Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS205965.roa
File:                     AS205965.roa (raw, json)
Hash identifier:          tjWif+xvcHgn5AeWka331nF5cQSYiALftYxvhdye7SI=
Subject key identifier:   FE:86:6A:0C:BE:4A:D3:E5:A2:8C:A4:E9:A1:7D:B9:3A:21:5A:D7:C9
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       04CF252421CDE1294B354175D55349803EC173E7
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS205965.roa
Signing time:             Tue 05 Dec 2023 02:44:15 +0000
ROA not before:           Tue 05 Dec 2023 02:39:15 +0000
ROA not after:            Tue 03 Dec 2024 02:44:15 +0000
asID:                     205965
IP address blocks:        2a06:a005:2240::/44 maxlen: 48
                          2a06:a005:23a0::/44 maxlen: 48
                          2a06:a005:2410::/44 maxlen: 48
                          2a06:a005:2420::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 04 May 2024 14:41:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:cf:25:24:21:cd:e1:29:4b:35:41:75:d5:53:49:80:3e:c1:73:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Dec  5 02:39:15 2023 GMT
            Not After : Dec  3 02:44:15 2024 GMT
        Subject: CN=FE866A0CBE4AD3E5A28CA4E9A17DB93A215AD7C9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:16:9c:70:74:98:15:24:09:a7:d2:67:87:4b:
                    ce:99:e5:d1:b3:2d:9e:1b:b2:54:23:fa:ae:b6:74:
                    98:76:a2:72:d8:12:de:d1:43:c6:3e:43:e5:10:5f:
                    d3:45:60:2c:41:50:2a:ca:56:a1:bf:86:27:a5:6c:
                    c9:ae:f2:f9:b4:f8:c5:bf:99:80:9a:28:63:3a:79:
                    3c:72:f6:6c:32:7a:9f:ee:5d:94:8a:51:b8:fe:fd:
                    26:ba:8c:06:a6:4f:0b:c1:86:c0:ef:b4:d4:72:ec:
                    7e:cf:fa:d4:b0:b6:37:5e:71:b6:07:6f:d0:5b:12:
                    4a:50:5b:2c:a0:eb:7d:2c:af:61:88:f3:84:85:c2:
                    ba:d2:62:98:78:db:74:3a:1e:30:63:ee:ac:58:db:
                    b8:7b:0c:d8:27:d9:53:03:40:2f:0b:bc:aa:6c:a3:
                    86:ab:0f:35:eb:c1:23:70:27:ab:ed:d3:a8:c1:3f:
                    63:44:f0:1d:9d:4a:2d:8f:b8:1d:da:2e:b3:63:e2:
                    13:7d:12:1e:71:1c:4b:48:d0:79:28:b2:7d:af:b8:
                    7d:37:c8:e9:3d:54:2b:9c:8e:fd:b4:7e:a9:47:db:
                    0c:f2:e4:0e:3f:61:9e:b2:89:b7:b2:de:38:55:3c:
                    39:e8:e9:75:7a:d5:c4:93:df:b1:98:99:12:41:ca:
                    9e:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:86:6A:0C:BE:4A:D3:E5:A2:8C:A4:E9:A1:7D:B9:3A:21:5A:D7:C9
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS205965.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:2240::/44
                  2a06:a005:23a0::/44
                  2a06:a005:2410::-2a06:a005:242f:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         22:8a:16:f1:90:f9:3a:8b:2d:8e:43:3e:de:49:3f:b8:65:0d:
         5f:95:6a:93:77:d3:98:bb:ec:ed:8c:6d:97:06:95:d7:12:7b:
         67:a0:9e:1f:53:3f:4a:ba:ae:92:0c:35:04:7f:83:5a:15:71:
         67:a1:29:c4:17:ea:81:f6:c4:54:8b:79:93:36:6f:08:2f:92:
         c6:fe:63:f7:8a:05:6d:56:be:95:54:96:8b:a0:b0:c6:ee:bd:
         94:bd:98:3a:02:4c:7e:b3:55:d2:0b:cb:8f:16:3b:21:a0:b4:
         be:4a:0f:8c:ad:61:76:3b:ca:c5:e8:e1:68:18:d4:4c:e7:99:
         64:aa:37:84:28:f9:91:e8:b6:74:2d:41:8b:fc:ce:c7:20:c8:
         00:c5:d0:bd:08:21:9f:74:3c:87:f1:6d:73:09:81:5b:90:fc:
         bf:2c:9c:9b:e4:34:8b:9f:c4:b0:46:8f:6b:17:1d:f7:6c:fc:
         2e:24:e1:d2:89:a4:ff:6a:42:26:20:53:ce:fa:35:83:ad:a1:
         7a:0e:e8:3f:0d:1b:bf:cd:a4:11:2b:d5:ae:b3:fe:76:88:54:
         35:3f:d0:80:c6:7d:f5:2c:8c:19:76:d4:09:29:2f:d0:7d:2d:
         d1:21:75:b3:49:99:db:f8:57:b3:ef:60:37:1c:ad:94:fd:db:
         48:3f:ef:19
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIUBM8lJCHN4SlLNUF11VNJgD7Bc+cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzEyMDUwMjM5MTVaFw0yNDEyMDMwMjQ0MTVaMDMxMTAvBgNV
BAMTKEZFODY2QTBDQkU0QUQzRTVBMjhDQTRFOUExN0RCOTNBMjE1QUQ3QzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsFpxwdJgVJAmn0meHS86Z5dGz
LZ4bslQj+q62dJh2onLYEt7RQ8Y+Q+UQX9NFYCxBUCrKVqG/hielbMmu8vm0+MW/
mYCaKGM6eTxy9mwyep/uXZSKUbj+/Sa6jAamTwvBhsDvtNRy7H7P+tSwtjdecbYH
b9BbEkpQWyyg630sr2GI84SFwrrSYph423Q6HjBj7qxY27h7DNgn2VMDQC8LvKps
o4arDzXrwSNwJ6vt06jBP2NE8B2dSi2PuB3aLrNj4hN9Eh5xHEtI0Hkosn2vuH03
yOk9VCucjv20fqlH2wzy5A4/YZ6yibey3jhVPDno6XV61cST37GYmRJByp7TAgMB
AAGjggIPMIICCzAdBgNVHQ4EFgQU/oZqDL5K0+WijKTpoX25OiFa18kwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjA1OTY1LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEH
AQH/BDAwLjAsBAIAAjAmAwcEKgagBSJAAwcEKgagBSOgMBIDBwQqBqAFJBADBwQq
BqAFJCAwDQYJKoZIhvcNAQELBQADggEBACKKFvGQ+TqLLY5DPt5JP7hlDV+VapN3
05i77O2MbZcGldcSe2egnh9TP0q6rpIMNQR/g1oVcWehKcQX6oH2xFSLeZM2bwgv
ksb+Y/eKBW1WvpVUlougsMbuvZS9mDoCTH6zVdILy48WOyGgtL5KD4ytYXY7ysXo
4WgY1EznmWSqN4Qo+ZHotnQtQYv8zscgyADF0L0IIZ90PIfxbXMJgVuQ/L8snJvk
NIufxLBGj2sXHfds/C4k4dKJpP9qQiYgU876NYOtoXoO6D8NG7/NpBEr1a6z/naI
VDU/0IDGffUsjBl21AkpL9B9LdEhdbNJmdv4V7PvYDccrZT920g/7xk=
-----END CERTIFICATE-----