Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS202427.roa
File:                     AS202427.roa (raw, json)
Hash identifier:          hMLlISEEKK+GggDck8z3MWGl/IlF3fcs2JuwGpVYWZU=
Subject key identifier:   F4:13:65:3F:E4:F4:48:BE:0C:69:3D:EE:CC:6F:25:01:A2:B8:5B:BF
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       7AD19FE3696FBF9B9D650295DD58A91B68F52641
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS202427.roa
Signing time:             Fri 13 Dec 2024 02:09:19 +0000
ROA not before:           Fri 13 Dec 2024 02:04:19 +0000
ROA not after:            Fri 12 Dec 2025 02:09:19 +0000
asID:                     202427
IP address blocks:        2a06:a005:28e0::/44 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 05 Apr 2025 09:24:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7a:d1:9f:e3:69:6f:bf:9b:9d:65:02:95:dd:58:a9:1b:68:f5:26:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Dec 13 02:04:19 2024 GMT
            Not After : Dec 12 02:09:19 2025 GMT
        Subject: CN=F413653FE4F448BE0C693DEECC6F2501A2B85BBF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:2d:96:25:42:26:35:77:47:b2:6f:87:26:22:
                    25:8d:de:33:8d:3e:fc:8b:f7:47:bc:8d:66:45:da:
                    b7:5d:ef:68:e7:3f:5e:a2:eb:4c:f0:97:13:cd:36:
                    76:28:62:2e:81:35:ba:ec:57:8a:81:e5:6f:3a:a4:
                    1b:f3:ec:db:11:c8:fb:12:3b:7c:d6:5b:79:e0:e6:
                    6b:c2:4c:63:d4:30:93:0f:0e:a5:0f:84:98:ec:a5:
                    64:85:b7:25:df:4f:8e:40:6a:60:36:89:0e:f3:94:
                    ba:d6:90:d7:43:c7:2e:38:8c:93:04:f2:cd:e7:f9:
                    9f:77:58:36:de:d8:b6:4c:e3:81:7a:55:cc:01:36:
                    7b:11:a7:31:37:e3:95:5b:f5:b7:f0:66:c8:60:eb:
                    0b:cb:ed:d7:2f:e1:a3:cd:47:2d:44:27:94:3b:db:
                    2a:71:05:6d:72:05:ca:0f:9f:79:9f:ef:99:b0:19:
                    34:b9:88:d1:30:51:53:ee:1b:2f:3c:41:f6:61:9f:
                    21:36:10:3d:e1:16:15:79:fc:00:f1:5c:59:1a:5a:
                    b1:3c:79:03:56:78:86:53:68:3f:2b:70:13:c0:c2:
                    62:2f:06:53:18:40:5f:48:2f:a4:2f:f6:27:3a:aa:
                    67:d0:d8:62:c8:06:3d:5a:9d:a1:5e:fd:ce:33:ef:
                    74:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:13:65:3F:E4:F4:48:BE:0C:69:3D:EE:CC:6F:25:01:A2:B8:5B:BF
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS202427.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:28e0::/44

    Signature Algorithm: sha256WithRSAEncryption
         14:a5:1d:54:0b:a6:b6:70:d8:68:f2:ab:bc:e2:e4:63:38:ac:
         a4:f3:67:1f:7a:9f:7e:0d:88:7a:cc:cd:79:b2:3f:81:c2:02:
         15:f3:a6:45:e9:4f:a6:8c:9e:2f:3e:ec:c7:b3:8c:5d:4f:b2:
         68:e3:ac:44:19:be:39:9e:47:09:c9:c3:36:5e:d2:f8:5f:73:
         ea:3b:c0:b5:68:cc:30:67:26:c8:7f:db:a6:cf:b4:e6:ce:e7:
         af:dc:34:10:98:f0:24:99:cf:96:b8:9b:2c:68:6f:e7:d7:c7:
         80:ae:40:1d:ff:03:9b:a2:19:02:05:e2:89:78:9f:45:25:39:
         ce:43:47:eb:23:7e:96:7b:ea:f7:4b:e6:c1:65:a8:2e:bf:47:
         1b:a7:0a:16:ed:ad:d8:26:be:fd:30:d6:68:70:cf:70:00:4b:
         7d:f7:7d:ca:9d:50:90:5d:2f:17:2b:8f:be:d9:2c:1b:04:0d:
         89:e0:b4:22:e3:3f:9f:1b:30:7a:b2:03:53:0a:78:a3:53:db:
         bb:7b:c0:e1:c7:6e:3c:37:5b:12:80:ac:3f:da:3a:1f:1f:6d:
         13:fc:91:a0:4a:ae:5d:66:67:a9:c4:a0:5c:86:42:b0:88:be:
         17:fd:70:9d:9f:4d:b8:19:c4:63:a1:da:d5:8c:9e:7e:ac:2a:
         d1:13:08:19
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUetGf42lvv5udZQKV3VipG2j1JkEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDEyMTMwMjA0MTlaFw0yNTEyMTIwMjA5MTlaMDMxMTAvBgNV
BAMTKEY0MTM2NTNGRTRGNDQ4QkUwQzY5M0RFRUNDNkYyNTAxQTJCODVCQkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRLZYlQiY1d0eyb4cmIiWN3jON
PvyL90e8jWZF2rdd72jnP16i60zwlxPNNnYoYi6BNbrsV4qB5W86pBvz7NsRyPsS
O3zWW3ng5mvCTGPUMJMPDqUPhJjspWSFtyXfT45AamA2iQ7zlLrWkNdDxy44jJME
8s3n+Z93WDbe2LZM44F6VcwBNnsRpzE345Vb9bfwZshg6wvL7dcv4aPNRy1EJ5Q7
2ypxBW1yBcoPn3mf75mwGTS5iNEwUVPuGy88QfZhnyE2ED3hFhV5/ADxXFkaWrE8
eQNWeIZTaD8rcBPAwmIvBlMYQF9IL6Qv9ic6qmfQ2GLIBj1anaFe/c4z73RhAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQU9BNlP+T0SL4MaT3uzG8lAaK4W78wHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjAyNDI3LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcEKgagBSjgMA0GCSqGSIb3DQEBCwUAA4IBAQAUpR1U
C6a2cNho8qu84uRjOKyk82cfep9+DYh6zM15sj+BwgIV86ZF6U+mjJ4vPuzHs4xd
T7Jo46xEGb45nkcJycM2XtL4X3PqO8C1aMwwZybIf9umz7Tmzuev3DQQmPAkmc+W
uJssaG/n18eArkAd/wObohkCBeKJeJ9FJTnOQ0frI36We+r3S+bBZaguv0cbpwoW
7a3YJr79MNZocM9wAEt9933KnVCQXS8XK4++2SwbBA2J4LQi4z+fGzB6sgNTCnij
U9u7e8Dhx248N1sSgKw/2jofH20T/JGgSq5dZmepxKBchkKwiL4X/XCdn024GcRj
odrVjJ5+rCrREwgZ
-----END CERTIFICATE-----