Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS203062.roa
File:                     AS203062.roa (raw, json)
Hash identifier:          S1325QpoYYWq8uZMyvA2zRYvi62onH4IyEFJZwO15z0=
Subject key identifier:   A8:48:94:EB:7E:40:1C:4D:18:8B:7D:87:1A:1B:69:8B:6E:EF:32:3D
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       6EFF523B4E845AE3C61BDF0DA2FD8580170B9B74
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS203062.roa
Signing time:             Fri 13 Dec 2024 02:56:29 +0000
ROA not before:           Fri 13 Dec 2024 02:51:29 +0000
ROA not after:            Fri 12 Dec 2025 02:56:29 +0000
asID:                     203062
IP address blocks:        2a06:a005:1d40::/44 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 05 Apr 2025 09:24:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6e:ff:52:3b:4e:84:5a:e3:c6:1b:df:0d:a2:fd:85:80:17:0b:9b:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Dec 13 02:51:29 2024 GMT
            Not After : Dec 12 02:56:29 2025 GMT
        Subject: CN=A84894EB7E401C4D188B7D871A1B698B6EEF323D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:09:ef:d0:c4:a1:f8:d0:c9:f5:78:b6:b0:f1:
                    2a:db:23:01:d2:90:d2:6e:8b:27:50:90:ef:6c:9e:
                    1c:8a:ab:fe:e1:15:1b:4e:37:49:08:b0:c7:74:8a:
                    b4:84:75:db:f8:d2:70:83:33:28:89:e2:c9:1b:d5:
                    68:3a:16:a6:2b:4c:d9:f5:0f:bb:91:a0:a6:2c:6c:
                    db:13:b2:14:0f:35:dc:ae:00:23:4b:22:9c:b8:b4:
                    98:a0:ed:51:95:be:c0:77:60:5b:a2:91:a2:0a:6f:
                    72:32:9c:0a:1c:83:3f:a5:41:92:4b:92:eb:6e:af:
                    1b:17:3b:91:76:76:b7:6e:07:18:8f:e2:82:28:ea:
                    22:6a:72:e4:43:3d:6e:90:bc:20:d3:2b:39:dd:43:
                    32:4a:45:bf:0b:81:54:87:64:03:bc:32:e1:11:41:
                    57:6f:dd:9d:70:76:f0:b0:3e:97:ea:33:89:dc:2b:
                    61:9f:9e:52:86:db:64:2f:89:eb:46:88:2d:aa:ad:
                    3f:82:1e:35:14:5b:1d:26:aa:15:02:2f:87:ae:21:
                    f9:75:e8:79:37:27:58:ad:32:3d:a5:25:4b:9a:8d:
                    6b:08:0c:48:f2:a7:d1:0c:2a:99:4f:59:f1:29:2e:
                    c8:1b:9e:53:93:b0:d8:36:ab:f7:9d:61:06:16:88:
                    c8:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:48:94:EB:7E:40:1C:4D:18:8B:7D:87:1A:1B:69:8B:6E:EF:32:3D
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS203062.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:1d40::/44

    Signature Algorithm: sha256WithRSAEncryption
         1f:88:c7:f5:aa:26:b5:c5:23:9c:c0:10:c7:68:4a:8b:a8:37:
         19:19:54:50:39:3a:53:b4:1a:53:1b:6a:21:e1:54:04:2c:0d:
         da:50:b0:6c:cd:85:99:dc:04:3c:ff:5e:cb:38:2d:0e:ae:c1:
         ca:c1:50:04:27:af:b8:23:7a:9b:99:f0:50:37:3d:96:2e:46:
         fa:ec:54:92:b7:c8:ee:ba:7e:d2:87:7a:57:a3:8d:f1:02:17:
         6e:97:41:df:3c:f3:d4:33:23:24:fe:d9:e2:17:74:84:20:47:
         e5:4a:6b:ff:84:fb:52:07:22:cc:7f:33:7a:fc:db:86:5e:64:
         ed:a1:c8:bf:04:88:52:3a:f5:e3:c8:16:38:14:9b:82:8e:df:
         7a:2b:d6:fb:18:a2:7b:a7:65:da:34:e8:8e:c1:9a:b8:58:45:
         bb:19:ad:9f:3b:c2:3d:96:83:7c:bc:0f:ab:17:02:36:c3:7b:
         c4:ad:e7:8c:7d:f7:39:e9:52:4e:4d:b9:9d:76:aa:28:4b:55:
         de:0c:0b:79:73:9b:d4:98:03:46:d1:3d:9a:41:45:35:80:85:
         7d:b1:a3:d5:ff:bc:bf:92:52:de:7f:4c:d3:db:ee:24:0e:25:
         dd:b1:e2:11:2b:65:cd:04:33:dc:50:a5:ea:a8:07:0f:98:28:
         e5:4c:df:28
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUbv9SO06EWuPGG98Nov2FgBcLm3QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDEyMTMwMjUxMjlaFw0yNTEyMTIwMjU2MjlaMDMxMTAvBgNV
BAMTKEE4NDg5NEVCN0U0MDFDNEQxODhCN0Q4NzFBMUI2OThCNkVFRjMyM0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjCe/QxKH40Mn1eLaw8SrbIwHS
kNJuiydQkO9snhyKq/7hFRtON0kIsMd0irSEddv40nCDMyiJ4skb1Wg6FqYrTNn1
D7uRoKYsbNsTshQPNdyuACNLIpy4tJig7VGVvsB3YFuikaIKb3IynAocgz+lQZJL
kuturxsXO5F2drduBxiP4oIo6iJqcuRDPW6QvCDTKzndQzJKRb8LgVSHZAO8MuER
QVdv3Z1wdvCwPpfqM4ncK2GfnlKG22QvietGiC2qrT+CHjUUWx0mqhUCL4euIfl1
6Hk3J1itMj2lJUuajWsIDEjyp9EMKplPWfEpLsgbnlOTsNg2q/edYQYWiMipAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUqEiU635AHE0Yi32HGhtpi27vMj0wHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjAzMDYyLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcEKgagBR1AMA0GCSqGSIb3DQEBCwUAA4IBAQAfiMf1
qia1xSOcwBDHaEqLqDcZGVRQOTpTtBpTG2oh4VQELA3aULBszYWZ3AQ8/17LOC0O
rsHKwVAEJ6+4I3qbmfBQNz2WLkb67FSSt8juun7Sh3pXo43xAhdul0HfPPPUMyMk
/tniF3SEIEflSmv/hPtSByLMfzN6/NuGXmTtoci/BIhSOvXjyBY4FJuCjt96K9b7
GKJ7p2XaNOiOwZq4WEW7Ga2fO8I9loN8vA+rFwI2w3vEreeMffc56VJOTbmddqoo
S1XeDAt5c5vUmANG0T2aQUU1gIV9saPV/7y/klLef0zT2+4kDiXdseIRK2XNBDPc
UKXqqAcPmCjlTN8o
-----END CERTIFICATE-----