Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS206569.roa
File:                     AS206569.roa (raw, json)
Hash identifier:          zo/Fz4emcE2rAkTS/C03PUOOAJlL5rDlILh7/xv5NK0=
Subject key identifier:   E2:7B:7E:30:A7:B0:DC:31:A2:BC:B6:0A:3E:F9:53:C6:B2:1D:7F:09
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       388987B391B4809C908A5A5F9C0430E40006B3CF
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS206569.roa
Signing time:             Tue 05 Dec 2023 02:44:11 +0000
ROA not before:           Tue 05 Dec 2023 02:39:11 +0000
ROA not after:            Tue 03 Dec 2024 02:44:11 +0000
asID:                     206569
IP address blocks:        2a06:a005:2000::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 05 May 2024 05:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            38:89:87:b3:91:b4:80:9c:90:8a:5a:5f:9c:04:30:e4:00:06:b3:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Dec  5 02:39:11 2023 GMT
            Not After : Dec  3 02:44:11 2024 GMT
        Subject: CN=E27B7E30A7B0DC31A2BCB60A3EF953C6B21D7F09
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:96:42:21:24:f6:bf:79:8a:c2:ca:49:7b:5b:
                    96:af:6b:17:a7:2e:a7:4d:66:b0:46:08:75:4d:44:
                    eb:9b:6f:1a:bf:0b:12:62:2a:90:37:6c:49:cc:29:
                    5e:29:e5:6f:ee:19:4b:92:ef:58:6c:ff:1d:8a:24:
                    c6:cb:d7:4c:42:14:59:3a:7d:a7:b5:ae:84:cb:cf:
                    fe:41:f5:da:a4:5f:09:d9:6d:29:0e:35:86:9d:b5:
                    c6:09:dd:2f:a1:b9:9f:08:9b:1f:f2:fb:ce:84:b6:
                    63:d6:db:a5:27:96:f5:82:f7:ff:c9:1f:db:1a:f5:
                    53:f5:01:f2:dd:58:ce:fa:f3:9b:f3:c7:d3:cf:28:
                    1d:a5:de:79:84:7f:68:23:0f:8f:38:f8:86:3a:46:
                    37:ad:3b:a3:aa:9f:22:2c:f6:5c:23:a7:6e:41:9b:
                    c8:bd:27:16:98:fa:7e:a1:ec:ed:f9:58:49:9a:ef:
                    9c:79:6d:20:67:39:b1:39:32:9e:5e:00:e9:4c:9e:
                    b1:b9:3e:b3:ff:1e:c0:3e:de:e9:fd:8e:19:81:3f:
                    2b:c5:16:89:00:8b:f2:e7:e0:fc:51:5f:ab:29:1e:
                    9e:84:9a:dc:5a:ca:b8:27:c5:8f:40:5b:6d:ca:16:
                    f3:79:bd:cd:0a:47:03:fd:48:93:4e:0e:63:9b:a2:
                    1c:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:7B:7E:30:A7:B0:DC:31:A2:BC:B6:0A:3E:F9:53:C6:B2:1D:7F:09
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS206569.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:2000::/44

    Signature Algorithm: sha256WithRSAEncryption
         04:ad:cb:ca:d1:84:5b:fa:03:55:e5:29:99:ea:34:c3:96:82:
         77:8b:1b:0c:21:ad:d6:57:a1:7b:75:94:44:3e:dd:81:08:a1:
         54:cf:19:32:a1:c8:32:97:37:78:22:38:10:cc:76:45:f9:85:
         7e:d2:dc:90:01:c4:6d:41:f7:30:ad:d7:61:fe:b0:f0:15:af:
         9d:89:a4:52:44:b1:71:ec:bd:a9:20:18:be:33:45:77:85:a2:
         7c:3d:21:9f:1e:85:d2:5a:15:1c:2d:6a:c1:8e:3f:c9:04:ed:
         9a:e9:b8:3a:4e:0c:fd:a1:15:7a:27:c8:25:2b:9a:8c:ee:5e:
         3e:d1:f5:42:3b:d4:cd:78:f8:d3:fc:03:4a:c7:cb:0f:06:57:
         0f:b8:e7:e6:5c:d7:19:1b:82:60:d0:7c:b0:7c:0e:bd:da:83:
         55:9a:b0:bd:c2:61:e6:8b:64:96:be:2c:54:f3:82:8d:90:26:
         1c:f1:c5:0a:7d:b9:34:20:e8:8e:69:da:c3:5e:b9:60:07:6c:
         9e:26:ba:7b:92:38:cd:53:bf:4a:39:7c:ec:48:28:c5:ad:1b:
         ec:85:16:75:84:8e:3d:a9:33:2a:5f:12:57:d4:42:a8:28:9c:
         09:95:7d:17:4e:c3:4e:7a:bb:b2:21:65:a6:7c:0e:9f:0e:00:
         26:10:b6:17
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUOImHs5G0gJyQilpfnAQw5AAGs88wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzEyMDUwMjM5MTFaFw0yNDEyMDMwMjQ0MTFaMDMxMTAvBgNV
BAMTKEUyN0I3RTMwQTdCMERDMzFBMkJDQjYwQTNFRjk1M0M2QjIxRDdGMDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGlkIhJPa/eYrCykl7W5avaxen
LqdNZrBGCHVNROubbxq/CxJiKpA3bEnMKV4p5W/uGUuS71hs/x2KJMbL10xCFFk6
fae1roTLz/5B9dqkXwnZbSkONYadtcYJ3S+huZ8Imx/y+86EtmPW26UnlvWC9//J
H9sa9VP1AfLdWM7685vzx9PPKB2l3nmEf2gjD484+IY6RjetO6OqnyIs9lwjp25B
m8i9JxaY+n6h7O35WEma75x5bSBnObE5Mp5eAOlMnrG5PrP/HsA+3un9jhmBPyvF
FokAi/Ln4PxRX6spHp6EmtxayrgnxY9AW23KFvN5vc0KRwP9SJNODmObohyzAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQU4nt+MKew3DGivLYKPvlTxrIdfwkwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjA2NTY5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcEKgagBSAAMA0GCSqGSIb3DQEBCwUAA4IBAQAErcvK
0YRb+gNV5SmZ6jTDloJ3ixsMIa3WV6F7dZREPt2BCKFUzxkyocgylzd4IjgQzHZF
+YV+0tyQAcRtQfcwrddh/rDwFa+diaRSRLFx7L2pIBi+M0V3haJ8PSGfHoXSWhUc
LWrBjj/JBO2a6bg6Tgz9oRV6J8glK5qM7l4+0fVCO9TNePjT/ANKx8sPBlcPuOfm
XNcZG4Jg0HywfA692oNVmrC9wmHmi2SWvixU84KNkCYc8cUKfbk0IOiOadrDXrlg
B2yeJrp7kjjNU79KOXzsSCjFrRvshRZ1hI49qTMqXxJX1EKoKJwJlX0XTsNOeruy
IWWmfA6fDgAmELYX
-----END CERTIFICATE-----