Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS207852.roa
File:                     AS207852.roa (raw, json)
Hash identifier:          /IOZDQa2HokVQy+DvjWf8irZe6xxJWD2N/U2ahFAuqU=
Subject key identifier:   05:12:1B:75:AF:28:A3:E1:81:5F:DE:89:1E:6D:CB:F1:6F:89:92:EF
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       6FF6B45F4DAFB84C88EA2968D1C9F525708440F1
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS207852.roa
Signing time:             Tue 05 Dec 2023 02:44:13 +0000
ROA not before:           Tue 05 Dec 2023 02:39:13 +0000
ROA not after:            Tue 03 Dec 2024 02:44:13 +0000
asID:                     207852
IP address blocks:        2a06:a005:4b0::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 04 May 2024 11:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6f:f6:b4:5f:4d:af:b8:4c:88:ea:29:68:d1:c9:f5:25:70:84:40:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Dec  5 02:39:13 2023 GMT
            Not After : Dec  3 02:44:13 2024 GMT
        Subject: CN=05121B75AF28A3E1815FDE891E6DCBF16F8992EF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:2d:4c:24:57:9f:29:a3:47:eb:f3:a6:98:8f:
                    37:9f:08:fa:b9:9d:57:12:54:5e:09:16:28:b5:cf:
                    4c:a1:d8:9a:66:02:71:98:17:35:1f:a4:5a:ac:3e:
                    8d:d7:09:69:74:8b:84:bb:8d:df:62:ea:a2:aa:ca:
                    6d:91:8c:be:ab:1d:a7:b1:09:ff:a5:e1:7e:a3:34:
                    48:1c:40:d9:02:e2:6f:d1:cb:95:18:18:72:f5:bf:
                    ad:12:82:c4:e6:f3:c9:a1:ec:c7:9c:b2:df:05:60:
                    cc:ef:58:df:cd:18:9b:e7:ce:34:14:5d:b7:60:d6:
                    36:30:da:76:09:14:a2:1c:4a:2e:d4:54:d2:c1:3d:
                    58:28:ff:f5:3a:7e:66:9f:49:8c:43:45:ed:8f:d5:
                    73:f4:d9:68:46:20:f6:0a:4a:97:44:a4:4b:8a:6c:
                    72:d0:4d:4a:d4:dd:ec:1a:80:2b:60:0b:38:d9:f6:
                    02:1d:bf:8d:ff:4c:de:ee:a0:76:ad:1b:58:f8:30:
                    f6:aa:59:b6:bd:ef:a4:ea:ab:8a:96:13:ea:50:ee:
                    65:22:0c:05:f5:76:50:7e:bd:8a:7b:7b:60:8a:db:
                    a4:34:b7:5a:3f:0a:5a:a6:b8:5e:db:29:ad:83:5c:
                    31:52:64:33:41:8c:65:2c:bc:a3:cc:78:08:71:fe:
                    3b:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:12:1B:75:AF:28:A3:E1:81:5F:DE:89:1E:6D:CB:F1:6F:89:92:EF
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS207852.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:4b0::/44

    Signature Algorithm: sha256WithRSAEncryption
         50:0a:3f:c5:ce:75:9f:fb:1e:75:04:5d:0d:eb:3f:92:c2:3c:
         12:12:a0:69:22:3c:fc:1b:42:ad:20:91:6c:7c:e2:17:98:79:
         7f:15:ca:a5:f1:7c:3c:84:0a:42:a1:ee:1e:c7:55:72:37:14:
         1e:e3:1e:3a:09:8e:11:3f:78:54:5d:5f:dd:11:f7:55:30:5d:
         4b:a7:6d:86:7d:11:a3:78:ea:03:94:2d:fc:7e:e3:23:00:cd:
         9e:cb:ec:88:b1:e2:05:35:42:36:a1:d3:5e:77:7a:1f:0e:3c:
         6b:be:3a:14:bc:65:7f:10:1c:10:1b:79:41:56:25:28:c1:72:
         cf:73:86:8d:a0:e2:6b:97:e8:c3:8b:1a:06:56:e8:03:99:80:
         fb:6a:1f:1f:49:ec:68:b6:c2:d9:32:9c:ce:86:a7:d7:8e:7c:
         67:ab:33:a3:a3:2c:3a:db:43:2a:e9:56:9b:a5:c0:8b:99:5c:
         29:68:12:7d:09:fd:be:1b:d6:29:19:22:37:43:00:7f:37:80:
         88:72:3d:28:32:49:06:ff:32:db:aa:0f:9f:60:34:96:c0:ea:
         34:a2:91:5d:c1:66:bc:cb:55:d8:50:99:88:e1:16:53:47:f4:
         2d:52:c4:31:6a:90:5a:cd:b7:93:a1:67:2d:1e:3d:f1:95:b6:
         d9:e0:df:97
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUb/a0X02vuEyI6ilo0cn1JXCEQPEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzEyMDUwMjM5MTNaFw0yNDEyMDMwMjQ0MTNaMDMxMTAvBgNV
BAMTKDA1MTIxQjc1QUYyOEEzRTE4MTVGREU4OTFFNkRDQkYxNkY4OTkyRUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMLUwkV58po0fr86aYjzefCPq5
nVcSVF4JFii1z0yh2JpmAnGYFzUfpFqsPo3XCWl0i4S7jd9i6qKqym2RjL6rHaex
Cf+l4X6jNEgcQNkC4m/Ry5UYGHL1v60SgsTm88mh7Mecst8FYMzvWN/NGJvnzjQU
Xbdg1jYw2nYJFKIcSi7UVNLBPVgo//U6fmafSYxDRe2P1XP02WhGIPYKSpdEpEuK
bHLQTUrU3ewagCtgCzjZ9gIdv43/TN7uoHatG1j4MPaqWba976Tqq4qWE+pQ7mUi
DAX1dlB+vYp7e2CK26Q0t1o/ClqmuF7bKa2DXDFSZDNBjGUsvKPMeAhx/jvhAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUBRIbda8oo+GBX96JHm3L8W+Jku8wHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjA3ODUyLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcEKgagBQSwMA0GCSqGSIb3DQEBCwUAA4IBAQBQCj/F
znWf+x51BF0N6z+SwjwSEqBpIjz8G0KtIJFsfOIXmHl/Fcql8Xw8hApCoe4ex1Vy
NxQe4x46CY4RP3hUXV/dEfdVMF1Lp22GfRGjeOoDlC38fuMjAM2ey+yIseIFNUI2
odNed3ofDjxrvjoUvGV/EBwQG3lBViUowXLPc4aNoOJrl+jDixoGVugDmYD7ah8f
SexotsLZMpzOhqfXjnxnqzOjoyw620Mq6VabpcCLmVwpaBJ9Cf2+G9YpGSI3QwB/
N4CIcj0oMkkG/zLbqg+fYDSWwOo0opFdwWa8y1XYUJmI4RZTR/QtUsQxapBazbeT
oWctHj3xlbbZ4N+X
-----END CERTIFICATE-----