Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS207427.roa
File:                     AS207427.roa (raw, json)
Hash identifier:          MG4/tA7AsS9068OnquxT42AQg3iDT/732WsJH8E3AhI=
Subject key identifier:   83:48:A6:D4:B0:B0:46:DE:86:65:EB:30:65:A3:B7:75:80:74:89:EE
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       71A7AC8F6DD8EA9508102B10F24AA312480E5438
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS207427.roa
Signing time:             Tue 01 Aug 2023 01:37:27 +0000
ROA not before:           Tue 01 Aug 2023 01:32:27 +0000
ROA not after:            Tue 30 Jul 2024 01:37:27 +0000
asID:                     207427
IP address blocks:        2a06:1284::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 05 May 2024 05:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            71:a7:ac:8f:6d:d8:ea:95:08:10:2b:10:f2:4a:a3:12:48:0e:54:38
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Aug  1 01:32:27 2023 GMT
            Not After : Jul 30 01:37:27 2024 GMT
        Subject: CN=8348A6D4B0B046DE8665EB3065A3B775807489EE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:86:1a:1c:7f:fa:dc:53:1d:11:ea:40:71:a8:
                    b6:8c:8a:c7:9f:eb:51:b4:66:3c:fe:84:6f:6f:2e:
                    37:63:c3:2d:50:a9:13:4d:9a:1f:08:85:a3:20:ac:
                    48:92:e3:5d:ce:40:40:0c:6e:e8:a4:f7:7a:30:eb:
                    47:e4:04:84:13:ba:de:6b:61:3e:44:9f:3d:e6:bb:
                    7a:7f:7f:fd:3b:fd:96:a0:47:08:dd:3d:0e:69:5a:
                    6a:6b:7e:c7:7d:85:ac:4d:79:e8:3c:11:a5:21:fe:
                    ca:0c:16:c5:9b:e2:de:53:99:e3:8b:1c:ea:89:8a:
                    04:ef:23:53:25:66:f4:08:d4:79:23:78:9a:27:e8:
                    ac:36:94:df:9f:1c:c3:05:05:60:91:64:7c:a5:c8:
                    a3:45:a0:0f:78:9e:49:78:d3:0b:21:18:3c:2a:c1:
                    45:5b:71:ef:0e:de:0e:53:80:d8:eb:c1:b8:a3:9f:
                    67:49:9d:ad:79:d4:31:05:5c:96:79:db:d2:33:e8:
                    ae:af:b0:1c:7b:91:b0:2b:f4:f8:f9:b5:f1:14:7a:
                    46:4d:15:53:2c:d1:d2:f5:67:da:f3:b9:f5:04:4d:
                    64:c3:88:c4:38:8d:eb:ab:c4:88:72:fb:c5:87:aa:
                    35:80:ad:5a:3f:60:0f:1d:0e:ea:88:5c:38:f1:ab:
                    11:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:48:A6:D4:B0:B0:46:DE:86:65:EB:30:65:A3:B7:75:80:74:89:EE
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS207427.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:1284::/32

    Signature Algorithm: sha256WithRSAEncryption
         90:1f:a2:8f:87:21:87:11:5d:b1:d3:31:bf:8b:7c:f4:9c:34:
         81:7e:c6:0f:60:5b:f2:31:e8:5d:0a:72:fa:42:f6:1a:4c:35:
         0b:e5:e6:ed:2c:f4:24:22:83:87:86:b6:69:b5:d3:47:24:cd:
         da:87:23:64:fe:82:55:dd:34:25:bd:4c:0e:1e:0b:0b:a2:18:
         82:a4:0f:d7:48:d6:fb:5a:61:83:32:31:37:27:eb:d8:90:67:
         21:0b:be:19:e2:aa:55:ff:e8:81:07:d3:0d:7d:0d:d8:20:91:
         53:3d:33:6b:4e:74:11:c5:29:69:cf:cd:a9:5a:58:68:bc:20:
         33:0c:73:f6:e3:17:d8:44:b3:b1:b1:7e:cb:bf:4c:b8:89:f6:
         dc:e9:6c:5a:1d:15:61:12:ad:cf:2c:96:3d:4d:71:9f:ac:7b:
         61:c1:d5:90:29:94:35:3c:08:33:1d:9d:7f:9f:55:55:68:bd:
         c0:fc:94:ee:9f:2d:a8:7b:68:7a:53:47:32:31:a3:da:54:58:
         d4:df:e2:de:72:45:90:f0:cd:99:0a:d2:b0:25:79:60:61:ae:
         4d:5a:bf:1a:75:85:de:14:7e:b6:46:01:d3:0a:5a:c8:dc:9a:
         f4:df:88:b5:bf:90:e9:fd:e0:dc:75:92:55:36:4e:b8:d7:6a:
         b2:b8:d1:77
-----BEGIN CERTIFICATE-----
MIIE5jCCA86gAwIBAgIUcaesj23Y6pUIECsQ8kqjEkgOVDgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzA4MDEwMTMyMjdaFw0yNDA3MzAwMTM3MjdaMDMxMTAvBgNV
BAMTKDgzNDhBNkQ0QjBCMDQ2REU4NjY1RUIzMDY1QTNCNzc1ODA3NDg5RUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQhhocf/rcUx0R6kBxqLaMisef
61G0Zjz+hG9vLjdjwy1QqRNNmh8IhaMgrEiS413OQEAMbuik93ow60fkBIQTut5r
YT5Enz3mu3p/f/07/ZagRwjdPQ5pWmprfsd9haxNeeg8EaUh/soMFsWb4t5TmeOL
HOqJigTvI1MlZvQI1HkjeJon6Kw2lN+fHMMFBWCRZHylyKNFoA94nkl40wshGDwq
wUVbce8O3g5TgNjrwbijn2dJna151DEFXJZ529Iz6K6vsBx7kbAr9Pj5tfEUekZN
FVMs0dL1Z9rzufUETWTDiMQ4jeurxIhy+8WHqjWArVo/YA8dDuqIXDjxqxHtAgMB
AAGjggHwMIIB7DAdBgNVHQ4EFgQUg0im1LCwRt6GZeswZaO3dYB0ie4wHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjA3NDI3LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEH
AQH/BBEwDzANBAIAAjAHAwUAKgYShDANBgkqhkiG9w0BAQsFAAOCAQEAkB+ij4ch
hxFdsdMxv4t89Jw0gX7GD2Bb8jHoXQpy+kL2Gkw1C+Xm7Sz0JCKDh4a2abXTRyTN
2ocjZP6CVd00Jb1MDh4LC6IYgqQP10jW+1phgzIxNyfr2JBnIQu+GeKqVf/ogQfT
DX0N2CCRUz0za050EcUpac/NqVpYaLwgMwxz9uMX2ESzsbF+y79MuIn23OlsWh0V
YRKtzyyWPU1xn6x7YcHVkCmUNTwIMx2df59VVWi9wPyU7p8tqHtoelNHMjGj2lRY
1N/i3nJFkPDNmQrSsCV5YGGuTVq/GnWF3hR+tkYB0wpayNya9N+Itb+Q6f3g3HWS
VTZOuNdqsrjRdw==
-----END CERTIFICATE-----