Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS203804.roa
File:                     AS203804.roa (raw, json)
Hash identifier:          2tirDY7CYn3n/u3jfyklOEzX6z6gd9EygZ5mnZT9FbY=
Subject key identifier:   5F:B1:EA:D3:5A:89:10:EA:44:28:83:03:BA:C1:8F:B0:3B:60:2E:BE
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       5B7CE29F036EB7E3E8A24213A6CF8A996DA814DF
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS203804.roa
Signing time:             Tue 05 Dec 2023 02:44:14 +0000
ROA not before:           Tue 05 Dec 2023 02:39:14 +0000
ROA not after:            Tue 03 Dec 2024 02:44:14 +0000
asID:                     203804
IP address blocks:        2a06:a005:1340::/44 maxlen: 48
                          2a06:a005:1350::/44 maxlen: 48
                          2a06:a005:13b0::/44 maxlen: 48
                          2a06:a005:13c0::/44 maxlen: 48
                          2a06:a005:13d0::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 04 May 2024 11:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5b:7c:e2:9f:03:6e:b7:e3:e8:a2:42:13:a6:cf:8a:99:6d:a8:14:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Dec  5 02:39:14 2023 GMT
            Not After : Dec  3 02:44:14 2024 GMT
        Subject: CN=5FB1EAD35A8910EA44288303BAC18FB03B602EBE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:fb:34:ff:93:ef:23:2f:4a:bf:d4:90:90:95:
                    74:e9:0b:ab:37:89:33:47:0e:bc:ca:df:d8:13:41:
                    da:85:55:3f:7c:bd:22:00:81:de:61:8f:05:70:b5:
                    3e:a9:e7:4b:14:7e:7a:c3:67:d4:8c:6b:56:0e:5b:
                    6c:e1:4a:1b:24:80:39:f1:de:07:b5:fb:d7:27:b5:
                    c0:ab:96:3e:3f:49:b7:e8:76:dd:06:f4:16:a7:81:
                    dd:d0:c0:0e:f2:10:70:4c:67:59:f9:4a:06:c0:65:
                    ac:2b:c8:1b:f4:ff:e3:fc:e4:99:35:e4:80:2b:0a:
                    70:1b:49:42:39:f4:22:4b:4f:5a:2c:e4:6f:a2:4e:
                    e0:e3:1d:1e:39:f9:c3:9d:cc:51:10:5a:a2:68:26:
                    b3:23:57:14:ab:da:dc:a3:68:ab:0b:f6:a2:34:f5:
                    9a:69:2e:7e:50:a4:58:75:2f:f4:81:2b:3f:4a:3e:
                    0a:27:87:e3:4e:74:ee:d0:0a:d2:92:60:25:25:67:
                    a9:d0:58:cf:a5:56:dc:0e:ba:f1:88:47:81:21:7f:
                    12:61:aa:16:44:70:a2:f2:81:a4:2b:88:9d:99:b0:
                    46:20:0d:50:7f:a8:11:54:c4:d9:50:10:2b:fa:91:
                    97:16:d9:2b:ff:34:82:c9:29:e0:85:df:b8:09:14:
                    20:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:B1:EA:D3:5A:89:10:EA:44:28:83:03:BA:C1:8F:B0:3B:60:2E:BE
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS203804.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:1340::/43
                  2a06:a005:13b0::-2a06:a005:13df:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         66:e8:da:ad:c2:7d:26:fe:70:3c:fe:be:ea:2c:d3:07:21:0d:
         b0:9c:ea:a0:49:ed:db:83:d0:cd:50:91:ed:ab:05:22:d9:62:
         10:66:32:68:af:24:5a:5c:b5:e8:ca:27:87:66:35:01:14:94:
         19:43:d7:55:ca:f0:e2:45:27:11:2b:ba:cf:cb:17:95:20:a7:
         3f:ec:6f:d3:45:a0:ff:eb:f6:60:1e:75:56:b8:b3:08:9e:e3:
         3c:57:49:c2:ea:f4:51:5b:ec:61:21:5f:91:f9:bc:20:5d:d0:
         b4:c1:57:1a:24:4b:0f:db:55:9d:a5:e4:d6:f5:38:9e:7f:57:
         31:82:c0:e1:f9:7b:87:c8:25:2e:e1:07:94:32:90:e4:33:f3:
         c0:aa:86:80:bb:c6:11:a1:93:a5:75:a4:24:cf:82:1b:8d:fe:
         70:c4:9f:9a:36:4b:e5:23:88:40:98:0e:e0:6d:f5:ca:61:79:
         be:3a:c2:ef:64:e1:ec:dc:03:e2:b6:7d:be:52:ee:61:6e:a8:
         04:87:e5:be:ab:d1:a1:c9:9e:f7:ff:11:e2:79:fc:a0:82:19:
         df:96:37:d2:a5:44:ce:09:87:a3:83:69:56:2c:8f:ef:fc:8e:
         fc:2c:c7:43:f8:06:9f:43:b5:c5:55:79:dc:e7:d1:1a:1c:63:
         30:97:73:63
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgIUW3zinwNut+PookITps+KmW2oFN8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzEyMDUwMjM5MTRaFw0yNDEyMDMwMjQ0MTRaMDMxMTAvBgNV
BAMTKDVGQjFFQUQzNUE4OTEwRUE0NDI4ODMwM0JBQzE4RkIwM0I2MDJFQkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6+zT/k+8jL0q/1JCQlXTpC6s3
iTNHDrzK39gTQdqFVT98vSIAgd5hjwVwtT6p50sUfnrDZ9SMa1YOW2zhShskgDnx
3ge1+9cntcCrlj4/Sbfodt0G9Bangd3QwA7yEHBMZ1n5SgbAZawryBv0/+P85Jk1
5IArCnAbSUI59CJLT1os5G+iTuDjHR45+cOdzFEQWqJoJrMjVxSr2tyjaKsL9qI0
9ZppLn5QpFh1L/SBKz9KPgonh+NOdO7QCtKSYCUlZ6nQWM+lVtwOuvGIR4EhfxJh
qhZEcKLygaQriJ2ZsEYgDVB/qBFUxNlQECv6kZcW2Sv/NILJKeCF37gJFCC1AgMB
AAGjggIGMIICAjAdBgNVHQ4EFgQUX7Hq01qJEOpEKIMDusGPsDtgLr4wHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjAzODA0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEH
AQH/BCcwJTAjBAIAAjAdAwcFKgagBRNAMBIDBwQqBqAFE7ADBwUqBqAFE8AwDQYJ
KoZIhvcNAQELBQADggEBAGbo2q3CfSb+cDz+vuos0wchDbCc6qBJ7duD0M1Qke2r
BSLZYhBmMmivJFpctejKJ4dmNQEUlBlD11XK8OJFJxErus/LF5Ugpz/sb9NFoP/r
9mAedVa4swie4zxXScLq9FFb7GEhX5H5vCBd0LTBVxokSw/bVZ2l5Nb1OJ5/VzGC
wOH5e4fIJS7hB5QykOQz88CqhoC7xhGhk6V1pCTPghuN/nDEn5o2S+UjiECYDuBt
9cpheb46wu9k4ezcA+K2fb5S7mFuqASH5b6r0aHJnvf/EeJ5/KCCGd+WN9KlRM4J
h6ODaVYsj+/8jvwsx0P4Bp9DtcVVedzn0RocYzCXc2M=
-----END CERTIFICATE-----