Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS206633.roa
File:                     AS206633.roa (raw, json)
Hash identifier:          VFjMZx3zDTF8+JD2neC8KgxvoKBLin1oIiPxiIe66X4=
Subject key identifier:   81:CC:99:1E:C1:99:01:C8:BC:66:6E:A6:6E:1B:F0:7B:3A:20:D1:7B
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       691C19434BE74F4C40A411A361B107E357A9BED4
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS206633.roa
Signing time:             Tue 05 Dec 2023 02:44:16 +0000
ROA not before:           Tue 05 Dec 2023 02:39:16 +0000
ROA not after:            Tue 03 Dec 2024 02:44:16 +0000
asID:                     206633
IP address blocks:        2a06:a005:150b::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 04 May 2024 11:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            69:1c:19:43:4b:e7:4f:4c:40:a4:11:a3:61:b1:07:e3:57:a9:be:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Dec  5 02:39:16 2023 GMT
            Not After : Dec  3 02:44:16 2024 GMT
        Subject: CN=81CC991EC19901C8BC666EA66E1BF07B3A20D17B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:00:54:13:ef:0c:25:76:45:b7:e9:da:2e:f2:
                    7e:a0:b5:be:fa:95:6b:22:24:71:70:fd:5d:6a:6f:
                    9e:98:36:0d:2e:2d:68:af:fd:29:a1:a9:0f:ed:21:
                    3f:b8:c1:4f:57:08:68:be:88:5b:7c:3d:07:f5:4d:
                    66:37:cd:b7:90:af:4c:1d:e5:59:d2:0b:eb:ca:61:
                    90:60:c7:ae:95:60:e8:e4:db:c3:21:a0:d8:be:ec:
                    93:67:30:b2:4a:0a:ef:30:cb:a8:cb:73:46:d6:17:
                    e3:db:0c:8e:fc:7d:2a:b0:d5:ce:b2:82:91:2e:c6:
                    d5:c6:4f:10:f3:ca:51:5f:40:5b:14:9e:f4:13:5b:
                    d0:f8:74:a7:c7:f3:0d:15:12:38:d6:47:10:8f:05:
                    4a:b2:40:c9:dd:de:b2:2f:1c:ec:1d:2c:13:7d:72:
                    cb:66:67:76:72:41:e8:92:80:b8:73:d0:bf:4d:22:
                    3c:3f:bb:47:29:bb:58:0c:4c:3e:0b:80:ee:f3:8b:
                    7d:86:28:93:3e:f9:37:de:a3:49:3d:ec:94:64:1e:
                    a8:e4:cf:07:c0:0b:68:f6:89:0a:cf:d9:9c:70:67:
                    90:d8:ea:3a:7c:06:9f:43:20:c7:f1:3f:47:f9:b5:
                    ab:78:19:61:b6:16:61:3b:7c:84:af:2d:67:70:d9:
                    04:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:CC:99:1E:C1:99:01:C8:BC:66:6E:A6:6E:1B:F0:7B:3A:20:D1:7B
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS206633.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:150b::/48

    Signature Algorithm: sha256WithRSAEncryption
         5a:75:99:30:1b:5d:bf:e2:7b:5c:b7:82:12:dc:f2:32:bc:c4:
         23:d3:24:be:e0:97:6a:38:cd:a8:73:5d:32:9a:b1:9e:c3:a0:
         40:9a:70:82:cf:df:28:bd:9b:6e:f2:67:27:6f:2f:8a:51:9f:
         2a:dc:45:54:85:4d:dd:dd:af:fd:3d:8e:1e:39:00:db:21:dd:
         ee:03:37:97:fe:3d:3e:e7:31:0f:b9:d1:08:6e:d7:cf:5f:6c:
         b5:df:ce:18:2f:65:f0:2c:55:d3:2f:70:a0:d2:af:15:1e:29:
         52:3d:f6:38:b0:b5:76:3f:52:c7:da:c5:f2:78:56:b7:c9:56:
         09:72:af:fb:42:ca:3b:aa:7c:4a:a0:40:44:8d:5a:18:6c:40:
         ab:68:29:f5:25:d4:67:4f:8f:ec:dc:e5:f9:c1:0f:0e:da:1c:
         6e:ee:72:b8:5e:70:96:b1:8a:0b:b6:11:66:c2:38:63:ce:bb:
         b7:86:bb:29:64:8a:78:2e:cc:81:47:6a:5b:ac:eb:98:16:ab:
         50:f0:42:9e:c1:f2:24:57:35:7e:58:e2:cd:b6:4c:59:55:54:
         92:e7:e5:96:89:a7:d4:6f:f3:fe:8b:40:09:d7:25:3a:a1:62:
         15:6f:8f:2e:98:cf:7b:a1:cc:78:aa:f7:84:14:19:d3:70:6e:
         27:25:7a:b8
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUaRwZQ0vnT0xApBGjYbEH41epvtQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzEyMDUwMjM5MTZaFw0yNDEyMDMwMjQ0MTZaMDMxMTAvBgNV
BAMTKDgxQ0M5OTFFQzE5OTAxQzhCQzY2NkVBNjZFMUJGMDdCM0EyMEQxN0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbAFQT7wwldkW36dou8n6gtb76
lWsiJHFw/V1qb56YNg0uLWiv/SmhqQ/tIT+4wU9XCGi+iFt8PQf1TWY3zbeQr0wd
5VnSC+vKYZBgx66VYOjk28MhoNi+7JNnMLJKCu8wy6jLc0bWF+PbDI78fSqw1c6y
gpEuxtXGTxDzylFfQFsUnvQTW9D4dKfH8w0VEjjWRxCPBUqyQMnd3rIvHOwdLBN9
cstmZ3ZyQeiSgLhz0L9NIjw/u0cpu1gMTD4LgO7zi32GKJM++Tfeo0k97JRkHqjk
zwfAC2j2iQrP2ZxwZ5DY6jp8Bp9DIMfxP0f5tat4GWG2FmE7fISvLWdw2QRpAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUgcyZHsGZAci8Zm6mbhvwezog0XswHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjA2NjMzLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcAKgagBRULMA0GCSqGSIb3DQEBCwUAA4IBAQBadZkw
G12/4ntct4IS3PIyvMQj0yS+4JdqOM2oc10ymrGew6BAmnCCz98ovZtu8mcnby+K
UZ8q3EVUhU3d3a/9PY4eOQDbId3uAzeX/j0+5zEPudEIbtfPX2y1384YL2XwLFXT
L3Cg0q8VHilSPfY4sLV2P1LH2sXyeFa3yVYJcq/7Qso7qnxKoEBEjVoYbECraCn1
JdRnT4/s3OX5wQ8O2hxu7nK4XnCWsYoLthFmwjhjzru3hrspZIp4LsyBR2pbrOuY
FqtQ8EKewfIkVzV+WOLNtkxZVVSS5+WWiafUb/P+i0AJ1yU6oWIVb48umM97ocx4
qveEFBnTcG4nJXq4
-----END CERTIFICATE-----