Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS205214.roa
File:                     AS205214.roa (raw, json)
Hash identifier:          f9ZAPrHkIqfTXMb078SCIZHLvumiAStRqB5flO795OY=
Subject key identifier:   E5:CF:CD:E5:3F:D6:EA:3A:4D:73:9E:55:B1:06:36:A4:75:67:98:08
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       12C7A6ABC54BA57640D4AA100FEF6E41D792CEB5
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS205214.roa
Signing time:             Tue 05 Dec 2023 02:44:11 +0000
ROA not before:           Tue 05 Dec 2023 02:39:11 +0000
ROA not after:            Tue 03 Dec 2024 02:44:11 +0000
asID:                     205214
IP address blocks:        2a06:a005:830::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 04 May 2024 14:41:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            12:c7:a6:ab:c5:4b:a5:76:40:d4:aa:10:0f:ef:6e:41:d7:92:ce:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Dec  5 02:39:11 2023 GMT
            Not After : Dec  3 02:44:11 2024 GMT
        Subject: CN=E5CFCDE53FD6EA3A4D739E55B10636A475679808
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:70:57:1c:ec:c1:23:8e:9b:2d:92:98:62:5a:
                    25:9f:bf:b8:78:cd:e9:00:93:11:ab:3b:12:8b:ca:
                    0c:e6:52:b4:2e:55:61:de:23:97:07:1e:6c:1d:eb:
                    11:d6:6d:e7:b9:c8:8c:6f:64:fa:0f:f6:5a:94:87:
                    d7:45:a8:d0:c2:7e:10:a1:99:0f:4f:96:ca:53:a4:
                    a5:5e:b9:ff:3a:21:b8:f0:55:3a:ea:04:da:80:a0:
                    e0:95:90:06:0d:66:a3:0a:91:ef:56:5a:5e:46:b2:
                    54:57:db:b6:09:f5:89:99:63:83:6c:89:40:4d:c6:
                    33:15:8a:04:73:d4:4a:10:af:59:0a:b0:9c:e5:16:
                    b6:70:d0:1e:50:57:8a:e3:3e:4d:47:33:a9:a7:14:
                    ca:cb:e3:ee:99:fa:64:44:b0:cf:71:d3:56:b1:8b:
                    43:73:22:e7:ec:06:bd:7a:b7:20:30:98:d2:f0:0e:
                    bc:8c:85:33:fc:95:72:0f:b3:3c:5a:3f:0f:b0:b5:
                    a6:3b:e5:9f:a3:a5:f8:a5:6d:fe:b7:a8:96:8b:e0:
                    23:74:49:7c:29:30:c9:fa:6a:d3:3a:a1:99:f3:0b:
                    94:6c:2b:1e:88:6a:b7:2b:99:d7:de:0f:52:91:a3:
                    dc:39:b5:ac:16:a4:a5:df:9d:d0:37:c1:ca:f8:73:
                    8a:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:CF:CD:E5:3F:D6:EA:3A:4D:73:9E:55:B1:06:36:A4:75:67:98:08
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS205214.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:830::/44

    Signature Algorithm: sha256WithRSAEncryption
         3f:87:c1:bd:89:d5:46:b4:e3:25:b1:ce:2e:b6:49:f0:f5:de:
         57:83:99:a1:dd:d4:96:9a:f6:da:46:c3:8c:f4:ca:ec:a7:f7:
         55:e2:03:c2:bc:28:2c:f7:48:89:e2:8e:db:7b:14:fe:34:b7:
         80:b3:24:0b:70:d2:0e:3f:1e:ed:a1:1e:1e:e6:67:64:66:00:
         c5:79:48:15:28:28:34:c6:b5:23:0e:94:62:96:57:9c:22:5d:
         ec:34:ff:01:c8:a3:43:11:3a:0a:08:c9:3c:32:43:7e:33:42:
         40:d6:a6:6c:fe:da:c2:9a:61:f1:5b:ac:f3:d8:a8:13:fa:61:
         b3:f1:73:a0:a1:f4:1b:88:ee:ca:88:f8:b8:67:7d:58:d9:ac:
         69:29:4f:ee:f2:ba:b6:4e:64:31:b7:86:81:40:3c:05:2e:40:
         76:3c:0d:0a:8d:80:95:b0:ea:e1:67:a6:a2:9a:13:9e:bf:6c:
         cd:d2:4b:fa:bb:8c:a7:a0:59:75:ec:59:66:5f:85:74:d1:8c:
         f5:cf:cc:d1:9d:d1:c1:e1:4a:e3:26:38:d3:ad:36:9e:56:7c:
         5d:6d:a0:51:85:90:59:86:5b:58:16:91:e0:c2:93:b3:a6:a9:
         d0:b7:f5:bf:83:aa:41:66:47:e0:71:6d:6b:21:ae:84:cf:d8:
         a0:96:12:8b
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUEsemq8VLpXZA1KoQD+9uQdeSzrUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzEyMDUwMjM5MTFaFw0yNDEyMDMwMjQ0MTFaMDMxMTAvBgNV
BAMTKEU1Q0ZDREU1M0ZENkVBM0E0RDczOUU1NUIxMDYzNkE0NzU2Nzk4MDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpcFcc7MEjjpstkphiWiWfv7h4
zekAkxGrOxKLygzmUrQuVWHeI5cHHmwd6xHWbee5yIxvZPoP9lqUh9dFqNDCfhCh
mQ9PlspTpKVeuf86IbjwVTrqBNqAoOCVkAYNZqMKke9WWl5GslRX27YJ9YmZY4Ns
iUBNxjMVigRz1EoQr1kKsJzlFrZw0B5QV4rjPk1HM6mnFMrL4+6Z+mREsM9x01ax
i0NzIufsBr16tyAwmNLwDryMhTP8lXIPszxaPw+wtaY75Z+jpfilbf63qJaL4CN0
SXwpMMn6atM6oZnzC5RsKx6IarcrmdfeD1KRo9w5tawWpKXfndA3wcr4c4pTAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQU5c/N5T/W6jpNc55VsQY2pHVnmAgwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjA1MjE0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcEKgagBQgwMA0GCSqGSIb3DQEBCwUAA4IBAQA/h8G9
idVGtOMlsc4utknw9d5Xg5mh3dSWmvbaRsOM9Mrsp/dV4gPCvCgs90iJ4o7bexT+
NLeAsyQLcNIOPx7toR4e5mdkZgDFeUgVKCg0xrUjDpRillecIl3sNP8ByKNDEToK
CMk8MkN+M0JA1qZs/trCmmHxW6zz2KgT+mGz8XOgofQbiO7KiPi4Z31Y2axpKU/u
8rq2TmQxt4aBQDwFLkB2PA0KjYCVsOrhZ6aimhOev2zN0kv6u4ynoFl17FlmX4V0
0Yz1z8zRndHB4UrjJjjTrTaeVnxdbaBRhZBZhltYFpHgwpOzpqnQt/W/g6pBZkfg
cW1rIa6Ez9iglhKL
-----END CERTIFICATE-----