Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS208385.roa
File:                     AS208385.roa (raw, json)
Hash identifier:          dHMvlnFjD45OdAHl+gKEDN7qXe3dsYGD4OnNyzHKUpw=
Subject key identifier:   6A:86:DE:97:D9:46:33:45:9F:B2:D7:77:75:4D:B2:E0:0F:7E:4B:63
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       0A9FB1511816836612694302AE78046F9258974C
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS208385.roa
Signing time:             Tue 05 Dec 2023 02:44:15 +0000
ROA not before:           Tue 05 Dec 2023 02:39:15 +0000
ROA not after:            Tue 03 Dec 2024 02:44:15 +0000
asID:                     208385
IP address blocks:        2a06:a005:854::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 05 May 2024 05:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0a:9f:b1:51:18:16:83:66:12:69:43:02:ae:78:04:6f:92:58:97:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Dec  5 02:39:15 2023 GMT
            Not After : Dec  3 02:44:15 2024 GMT
        Subject: CN=6A86DE97D94633459FB2D777754DB2E00F7E4B63
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:1c:2f:6a:b5:5e:12:05:2f:10:c0:aa:c1:8f:
                    1d:f3:03:c7:e4:e8:50:25:7c:4c:08:11:5e:19:f9:
                    04:7f:c0:20:10:bf:a5:62:7e:27:45:57:c1:6a:f4:
                    95:0e:ad:35:97:cf:79:93:41:4b:ca:5c:53:cc:74:
                    ef:ac:39:fc:02:d6:42:94:45:56:70:de:cc:6d:15:
                    2e:16:da:f2:0d:a7:17:89:a1:9b:84:26:5d:09:f7:
                    3e:c4:7a:56:c1:c1:fa:49:e8:35:6e:66:88:06:38:
                    ab:dc:e4:0d:2f:fc:aa:62:00:cd:9f:24:58:90:e7:
                    da:05:e0:f9:cc:d6:7b:83:23:45:c1:34:d9:52:19:
                    4a:0c:11:b9:da:3b:ed:55:08:37:0f:4a:be:2e:58:
                    0e:c8:45:9c:09:40:90:11:ef:40:04:51:93:06:40:
                    8e:2a:a8:3e:64:db:56:e4:1f:eb:bd:e7:67:0b:c9:
                    94:a1:cf:fd:b3:42:88:12:d0:73:76:f9:05:ef:d8:
                    0e:2e:19:5f:53:db:98:a2:0a:a2:1a:bf:11:f4:07:
                    ed:3c:c3:55:48:62:1e:b1:80:8c:b1:f1:5d:4a:3b:
                    7d:d7:5c:4a:a0:d0:01:2b:80:4f:c6:d0:db:27:b6:
                    25:94:ad:e9:f9:65:f8:fe:36:e5:d2:01:d2:14:57:
                    33:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:86:DE:97:D9:46:33:45:9F:B2:D7:77:75:4D:B2:E0:0F:7E:4B:63
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS208385.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:854::/48

    Signature Algorithm: sha256WithRSAEncryption
         02:17:69:69:73:b2:cd:2c:57:3f:d7:be:e9:01:e1:d2:84:e6:
         f0:9a:e2:99:e7:48:23:73:e7:5a:b5:a3:c1:52:9e:e2:75:5f:
         28:c3:59:70:94:55:f4:1a:e8:d2:71:d9:01:d2:16:8f:d8:2e:
         aa:49:61:c2:87:73:22:96:c5:22:41:89:5a:fe:fe:9f:53:ff:
         6e:78:18:6d:0f:bc:aa:34:5e:49:c8:ce:88:87:89:68:a5:c4:
         1e:53:73:8a:6e:9c:13:27:65:c8:b2:0c:65:9d:64:2f:c6:04:
         19:b0:ff:42:73:7f:58:fb:d6:2e:28:86:83:7e:ca:2c:9f:64:
         f7:17:30:8e:f1:c1:7a:7a:60:52:8e:72:5d:97:2d:a4:8e:d4:
         76:80:f0:6b:ad:cd:c3:fb:dc:ab:d4:46:6c:ab:84:7c:b1:3a:
         fe:36:50:a5:a9:ba:5b:3d:ce:fa:84:74:1c:eb:6d:c1:d0:1d:
         5c:23:ea:59:e3:a8:8b:c9:90:ad:32:2b:f1:47:93:a7:ef:ca:
         52:64:56:18:fc:b8:22:2a:b2:06:fa:be:7a:cf:19:45:24:cd:
         50:26:35:f3:dd:48:48:c6:2a:d4:d8:3c:b3:59:ec:0e:16:53:
         24:fa:93:e0:1f:c5:99:34:cd:ed:20:f3:cd:5c:5e:82:cb:0b:
         bb:a0:0c:2b
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUCp+xURgWg2YSaUMCrngEb5JYl0wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzEyMDUwMjM5MTVaFw0yNDEyMDMwMjQ0MTVaMDMxMTAvBgNV
BAMTKDZBODZERTk3RDk0NjMzNDU5RkIyRDc3Nzc1NERCMkUwMEY3RTRCNjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDhHC9qtV4SBS8QwKrBjx3zA8fk
6FAlfEwIEV4Z+QR/wCAQv6VifidFV8Fq9JUOrTWXz3mTQUvKXFPMdO+sOfwC1kKU
RVZw3sxtFS4W2vINpxeJoZuEJl0J9z7EelbBwfpJ6DVuZogGOKvc5A0v/KpiAM2f
JFiQ59oF4PnM1nuDI0XBNNlSGUoMEbnaO+1VCDcPSr4uWA7IRZwJQJAR70AEUZMG
QI4qqD5k21bkH+u952cLyZShz/2zQogS0HN2+QXv2A4uGV9T25iiCqIavxH0B+08
w1VIYh6xgIyx8V1KO33XXEqg0AErgE/G0NsntiWUren5Zfj+NuXSAdIUVzOXAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUaobel9lGM0Wfstd3dU2y4A9+S2MwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjA4Mzg1LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcAKgagBQhUMA0GCSqGSIb3DQEBCwUAA4IBAQACF2lp
c7LNLFc/177pAeHShObwmuKZ50gjc+dataPBUp7idV8ow1lwlFX0GujScdkB0haP
2C6qSWHCh3MilsUiQYla/v6fU/9ueBhtD7yqNF5JyM6Ih4lopcQeU3OKbpwTJ2XI
sgxlnWQvxgQZsP9Cc39Y+9YuKIaDfsosn2T3FzCO8cF6emBSjnJdly2kjtR2gPBr
rc3D+9yr1EZsq4R8sTr+NlClqbpbPc76hHQc623B0B1cI+pZ46iLyZCtMivxR5On
78pSZFYY/LgiKrIG+r56zxlFJM1QJjXz3UhIxirU2DyzWewOFlMk+pPgH8WZNM3t
IPPNXF6Cywu7oAwr
-----END CERTIFICATE-----