Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS207317.roa
File:                     AS207317.roa (raw, json)
Hash identifier:          1LJVMaHDcC9CQzGj9ZyPfObrhnyIWE34G6n9ry0GqaI=
Subject key identifier:   03:6C:1D:77:39:69:F0:5C:47:E6:25:77:8C:9D:39:52:A4:BA:A9:DC
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       0CDC666372949B0C8C91AA6112CDDF692E062486
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS207317.roa
Signing time:             Tue 05 Nov 2024 03:40:08 +0000
ROA not before:           Tue 05 Nov 2024 03:35:08 +0000
ROA not after:            Tue 04 Nov 2025 03:40:08 +0000
asID:                     207317
IP address blocks:        2a06:a005:2800::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 12:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0c:dc:66:63:72:94:9b:0c:8c:91:aa:61:12:cd:df:69:2e:06:24:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Nov  5 03:35:08 2024 GMT
            Not After : Nov  4 03:40:08 2025 GMT
        Subject: CN=036C1D773969F05C47E625778C9D3952A4BAA9DC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:6a:b0:ad:05:69:3d:27:42:2e:e5:ad:41:ad:
                    45:b6:fc:ab:ee:46:f8:fe:b0:1d:8d:4f:eb:e7:d2:
                    0a:35:61:a8:f1:39:db:00:bf:62:27:66:b5:0e:83:
                    2e:3e:a3:3b:f1:98:72:75:76:c1:9a:fe:ce:0e:9c:
                    98:bf:d7:73:82:60:c0:c9:50:29:c8:bc:78:7b:c4:
                    b7:ac:e4:65:7f:b5:28:24:d0:44:d6:ef:35:9f:cc:
                    ac:04:42:d6:50:88:e2:7b:c1:96:18:ab:c0:54:5e:
                    44:3a:1d:a0:13:e6:f7:78:d8:7b:90:c9:23:d7:c4:
                    07:7f:25:5c:78:af:e2:f3:3c:86:82:d7:8a:b0:ef:
                    da:7a:fb:71:ff:cf:d8:f3:fd:2e:6f:15:45:2d:35:
                    1d:5e:21:a2:b1:a1:bd:6c:c9:97:b7:bf:54:60:af:
                    cc:f1:9c:4b:39:3a:ce:ba:ad:4d:83:9e:65:37:c0:
                    bb:0d:2f:a7:28:bc:b0:78:89:1f:11:62:4e:b3:8d:
                    e5:66:9a:5f:61:a3:3a:be:a0:4a:c3:5a:11:9c:0e:
                    ae:a9:19:78:34:91:a1:4a:02:78:b4:38:7c:7e:96:
                    41:39:59:68:68:35:f1:f4:6d:ad:9e:46:62:37:c2:
                    09:51:1f:fb:36:c7:1a:e5:6c:83:09:2f:fc:d5:65:
                    25:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:6C:1D:77:39:69:F0:5C:47:E6:25:77:8C:9D:39:52:A4:BA:A9:DC
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS207317.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:2800::/44

    Signature Algorithm: sha256WithRSAEncryption
         40:ed:ed:6d:3f:03:03:3c:f6:13:a4:42:8e:66:6c:7d:0e:6f:
         5a:46:3a:7b:3f:bf:88:fd:df:e6:39:cc:d5:fa:95:93:13:c3:
         60:2b:fe:26:57:6a:08:a8:be:2b:02:3d:c2:59:60:9d:3b:d0:
         e5:e0:68:57:38:8c:e7:bc:b6:e6:b7:e2:03:ab:8f:18:c9:ff:
         76:16:59:72:a3:0b:9a:09:ac:23:8b:d3:00:f6:18:a4:16:40:
         87:d3:17:74:98:80:05:2a:a6:d2:20:20:e0:94:80:b9:62:b2:
         e4:1f:f5:e6:1a:c4:67:f9:19:43:88:5c:a4:83:d7:3b:e5:97:
         a0:59:c7:15:f8:e1:21:80:5f:81:75:26:98:62:94:04:2b:d2:
         d6:46:55:be:cc:12:af:94:ad:fe:70:e3:e3:9b:b0:b6:b2:77:
         90:18:47:82:2a:62:4c:d7:fc:71:61:be:ca:45:1b:20:4b:02:
         1f:57:14:35:f5:a4:c8:56:c5:2e:02:d3:f3:2c:28:4a:b6:5a:
         ca:57:7e:a9:20:97:ba:0d:07:a0:1a:63:fd:3a:5a:e7:77:19:
         4b:5e:a8:32:72:4e:e6:ea:0a:32:87:35:e1:5d:f9:b0:a1:71:
         52:1c:1d:e8:0c:07:f3:4c:f8:12:66:22:0e:b2:b3:b8:71:e0:
         e0:fe:da:8e
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUDNxmY3KUmwyMkaphEs3faS4GJIYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDExMDUwMzM1MDhaFw0yNTExMDQwMzQwMDhaMDMxMTAvBgNV
BAMTKDAzNkMxRDc3Mzk2OUYwNUM0N0U2MjU3NzhDOUQzOTUyQTRCQUE5REMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRarCtBWk9J0Iu5a1BrUW2/Kvu
Rvj+sB2NT+vn0go1YajxOdsAv2InZrUOgy4+ozvxmHJ1dsGa/s4OnJi/13OCYMDJ
UCnIvHh7xLes5GV/tSgk0ETW7zWfzKwEQtZQiOJ7wZYYq8BUXkQ6HaAT5vd42HuQ
ySPXxAd/JVx4r+LzPIaC14qw79p6+3H/z9jz/S5vFUUtNR1eIaKxob1syZe3v1Rg
r8zxnEs5Os66rU2DnmU3wLsNL6covLB4iR8RYk6zjeVmml9hozq+oErDWhGcDq6p
GXg0kaFKAni0OHx+lkE5WWhoNfH0ba2eRmI3wglRH/s2xxrlbIMJL/zVZSWpAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUA2wddzlp8FxH5iV3jJ05UqS6qdwwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjA3MzE3LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcEKgagBSgAMA0GCSqGSIb3DQEBCwUAA4IBAQBA7e1t
PwMDPPYTpEKOZmx9Dm9aRjp7P7+I/d/mOczV+pWTE8NgK/4mV2oIqL4rAj3CWWCd
O9Dl4GhXOIznvLbmt+IDq48Yyf92FllyowuaCawji9MA9hikFkCH0xd0mIAFKqbS
ICDglIC5YrLkH/XmGsRn+RlDiFykg9c75ZegWccV+OEhgF+BdSaYYpQEK9LWRlW+
zBKvlK3+cOPjm7C2sneQGEeCKmJM1/xxYb7KRRsgSwIfVxQ19aTIVsUuAtPzLChK
tlrKV36pIJe6DQegGmP9OlrndxlLXqgyck7m6goyhzXhXfmwoXFSHB3oDAfzTPgS
ZiIOsrO4ceDg/tqO
-----END CERTIFICATE-----