Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS202827.roa
File:                     AS202827.roa (raw, json)
Hash identifier:          8+KCU1SK0IwKJEV3PgD1mo2uwEZNJumbOi5/eH19e/g=
Subject key identifier:   4F:AB:28:4B:AD:7A:13:BE:DF:45:39:AE:50:30:CC:88:54:1E:04:48
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       2889FAB0095AB0B928579BC96E42E47D4DEFB1D1
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS202827.roa
Signing time:             Tue 05 Dec 2023 02:44:11 +0000
ROA not before:           Tue 05 Dec 2023 02:39:11 +0000
ROA not after:            Tue 03 Dec 2024 02:44:11 +0000
asID:                     202827
IP address blocks:        2a06:a005:1bc0::/44 maxlen: 48
                          2a06:a005:1e30::/44 maxlen: 48
                          2a06:a005:1e40::/44 maxlen: 48
                          2a06:a005:1e50::/44 maxlen: 48
                          2a06:a005:1e60::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 05 May 2024 05:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            28:89:fa:b0:09:5a:b0:b9:28:57:9b:c9:6e:42:e4:7d:4d:ef:b1:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Dec  5 02:39:11 2023 GMT
            Not After : Dec  3 02:44:11 2024 GMT
        Subject: CN=4FAB284BAD7A13BEDF4539AE5030CC88541E0448
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:23:9b:73:e4:f0:f8:09:c5:f2:df:63:af:48:
                    9d:bb:9b:72:97:66:d9:20:61:af:c4:6e:5b:fd:87:
                    af:b7:fa:52:7a:e2:fd:ca:52:74:e3:29:7a:6d:25:
                    75:e9:04:0d:cf:bf:ba:2b:f6:a1:59:6d:96:7e:6d:
                    d1:34:e2:76:53:5d:b5:f2:c8:04:3b:85:f4:dc:85:
                    46:74:a1:ac:8b:02:aa:0a:99:1c:3b:6e:0d:fd:d5:
                    b3:3a:27:b1:8c:98:72:94:ea:dc:93:e2:d4:d1:8e:
                    0f:2e:77:10:e2:5d:13:7b:dd:ca:a2:19:90:aa:7a:
                    ca:25:6c:f6:fb:03:26:2a:bc:4d:b2:00:44:a5:81:
                    d2:88:c5:ae:f8:88:ab:55:26:d9:38:00:0a:39:6e:
                    a3:ff:11:99:b8:d3:e9:b8:cc:e2:a5:f9:9e:dd:ee:
                    e4:67:6a:ab:e7:b9:51:99:d4:89:2c:d3:3e:0a:ae:
                    1f:4a:09:0f:3b:05:71:fb:20:1f:62:af:52:c9:bd:
                    7c:7e:0f:a8:87:d6:a9:6a:53:34:55:3b:87:54:2b:
                    bc:6f:43:2d:e4:5a:f5:9b:99:2c:c1:a3:c3:e0:04:
                    9a:71:18:48:5a:80:27:ef:a2:3c:3f:9a:01:22:60:
                    96:88:2f:38:e6:ab:be:24:86:32:40:a0:63:bc:e1:
                    cc:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:AB:28:4B:AD:7A:13:BE:DF:45:39:AE:50:30:CC:88:54:1E:04:48
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS202827.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:1bc0::/44
                  2a06:a005:1e30::-2a06:a005:1e6f:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         76:68:4a:0e:e6:c4:b0:d7:f8:ed:08:36:ca:7f:86:f9:9c:42:
         61:f2:48:13:b4:0b:d9:1e:71:16:07:98:de:ee:c3:94:c8:f3:
         dc:2b:66:ee:24:f1:25:c8:f8:97:e6:ba:c6:f5:dc:64:85:00:
         5a:df:3a:93:72:d0:43:ea:5d:87:29:09:cf:1d:ec:36:4f:9c:
         30:20:d6:06:a7:17:c6:de:3b:e4:b0:e4:65:d4:c3:77:9c:45:
         6f:28:9c:03:db:11:de:b6:f5:16:29:8f:45:db:6e:36:62:b4:
         a9:d5:a4:f1:8e:3d:14:36:cd:f6:af:bf:ac:ed:49:e1:94:43:
         8e:25:96:c0:80:bd:d8:e1:f4:d5:13:84:eb:6f:a7:77:13:a5:
         38:2e:22:c2:b7:90:22:04:52:83:4b:e6:90:ec:67:28:f4:30:
         06:0c:44:94:45:0d:f9:58:90:c7:0d:93:8c:ff:f3:50:19:a2:
         73:a0:3b:df:73:71:de:a9:4c:51:6a:28:79:57:ee:a6:c5:5b:
         88:65:ec:d2:2b:77:9e:33:ae:e7:f4:4f:d6:9d:e4:9b:68:fb:
         c2:7c:a5:7e:b8:62:7d:09:30:94:56:62:45:3d:a6:ce:5b:b0:
         96:e7:91:a6:6f:8b:36:19:c4:98:88:91:2b:fa:2e:9b:82:08:
         72:21:19:7d
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgIUKIn6sAlasLkoV5vJbkLkfU3vsdEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzEyMDUwMjM5MTFaFw0yNDEyMDMwMjQ0MTFaMDMxMTAvBgNV
BAMTKDRGQUIyODRCQUQ3QTEzQkVERjQ1MzlBRTUwMzBDQzg4NTQxRTA0NDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZI5tz5PD4CcXy32OvSJ27m3KX
ZtkgYa/Eblv9h6+3+lJ64v3KUnTjKXptJXXpBA3Pv7or9qFZbZZ+bdE04nZTXbXy
yAQ7hfTchUZ0oayLAqoKmRw7bg391bM6J7GMmHKU6tyT4tTRjg8udxDiXRN73cqi
GZCqesolbPb7AyYqvE2yAESlgdKIxa74iKtVJtk4AAo5bqP/EZm40+m4zOKl+Z7d
7uRnaqvnuVGZ1Iks0z4Krh9KCQ87BXH7IB9ir1LJvXx+D6iH1qlqUzRVO4dUK7xv
Qy3kWvWbmSzBo8PgBJpxGEhagCfvojw/mgEiYJaILzjmq74khjJAoGO84cyHAgMB
AAGjggIGMIICAjAdBgNVHQ4EFgQUT6soS616E77fRTmuUDDMiFQeBEgwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjAyODI3LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEH
AQH/BCcwJTAjBAIAAjAdAwcEKgagBRvAMBIDBwQqBqAFHjADBwQqBqAFHmAwDQYJ
KoZIhvcNAQELBQADggEBAHZoSg7mxLDX+O0INsp/hvmcQmHySBO0C9kecRYHmN7u
w5TI89wrZu4k8SXI+Jfmusb13GSFAFrfOpNy0EPqXYcpCc8d7DZPnDAg1ganF8be
O+Sw5GXUw3ecRW8onAPbEd629RYpj0XbbjZitKnVpPGOPRQ2zfavv6ztSeGUQ44l
lsCAvdjh9NUThOtvp3cTpTguIsK3kCIEUoNL5pDsZyj0MAYMRJRFDflYkMcNk4z/
81AZonOgO99zcd6pTFFqKHlX7qbFW4hl7NIrd54zruf0T9ad5Jto+8J8pX64Yn0J
MJRWYkU9ps5bsJbnkaZvizYZxJiIkSv6LpuCCHIhGX0=
-----END CERTIFICATE-----