Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS203899.roa
File:                     AS203899.roa (raw, json)
Hash identifier:          B10komtl7jBMBT9T2ZKBR6wxD6wyx/ZIAFvdLS2U5Zk=
Subject key identifier:   62:95:9F:91:23:A0:68:EC:6E:95:61:C5:02:A1:88:DB:95:81:56:A5
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       504288B3BEDF99BC6A66146A9E5EF2A5961EEB13
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS203899.roa
Signing time:             Fri 15 Dec 2023 01:44:21 +0000
ROA not before:           Fri 15 Dec 2023 01:39:21 +0000
ROA not after:            Fri 13 Dec 2024 01:44:21 +0000
asID:                     203899
IP address blocks:        2a06:a005:1200::/44 maxlen: 48
                          2a06:a005:1210::/44 maxlen: 48
                          2a06:a005:1220::/44 maxlen: 48
                          2a06:a005:1230::/44 maxlen: 48
                          2a06:a005:1240::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 05 May 2024 05:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            50:42:88:b3:be:df:99:bc:6a:66:14:6a:9e:5e:f2:a5:96:1e:eb:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Dec 15 01:39:21 2023 GMT
            Not After : Dec 13 01:44:21 2024 GMT
        Subject: CN=62959F9123A068EC6E9561C502A188DB958156A5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:99:18:9e:a8:08:f9:16:67:7a:34:66:c5:6a:
                    52:fc:da:57:b1:90:de:70:95:d8:7c:75:30:ba:f8:
                    9d:79:15:d4:c4:dc:13:ad:d9:16:71:a2:d8:a2:41:
                    c2:bc:47:c1:2e:16:8a:8c:32:c1:d5:48:e6:95:fa:
                    cd:f8:4d:d8:25:8d:aa:99:f1:8f:1a:ee:60:a3:a5:
                    5c:c3:52:f6:7d:a8:9f:94:1f:29:6b:87:66:cd:d6:
                    71:e7:88:3f:da:ba:bb:74:33:fa:0f:29:42:fa:42:
                    6e:78:60:e2:7e:9f:59:4c:60:56:ea:05:75:ef:f3:
                    1d:c1:13:22:46:49:69:95:47:79:93:63:ed:c5:ec:
                    6f:e4:63:d9:da:e9:3f:77:91:9a:92:15:0c:36:be:
                    3b:76:f1:c0:f6:1b:79:cf:33:b6:0d:40:f1:07:57:
                    ef:4c:10:5f:e9:27:74:d1:b1:b2:89:97:89:c4:ee:
                    5f:c6:7f:55:5d:c2:59:4a:ca:66:40:14:05:9d:9d:
                    7b:e6:5c:df:87:07:be:36:69:68:c5:39:68:44:42:
                    4a:31:93:a6:0b:92:2f:2f:f1:e5:a5:ff:c3:4d:d1:
                    f6:e0:ec:82:7e:a2:f4:82:de:fa:35:56:6d:46:8d:
                    97:a0:1b:d0:ba:3b:d2:c4:01:74:64:31:eb:87:5b:
                    93:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:95:9F:91:23:A0:68:EC:6E:95:61:C5:02:A1:88:DB:95:81:56:A5
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS203899.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:1200::-2a06:a005:124f:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         0e:b8:07:e7:e1:d1:f9:d7:28:b8:e9:df:f7:75:cb:0e:ba:03:
         2e:f7:66:7d:e6:94:72:3e:8a:da:2b:f8:00:c2:89:6c:8a:7d:
         38:2e:a8:13:58:5d:21:75:a9:02:96:f8:b7:5f:91:d5:a3:e2:
         b9:75:31:b4:0a:2b:2d:c1:36:a6:75:d0:95:16:77:7c:26:f4:
         bb:c3:89:ef:a3:a9:a0:f5:1b:b0:be:1d:48:1d:bf:ae:0d:bb:
         b9:e9:14:cc:56:93:5d:ad:dd:44:0d:3e:7a:eb:d5:e4:b5:ba:
         9d:52:2b:fb:c9:c8:a3:77:9a:8a:07:ad:6b:79:74:7c:be:28:
         b4:e8:3a:99:4d:03:5a:08:98:43:76:10:b9:4f:70:e0:d2:5a:
         60:2d:af:7d:d7:78:eb:92:f5:70:41:96:7e:87:61:d5:f5:23:
         9e:15:72:2a:5e:a9:a2:0d:94:93:0b:5a:34:46:61:5a:27:bb:
         db:54:ec:68:81:96:74:f1:5f:28:5b:62:5d:0c:34:02:11:46:
         8b:ba:d1:b1:55:29:71:2a:96:cc:d7:de:27:37:dd:31:bb:5b:
         80:45:30:bb:63:04:d8:bd:34:e9:70:95:9f:50:31:fc:ec:c1:
         94:5b:11:5b:b8:b2:5a:2a:e6:fb:2b:ca:ea:49:53:8b:b1:a0:
         5d:ce:61:9f
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIUUEKIs77fmbxqZhRqnl7ypZYe6xMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzEyMTUwMTM5MjFaFw0yNDEyMTMwMTQ0MjFaMDMxMTAvBgNV
BAMTKDYyOTU5RjkxMjNBMDY4RUM2RTk1NjFDNTAyQTE4OERCOTU4MTU2QTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2mRieqAj5Fmd6NGbFalL82lex
kN5wldh8dTC6+J15FdTE3BOt2RZxotiiQcK8R8EuFoqMMsHVSOaV+s34TdgljaqZ
8Y8a7mCjpVzDUvZ9qJ+UHylrh2bN1nHniD/aurt0M/oPKUL6Qm54YOJ+n1lMYFbq
BXXv8x3BEyJGSWmVR3mTY+3F7G/kY9na6T93kZqSFQw2vjt28cD2G3nPM7YNQPEH
V+9MEF/pJ3TRsbKJl4nE7l/Gf1VdwllKymZAFAWdnXvmXN+HB742aWjFOWhEQkox
k6YLki8v8eWl/8NN0fbg7IJ+ovSC3vo1Vm1GjZegG9C6O9LEAXRkMeuHW5NfAgMB
AAGjggH8MIIB+DAdBgNVHQ4EFgQUYpWfkSOgaOxulWHFAqGI25WBVqUwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjAzODk5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEH
AQH/BB0wGzAZBAIAAjATMBEDBgEqBqAFEgMHBCoGoAUSQDANBgkqhkiG9w0BAQsF
AAOCAQEADrgH5+HR+dcouOnf93XLDroDLvdmfeaUcj6K2iv4AMKJbIp9OC6oE1hd
IXWpApb4t1+R1aPiuXUxtAorLcE2pnXQlRZ3fCb0u8OJ76OpoPUbsL4dSB2/rg27
uekUzFaTXa3dRA0+euvV5LW6nVIr+8nIo3eaigeta3l0fL4otOg6mU0DWgiYQ3YQ
uU9w4NJaYC2vfdd465L1cEGWfodh1fUjnhVyKl6pog2UkwtaNEZhWie721TsaIGW
dPFfKFtiXQw0AhFGi7rRsVUpcSqWzNfeJzfdMbtbgEUwu2ME2L006XCVn1Ax/OzB
lFsRW7iyWirm+yvK6klTi7GgXc5hnw==
-----END CERTIFICATE-----