Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS206290.roa
File:                     AS206290.roa (raw, json)
Hash identifier:          9DGWuC5RbyxQsYtcTa162HApzQxPo2v94FIqG7Ri9XQ=
Subject key identifier:   20:B5:AA:EB:3B:05:60:80:06:BF:90:FF:87:04:B7:26:90:10:15:DE
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       02C49A51EF6A225B49C3A120105979D134E8386B
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS206290.roa
Signing time:             Tue 05 Dec 2023 02:44:19 +0000
ROA not before:           Tue 05 Dec 2023 02:39:19 +0000
ROA not after:            Tue 03 Dec 2024 02:44:19 +0000
asID:                     206290
IP address blocks:        2a06:a005:1276::/47 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 05 May 2024 05:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            02:c4:9a:51:ef:6a:22:5b:49:c3:a1:20:10:59:79:d1:34:e8:38:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Dec  5 02:39:19 2023 GMT
            Not After : Dec  3 02:44:19 2024 GMT
        Subject: CN=20B5AAEB3B05608006BF90FF8704B726901015DE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:96:d9:13:48:21:c6:09:7d:b5:1d:97:2d:79:
                    05:59:af:df:18:2f:65:56:86:e9:53:c8:61:d2:b1:
                    33:bb:89:70:6b:63:0e:09:8f:14:8a:f5:b4:6d:f3:
                    45:f2:95:bf:16:40:46:d9:2d:96:c9:38:cc:f1:54:
                    6f:cd:44:6c:2d:6e:7b:06:fd:33:b1:b7:3e:9c:d1:
                    21:ed:e4:4f:48:23:8c:d0:c6:7a:12:8a:e9:71:60:
                    1b:1d:a7:d6:d7:c9:12:34:46:f1:fa:2a:35:d7:e3:
                    71:e4:f3:c9:63:8d:9f:ac:ef:f9:bd:f0:5d:3f:76:
                    ac:28:da:a3:5b:f1:2e:2b:c3:af:fb:4b:8c:eb:be:
                    e3:49:76:4c:46:d3:6a:c4:ab:71:bb:35:ec:32:c1:
                    cf:20:73:bd:3a:be:6a:bc:34:16:1a:57:24:96:60:
                    22:77:57:28:45:ad:73:9e:01:b2:2d:12:99:08:de:
                    c0:08:ec:8b:03:cc:16:c5:a4:f8:2a:4b:a3:d8:ae:
                    21:3c:56:21:c7:d5:17:04:ae:8a:f4:08:5c:a7:57:
                    d5:1e:86:36:1a:9d:87:e2:cc:7e:2e:97:47:80:1d:
                    4c:9c:67:d0:76:b3:32:da:04:52:5e:69:eb:53:86:
                    cb:ee:6e:8f:8c:c9:95:a6:df:85:95:a4:6b:69:d6:
                    a8:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:B5:AA:EB:3B:05:60:80:06:BF:90:FF:87:04:B7:26:90:10:15:DE
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS206290.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:1276::/47

    Signature Algorithm: sha256WithRSAEncryption
         79:75:1f:90:18:30:06:db:5e:53:c2:7f:34:ef:4d:e9:83:51:
         16:36:c6:ea:59:08:76:1a:50:7c:e4:46:cb:da:39:ef:03:89:
         5d:e8:9d:dc:ba:96:6c:77:53:ac:19:69:c8:78:6c:97:3a:5f:
         69:00:91:ff:11:09:af:6a:19:21:77:e4:28:b6:79:23:37:39:
         5a:58:4a:c6:db:fc:e0:28:34:ac:e1:f9:73:82:db:83:c9:e0:
         40:3f:91:2c:d5:d5:c2:c1:ee:6d:ad:28:79:3c:49:fa:bd:a5:
         69:f5:6c:26:0b:43:d3:43:6d:28:b2:8e:e3:09:52:25:f2:66:
         90:9c:55:27:4f:71:11:ed:8e:c6:38:dc:03:34:c4:ad:c7:2b:
         0a:e5:6f:75:21:27:34:6d:2a:62:ae:05:0c:8d:c9:1c:48:04:
         f9:83:75:1c:3d:5b:41:53:a6:60:ce:b8:a7:de:91:de:81:c5:
         d1:3f:44:e8:02:68:f4:1e:38:7d:bf:7d:e4:d5:57:f4:3c:b6:
         e6:f3:ea:05:79:20:a8:e9:d5:4f:12:5c:21:7f:23:63:29:8e:
         ef:ec:c8:41:05:ff:ff:f7:66:5e:21:95:b2:18:30:64:13:0d:
         c5:1c:32:15:24:fc:18:67:b3:1e:30:8b:a5:5c:61:27:3c:86:
         5b:46:1b:6f
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUAsSaUe9qIltJw6EgEFl50TToOGswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzEyMDUwMjM5MTlaFw0yNDEyMDMwMjQ0MTlaMDMxMTAvBgNV
BAMTKDIwQjVBQUVCM0IwNTYwODAwNkJGOTBGRjg3MDRCNzI2OTAxMDE1REUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZltkTSCHGCX21HZcteQVZr98Y
L2VWhulTyGHSsTO7iXBrYw4JjxSK9bRt80Xylb8WQEbZLZbJOMzxVG/NRGwtbnsG
/TOxtz6c0SHt5E9II4zQxnoSiulxYBsdp9bXyRI0RvH6KjXX43Hk88ljjZ+s7/m9
8F0/dqwo2qNb8S4rw6/7S4zrvuNJdkxG02rEq3G7Newywc8gc706vmq8NBYaVySW
YCJ3VyhFrXOeAbItEpkI3sAI7IsDzBbFpPgqS6PYriE8ViHH1RcEror0CFynV9Ue
hjYanYfizH4ul0eAHUycZ9B2szLaBFJeaetThsvubo+MyZWm34WVpGtp1qhrAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUILWq6zsFYIAGv5D/hwS3JpAQFd4wHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjA2MjkwLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcBKgagBRJ2MA0GCSqGSIb3DQEBCwUAA4IBAQB5dR+Q
GDAG215Twn80703pg1EWNsbqWQh2GlB85EbL2jnvA4ld6J3cupZsd1OsGWnIeGyX
Ol9pAJH/EQmvahkhd+QotnkjNzlaWErG2/zgKDSs4flzgtuDyeBAP5Es1dXCwe5t
rSh5PEn6vaVp9WwmC0PTQ20oso7jCVIl8maQnFUnT3ER7Y7GONwDNMStxysK5W91
ISc0bSpirgUMjckcSAT5g3UcPVtBU6Zgzrin3pHegcXRP0ToAmj0Hjh9v33k1Vf0
PLbm8+oFeSCo6dVPElwhfyNjKY7v7MhBBf//92ZeIZWyGDBkEw3FHDIVJPwYZ7Me
MIulXGEnPIZbRhtv
-----END CERTIFICATE-----