Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS205965.roa
File:                     AS205965.roa (raw, json)
Hash identifier:          os+6DueA9WiRz/mLEURVyQ81Q0F00o1q/GuyuEoaxi4=
Subject key identifier:   5B:51:C4:82:14:C0:28:D3:56:E9:48:38:0C:6E:D9:E9:B3:9D:0B:B0
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       24C20096DD7042A2226F5BB0B8BDE6C1CAB2A413
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS205965.roa
Signing time:             Tue 05 Nov 2024 03:40:08 +0000
ROA not before:           Tue 05 Nov 2024 03:35:08 +0000
ROA not after:            Tue 04 Nov 2025 03:40:08 +0000
asID:                     205965
IP address blocks:        2a06:a005:2240::/44 maxlen: 48
                          2a06:a005:23a0::/44 maxlen: 48
                          2a06:a005:2410::/44 maxlen: 48
                          2a06:a005:2420::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 26 Nov 2024 16:12:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            24:c2:00:96:dd:70:42:a2:22:6f:5b:b0:b8:bd:e6:c1:ca:b2:a4:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Nov  5 03:35:08 2024 GMT
            Not After : Nov  4 03:40:08 2025 GMT
        Subject: CN=5B51C48214C028D356E948380C6ED9E9B39D0BB0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:95:6b:58:36:5c:be:9d:88:9b:28:70:6f:ab:
                    97:de:91:88:1c:ba:87:f2:bf:0c:33:5a:aa:ab:37:
                    3a:a7:7a:15:46:21:fc:87:13:f8:ec:39:95:25:f1:
                    e4:da:65:28:6b:54:ad:ed:4f:c3:1c:9b:91:eb:34:
                    33:bc:9f:7f:bf:4d:40:82:77:ba:6a:e6:f8:28:af:
                    c7:63:d5:39:4a:3d:e4:0a:0f:1b:66:d0:38:be:c3:
                    f2:97:06:de:2f:dd:2d:20:e2:43:b0:f4:14:00:21:
                    42:75:62:c7:ff:42:f6:8c:30:77:d7:a3:97:80:88:
                    ae:c6:90:9e:ce:ff:d1:d1:ee:25:c4:e8:4b:38:28:
                    c1:3e:e4:24:9e:61:5c:40:86:79:29:00:f1:3a:2d:
                    ea:52:8e:3e:0a:a1:48:e4:68:11:4c:40:19:6e:bb:
                    87:62:32:56:c0:b2:02:1a:10:e8:40:6d:8a:61:f0:
                    94:c9:3b:1e:54:c2:8b:9f:05:17:93:a0:d7:41:f2:
                    1f:d3:74:27:02:03:08:a9:b9:b8:67:46:d6:66:92:
                    c0:4b:36:ab:8b:4b:bc:84:53:c4:ad:5f:f9:35:9d:
                    1b:f4:27:c8:ec:5e:85:2a:0f:16:a1:d5:ed:3c:e3:
                    bb:40:30:f0:a4:8b:95:50:8e:5d:60:4b:cd:5a:ce:
                    1a:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:51:C4:82:14:C0:28:D3:56:E9:48:38:0C:6E:D9:E9:B3:9D:0B:B0
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS205965.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:2240::/44
                  2a06:a005:23a0::/44
                  2a06:a005:2410::-2a06:a005:242f:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         cc:87:ca:f8:3d:bd:15:f3:59:11:7e:a9:6f:a6:26:7c:f5:b0:
         99:d6:10:ac:6d:fb:10:62:a6:62:c0:08:40:a2:bc:00:38:90:
         a5:eb:2d:8a:1a:d7:15:55:4f:8e:0e:03:4e:e4:95:92:0d:01:
         2b:f1:54:5b:ac:18:64:5a:34:85:22:de:00:5b:25:6f:27:2b:
         63:47:70:c3:34:6f:f1:9a:9d:c6:8a:c4:ab:ce:c0:3e:c9:9e:
         db:96:d2:8b:5f:92:dd:5d:41:04:8a:7d:93:60:5d:58:d8:4b:
         10:cb:b6:04:b8:03:44:63:3f:09:11:41:d5:ac:71:f6:c7:cd:
         47:0e:c9:73:46:1a:bd:0f:c4:2e:05:61:d4:b4:21:e7:a9:4b:
         5a:84:f8:29:20:6a:53:1c:7d:e8:ea:2c:84:c9:fd:e4:4f:d8:
         b4:bc:e3:a5:3e:7a:48:cd:c1:59:61:20:f8:87:5e:05:cd:76:
         68:72:86:60:7b:a9:e5:5b:39:73:1c:69:53:f3:e4:75:ae:5c:
         82:33:a3:bb:6e:55:2f:d5:86:b4:c7:86:8e:3e:fe:53:cc:3d:
         23:07:15:83:71:f7:24:b2:c9:cb:c7:46:40:3b:74:39:74:1e:
         cd:81:f4:b6:ec:a1:fa:dd:13:1a:0a:a8:f4:1f:82:b4:fa:ef:
         c1:43:71:d8
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIUJMIAlt1wQqIib1uwuL3mwcqypBMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDExMDUwMzM1MDhaFw0yNTExMDQwMzQwMDhaMDMxMTAvBgNV
BAMTKDVCNTFDNDgyMTRDMDI4RDM1NkU5NDgzODBDNkVEOUU5QjM5RDBCQjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0lWtYNly+nYibKHBvq5fekYgc
uofyvwwzWqqrNzqnehVGIfyHE/jsOZUl8eTaZShrVK3tT8Mcm5HrNDO8n3+/TUCC
d7pq5vgor8dj1TlKPeQKDxtm0Di+w/KXBt4v3S0g4kOw9BQAIUJ1Ysf/QvaMMHfX
o5eAiK7GkJ7O/9HR7iXE6Es4KME+5CSeYVxAhnkpAPE6LepSjj4KoUjkaBFMQBlu
u4diMlbAsgIaEOhAbYph8JTJOx5UwoufBReToNdB8h/TdCcCAwipubhnRtZmksBL
NquLS7yEU8StX/k1nRv0J8jsXoUqDxah1e0847tAMPCki5VQjl1gS81azhpHAgMB
AAGjggIPMIICCzAdBgNVHQ4EFgQUW1HEghTAKNNW6Ug4DG7Z6bOdC7AwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjA1OTY1LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEH
AQH/BDAwLjAsBAIAAjAmAwcEKgagBSJAAwcEKgagBSOgMBIDBwQqBqAFJBADBwQq
BqAFJCAwDQYJKoZIhvcNAQELBQADggEBAMyHyvg9vRXzWRF+qW+mJnz1sJnWEKxt
+xBipmLACECivAA4kKXrLYoa1xVVT44OA07klZINASvxVFusGGRaNIUi3gBbJW8n
K2NHcMM0b/GancaKxKvOwD7JntuW0otfkt1dQQSKfZNgXVjYSxDLtgS4A0RjPwkR
QdWscfbHzUcOyXNGGr0PxC4FYdS0IeepS1qE+CkgalMcfejqLITJ/eRP2LS846U+
ekjNwVlhIPiHXgXNdmhyhmB7qeVbOXMcaVPz5HWuXIIzo7tuVS/VhrTHho4+/lPM
PSMHFYNx9ySyycvHRkA7dDl0Hs2B9LbsofrdExoKqPQfgrT678FDcdg=
-----END CERTIFICATE-----