Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS204069.roa
File:                     AS204069.roa (raw, json)
Hash identifier:          54loyqU+oHKE2/GGK4dopX42HmT/ybd1QJIAEnJQ+v8=
Subject key identifier:   52:7B:03:A5:84:58:8E:D0:F1:81:74:CE:48:8D:7C:B7:DA:8A:01:02
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       1F902FBCC9647451F12AA35B60DD4C7552190505
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS204069.roa
Signing time:             Tue 05 Dec 2023 02:44:19 +0000
ROA not before:           Tue 05 Dec 2023 02:39:19 +0000
ROA not after:            Tue 03 Dec 2024 02:44:19 +0000
asID:                     204069
IP address blocks:        2a06:a005:a14::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 05 May 2024 05:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1f:90:2f:bc:c9:64:74:51:f1:2a:a3:5b:60:dd:4c:75:52:19:05:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Dec  5 02:39:19 2023 GMT
            Not After : Dec  3 02:44:19 2024 GMT
        Subject: CN=527B03A584588ED0F18174CE488D7CB7DA8A0102
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:b0:c6:c9:61:e3:24:a8:91:6d:0e:39:cd:77:
                    a2:d7:88:3a:59:28:a0:8d:fd:38:d7:63:76:b2:ab:
                    6f:79:cc:b3:09:21:3d:9d:75:63:68:dd:53:c7:f1:
                    0a:a7:78:f2:d7:c2:4a:3b:f0:94:e5:34:e2:86:62:
                    e9:f5:2f:46:07:84:85:cc:9c:54:3c:6a:6b:58:85:
                    b9:b6:0e:94:03:d6:e1:4c:42:6f:c4:34:c2:e8:a9:
                    73:27:a4:54:aa:c1:06:b2:60:a3:28:d8:5b:62:86:
                    9b:98:32:22:81:8e:54:2c:8d:21:3a:14:f1:a7:01:
                    5e:e9:31:67:46:b6:fa:01:b6:d8:88:3c:93:27:56:
                    0c:95:29:ec:90:4e:89:f1:6c:86:f3:07:ae:43:ed:
                    4f:bb:45:11:c8:c0:13:f8:10:20:57:90:4c:c4:89:
                    bd:88:41:1b:e2:6d:2a:0f:63:b6:f9:52:7b:b2:fd:
                    4f:03:6b:76:d0:6e:7c:fa:b7:bb:0b:11:14:be:17:
                    3c:35:8e:1c:49:0e:7f:e0:a4:1f:1f:d7:34:85:10:
                    0e:97:a6:42:b8:71:7b:71:03:7c:28:64:c3:7b:e1:
                    97:2e:34:7f:fc:fd:6a:2e:76:7e:1d:e1:a9:cb:e6:
                    10:84:ec:53:9d:3d:c7:cf:3e:f0:4f:bd:a0:0f:b7:
                    c4:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:7B:03:A5:84:58:8E:D0:F1:81:74:CE:48:8D:7C:B7:DA:8A:01:02
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS204069.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:a14::/48

    Signature Algorithm: sha256WithRSAEncryption
         44:c4:b0:42:a7:d7:3b:e7:7f:2e:47:e3:20:2f:0f:22:98:ae:
         de:d0:11:57:90:b2:87:09:13:82:50:ac:45:84:b4:78:8d:fe:
         7c:b5:43:0f:c8:4d:37:aa:9e:6c:7f:8d:2a:cf:c5:ab:d9:df:
         0d:75:2c:38:68:06:c5:bc:66:d4:da:bb:cd:ca:c5:f0:fd:8e:
         20:d0:b1:a4:77:fe:af:2a:bc:45:06:4e:0b:a8:1d:d6:51:ea:
         76:df:4e:0b:5f:b3:2a:ef:d1:64:9f:da:c3:6e:38:e9:86:85:
         18:55:8b:df:6b:d9:26:c3:b1:19:91:dd:18:97:83:f1:50:fa:
         02:bc:cb:39:cf:53:7d:f2:a0:75:db:c4:3d:22:73:ef:89:70:
         c2:54:28:ee:d5:c6:06:2d:95:33:80:b4:f7:62:a3:46:5b:28:
         ff:d9:f3:13:09:fc:a2:92:71:88:9a:17:23:39:1b:b8:2a:06:
         1b:d1:12:9a:ba:34:92:c4:9a:6e:6d:c6:89:84:47:6f:ba:3f:
         c1:a1:8b:8a:17:7c:9b:90:ea:7a:6f:6f:57:70:48:4f:67:c3:
         62:a6:df:b1:69:3f:b6:60:6c:5c:4d:d6:03:04:01:5a:34:67:
         a5:3b:ff:52:b2:f9:1e:14:99:f9:82:7e:ad:0e:f9:4e:c1:9a:
         17:c4:78:a1
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUH5AvvMlkdFHxKqNbYN1MdVIZBQUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzEyMDUwMjM5MTlaFw0yNDEyMDMwMjQ0MTlaMDMxMTAvBgNV
BAMTKDUyN0IwM0E1ODQ1ODhFRDBGMTgxNzRDRTQ4OEQ3Q0I3REE4QTAxMDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2sMbJYeMkqJFtDjnNd6LXiDpZ
KKCN/TjXY3ayq295zLMJIT2ddWNo3VPH8QqnePLXwko78JTlNOKGYun1L0YHhIXM
nFQ8amtYhbm2DpQD1uFMQm/ENMLoqXMnpFSqwQayYKMo2FtihpuYMiKBjlQsjSE6
FPGnAV7pMWdGtvoBttiIPJMnVgyVKeyQTonxbIbzB65D7U+7RRHIwBP4ECBXkEzE
ib2IQRvibSoPY7b5Unuy/U8Da3bQbnz6t7sLERS+Fzw1jhxJDn/gpB8f1zSFEA6X
pkK4cXtxA3woZMN74ZcuNH/8/Woudn4d4anL5hCE7FOdPcfPPvBPvaAPt8R9AgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUUnsDpYRYjtDxgXTOSI18t9qKAQIwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjA0MDY5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcAKgagBQoUMA0GCSqGSIb3DQEBCwUAA4IBAQBExLBC
p9c7538uR+MgLw8imK7e0BFXkLKHCROCUKxFhLR4jf58tUMPyE03qp5sf40qz8Wr
2d8NdSw4aAbFvGbU2rvNysXw/Y4g0LGkd/6vKrxFBk4LqB3WUep2304LX7Mq79Fk
n9rDbjjphoUYVYvfa9kmw7EZkd0Yl4PxUPoCvMs5z1N98qB128Q9InPviXDCVCju
1cYGLZUzgLT3YqNGWyj/2fMTCfyiknGImhcjORu4KgYb0RKaujSSxJpubcaJhEdv
uj/BoYuKF3ybkOp6b29XcEhPZ8Nipt+xaT+2YGxcTdYDBAFaNGelO/9SsvkeFJn5
gn6tDvlOwZoXxHih
-----END CERTIFICATE-----