Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS202467.roa
File:                     AS202467.roa (raw, json)
Hash identifier:          VpZx6uaNst+M5x6oX6UG1ZFXcbO2raPDAKP9Rlh4CJo=
Subject key identifier:   4F:BB:14:44:61:D3:ED:17:BB:E3:02:BD:33:73:01:E6:FC:35:87:72
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       6F70CFC15281011C4A57F1D553209E6ADA83606C
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS202467.roa
Signing time:             Tue 05 Dec 2023 02:44:15 +0000
ROA not before:           Tue 05 Dec 2023 02:39:15 +0000
ROA not after:            Tue 03 Dec 2024 02:44:15 +0000
asID:                     202467
IP address blocks:        2a06:a005:1162::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 04 May 2024 14:41:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6f:70:cf:c1:52:81:01:1c:4a:57:f1:d5:53:20:9e:6a:da:83:60:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Dec  5 02:39:15 2023 GMT
            Not After : Dec  3 02:44:15 2024 GMT
        Subject: CN=4FBB144461D3ED17BBE302BD337301E6FC358772
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:5a:1c:f3:e7:c3:ad:5d:f3:43:6e:27:90:3c:
                    28:02:6f:ab:92:1c:72:c2:4e:7e:8c:37:aa:0e:cc:
                    03:0c:95:d4:db:06:b8:03:77:f9:1d:f2:ff:9d:54:
                    28:6f:ca:b8:8d:27:f6:c6:bf:74:aa:c2:1d:d4:6f:
                    64:2e:16:f0:eb:38:2b:97:20:7b:d1:0e:0a:e3:b8:
                    d3:4b:a6:0b:7f:55:f1:d6:e7:96:41:58:a1:4a:0c:
                    7e:c9:45:36:88:5e:df:7f:72:2c:0e:f8:33:56:fb:
                    e7:34:1c:d2:f2:dd:83:ca:1d:03:38:5f:3d:34:a7:
                    d5:6a:e1:ff:9c:5f:6b:98:d0:5d:7a:b9:a4:f5:ea:
                    0d:40:0f:62:80:f2:f1:b9:70:ca:c0:3b:47:67:8c:
                    3d:7a:fd:0e:2a:45:0e:ca:cc:1a:76:44:c0:7d:0c:
                    31:5f:67:9f:ed:8f:24:21:01:13:fa:9e:12:56:6d:
                    81:e2:16:d8:a2:8f:fa:fa:76:ce:d8:d0:63:1f:1b:
                    39:6b:87:66:b7:89:12:0d:64:09:87:1e:79:3b:ef:
                    68:83:22:fe:9e:b3:bf:96:94:e2:e2:b9:01:f7:f5:
                    24:3e:bc:05:b5:0a:7e:1b:2b:7d:ab:63:a0:be:76:
                    06:de:ac:b5:65:2f:95:c2:20:66:52:ef:0a:7f:2d:
                    c1:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:BB:14:44:61:D3:ED:17:BB:E3:02:BD:33:73:01:E6:FC:35:87:72
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS202467.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:1162::/48

    Signature Algorithm: sha256WithRSAEncryption
         60:ee:3b:54:ab:a5:d3:78:da:13:73:07:3a:ea:fb:42:33:fd:
         ad:4a:b0:1c:80:ee:c7:3e:b3:25:1e:66:2b:10:f2:c5:c7:d9:
         39:7b:d0:cb:22:32:48:54:62:04:59:f9:eb:75:f3:48:fe:06:
         ef:0e:13:00:66:ad:f7:cf:f9:44:8d:cd:fc:f1:30:be:41:6c:
         a5:23:73:52:7b:2b:81:ca:e0:fe:79:57:f3:21:53:29:d4:02:
         08:ab:de:b9:ff:27:04:ea:bd:6c:4b:1b:2c:ad:0f:7b:26:26:
         e4:18:e4:0a:76:3a:99:85:1c:05:48:92:3b:c4:97:cc:3f:0f:
         11:94:cb:1f:9f:c3:2b:da:50:d6:82:f3:f8:74:d5:9d:cb:50:
         23:38:27:04:99:8c:d4:98:1b:fe:c5:f6:1b:0c:58:04:f4:cc:
         5f:e7:84:99:68:e0:b2:b4:c4:ab:c7:34:4f:bf:b5:17:2c:24:
         1d:0c:23:d0:16:87:c3:78:78:8e:79:de:cb:30:e8:1d:a3:ab:
         8b:be:89:53:6e:b8:c8:26:91:d2:a8:d5:1f:53:26:6f:61:5f:
         a1:88:2e:09:bc:81:ba:34:70:31:93:4b:ce:f8:c4:87:4d:9f:
         b5:f0:ba:2a:eb:4e:00:63:29:59:bc:ee:9b:e2:82:e3:0c:05:
         14:7f:8c:39
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUb3DPwVKBARxKV/HVUyCeatqDYGwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzEyMDUwMjM5MTVaFw0yNDEyMDMwMjQ0MTVaMDMxMTAvBgNV
BAMTKDRGQkIxNDQ0NjFEM0VEMTdCQkUzMDJCRDMzNzMwMUU2RkMzNTg3NzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkWhzz58OtXfNDbieQPCgCb6uS
HHLCTn6MN6oOzAMMldTbBrgDd/kd8v+dVChvyriNJ/bGv3Sqwh3Ub2QuFvDrOCuX
IHvRDgrjuNNLpgt/VfHW55ZBWKFKDH7JRTaIXt9/ciwO+DNW++c0HNLy3YPKHQM4
Xz00p9Vq4f+cX2uY0F16uaT16g1AD2KA8vG5cMrAO0dnjD16/Q4qRQ7KzBp2RMB9
DDFfZ5/tjyQhARP6nhJWbYHiFtiij/r6ds7Y0GMfGzlrh2a3iRINZAmHHnk772iD
Iv6es7+WlOLiuQH39SQ+vAW1Cn4bK32rY6C+dgberLVlL5XCIGZS7wp/LcGZAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUT7sURGHT7Re74wK9M3MB5vw1h3IwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjAyNDY3LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcAKgagBRFiMA0GCSqGSIb3DQEBCwUAA4IBAQBg7jtU
q6XTeNoTcwc66vtCM/2tSrAcgO7HPrMlHmYrEPLFx9k5e9DLIjJIVGIEWfnrdfNI
/gbvDhMAZq33z/lEjc388TC+QWylI3NSeyuByuD+eVfzIVMp1AIIq965/ycE6r1s
SxssrQ97JibkGOQKdjqZhRwFSJI7xJfMPw8RlMsfn8Mr2lDWgvP4dNWdy1AjOCcE
mYzUmBv+xfYbDFgE9Mxf54SZaOCytMSrxzRPv7UXLCQdDCPQFofDeHiOed7LMOgd
o6uLvolTbrjIJpHSqNUfUyZvYV+hiC4JvIG6NHAxk0vO+MSHTZ+18Loq604AYylZ
vO6b4oLjDAUUf4w5
-----END CERTIFICATE-----