Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS203098.roa
File:                     AS203098.roa (raw, json)
Hash identifier:          1JW5BbYTflbakloX/cQnmVmQ/iesWITH5TXdxZknRuo=
Subject key identifier:   A7:B0:94:71:8C:49:3F:D1:57:6E:67:DD:4C:0D:46:BF:59:7B:9B:6F
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       15576753B6B5A39DED97641C3C9A24C52404CE5A
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS203098.roa
Signing time:             Mon 04 Sep 2023 13:21:15 +0000
ROA not before:           Mon 04 Sep 2023 13:16:15 +0000
ROA not after:            Mon 02 Sep 2024 13:21:15 +0000
asID:                     203098
IP address blocks:        103.230.143.0/24 maxlen: 24
                          185.90.63.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 04 May 2024 11:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            15:57:67:53:b6:b5:a3:9d:ed:97:64:1c:3c:9a:24:c5:24:04:ce:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Sep  4 13:16:15 2023 GMT
            Not After : Sep  2 13:21:15 2024 GMT
        Subject: CN=A7B094718C493FD1576E67DD4C0D46BF597B9B6F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:48:9d:83:b0:33:ee:5f:67:82:37:2c:b6:e5:
                    4d:62:ee:9f:b3:b1:e4:49:dc:05:d6:c1:d0:ca:5b:
                    bb:47:e0:73:54:3c:4e:83:03:f3:e2:fc:cf:79:49:
                    a8:27:1d:36:fb:0b:71:2c:17:93:27:b6:32:e3:e8:
                    d0:cb:a4:6e:c3:8a:9f:ec:86:f4:0c:80:33:fa:37:
                    ed:26:c7:6e:3a:65:15:31:59:c1:3a:64:87:e8:02:
                    1b:be:23:f4:93:74:48:b0:d5:7c:b7:75:84:14:6c:
                    e1:b0:c4:01:b8:e2:3c:20:7e:e2:7e:e3:6c:be:b2:
                    c4:01:44:de:41:ad:4a:6b:89:d0:33:7c:5f:4a:14:
                    c0:b9:ed:70:1b:28:13:f1:fe:8d:33:eb:e6:f9:b0:
                    1a:19:85:76:d6:cb:89:c7:66:f5:e6:d6:c0:36:04:
                    97:37:dc:47:84:1d:8c:77:28:76:ee:67:0e:1f:7c:
                    4c:03:7e:f0:3d:35:91:18:f0:17:50:9f:84:50:f3:
                    ec:96:ff:2b:36:57:0c:cd:14:f5:c9:2c:85:aa:b0:
                    b3:a7:3b:df:84:67:ee:b8:09:0d:eb:81:22:8c:6e:
                    4f:5d:e6:81:5a:3e:fe:75:b1:68:67:76:30:f1:1b:
                    6f:cf:16:92:2e:d4:b5:50:68:a3:55:00:29:fd:e0:
                    00:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:B0:94:71:8C:49:3F:D1:57:6E:67:DD:4C:0D:46:BF:59:7B:9B:6F
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS203098.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.230.143.0/24
                  185.90.63.0/24

    Signature Algorithm: sha256WithRSAEncryption
         71:17:34:a7:2c:b7:0d:8c:91:c4:f4:6e:fd:3c:67:3b:17:55:
         bf:a4:3b:49:6d:39:5c:34:51:7c:55:04:1a:fa:95:4a:e2:8f:
         bc:65:c7:1a:4c:c4:36:6d:58:19:a8:8f:6c:3c:c0:d1:dd:8d:
         9a:d6:68:a7:65:d2:c7:0e:03:ce:46:74:01:3a:f4:cb:a6:64:
         1d:61:e8:0a:37:13:33:56:6d:97:6f:ff:09:1d:bf:04:41:11:
         1f:5b:93:28:56:3f:84:90:84:59:0f:77:b3:bb:2c:3d:13:21:
         21:2e:3b:f5:e0:7b:02:7b:e5:1a:db:27:d4:b9:8a:9d:77:75:
         16:93:ed:6e:fe:8b:3b:70:ca:cd:a4:d5:99:d1:c8:97:c3:1b:
         c3:fb:20:82:7e:51:36:ec:71:c9:38:52:f4:a0:cf:f0:7d:48:
         19:99:8f:b1:fb:e3:6c:02:cb:b3:bd:4b:fc:dc:51:5e:18:e3:
         ad:e1:c1:1e:61:dc:33:b9:83:e5:92:b1:f1:83:1b:7f:7e:5a:
         d2:41:cd:02:13:12:7e:87:66:b2:4d:59:87:8c:3d:9a:0e:ba:
         ed:92:4f:41:e6:ca:57:18:15:c0:86:3b:bb:b1:fd:05:7e:56:
         f2:5b:6c:88:7a:63:f1:99:9c:be:4d:d7:43:f7:c8:5f:02:e2:
         7a:9b:6d:4a
-----BEGIN CERTIFICATE-----
MIIE6zCCA9OgAwIBAgIUFVdnU7a1o53tl2QcPJokxSQEzlowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzA5MDQxMzE2MTVaFw0yNDA5MDIxMzIxMTVaMDMxMTAvBgNV
BAMTKEE3QjA5NDcxOEM0OTNGRDE1NzZFNjdERDRDMEQ0NkJGNTk3QjlCNkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkSJ2DsDPuX2eCNyy25U1i7p+z
seRJ3AXWwdDKW7tH4HNUPE6DA/Pi/M95SagnHTb7C3EsF5MntjLj6NDLpG7Dip/s
hvQMgDP6N+0mx246ZRUxWcE6ZIfoAhu+I/STdEiw1Xy3dYQUbOGwxAG44jwgfuJ+
42y+ssQBRN5BrUpridAzfF9KFMC57XAbKBPx/o0z6+b5sBoZhXbWy4nHZvXm1sA2
BJc33EeEHYx3KHbuZw4ffEwDfvA9NZEY8BdQn4RQ8+yW/ys2VwzNFPXJLIWqsLOn
O9+EZ+64CQ3rgSKMbk9d5oFaPv51sWhndjDxG2/PFpIu1LVQaKNVACn94ABtAgMB
AAGjggH1MIIB8TAdBgNVHQ4EFgQUp7CUcYxJP9FXbmfdTA1Gv1l7m28wHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjAzMDk4LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEH
AQH/BBYwFDASBAIAATAMAwQAZ+aPAwQAuVo/MA0GCSqGSIb3DQEBCwUAA4IBAQBx
FzSnLLcNjJHE9G79PGc7F1W/pDtJbTlcNFF8VQQa+pVK4o+8ZccaTMQ2bVgZqI9s
PMDR3Y2a1minZdLHDgPORnQBOvTLpmQdYegKNxMzVm2Xb/8JHb8EQREfW5MoVj+E
kIRZD3ezuyw9EyEhLjv14HsCe+Ua2yfUuYqdd3UWk+1u/os7cMrNpNWZ0ciXwxvD
+yCCflE27HHJOFL0oM/wfUgZmY+x++NsAsuzvUv83FFeGOOt4cEeYdwzuYPlkrHx
gxt/flrSQc0CExJ+h2ayTVmHjD2aDrrtkk9B5spXGBXAhju7sf0FflbyW2yIemPx
mZy+TddD98hfAuJ6m21K
-----END CERTIFICATE-----