Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS204901.roa
File:                     AS204901.roa (raw, json)
Hash identifier:          8tiLC3wxiUiNOLwJqqWLYClT4E6tpKcKX8XI6AoHfvY=
Subject key identifier:   DF:18:52:A2:0D:E6:48:A0:1A:07:C4:5F:49:D5:69:43:A0:AD:35:7F
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       2C695A92E25FB2FFA2C00D5D40A507F7D1D14118
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS204901.roa
Signing time:             Sun 24 Dec 2023 21:44:21 +0000
ROA not before:           Sun 24 Dec 2023 21:39:21 +0000
ROA not after:            Sun 22 Dec 2024 21:44:21 +0000
asID:                     204901
IP address blocks:        2a06:a005:1690::/44 maxlen: 48
                          2a06:a005:1c20::/44 maxlen: 48
                          2a06:a005:2600::/44 maxlen: 48
                          2a06:a005:2830::/44 maxlen: 48
                          2a06:a005:2840::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 23:17:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2c:69:5a:92:e2:5f:b2:ff:a2:c0:0d:5d:40:a5:07:f7:d1:d1:41:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Dec 24 21:39:21 2023 GMT
            Not After : Dec 22 21:44:21 2024 GMT
        Subject: CN=DF1852A20DE648A01A07C45F49D56943A0AD357F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:3e:40:d6:f2:87:27:46:bc:5b:0f:2c:98:3b:
                    c4:f3:de:b9:eb:b5:ba:0b:e4:46:16:52:f6:f3:61:
                    51:85:a3:44:d4:ee:f1:f7:d7:32:f4:53:15:60:6c:
                    72:8e:cc:6c:40:56:16:28:77:d6:92:20:66:22:9b:
                    6b:89:19:4c:4f:f4:52:56:00:d4:1d:cf:57:19:9a:
                    25:0f:c4:02:3f:c1:69:93:47:54:ae:4b:89:f5:6a:
                    49:f3:d6:72:36:38:ba:6c:bd:2b:fb:cf:2c:e2:0f:
                    79:8f:f4:00:47:df:a3:f8:13:2b:4c:2c:a1:85:07:
                    1a:94:1d:48:47:55:cd:f4:b6:73:ac:0c:e8:c2:46:
                    e0:b7:e0:1d:8d:7e:16:78:8b:33:74:65:c4:a2:e4:
                    f2:9f:25:4b:3a:6e:25:8d:5b:2f:98:54:ae:a2:2f:
                    70:ac:10:52:dd:76:2c:fb:44:a8:ec:54:b8:a2:00:
                    c6:6b:1f:b8:bc:c5:43:57:aa:fb:c4:46:48:fa:74:
                    ae:ce:75:78:f2:e9:12:ff:a2:8f:18:16:85:12:94:
                    ba:22:b0:32:4b:9e:7e:92:48:cb:1f:db:5a:c3:d1:
                    bc:89:bc:a2:a2:2b:a7:58:ea:d8:46:2c:25:38:04:
                    10:bc:0a:bf:e5:0d:26:96:a7:9c:bd:15:7f:29:be:
                    f0:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:18:52:A2:0D:E6:48:A0:1A:07:C4:5F:49:D5:69:43:A0:AD:35:7F
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS204901.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:1690::/44
                  2a06:a005:1c20::/44
                  2a06:a005:2600::/44
                  2a06:a005:2830::-2a06:a005:284f:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         ac:d5:61:67:f5:bd:e5:3e:af:53:8d:43:b1:63:50:e7:98:33:
         a8:71:88:ea:20:4d:3d:d0:f2:a5:ce:5d:47:d1:a5:d2:67:35:
         14:4f:92:35:55:55:5b:e3:41:c6:1c:a9:94:63:e9:d8:ca:15:
         fa:77:c5:f6:60:80:78:56:25:bf:96:74:f4:04:f4:d3:2d:d3:
         bf:30:58:4e:b3:a2:01:d5:a3:ee:61:1b:fa:cf:aa:b9:6c:13:
         aa:fb:19:b3:85:d5:3a:a2:4c:7e:bf:2f:05:ac:0b:c5:87:dd:
         92:99:30:95:fb:f8:36:63:20:83:0e:66:e9:c7:c0:ee:9f:6d:
         1c:cc:94:b3:71:50:2a:1c:1a:ac:7a:21:90:b4:9c:97:40:1b:
         7a:f4:f5:68:27:56:95:65:a4:1d:e6:e3:c8:17:f8:3e:39:5e:
         60:b4:94:fa:6d:f2:62:a6:d9:0a:61:90:c6:29:d9:53:28:16:
         04:d1:b5:d6:df:24:8b:d1:6b:e9:2e:bb:c2:b7:9d:39:d1:1f:
         19:c0:66:3a:d8:78:03:b4:62:3d:ff:08:ed:4f:ac:60:d8:80:
         8e:9f:37:c7:fc:94:2c:b1:8d:1e:1a:07:96:06:0e:b9:d2:e1:
         e1:c9:e7:d4:bd:c8:f1:4b:fa:fa:15:96:77:89:ab:eb:3a:fa:
         55:2a:37:6a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgIULGlakuJfsv+iwA1dQKUH99HRQRgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzEyMjQyMTM5MjFaFw0yNDEyMjIyMTQ0MjFaMDMxMTAvBgNV
BAMTKERGMTg1MkEyMERFNjQ4QTAxQTA3QzQ1RjQ5RDU2OTQzQTBBRDM1N0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWPkDW8ocnRrxbDyyYO8Tz3rnr
tboL5EYWUvbzYVGFo0TU7vH31zL0UxVgbHKOzGxAVhYod9aSIGYim2uJGUxP9FJW
ANQdz1cZmiUPxAI/wWmTR1SuS4n1aknz1nI2OLpsvSv7zyziD3mP9ABH36P4EytM
LKGFBxqUHUhHVc30tnOsDOjCRuC34B2NfhZ4izN0ZcSi5PKfJUs6biWNWy+YVK6i
L3CsEFLddiz7RKjsVLiiAMZrH7i8xUNXqvvERkj6dK7OdXjy6RL/oo8YFoUSlLoi
sDJLnn6SSMsf21rD0byJvKKiK6dY6thGLCU4BBC8Cr/lDSaWp5y9FX8pvvBzAgMB
AAGjggIYMIICFDAdBgNVHQ4EFgQU3xhSog3mSKAaB8RfSdVpQ6CtNX8wHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjA0OTAxLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEH
AQH/BDkwNzA1BAIAAjAvAwcEKgagBRaQAwcEKgagBRwgAwcEKgagBSYAMBIDBwQq
BqAFKDADBwQqBqAFKEAwDQYJKoZIhvcNAQELBQADggEBAKzVYWf1veU+r1ONQ7Fj
UOeYM6hxiOogTT3Q8qXOXUfRpdJnNRRPkjVVVVvjQcYcqZRj6djKFfp3xfZggHhW
Jb+WdPQE9NMt078wWE6zogHVo+5hG/rPqrlsE6r7GbOF1TqiTH6/LwWsC8WH3ZKZ
MJX7+DZjIIMOZunHwO6fbRzMlLNxUCocGqx6IZC0nJdAG3r09WgnVpVlpB3m48gX
+D45XmC0lPpt8mKm2QphkMYp2VMoFgTRtdbfJIvRa+kuu8K3nTnRHxnAZjrYeAO0
Yj3/CO1PrGDYgI6fN8f8lCyxjR4aB5YGDrnS4eHJ59S9yPFL+voVlneJq+s6+lUq
N2o=
-----END CERTIFICATE-----
Generated at Fri Nov 22 08:01:55 2024 by rpki-client on console-ams.rpki-client.org