Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS205539.roa
File:                     AS205539.roa (raw, json)
Hash identifier:          +o9R1mzAO7Oxu6tx81z1esUFQTfLRUjF7OUgS/uyhGw=
Subject key identifier:   A7:3B:43:32:39:9A:B6:57:CA:80:E0:01:98:EE:7C:CD:33:8A:AC:0B
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       6EC9E37207F32F1E52136C69A7138AB209D40CE4
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS205539.roa
Signing time:             Tue 05 Dec 2023 02:44:13 +0000
ROA not before:           Tue 05 Dec 2023 02:39:13 +0000
ROA not after:            Tue 03 Dec 2024 02:44:13 +0000
asID:                     205539
IP address blocks:        2a06:a005:4df::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 04 May 2024 14:41:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6e:c9:e3:72:07:f3:2f:1e:52:13:6c:69:a7:13:8a:b2:09:d4:0c:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Dec  5 02:39:13 2023 GMT
            Not After : Dec  3 02:44:13 2024 GMT
        Subject: CN=A73B4332399AB657CA80E00198EE7CCD338AAC0B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:d5:f6:1e:fa:98:74:80:7e:fc:96:e5:73:7e:
                    b1:cf:90:84:17:1c:7b:7c:0a:67:93:8b:10:66:e5:
                    f2:20:1a:8a:dd:f7:fe:98:7c:20:ad:2c:85:60:87:
                    d0:f3:2c:26:0b:c5:fd:98:54:27:cb:e9:e0:57:16:
                    05:0a:b7:e2:9f:13:c2:07:94:47:35:46:b9:7c:37:
                    ad:be:cf:37:57:cd:c9:4a:bc:4f:a7:69:71:db:b5:
                    8d:e6:b0:0e:4a:05:93:79:84:1b:60:a4:9a:e3:da:
                    bf:5d:3b:62:73:31:d2:bd:dd:42:04:7a:82:10:09:
                    e8:b5:34:35:c8:67:2e:b8:46:c2:4c:80:95:a0:79:
                    e3:f6:a9:f3:8a:bb:88:f5:45:7a:83:82:88:3b:f6:
                    e1:e8:54:59:96:6c:6e:68:ca:78:0f:a0:a3:31:66:
                    65:5c:c7:61:5c:3b:f0:4e:e4:d4:d8:f2:c2:ce:40:
                    09:50:9c:83:80:ae:37:62:1e:91:bf:f4:c1:4b:8d:
                    75:5e:e9:80:8d:1f:35:7a:e3:17:d5:41:e1:1d:40:
                    89:5c:7a:59:dd:a9:74:e8:74:8d:ae:a3:37:95:5d:
                    4d:04:dc:c9:d2:87:71:35:b0:7d:77:28:95:30:db:
                    03:3b:8d:9e:17:d1:95:74:20:ec:80:cf:d5:cd:7d:
                    da:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:3B:43:32:39:9A:B6:57:CA:80:E0:01:98:EE:7C:CD:33:8A:AC:0B
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS205539.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:4df::/48

    Signature Algorithm: sha256WithRSAEncryption
         d4:cf:af:a8:43:da:99:4b:2e:1f:85:78:91:3c:de:63:11:6c:
         2e:90:17:a3:6c:56:81:07:d6:52:6e:eb:bb:88:fc:c5:e6:f6:
         38:86:2d:f1:21:a5:71:28:45:1a:56:d5:14:07:97:65:f2:78:
         a3:f8:2e:cb:e5:2d:b3:fe:69:03:b0:65:80:27:71:e6:cb:91:
         48:6f:0e:30:ad:d8:ba:cc:11:31:a8:4d:76:31:63:bf:66:3a:
         8d:62:f9:13:36:83:a0:c9:ff:fe:69:bf:0f:d4:11:90:90:1f:
         82:87:30:76:29:13:40:47:ac:90:45:18:5a:15:b4:c1:3f:e1:
         1b:0e:47:51:42:d6:e9:6f:2f:05:f8:cd:f8:45:4a:3c:f6:55:
         21:1f:69:54:fb:34:26:99:0b:82:64:2f:37:5e:6f:62:91:af:
         c8:9d:20:28:76:90:6e:a3:53:fc:6d:7c:ec:1e:e8:c8:11:ea:
         cf:4c:27:31:de:a5:35:81:57:ee:d0:d9:6f:6c:04:ef:d7:ca:
         5b:cf:b3:4e:58:d8:49:a6:fe:e2:0b:97:de:e7:95:43:09:6d:
         82:e7:04:6e:70:bd:79:88:a8:7a:8f:8b:77:c8:6e:d7:f0:3b:
         62:12:d0:22:a5:db:1e:c3:95:54:8e:c1:9f:d1:12:ca:0f:df:
         9a:8f:70:20
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUbsnjcgfzLx5SE2xppxOKsgnUDOQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzEyMDUwMjM5MTNaFw0yNDEyMDMwMjQ0MTNaMDMxMTAvBgNV
BAMTKEE3M0I0MzMyMzk5QUI2NTdDQTgwRTAwMTk4RUU3Q0NEMzM4QUFDMEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDi1fYe+ph0gH78luVzfrHPkIQX
HHt8CmeTixBm5fIgGord9/6YfCCtLIVgh9DzLCYLxf2YVCfL6eBXFgUKt+KfE8IH
lEc1Rrl8N62+zzdXzclKvE+naXHbtY3msA5KBZN5hBtgpJrj2r9dO2JzMdK93UIE
eoIQCei1NDXIZy64RsJMgJWgeeP2qfOKu4j1RXqDgog79uHoVFmWbG5oyngPoKMx
ZmVcx2FcO/BO5NTY8sLOQAlQnIOArjdiHpG/9MFLjXVe6YCNHzV64xfVQeEdQIlc
elndqXTodI2uozeVXU0E3MnSh3E1sH13KJUw2wM7jZ4X0ZV0IOyAz9XNfdoBAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUpztDMjmatlfKgOABmO58zTOKrAswHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjA1NTM5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcAKgagBQTfMA0GCSqGSIb3DQEBCwUAA4IBAQDUz6+o
Q9qZSy4fhXiRPN5jEWwukBejbFaBB9ZSbuu7iPzF5vY4hi3xIaVxKEUaVtUUB5dl
8nij+C7L5S2z/mkDsGWAJ3Hmy5FIbw4wrdi6zBExqE12MWO/ZjqNYvkTNoOgyf/+
ab8P1BGQkB+ChzB2KRNAR6yQRRhaFbTBP+EbDkdRQtbpby8F+M34RUo89lUhH2lU
+zQmmQuCZC83Xm9ika/InSAodpBuo1P8bXzsHujIEerPTCcx3qU1gVfu0NlvbATv
18pbz7NOWNhJpv7iC5fe55VDCW2C5wRucL15iKh6j4t3yG7X8DtiEtAipdsew5VU
jsGf0RLKD9+aj3Ag
-----END CERTIFICATE-----