Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS204693.roa
File:                     AS204693.roa (raw, json)
Hash identifier:          zaQuUUCMWeSclipOKjP4Sf5yWtkYP2oh8pXspEx7EOY=
Subject key identifier:   D6:F9:48:EC:A3:0A:C0:1F:BC:88:29:85:5F:55:C4:CF:47:63:93:58
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       5E80A460624B307D0699AD592BC0DCB69557A62E
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS204693.roa
Signing time:             Tue 05 Nov 2024 03:40:10 +0000
ROA not before:           Tue 05 Nov 2024 03:35:10 +0000
ROA not after:            Tue 04 Nov 2025 03:40:10 +0000
asID:                     204693
IP address blocks:        2a06:a005:ce0::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 23:17:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5e:80:a4:60:62:4b:30:7d:06:99:ad:59:2b:c0:dc:b6:95:57:a6:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Nov  5 03:35:10 2024 GMT
            Not After : Nov  4 03:40:10 2025 GMT
        Subject: CN=D6F948ECA30AC01FBC8829855F55C4CF47639358
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:ed:b0:af:15:0d:f0:ac:b2:eb:ab:fe:7e:8f:
                    81:43:f4:fd:36:06:93:a3:0e:88:fa:ed:cb:5e:38:
                    71:44:38:e8:19:d4:1a:55:af:d4:10:91:aa:d9:c1:
                    18:cc:94:e8:5e:e6:c6:59:18:3f:80:36:1d:b5:e2:
                    ac:5b:78:94:11:2c:50:68:8f:90:86:bf:15:c5:cd:
                    4a:82:e1:79:3f:ed:48:bc:92:17:33:0e:39:51:fb:
                    48:30:00:38:30:5b:5d:3f:b1:d5:80:b4:ad:e1:bd:
                    bb:d8:54:9c:f3:93:24:e7:7a:bc:5b:60:cb:53:26:
                    fd:e0:22:69:64:75:31:c2:76:28:b1:fa:11:5a:82:
                    73:0d:ee:7d:c9:f8:6b:cb:8c:50:59:4f:b4:63:da:
                    28:38:52:4b:60:cb:2c:f8:b3:84:50:b5:54:23:28:
                    17:3c:be:1e:88:fd:fe:51:6a:fe:39:9e:ae:da:94:
                    9c:f9:c9:58:63:7c:0e:d3:42:86:25:d9:48:95:d5:
                    b9:cf:7c:38:e3:2f:8d:71:27:4e:3b:d6:2a:b2:3c:
                    6e:1c:fe:5f:ef:34:e0:2f:6f:d9:93:ca:11:dc:44:
                    5f:5c:87:bf:f0:73:58:6f:a5:b8:a6:50:34:94:43:
                    e1:e6:fa:1c:46:17:97:8b:c5:c9:2a:e1:30:56:fb:
                    50:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:F9:48:EC:A3:0A:C0:1F:BC:88:29:85:5F:55:C4:CF:47:63:93:58
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS204693.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:ce0::/44

    Signature Algorithm: sha256WithRSAEncryption
         74:f3:aa:0f:d4:f9:dd:b1:48:b4:d8:49:b5:60:25:63:95:13:
         60:12:c4:44:9c:99:c1:f5:c4:cf:53:e7:c2:3b:c3:ae:51:b2:
         fb:17:0a:bc:85:6c:e0:92:cf:3e:fe:f6:a6:26:bb:3a:d4:bc:
         6e:91:9b:ee:3a:aa:68:85:ea:5d:00:7e:de:b7:f1:b5:82:bd:
         75:a6:87:e1:91:40:1b:60:8f:20:7f:01:1b:c5:1a:6a:d7:4a:
         91:a7:fe:5b:4c:1c:55:79:2d:4f:83:94:e6:b4:56:01:4f:d0:
         60:4c:8f:1c:cf:2c:46:1c:14:82:71:1c:be:8a:f8:d8:f9:e5:
         43:47:d6:c0:04:64:53:90:87:53:7e:3c:dd:64:3b:5b:9c:dd:
         6f:65:66:03:e6:bd:21:5c:d5:10:13:bc:5b:37:86:4d:3e:11:
         fc:38:4c:aa:af:23:91:90:f0:1a:d4:c5:58:9e:8d:81:94:0f:
         99:0f:15:3c:5c:da:9c:02:59:63:39:21:f6:98:43:71:05:1d:
         cb:cb:3c:1f:bc:54:dd:f0:db:2b:86:90:57:43:1f:ee:b6:7d:
         4a:31:a6:53:3b:b4:29:16:b0:95:9b:2e:4a:ea:79:48:46:8c:
         1a:19:59:0e:23:35:86:96:b1:c2:56:8c:a7:65:30:77:aa:de:
         34:af:7b:e9
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUXoCkYGJLMH0Gma1ZK8DctpVXpi4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDExMDUwMzM1MTBaFw0yNTExMDQwMzQwMTBaMDMxMTAvBgNV
BAMTKEQ2Rjk0OEVDQTMwQUMwMUZCQzg4Mjk4NTVGNTVDNENGNDc2MzkzNTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDE7bCvFQ3wrLLrq/5+j4FD9P02
BpOjDoj67cteOHFEOOgZ1BpVr9QQkarZwRjMlOhe5sZZGD+ANh214qxbeJQRLFBo
j5CGvxXFzUqC4Xk/7Ui8khczDjlR+0gwADgwW10/sdWAtK3hvbvYVJzzkyTnerxb
YMtTJv3gImlkdTHCdiix+hFagnMN7n3J+GvLjFBZT7Rj2ig4Uktgyyz4s4RQtVQj
KBc8vh6I/f5Rav45nq7alJz5yVhjfA7TQoYl2UiV1bnPfDjjL41xJ0471iqyPG4c
/l/vNOAvb9mTyhHcRF9ch7/wc1hvpbimUDSUQ+Hm+hxGF5eLxckq4TBW+1DJAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQU1vlI7KMKwB+8iCmFX1XEz0djk1gwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjA0NjkzLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcEKgagBQzgMA0GCSqGSIb3DQEBCwUAA4IBAQB086oP
1PndsUi02Em1YCVjlRNgEsREnJnB9cTPU+fCO8OuUbL7Fwq8hWzgks8+/vamJrs6
1LxukZvuOqpohepdAH7et/G1gr11pofhkUAbYI8gfwEbxRpq10qRp/5bTBxVeS1P
g5TmtFYBT9BgTI8czyxGHBSCcRy+ivjY+eVDR9bABGRTkIdTfjzdZDtbnN1vZWYD
5r0hXNUQE7xbN4ZNPhH8OEyqryORkPAa1MVYno2BlA+ZDxU8XNqcAlljOSH2mENx
BR3LyzwfvFTd8NsrhpBXQx/utn1KMaZTO7QpFrCVmy5K6nlIRowaGVkOIzWGlrHC
VoynZTB3qt40r3vp
-----END CERTIFICATE-----