Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS208679.roa
File:                     AS208679.roa (raw, json)
Hash identifier:          FD85tlSnBQuHU/yqMRfanYWFk0bzn+RTnwHH7yOX2hw=
Subject key identifier:   74:ED:AA:FC:C6:72:6A:1D:C3:EE:9F:01:9E:AC:79:19:BB:D8:9C:F5
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       4FC93CFA03FEFA6B58832D4816A1D272F94F6979
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS208679.roa
Signing time:             Tue 05 Nov 2024 03:40:08 +0000
ROA not before:           Tue 05 Nov 2024 03:35:08 +0000
ROA not after:            Tue 04 Nov 2025 03:40:08 +0000
asID:                     208679
IP address blocks:        2a06:a005:8d0::/44 maxlen: 48
                          2a06:a005:9a0::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 23:17:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4f:c9:3c:fa:03:fe:fa:6b:58:83:2d:48:16:a1:d2:72:f9:4f:69:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Nov  5 03:35:08 2024 GMT
            Not After : Nov  4 03:40:08 2025 GMT
        Subject: CN=74EDAAFCC6726A1DC3EE9F019EAC7919BBD89CF5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:db:55:39:c1:8b:04:c5:b9:1e:50:ef:35:11:
                    6a:80:79:75:e9:30:5e:11:e4:91:a7:de:db:ba:60:
                    6d:6f:97:5a:35:37:d5:7d:c0:e2:75:db:6a:ac:74:
                    d0:10:b8:8a:9c:f6:14:82:ef:a7:89:21:0b:16:85:
                    44:03:58:04:30:01:97:12:83:f6:85:c2:f3:c7:79:
                    a2:f7:07:af:c6:89:4d:09:cb:2c:8b:bd:91:ce:b6:
                    58:9e:35:ef:27:8e:0f:5e:ff:aa:c1:a2:19:0e:45:
                    d8:d7:00:dc:d9:b7:74:cf:e0:4c:e8:59:69:04:2c:
                    ae:b2:35:d9:e0:e4:f3:ea:bb:78:40:e2:1e:08:ae:
                    e8:c2:42:14:2e:42:b2:a9:2c:52:e8:2f:49:f7:fe:
                    fb:0f:62:f1:2f:53:75:27:62:16:76:77:7d:d9:2e:
                    75:c8:91:18:20:67:c2:08:d2:b8:38:7a:30:e4:ee:
                    e9:2c:06:41:1d:e3:56:09:40:e5:56:a6:ca:14:a4:
                    db:c4:3e:74:22:53:90:16:6c:67:97:53:39:1b:af:
                    a4:eb:a8:9a:2f:b2:17:d4:f2:32:62:54:cd:d7:8c:
                    ea:da:97:9d:c2:25:30:b5:31:d2:5b:08:65:2b:0a:
                    d9:3b:79:14:09:7e:c6:2c:ce:bb:05:cd:5b:0e:a2:
                    47:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:ED:AA:FC:C6:72:6A:1D:C3:EE:9F:01:9E:AC:79:19:BB:D8:9C:F5
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS208679.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:8d0::/44
                  2a06:a005:9a0::/44

    Signature Algorithm: sha256WithRSAEncryption
         cb:99:a5:5e:51:51:0a:b4:4a:9d:91:ed:36:63:34:20:fb:25:
         6b:2f:35:4e:e1:0b:04:3e:04:65:ce:d1:91:c8:9c:cb:c3:6f:
         1f:24:ec:37:72:e2:ff:ec:74:26:36:76:77:6d:2b:6e:35:d6:
         24:3e:d9:12:18:d9:cd:55:19:9f:c3:d6:bc:ec:e6:39:92:fc:
         37:65:c2:19:b2:89:16:5d:99:7f:5b:e4:26:7d:3b:99:13:35:
         12:84:a8:bb:19:61:43:0d:90:0c:b6:3a:c9:a1:2d:81:92:74:
         17:fc:44:db:7a:a1:c9:c4:5a:76:f8:2a:0b:2e:3f:6a:48:c9:
         8a:68:48:ae:8f:97:39:a1:fa:92:ce:4c:c3:2b:95:d2:57:84:
         e1:17:17:22:e1:13:88:ff:c1:93:a2:77:b2:7b:ba:2f:92:21:
         dc:b2:8a:44:fa:18:2e:2e:8c:cc:8c:58:1f:0a:de:e5:bc:c8:
         99:9c:89:04:92:e8:9b:ff:4b:93:c9:e8:73:ad:34:f6:38:7d:
         2e:a4:49:a9:fe:be:fd:71:a9:ce:ab:dd:c1:b8:e9:93:50:0d:
         9d:27:bc:38:75:0e:42:7a:f1:82:2b:5e:07:c8:e0:3a:e8:c9:
         0e:b1:45:b3:c6:4f:7d:9c:db:b9:a3:e5:6b:21:b8:b5:7f:ec:
         e0:cc:e4:b0
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIUT8k8+gP++mtYgy1IFqHScvlPaXkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDExMDUwMzM1MDhaFw0yNTExMDQwMzQwMDhaMDMxMTAvBgNV
BAMTKDc0RURBQUZDQzY3MjZBMURDM0VFOUYwMTlFQUM3OTE5QkJEODlDRjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDh21U5wYsExbkeUO81EWqAeXXp
MF4R5JGn3tu6YG1vl1o1N9V9wOJ122qsdNAQuIqc9hSC76eJIQsWhUQDWAQwAZcS
g/aFwvPHeaL3B6/GiU0JyyyLvZHOtlieNe8njg9e/6rBohkORdjXANzZt3TP4Ezo
WWkELK6yNdng5PPqu3hA4h4IrujCQhQuQrKpLFLoL0n3/vsPYvEvU3UnYhZ2d33Z
LnXIkRggZ8II0rg4ejDk7uksBkEd41YJQOVWpsoUpNvEPnQiU5AWbGeXUzkbr6Tr
qJovshfU8jJiVM3XjOral53CJTC1MdJbCGUrCtk7eRQJfsYszrsFzVsOokc1AgMB
AAGjggH7MIIB9zAdBgNVHQ4EFgQUdO2q/MZyah3D7p8Bnqx5GbvYnPUwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjA4Njc5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEH
AQH/BBwwGjAYBAIAAjASAwcEKgagBQjQAwcEKgagBQmgMA0GCSqGSIb3DQEBCwUA
A4IBAQDLmaVeUVEKtEqdke02YzQg+yVrLzVO4QsEPgRlztGRyJzLw28fJOw3cuL/
7HQmNnZ3bStuNdYkPtkSGNnNVRmfw9a87OY5kvw3ZcIZsokWXZl/W+QmfTuZEzUS
hKi7GWFDDZAMtjrJoS2BknQX/ETbeqHJxFp2+CoLLj9qSMmKaEiuj5c5ofqSzkzD
K5XSV4ThFxci4ROI/8GToneye7ovkiHcsopE+hguLozMjFgfCt7lvMiZnIkEkuib
/0uTyehzrTT2OH0upEmp/r79canOq93BuOmTUA2dJ7w4dQ5CevGCK14HyOA66MkO
sUWzxk99nNu5o+VrIbi1f+zgzOSw
-----END CERTIFICATE-----