Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS203529.roa
File:                     AS203529.roa (raw, json)
Hash identifier:          hEjZeweV1tuOiTZ/A5/jd7jxDop7l3acmGd65tO/Wdk=
Subject key identifier:   00:F3:2A:0A:F6:03:D7:88:98:32:FF:22:CE:75:05:6A:8E:97:13:81
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       61A8D8AB27350557D61CAC73BFCCA1BC6A3A37CE
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS203529.roa
Signing time:             Fri 05 Jan 2024 14:44:21 +0000
ROA not before:           Fri 05 Jan 2024 14:39:21 +0000
ROA not after:            Fri 03 Jan 2025 14:44:21 +0000
asID:                     203529
IP address blocks:        2a06:a005:15e0::/44 maxlen: 48
                          2a06:a005:15f0::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 04 May 2024 11:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            61:a8:d8:ab:27:35:05:57:d6:1c:ac:73:bf:cc:a1:bc:6a:3a:37:ce
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Jan  5 14:39:21 2024 GMT
            Not After : Jan  3 14:44:21 2025 GMT
        Subject: CN=00F32A0AF603D7889832FF22CE75056A8E971381
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:22:cb:de:df:8a:11:ff:fc:12:a3:ad:99:55:
                    d2:60:a1:10:df:11:1e:f0:45:f7:10:57:d1:6a:72:
                    df:10:70:c0:ff:2d:14:83:8c:db:3f:bb:b0:5e:15:
                    fe:44:07:38:3b:3c:d6:a1:b8:f9:8a:45:f5:44:ad:
                    ba:3b:42:d5:a9:29:78:6e:08:8a:b3:00:5f:a5:3d:
                    85:0f:a7:d1:19:10:40:81:51:27:f1:6a:0e:06:45:
                    24:18:e3:72:d5:6b:92:34:74:02:63:80:95:b1:8d:
                    0b:63:82:10:d2:9f:ee:5c:23:9b:aa:9f:b2:19:a0:
                    fb:61:36:3e:07:43:8c:92:48:83:eb:52:15:8c:55:
                    e4:73:8e:37:95:57:b5:23:8b:17:93:c5:05:f5:56:
                    0f:3a:8c:f7:69:ca:e7:fb:5f:d8:e5:93:fb:c5:7c:
                    15:7a:59:17:43:8b:1f:a0:6c:5d:b6:83:be:73:0c:
                    fe:c6:8b:9f:3b:66:ec:86:80:f6:85:bc:32:89:5e:
                    e8:21:5c:fc:5d:63:9d:fd:e4:c3:a7:68:6a:f8:21:
                    63:08:51:09:83:4e:67:f0:f6:61:f1:44:2a:59:95:
                    5b:5c:cc:9e:0f:9c:83:85:0c:8d:76:0e:53:e5:2c:
                    06:ed:9d:c8:77:84:33:65:9c:88:ea:df:d6:d4:ad:
                    88:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:F3:2A:0A:F6:03:D7:88:98:32:FF:22:CE:75:05:6A:8E:97:13:81
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS203529.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:15e0::/43

    Signature Algorithm: sha256WithRSAEncryption
         7b:17:71:e5:4c:c8:99:84:31:31:69:7b:17:58:23:b8:a0:2f:
         d0:e1:24:81:74:06:75:60:6b:1c:20:1f:24:1d:0b:20:bb:49:
         07:41:40:0b:bd:2c:2c:6b:5f:e6:bc:ec:d7:a2:ec:07:ff:cd:
         c6:65:da:b5:99:5b:ed:98:f2:db:83:8d:cd:e9:bd:a5:50:69:
         9a:ae:92:1e:56:ec:68:67:74:13:70:fa:9b:7d:44:3e:60:3a:
         a0:00:b9:fe:3e:83:79:92:86:7c:c0:fb:77:12:14:e9:5d:a1:
         9e:db:5c:a4:df:13:f1:cb:84:c7:4f:9f:8c:c5:d8:7c:6f:0d:
         ef:bb:68:c8:50:a1:18:87:12:e4:cd:8f:79:de:92:62:c4:b7:
         67:61:c5:6d:00:39:c6:22:25:31:9b:df:5c:ba:a8:d7:31:c0:
         99:57:e8:ae:05:60:76:ba:ee:01:14:df:8f:3c:0b:83:c3:60:
         36:4a:3c:5a:36:6f:21:b1:37:af:61:7c:82:81:b6:f5:77:69:
         ab:f3:a2:2c:27:28:43:68:37:0a:a7:b5:18:ac:4b:75:d8:b7:
         49:17:dd:8e:cc:b0:f7:29:c3:c0:c5:07:99:c5:10:0b:d0:1b:
         c5:6b:6a:07:33:22:77:5c:40:bf:0b:95:f1:65:a7:30:43:2b:
         c7:cc:2c:39
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUYajYqyc1BVfWHKxzv8yhvGo6N84wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDAxMDUxNDM5MjFaFw0yNTAxMDMxNDQ0MjFaMDMxMTAvBgNV
BAMTKDAwRjMyQTBBRjYwM0Q3ODg5ODMyRkYyMkNFNzUwNTZBOEU5NzEzODEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDwIsve34oR//wSo62ZVdJgoRDf
ER7wRfcQV9Fqct8QcMD/LRSDjNs/u7BeFf5EBzg7PNahuPmKRfVErbo7QtWpKXhu
CIqzAF+lPYUPp9EZEECBUSfxag4GRSQY43LVa5I0dAJjgJWxjQtjghDSn+5cI5uq
n7IZoPthNj4HQ4ySSIPrUhWMVeRzjjeVV7UjixeTxQX1Vg86jPdpyuf7X9jlk/vF
fBV6WRdDix+gbF22g75zDP7Gi587ZuyGgPaFvDKJXughXPxdY5395MOnaGr4IWMI
UQmDTmfw9mHxRCpZlVtczJ4PnIOFDI12DlPlLAbtnch3hDNlnIjq39bUrYiXAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUAPMqCvYD14iYMv8iznUFao6XE4EwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjAzNTI5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcFKgagBRXgMA0GCSqGSIb3DQEBCwUAA4IBAQB7F3Hl
TMiZhDExaXsXWCO4oC/Q4SSBdAZ1YGscIB8kHQsgu0kHQUALvSwsa1/mvOzXouwH
/83GZdq1mVvtmPLbg43N6b2lUGmarpIeVuxoZ3QTcPqbfUQ+YDqgALn+PoN5koZ8
wPt3EhTpXaGe21yk3xPxy4THT5+Mxdh8bw3vu2jIUKEYhxLkzY953pJixLdnYcVt
ADnGIiUxm99cuqjXMcCZV+iuBWB2uu4BFN+PPAuDw2A2SjxaNm8hsTevYXyCgbb1
d2mr86IsJyhDaDcKp7UYrEt12LdJF92OzLD3KcPAxQeZxRAL0BvFa2oHMyJ3XEC/
C5XxZacwQyvHzCw5
-----END CERTIFICATE-----