Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS204844.roa
File:                     AS204844.roa (raw, json)
Hash identifier:          sr7U4R44yI+Sc+evLESqtFEAR9T6xcjQMaeVdf1ZFB4=
Subject key identifier:   A1:3A:2A:DA:FC:79:C2:21:C8:CB:72:83:92:63:A4:72:F8:BC:10:3F
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       08F781F362341D3815319638AA059778D84A49D5
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS204844.roa
Signing time:             Tue 05 Nov 2024 03:40:10 +0000
ROA not before:           Tue 05 Nov 2024 03:35:10 +0000
ROA not after:            Tue 04 Nov 2025 03:40:10 +0000
asID:                     204844
IP address blocks:        2a06:a005:14f0::/44 maxlen: 48
                          2a06:a005:1b40::/44 maxlen: 48
                          2a06:a005:1be0::/44 maxlen: 48
                          2a06:a005:1d60::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 17:16:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            08:f7:81:f3:62:34:1d:38:15:31:96:38:aa:05:97:78:d8:4a:49:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Nov  5 03:35:10 2024 GMT
            Not After : Nov  4 03:40:10 2025 GMT
        Subject: CN=A13A2ADAFC79C221C8CB72839263A472F8BC103F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:6b:2f:39:57:d6:57:23:a0:b2:8a:b2:f4:c1:
                    45:ee:a7:c6:5b:c2:b4:c1:a9:06:5d:69:d8:18:93:
                    43:bb:ec:c2:f1:c8:1e:cb:ff:d3:78:2a:07:cf:4f:
                    4e:75:40:9e:2d:ff:7e:23:73:9f:a3:f2:42:19:67:
                    36:ea:46:2e:d0:3d:52:6a:1e:88:ea:d3:20:d2:66:
                    b7:f4:5e:53:f6:24:fd:79:10:1e:c1:57:c7:c2:8d:
                    a1:a9:00:a9:82:41:db:bd:c3:e8:c5:7a:30:98:d6:
                    17:76:54:b4:17:2e:b0:86:1f:46:46:54:d2:b4:b4:
                    56:0b:72:b6:e0:1d:d0:a1:9f:04:04:bb:21:9d:37:
                    d0:47:b7:61:cc:66:60:e7:27:92:3e:60:3d:8c:7e:
                    d3:4d:cf:5e:25:e5:15:51:3a:d4:f2:f9:86:dd:e4:
                    77:12:94:08:4e:94:b6:d9:2d:e7:b6:43:1f:4c:51:
                    7d:21:24:40:91:ec:eb:3d:49:9d:30:0b:25:b5:8d:
                    39:2a:37:19:9a:7a:73:bd:93:bb:b9:3e:8b:47:fd:
                    6e:56:e3:6f:3f:35:f3:f0:ee:d7:62:c3:90:d6:47:
                    eb:31:bc:6d:a5:1e:af:c1:69:80:ac:59:29:67:d5:
                    49:eb:f4:6d:0d:37:29:5f:9e:b5:21:a5:90:32:07:
                    41:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:3A:2A:DA:FC:79:C2:21:C8:CB:72:83:92:63:A4:72:F8:BC:10:3F
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS204844.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:14f0::/44
                  2a06:a005:1b40::/44
                  2a06:a005:1be0::/44
                  2a06:a005:1d60::/44

    Signature Algorithm: sha256WithRSAEncryption
         c7:6e:f4:b5:df:41:8e:9d:96:0f:0d:1c:22:9b:b4:ee:91:99:
         91:45:43:a5:8e:d7:fc:43:fc:2f:d4:80:f2:f5:2d:88:c0:59:
         4e:e8:b7:21:08:b3:eb:87:6e:f9:d7:77:5b:4f:26:60:b7:58:
         79:80:a2:da:fd:9f:bd:3a:b4:88:fd:bc:ec:4a:96:b2:79:ce:
         80:87:0b:ce:66:e8:eb:5e:08:60:74:47:79:1c:8c:77:54:e9:
         22:21:27:85:65:ef:3c:b8:0e:ff:c9:08:27:12:52:ce:bb:69:
         e0:56:b8:50:a3:d6:4a:b7:79:67:71:45:12:fd:3c:89:d6:ee:
         d9:3f:b9:43:45:f5:24:af:7a:63:20:61:6d:0f:e1:fe:2a:cf:
         c3:f7:22:c0:61:bc:39:5b:d0:c2:b5:f9:23:5d:56:24:8c:60:
         52:a4:03:8c:c9:1d:2f:c5:92:0e:6e:f0:bb:3e:17:ca:69:4f:
         02:e4:e6:44:34:d6:b9:22:2a:e8:62:99:c3:d4:72:86:a5:ad:
         6c:17:e8:c1:eb:e8:ae:95:d5:d2:ca:59:6b:91:b9:9c:81:9f:
         2b:a5:ae:80:cd:b4:56:fa:aa:74:df:88:2a:65:e6:af:08:59:
         11:62:d2:27:77:40:a6:dd:dc:6e:f6:6a:a3:b5:c6:97:32:75:
         30:62:94:82
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUCPeB82I0HTgVMZY4qgWXeNhKSdUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDExMDUwMzM1MTBaFw0yNTExMDQwMzQwMTBaMDMxMTAvBgNV
BAMTKEExM0EyQURBRkM3OUMyMjFDOENCNzI4MzkyNjNBNDcyRjhCQzEwM0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCday85V9ZXI6CyirL0wUXup8Zb
wrTBqQZdadgYk0O77MLxyB7L/9N4KgfPT051QJ4t/34jc5+j8kIZZzbqRi7QPVJq
Hojq0yDSZrf0XlP2JP15EB7BV8fCjaGpAKmCQdu9w+jFejCY1hd2VLQXLrCGH0ZG
VNK0tFYLcrbgHdChnwQEuyGdN9BHt2HMZmDnJ5I+YD2MftNNz14l5RVROtTy+Ybd
5HcSlAhOlLbZLee2Qx9MUX0hJECR7Os9SZ0wCyW1jTkqNxmaenO9k7u5PotH/W5W
428/NfPw7tdiw5DWR+sxvG2lHq/BaYCsWSln1Unr9G0NNylfnrUhpZAyB0E7AgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUoToq2vx5wiHIy3KDkmOkcvi8ED8wHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjA0ODQ0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEH
AQH/BC4wLDAqBAIAAjAkAwcEKgagBRTwAwcEKgagBRtAAwcEKgagBRvgAwcEKgag
BR1gMA0GCSqGSIb3DQEBCwUAA4IBAQDHbvS130GOnZYPDRwim7TukZmRRUOljtf8
Q/wv1IDy9S2IwFlO6LchCLPrh27513dbTyZgt1h5gKLa/Z+9OrSI/bzsSpayec6A
hwvOZujrXghgdEd5HIx3VOkiISeFZe88uA7/yQgnElLOu2ngVrhQo9ZKt3lncUUS
/TyJ1u7ZP7lDRfUkr3pjIGFtD+H+Ks/D9yLAYbw5W9DCtfkjXVYkjGBSpAOMyR0v
xZIObvC7PhfKaU8C5OZENNa5IiroYpnD1HKGpa1sF+jB6+iuldXSyllrkbmcgZ8r
pa6AzbRW+qp034gqZeavCFkRYtInd0Cm3dxu9mqjtcaXMnUwYpSC
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:23 2024 by rpki-client on console-fra.rpki-client.org