Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS205531.roa
File:                     AS205531.roa (raw, json)
Hash identifier:          dSfSC5qekbr/C/UP0+6KJ7xTtae62LTkdziu9CF77GU=
Subject key identifier:   CD:1C:58:AB:E1:AB:E2:3C:2D:3D:96:AE:85:DA:3D:CE:0C:95:8C:79
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       1192B8C16F8CA6371F901DC52C02FE13D8F2F356
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS205531.roa
Signing time:             Tue 05 Nov 2024 03:40:03 +0000
ROA not before:           Tue 05 Nov 2024 03:35:03 +0000
ROA not after:            Tue 04 Nov 2025 03:40:03 +0000
asID:                     205531
IP address blocks:        2a06:a005:a0b::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 23:17:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            11:92:b8:c1:6f:8c:a6:37:1f:90:1d:c5:2c:02:fe:13:d8:f2:f3:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Nov  5 03:35:03 2024 GMT
            Not After : Nov  4 03:40:03 2025 GMT
        Subject: CN=CD1C58ABE1ABE23C2D3D96AE85DA3DCE0C958C79
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:7b:b9:4f:bd:7d:c4:c3:d3:79:46:de:94:3d:
                    36:68:9f:ed:e3:0e:c9:97:bd:7a:95:26:89:24:f9:
                    73:fb:ec:2c:9c:42:22:fe:3b:42:8a:b5:fe:51:c5:
                    6e:66:bf:38:5e:80:ff:ff:e7:ac:3f:7b:44:f2:af:
                    df:28:25:c8:c2:15:e2:07:dc:d0:d8:c0:25:2b:7a:
                    db:2c:83:7b:20:0f:07:b3:1a:6d:90:72:41:0c:4f:
                    41:49:67:be:0d:b8:a4:b9:98:e6:34:79:aa:60:93:
                    b5:51:31:2b:66:61:dd:b8:ec:eb:4b:26:20:93:66:
                    8b:72:76:6d:c7:4e:3e:bc:81:e0:3e:a6:04:3e:43:
                    b9:b1:2a:4e:30:5b:9c:8b:ea:f8:a8:85:1b:d9:40:
                    75:45:c3:b6:68:47:38:5c:ae:8e:02:52:b1:31:6b:
                    80:4e:5f:45:ac:d5:fe:45:d6:54:e0:4c:da:9d:be:
                    87:c5:a0:f1:c5:df:82:96:f1:49:83:f2:ef:b4:d8:
                    b3:ee:9f:ab:8a:1a:85:9a:46:6d:34:aa:22:4d:dc:
                    f7:2b:00:49:35:19:a9:81:32:c8:97:fb:96:ca:e5:
                    99:b1:de:89:f9:cc:bb:f9:b4:a5:61:78:03:d2:fb:
                    9a:33:ba:e4:3d:36:b1:27:ca:15:ee:3c:7a:5e:9a:
                    51:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:1C:58:AB:E1:AB:E2:3C:2D:3D:96:AE:85:DA:3D:CE:0C:95:8C:79
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS205531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:a0b::/48

    Signature Algorithm: sha256WithRSAEncryption
         77:03:4b:9e:ff:29:a8:7a:b6:6b:d7:c6:9f:1a:69:ff:9b:c2:
         95:48:8b:9e:d4:ed:5d:c9:34:e8:1d:a3:c2:31:10:42:52:c9:
         3a:19:fc:d3:bb:77:5d:bd:7a:c0:06:58:a8:05:34:c8:c0:c0:
         78:21:2f:5c:e4:90:66:35:92:da:2c:3c:1b:4b:e2:8d:ab:e5:
         f9:4f:d3:b6:11:a3:88:a3:fa:ce:d9:c4:91:a9:09:dc:97:78:
         dc:47:79:7f:00:d1:ba:63:6a:1c:1d:c4:6f:59:cc:bc:df:7a:
         4a:e8:8b:06:53:85:5c:3c:fc:bd:2e:28:dc:93:f1:f9:e2:3d:
         74:ab:44:c1:e9:65:7c:c7:74:ce:1a:f8:40:44:0a:e2:7c:10:
         c3:b6:a8:0d:82:1e:78:b1:a8:72:8f:24:f0:69:a1:bb:48:5c:
         b3:bf:01:b0:10:5a:55:8a:58:eb:33:38:41:8e:e1:a7:93:dd:
         e7:a7:16:74:94:0f:70:e2:59:62:7b:d4:d0:e0:e4:b5:d4:36:
         45:c8:3a:16:f5:40:45:e8:a0:c1:f1:0d:be:4f:7b:30:df:56:
         8d:09:f9:4d:72:90:a4:a6:bb:1c:ba:21:3e:c5:31:05:fd:4e:
         72:7a:38:c5:e7:50:88:3b:39:ca:6d:84:bd:10:bf:df:3f:0e:
         8b:a0:f5:00
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUEZK4wW+MpjcfkB3FLAL+E9jy81YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDExMDUwMzM1MDNaFw0yNTExMDQwMzQwMDNaMDMxMTAvBgNV
BAMTKENEMUM1OEFCRTFBQkUyM0MyRDNEOTZBRTg1REEzRENFMEM5NThDNzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDle7lPvX3Ew9N5Rt6UPTZon+3j
DsmXvXqVJokk+XP77CycQiL+O0KKtf5RxW5mvzhegP//56w/e0Tyr98oJcjCFeIH
3NDYwCUretssg3sgDwezGm2QckEMT0FJZ74NuKS5mOY0eapgk7VRMStmYd247OtL
JiCTZotydm3HTj68geA+pgQ+Q7mxKk4wW5yL6viohRvZQHVFw7ZoRzhcro4CUrEx
a4BOX0Ws1f5F1lTgTNqdvofFoPHF34KW8UmD8u+02LPun6uKGoWaRm00qiJN3Pcr
AEk1GamBMsiX+5bK5Zmx3on5zLv5tKVheAPS+5ozuuQ9NrEnyhXuPHpemlHvAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUzRxYq+Gr4jwtPZauhdo9zgyVjHkwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjA1NTMxLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcAKgagBQoLMA0GCSqGSIb3DQEBCwUAA4IBAQB3A0ue
/ymoerZr18afGmn/m8KVSIue1O1dyTToHaPCMRBCUsk6GfzTu3ddvXrABlioBTTI
wMB4IS9c5JBmNZLaLDwbS+KNq+X5T9O2EaOIo/rO2cSRqQncl3jcR3l/ANG6Y2oc
HcRvWcy833pK6IsGU4VcPPy9Lijck/H54j10q0TB6WV8x3TOGvhARArifBDDtqgN
gh54sahyjyTwaaG7SFyzvwGwEFpViljrMzhBjuGnk93npxZ0lA9w4llie9TQ4OS1
1DZFyDoW9UBF6KDB8Q2+T3sw31aNCflNcpCkprscuiE+xTEF/U5yejjF51CIOznK
bYS9EL/fPw6LoPUA
-----END CERTIFICATE-----