Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS202905.roa
File:                     AS202905.roa (raw, json)
Hash identifier:          TFYrEKynwCIIzw4TvpylVYT1P2A0ME36BkVzVPa2vCQ=
Subject key identifier:   D8:4E:D4:8F:16:4A:2E:F6:F2:67:A2:F5:A6:C2:28:ED:72:3F:CD:E0
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       737D15D2A3BFD42B0E68DE7F6EE8EFBF4FF12A2D
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS202905.roa
Signing time:             Tue 05 Dec 2023 02:44:18 +0000
ROA not before:           Tue 05 Dec 2023 02:39:18 +0000
ROA not after:            Tue 03 Dec 2024 02:44:18 +0000
asID:                     202905
IP address blocks:        2a06:a005:1279::/48 maxlen: 48
                          2a06:a005:1ff0::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 04 May 2024 11:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            73:7d:15:d2:a3:bf:d4:2b:0e:68:de:7f:6e:e8:ef:bf:4f:f1:2a:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Dec  5 02:39:18 2023 GMT
            Not After : Dec  3 02:44:18 2024 GMT
        Subject: CN=D84ED48F164A2EF6F267A2F5A6C228ED723FCDE0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:3c:aa:6f:c5:76:94:f0:4a:be:c0:eb:bb:c0:
                    c7:87:48:14:72:a7:ba:4c:5f:f7:82:0c:c6:cd:01:
                    ce:d2:e0:94:26:91:5d:8c:08:44:6d:4c:a9:37:b4:
                    f0:88:43:96:f4:55:b7:4c:d0:e5:e0:27:29:52:8d:
                    75:65:18:5b:1e:11:69:19:b8:6e:3f:ec:7f:87:99:
                    11:c5:3b:00:e8:16:45:bd:14:54:ec:d8:3b:77:76:
                    55:5b:99:7c:8a:04:39:f3:f6:6b:e0:dd:89:23:0d:
                    58:d1:69:f8:5f:d1:96:27:e7:ab:5d:d8:1d:cd:cc:
                    9c:fb:30:63:97:64:27:f7:cd:88:27:33:70:3b:ed:
                    e6:d4:60:86:95:d7:47:f3:15:81:63:55:1e:8b:99:
                    4a:44:43:e3:6e:9b:92:79:ed:5c:32:43:4b:9f:e7:
                    7c:e7:3a:23:8e:64:94:1a:74:a0:26:08:b0:5b:0a:
                    d1:ba:a2:73:88:aa:97:f3:37:d4:48:4f:9b:d8:58:
                    df:89:4c:17:0b:3c:18:5c:9d:94:32:d6:32:af:0d:
                    62:d3:c0:5e:20:10:63:26:15:88:60:5c:de:ef:0f:
                    dd:fd:05:8a:34:6d:a1:e9:2e:e8:b9:de:44:6c:ae:
                    08:60:26:28:f2:8f:8d:25:bd:b2:b3:87:5c:db:59:
                    04:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:4E:D4:8F:16:4A:2E:F6:F2:67:A2:F5:A6:C2:28:ED:72:3F:CD:E0
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS202905.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:1279::/48
                  2a06:a005:1ff0::/44

    Signature Algorithm: sha256WithRSAEncryption
         ac:68:41:fb:2a:9f:33:7f:6f:15:99:f0:d8:e2:de:22:4a:75:
         aa:9e:ac:aa:c7:23:b3:7b:0c:d0:2b:7e:c2:9a:00:d3:74:85:
         c2:e9:c3:8a:ef:88:3d:dd:7f:7e:7a:78:ad:65:31:4f:e6:cb:
         66:10:ee:77:1c:61:08:c8:3c:36:a2:5a:5c:78:13:5b:3e:06:
         0f:1e:7b:1e:0c:1c:40:98:f9:e9:bc:b3:52:5d:eb:d4:bd:8f:
         3e:99:b5:84:6c:69:03:a1:6b:19:70:96:f8:ec:6e:7c:d4:10:
         ce:f4:17:70:31:18:60:06:9d:b5:9b:83:ef:7c:6d:7a:27:f9:
         70:b9:8e:b6:48:12:9e:33:6a:e3:3e:ee:f2:94:38:71:cb:26:
         03:16:69:40:d6:2e:50:60:8f:8e:5d:8f:76:78:c9:9d:b7:a7:
         9d:7b:e7:aa:7d:41:a1:3c:03:0d:7b:bc:92:e4:ea:e3:d4:ef:
         42:b1:9a:b1:4c:a7:cd:f0:ee:4e:92:bb:0c:83:f1:82:f4:a6:
         37:f9:df:29:2b:e1:8c:ff:28:1c:c8:c3:c1:28:56:03:61:ca:
         04:54:a7:b4:66:88:df:bf:e0:43:44:d9:ce:87:43:28:8c:14:
         18:de:4b:85:52:90:b0:44:2b:1d:a4:bd:e0:55:ee:52:c0:f5:
         db:f6:94:98
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIUc30V0qO/1CsOaN5/bujvv0/xKi0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzEyMDUwMjM5MThaFw0yNDEyMDMwMjQ0MThaMDMxMTAvBgNV
BAMTKEQ4NEVENDhGMTY0QTJFRjZGMjY3QTJGNUE2QzIyOEVENzIzRkNERTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfPKpvxXaU8Eq+wOu7wMeHSBRy
p7pMX/eCDMbNAc7S4JQmkV2MCERtTKk3tPCIQ5b0VbdM0OXgJylSjXVlGFseEWkZ
uG4/7H+HmRHFOwDoFkW9FFTs2Dt3dlVbmXyKBDnz9mvg3YkjDVjRafhf0ZYn56td
2B3NzJz7MGOXZCf3zYgnM3A77ebUYIaV10fzFYFjVR6LmUpEQ+Num5J57VwyQ0uf
53znOiOOZJQadKAmCLBbCtG6onOIqpfzN9RIT5vYWN+JTBcLPBhcnZQy1jKvDWLT
wF4gEGMmFYhgXN7vD939BYo0baHpLui53kRsrghgJijyj40lvbKzh1zbWQSDAgMB
AAGjggH7MIIB9zAdBgNVHQ4EFgQU2E7UjxZKLvbyZ6L1psIo7XI/zeAwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjAyOTA1LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEH
AQH/BBwwGjAYBAIAAjASAwcAKgagBRJ5AwcEKgagBR/wMA0GCSqGSIb3DQEBCwUA
A4IBAQCsaEH7Kp8zf28VmfDY4t4iSnWqnqyqxyOzewzQK37CmgDTdIXC6cOK74g9
3X9+enitZTFP5stmEO53HGEIyDw2olpceBNbPgYPHnseDBxAmPnpvLNSXevUvY8+
mbWEbGkDoWsZcJb47G581BDO9BdwMRhgBp21m4PvfG16J/lwuY62SBKeM2rjPu7y
lDhxyyYDFmlA1i5QYI+OXY92eMmdt6ede+eqfUGhPAMNe7yS5Orj1O9CsZqxTKfN
8O5OkrsMg/GC9KY3+d8pK+GM/ygcyMPBKFYDYcoEVKe0Zojfv+BDRNnOh0MojBQY
3kuFUpCwRCsdpL3gVe5SwPXb9pSY
-----END CERTIFICATE-----