aa:d6:eb:6d:3a:af:44:68:d1:c7:9c:b8:85:
         5b:a7:00:e8:b9:a0:a7:93:49:b8:a8:5e:3a:fa:b3:0b:d6:79:
         08:69:01:e2
-----BEGIN CERTIFICATE-----
MIIE+jCCA+KgAwIBAgIUFqxYi0VzY4OF1ocUxlpWO633ThAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDAyMTEyMDM5MjRaFw0yNTAyMDkyMDQ0MjRaMDMxMTAvBgNV
BAMTKEI4NjMzRjcyN0ZBQjg1RTA5NzhDOEMyRjJERjQzOUE5OEMzMDg5QjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDeWLVHZanyPTN4tMB6eRBshXry
tvhRqi8VfYnYQqRsu9OW7IxzqYa6SugAf/piD573FUYshROMyjvPBfN3kBy+zicA
6IcyS6aGuS6pnsvBGLQn2hrRJE/kErkzuJg20yCLsHZYOeT6dRRvq3Y2e8MjYHYd
GS8T9aVXzH039nyFysKWCjOAi9BXzLKSH3ZF6eNZClIiwNj4Wrg4fY4CJwmmLgxP
XJhrye9HsprTpTqp5v/eSk5ynV6cupiXa0ABv9G5UpFk6gHWNAalhrfaegFoEsc/
yvmhy7g6WxvrwEgBqEAu5XZECdwywT6YW1PCpUOzOD4luRrFab3k+tZL1uWLAgMB
AAGjggIEMIICADAdBgNVHQ4EFgQUuGM/cn+rheCXjIwvLfQ5qYwwibgwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjAyNDI3LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEH
AQH/BCUwIzAhBAIAAjAbAwcEKgagBSjgAwcEKgagBSkAAwcEKgagBS7wMA0GCSqG
SIb3DQEBCwUAA4IBAQBtRGhShY+7QaW3pJRx3M3QwcdyshLw9vSI+BecY32lk4zN
wRiOMAsy6ciZ9P8voC7sSnxpFWlf2otXkRhmckmYY8DxoiUqjcY0JDiggR8lwP76
Rw7udM8fUdRshjQijhnfm23+yz7CYb2+xEZvWVK73/nCT16a0+wwvaZ7nteyZFWG
gMOU1XN/yMJOD+BWUpsnly+3dl5UNWx97WVjwuKRgh67G4F8PzHy4x5WsWmq5q/7
MASJCbw3Up7mauyR3Vhv3XMas7C4qf7PILsV4AV5+QhIV8c/8chMhrHJyarW6206
r0Ro0cecuIVbpwDouaCnk0m4qF46+rML1nkIaQHi
-----END CERTIFICATE-----
Generated at Fri Nov 22 08:01:54 2024 by rpki-client on console-ams.rpki-client.org