Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS202627.roa
File:                     AS202627.roa (raw, json)
Hash identifier:          LZTAidklFto1QTWpyrvgnjWFKsDDuylk9xBCp/DrlbM=
Subject key identifier:   3F:6D:32:49:64:43:B1:06:1C:11:84:A3:49:FA:AA:E4:5E:E5:A7:1E
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       0211E040D7A482B36654BE0D99FEBCEAA577B8FF
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS202627.roa
Signing time:             Tue 05 Dec 2023 02:44:15 +0000
ROA not before:           Tue 05 Dec 2023 02:39:15 +0000
ROA not after:            Tue 03 Dec 2024 02:44:15 +0000
asID:                     202627
IP address blocks:        2a06:a005:1f00::/44 maxlen: 48
                          2a06:a005:1f10::/44 maxlen: 48
                          2a06:a005:2330::/44 maxlen: 48
                          2a06:a005:2340::/44 maxlen: 48
                          2a06:a005:2350::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 04 May 2024 11:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            02:11:e0:40:d7:a4:82:b3:66:54:be:0d:99:fe:bc:ea:a5:77:b8:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Dec  5 02:39:15 2023 GMT
            Not After : Dec  3 02:44:15 2024 GMT
        Subject: CN=3F6D32496443B1061C1184A349FAAAE45EE5A71E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:8f:18:c3:ed:fb:35:ed:b1:93:23:ae:ff:ce:
                    e1:66:82:90:55:d6:67:ac:9d:24:3d:f1:44:dd:d7:
                    6f:58:0f:64:88:87:c2:db:ab:b5:73:c9:9c:07:69:
                    9a:49:a2:42:7a:ce:43:bb:43:2d:e6:d7:eb:3a:1b:
                    34:30:81:85:7e:60:ed:84:31:e4:bf:cf:57:7e:d3:
                    a8:cb:24:0f:6b:ac:18:3f:a8:2b:51:f0:ae:34:ad:
                    a4:27:b5:1a:23:6b:5b:2e:e7:bb:17:cf:a6:49:a2:
                    26:4c:bb:d3:ae:b6:1a:6e:b3:a6:c6:4c:33:c8:96:
                    15:da:25:8d:dd:cd:8e:42:f8:16:c0:1d:30:0c:2a:
                    e5:e3:ed:4e:b5:02:69:2c:bd:ba:a1:4e:e4:70:c2:
                    c3:c0:6c:0d:59:69:75:7b:c9:02:dc:01:23:aa:a0:
                    02:21:2b:25:82:16:aa:de:0c:92:18:8b:57:b7:76:
                    b4:ac:83:9a:4f:14:d3:70:e4:f1:c3:87:cd:ec:da:
                    70:7b:34:cc:13:01:46:1a:d5:86:f9:fc:16:9e:b6:
                    4d:f2:93:76:de:66:74:02:d2:99:11:65:fe:ee:2b:
                    6b:0a:9f:8b:34:4c:6e:a3:39:1a:98:4f:ab:b5:75:
                    5c:7c:2b:a9:20:35:3a:60:a4:e8:3d:a2:5f:25:6c:
                    59:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:6D:32:49:64:43:B1:06:1C:11:84:A3:49:FA:AA:E4:5E:E5:A7:1E
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS202627.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:1f00::/43
                  2a06:a005:2330::-2a06:a005:235f:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         b8:41:36:24:d9:a8:c0:b9:90:0a:52:95:c0:8c:bc:a0:88:27:
         a9:73:fc:b0:18:cc:3d:2a:19:f7:55:ad:f5:06:d9:2c:95:a4:
         7b:4f:c5:a0:82:f3:8e:f2:34:ab:6b:74:6a:7a:29:ba:57:43:
         10:6e:2f:c3:1c:ae:9e:4b:5e:79:f0:0d:59:85:21:8b:42:8e:
         4c:ee:a2:d6:8c:98:49:6c:b8:b5:0f:e1:66:66:63:a5:49:a3:
         9f:63:e8:cd:15:2e:33:9f:c6:dd:2f:a1:f2:1e:ea:bf:4b:b7:
         ba:26:ff:ee:cc:a4:62:4c:49:0b:d7:5b:a9:78:e0:6b:13:da:
         64:94:3b:12:04:a4:6f:c3:0b:58:7d:5b:30:90:b7:05:b0:36:
         90:6a:c5:d7:ee:27:8d:59:d8:69:4c:35:04:eb:98:cf:85:44:
         bc:52:70:93:47:bb:c8:50:34:43:a9:fa:58:30:00:06:54:c9:
         9c:81:93:6b:e4:cb:b0:93:03:a6:ee:70:15:18:08:80:94:2e:
         da:fa:1a:04:82:60:94:da:84:b1:45:b8:ad:4b:37:37:dd:74:
         00:7f:f9:39:a4:f9:a5:c5:13:ea:fd:e8:eb:2c:e0:96:92:55:
         91:56:42:1e:64:bc:2f:d1:16:9d:c4:a3:8d:13:97:cb:04:86:
         8f:d8:da:95
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgIUAhHgQNekgrNmVL4Nmf686qV3uP8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzEyMDUwMjM5MTVaFw0yNDEyMDMwMjQ0MTVaMDMxMTAvBgNV
BAMTKDNGNkQzMjQ5NjQ0M0IxMDYxQzExODRBMzQ5RkFBQUU0NUVFNUE3MUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0jxjD7fs17bGTI67/zuFmgpBV
1mesnSQ98UTd129YD2SIh8Lbq7VzyZwHaZpJokJ6zkO7Qy3m1+s6GzQwgYV+YO2E
MeS/z1d+06jLJA9rrBg/qCtR8K40raQntRoja1su57sXz6ZJoiZMu9Outhpus6bG
TDPIlhXaJY3dzY5C+BbAHTAMKuXj7U61AmksvbqhTuRwwsPAbA1ZaXV7yQLcASOq
oAIhKyWCFqreDJIYi1e3drSsg5pPFNNw5PHDh83s2nB7NMwTAUYa1Yb5/Baetk3y
k3beZnQC0pkRZf7uK2sKn4s0TG6jORqYT6u1dVx8K6kgNTpgpOg9ol8lbFnRAgMB
AAGjggIGMIICAjAdBgNVHQ4EFgQUP20ySWRDsQYcEYSjSfqq5F7lpx4wHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjAyNjI3LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEH
AQH/BCcwJTAjBAIAAjAdAwcFKgagBR8AMBIDBwQqBqAFIzADBwUqBqAFI0AwDQYJ
KoZIhvcNAQELBQADggEBALhBNiTZqMC5kApSlcCMvKCIJ6lz/LAYzD0qGfdVrfUG
2SyVpHtPxaCC847yNKtrdGp6KbpXQxBuL8Mcrp5LXnnwDVmFIYtCjkzuotaMmEls
uLUP4WZmY6VJo59j6M0VLjOfxt0vofIe6r9Lt7om/+7MpGJMSQvXW6l44GsT2mSU
OxIEpG/DC1h9WzCQtwWwNpBqxdfuJ41Z2GlMNQTrmM+FRLxScJNHu8hQNEOp+lgw
AAZUyZyBk2vky7CTA6bucBUYCICULtr6GgSCYJTahLFFuK1LNzfddAB/+Tmk+aXF
E+r96Oss4JaSVZFWQh5kvC/RFp3Eo40Tl8sEho/Y2pU=
-----END CERTIFICATE-----