Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS205212.roa
File:                     AS205212.roa (raw, json)
Hash identifier:          LFBYTFkbKtpohmVrV7NJtYBFkylRP5+tqbBLXr5KzNo=
Subject key identifier:   D8:57:93:69:2C:4B:7D:42:ED:FE:08:CA:49:B1:AF:93:70:7B:39:54
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       374E38676B1DBC20651C74ECFF3E0DB6BD0A5973
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS205212.roa
Signing time:             Fri 12 Jan 2024 23:44:21 +0000
ROA not before:           Fri 12 Jan 2024 23:39:21 +0000
ROA not after:            Fri 10 Jan 2025 23:44:21 +0000
asID:                     205212
IP address blocks:        2a06:a005:1f70::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 26 Nov 2024 16:12:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            37:4e:38:67:6b:1d:bc:20:65:1c:74:ec:ff:3e:0d:b6:bd:0a:59:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Jan 12 23:39:21 2024 GMT
            Not After : Jan 10 23:44:21 2025 GMT
        Subject: CN=D85793692C4B7D42EDFE08CA49B1AF93707B3954
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:7c:30:bb:99:a4:ef:2d:1c:13:5b:3f:c5:ec:
                    14:43:a6:1d:16:e0:67:d1:78:04:58:db:91:54:d2:
                    79:82:4f:ae:ea:d7:5c:9f:28:47:f3:22:7c:75:73:
                    e5:6b:9f:fd:7d:7c:1e:07:8f:df:98:5b:41:5d:47:
                    00:a9:f5:57:56:59:37:d3:00:8f:63:77:53:25:ff:
                    59:e7:6a:cc:5d:3b:86:36:b2:56:f5:c1:f2:0c:82:
                    e2:93:2f:14:34:dd:88:58:8b:c3:1c:3b:8c:ee:ca:
                    68:d7:be:cb:14:56:c6:b5:b2:cc:74:61:33:b6:7f:
                    28:4e:e2:13:1e:3a:cd:7a:17:94:ac:fa:54:98:36:
                    e0:eb:f8:43:96:3c:99:13:25:8a:48:80:04:79:17:
                    02:da:31:37:2e:6f:54:b3:74:9a:41:6b:35:b8:71:
                    80:37:ec:d9:cb:91:9a:8d:8f:ff:89:be:e7:55:d5:
                    b4:dc:31:52:25:9c:68:48:f5:d5:2b:15:fe:4d:7a:
                    50:7f:7e:22:42:72:a1:ac:a5:01:c2:af:e0:bd:20:
                    b5:60:f2:06:32:36:31:df:19:ad:e9:11:75:88:a8:
                    2f:76:a5:23:a5:8b:59:e6:02:6e:0e:ee:df:b2:ff:
                    9f:49:98:13:2d:d0:07:6a:51:55:50:5e:41:2f:59:
                    6a:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:57:93:69:2C:4B:7D:42:ED:FE:08:CA:49:B1:AF:93:70:7B:39:54
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS205212.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:1f70::/44

    Signature Algorithm: sha256WithRSAEncryption
         52:ee:47:11:d6:16:a2:1e:e3:ad:a5:13:fd:4b:ac:66:83:86:
         c6:88:4e:36:c7:28:3c:44:e0:17:d9:c0:47:33:85:2e:2c:6a:
         2d:dd:59:57:1e:48:c3:f2:4b:d3:0b:b6:5b:e9:66:be:9a:b0:
         12:8f:0b:93:40:93:68:6d:46:8f:7f:88:0b:af:bc:be:7b:13:
         1b:02:2d:4d:14:f1:23:34:4e:98:5c:68:90:69:c2:26:e5:f0:
         53:26:14:7f:68:f4:a9:87:bd:31:81:86:52:91:9e:17:12:dd:
         22:54:71:21:13:5e:40:aa:ce:ec:7d:eb:ad:b9:11:24:81:81:
         ce:d9:5e:f1:30:97:2f:82:bb:33:30:92:ed:54:84:12:fa:26:
         71:8c:14:38:b3:46:ed:47:a0:68:5b:19:eb:e8:4b:5e:d1:1d:
         ed:53:5b:c2:f5:77:3e:14:72:02:e4:c0:60:7b:d9:07:70:91:
         b4:17:b8:1a:36:2e:83:79:d0:e6:18:6f:6f:f6:bd:ec:5c:db:
         47:39:15:61:a7:44:ed:77:c8:eb:19:af:aa:d8:80:f3:49:54:
         28:3b:06:e4:2c:de:26:f7:0e:90:55:23:f0:a4:88:07:96:b6:
         45:07:83:f1:2f:d5:de:28:5b:5d:2f:76:0c:84:7d:dd:8c:ba:
         30:99:fd:b7
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUN044Z2sdvCBlHHTs/z4Ntr0KWXMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDAxMTIyMzM5MjFaFw0yNTAxMTAyMzQ0MjFaMDMxMTAvBgNV
BAMTKEQ4NTc5MzY5MkM0QjdENDJFREZFMDhDQTQ5QjFBRjkzNzA3QjM5NTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDhfDC7maTvLRwTWz/F7BRDph0W
4GfReARY25FU0nmCT67q11yfKEfzInx1c+Vrn/19fB4Hj9+YW0FdRwCp9VdWWTfT
AI9jd1Ml/1nnasxdO4Y2slb1wfIMguKTLxQ03YhYi8McO4zuymjXvssUVsa1ssx0
YTO2fyhO4hMeOs16F5Ss+lSYNuDr+EOWPJkTJYpIgAR5FwLaMTcub1SzdJpBazW4
cYA37NnLkZqNj/+JvudV1bTcMVIlnGhI9dUrFf5NelB/fiJCcqGspQHCr+C9ILVg
8gYyNjHfGa3pEXWIqC92pSOli1nmAm4O7t+y/59JmBMt0AdqUVVQXkEvWWrtAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQU2FeTaSxLfULt/gjKSbGvk3B7OVQwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjA1MjEyLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcEKgagBR9wMA0GCSqGSIb3DQEBCwUAA4IBAQBS7kcR
1haiHuOtpRP9S6xmg4bGiE42xyg8ROAX2cBHM4UuLGot3VlXHkjD8kvTC7Zb6Wa+
mrASjwuTQJNobUaPf4gLr7y+exMbAi1NFPEjNE6YXGiQacIm5fBTJhR/aPSph70x
gYZSkZ4XEt0iVHEhE15Aqs7sfeutuREkgYHO2V7xMJcvgrszMJLtVIQS+iZxjBQ4
s0btR6BoWxnr6Ete0R3tU1vC9Xc+FHIC5MBge9kHcJG0F7gaNi6DedDmGG9v9r3s
XNtHORVhp0Ttd8jrGa+q2IDzSVQoOwbkLN4m9w6QVSPwpIgHlrZFB4PxL9XeKFtd
L3YMhH3djLowmf23
-----END CERTIFICATE-----
Generated at Mon Nov 25 21:33:10 2024 by rpki-client on console-ams.rpki-client.org