Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS206729.roa
File:                     AS206729.roa (raw, json)
Hash identifier:          Hexcvf0V7ddT7WCO2FIrcfZJEe5X1OWxNIPVHQCElUU=
Subject key identifier:   B2:63:79:5F:E2:A0:1C:63:C5:34:65:5D:59:06:DF:5D:F3:D0:76:DD
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       29B0996D0F4855D7CF532D0A7372893BF4DEBBD0
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS206729.roa
Signing time:             Wed 26 Mar 2025 22:14:21 +0000
ROA not before:           Wed 26 Mar 2025 22:09:21 +0000
ROA not after:            Wed 25 Mar 2026 22:14:21 +0000
asID:                     206729
IP address blocks:        2a06:a005:9e0::/44 maxlen: 48
                          2a06:a005:1c40::/44 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 05 Apr 2025 09:24:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            29:b0:99:6d:0f:48:55:d7:cf:53:2d:0a:73:72:89:3b:f4:de:bb:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Mar 26 22:09:21 2025 GMT
            Not After : Mar 25 22:14:21 2026 GMT
        Subject: CN=B263795FE2A01C63C534655D5906DF5DF3D076DD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:73:e5:63:cb:96:03:b1:93:c9:8a:d7:bb:23:
                    11:6f:76:d1:6b:fa:06:4a:3c:7d:be:ef:d7:ce:f4:
                    d5:59:31:69:56:2e:9a:7c:33:15:7c:a9:b3:f4:db:
                    16:07:95:33:44:44:fd:0f:e1:0b:c8:c6:a2:2f:88:
                    4b:21:6d:73:f5:09:02:77:02:d1:52:d5:0c:0f:1d:
                    a3:7d:a0:a8:62:75:c8:cc:cf:3a:c2:e4:c4:73:3a:
                    22:da:00:33:4f:49:70:13:a1:45:8e:2b:be:fb:24:
                    10:20:96:96:92:de:60:f3:cd:a0:4a:1f:68:fa:36:
                    4c:92:9c:a2:78:01:80:16:a7:b3:1d:ba:01:7a:b6:
                    17:d4:bc:c8:e4:93:dc:7f:e4:17:7d:89:e9:9d:4d:
                    93:ae:85:70:69:03:78:a8:d4:39:1d:8c:b6:58:c2:
                    40:a9:8b:5f:54:fa:af:5b:7e:e4:66:2a:17:7a:db:
                    45:5f:41:49:bd:3f:c4:ff:a6:91:de:65:26:83:42:
                    46:23:92:2e:d2:a0:fb:59:4c:d5:1d:52:69:40:09:
                    e5:27:c4:14:57:3b:f2:48:18:6d:58:f8:92:ab:6d:
                    d9:44:35:bc:85:93:b9:c9:fe:41:64:8e:44:6d:18:
                    49:f2:ea:bf:43:23:ed:7d:eb:f8:84:91:1f:45:2f:
                    5a:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:63:79:5F:E2:A0:1C:63:C5:34:65:5D:59:06:DF:5D:F3:D0:76:DD
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS206729.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:9e0::/44
                  2a06:a005:1c40::/44

    Signature Algorithm: sha256WithRSAEncryption
         11:8e:a2:2a:1a:4c:49:98:61:52:b5:e1:b1:1e:c8:92:84:60:
         87:cc:4f:a6:75:30:93:3e:1b:6e:fa:11:3c:18:5b:cd:a7:70:
         68:5b:7d:d6:4d:e8:d3:6a:8b:11:f0:ea:77:22:f0:b0:cc:cf:
         ca:b3:22:db:c9:f5:fe:f9:f3:0c:5a:b2:62:05:ff:29:d5:96:
         97:b3:db:15:ac:8d:55:48:e9:9e:97:c8:16:84:a3:e1:97:f9:
         d6:6b:91:d5:53:ae:e5:3d:ce:38:2b:2f:32:5a:be:3b:9c:5a:
         0b:ef:ee:be:34:ac:01:43:53:0f:d4:6e:00:ce:11:a0:f5:a6:
         0e:e7:32:2d:51:6d:bb:86:12:d5:c1:ec:fd:71:5e:04:f7:d9:
         f8:78:1c:84:61:4d:31:33:69:47:e9:74:6b:da:c9:5e:ed:8a:
         d9:b3:01:06:80:77:ac:0e:b5:b9:6e:e0:d8:f2:57:fa:81:6d:
         b2:dd:9d:99:4f:0a:65:3a:18:2e:d7:4d:cb:eb:44:2c:b7:b6:
         cf:1d:66:3f:df:df:75:86:9c:e0:1b:1d:3e:67:1b:c8:f4:9b:
         cb:6e:fc:f4:2a:f6:85:64:d7:cc:7c:2b:c5:a8:8b:d8:93:5b:
         8a:43:2c:ed:29:2a:98:af:50:f9:cc:2e:61:44:4a:6e:29:cd:
         4d:92:b0:6b
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIUKbCZbQ9IVdfPUy0Kc3KJO/Teu9AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNTAzMjYyMjA5MjFaFw0yNjAzMjUyMjE0MjFaMDMxMTAvBgNV
BAMTKEIyNjM3OTVGRTJBMDFDNjNDNTM0NjU1RDU5MDZERjVERjNEMDc2REQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChc+Vjy5YDsZPJite7IxFvdtFr
+gZKPH2+79fO9NVZMWlWLpp8MxV8qbP02xYHlTNERP0P4QvIxqIviEshbXP1CQJ3
AtFS1QwPHaN9oKhidcjMzzrC5MRzOiLaADNPSXAToUWOK777JBAglpaS3mDzzaBK
H2j6NkySnKJ4AYAWp7MdugF6thfUvMjkk9x/5Bd9iemdTZOuhXBpA3io1DkdjLZY
wkCpi19U+q9bfuRmKhd620VfQUm9P8T/ppHeZSaDQkYjki7SoPtZTNUdUmlACeUn
xBRXO/JIGG1Y+JKrbdlENbyFk7nJ/kFkjkRtGEny6r9DI+196/iEkR9FL1pZAgMB
AAGjggH7MIIB9zAdBgNVHQ4EFgQUsmN5X+KgHGPFNGVdWQbfXfPQdt0wHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjA2NzI5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEH
AQH/BBwwGjAYBAIAAjASAwcEKgagBQngAwcEKgagBRxAMA0GCSqGSIb3DQEBCwUA
A4IBAQARjqIqGkxJmGFSteGxHsiShGCHzE+mdTCTPhtu+hE8GFvNp3BoW33WTejT
aosR8Op3IvCwzM/KsyLbyfX++fMMWrJiBf8p1ZaXs9sVrI1VSOmel8gWhKPhl/nW
a5HVU67lPc44Ky8yWr47nFoL7+6+NKwBQ1MP1G4AzhGg9aYO5zItUW27hhLVwez9
cV4E99n4eByEYU0xM2lH6XRr2sle7YrZswEGgHesDrW5buDY8lf6gW2y3Z2ZTwpl
Ohgu103L60Qst7bPHWY/3991hpzgGx0+ZxvI9JvLbvz0KvaFZNfMfCvFqIvYk1uK
QyztKSqYr1D5zC5hREpuKc1NkrBr
-----END CERTIFICATE-----