Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS208679.roa
File:                     AS208679.roa (raw, json)
Hash identifier:          GLBpeMEeQP8aWofLdT6VFEGEcDmrZhJK0Qr3Lsv5ibU=
Subject key identifier:   1A:0A:0F:59:DC:D6:11:76:29:A8:E3:5E:B1:C3:C4:67:06:A8:F1:45
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       6E70D7DC8E62E43D48927B54C9D196120984D7F5
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS208679.roa
Signing time:             Tue 05 Dec 2023 02:44:18 +0000
ROA not before:           Tue 05 Dec 2023 02:39:18 +0000
ROA not after:            Tue 03 Dec 2024 02:44:18 +0000
asID:                     208679
IP address blocks:        2a06:a005:8d0::/44 maxlen: 48
                          2a06:a005:9a0::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 05 May 2024 05:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6e:70:d7:dc:8e:62:e4:3d:48:92:7b:54:c9:d1:96:12:09:84:d7:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Dec  5 02:39:18 2023 GMT
            Not After : Dec  3 02:44:18 2024 GMT
        Subject: CN=1A0A0F59DCD6117629A8E35EB1C3C46706A8F145
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:df:86:a9:fc:88:70:3b:a6:38:03:ef:80:37:
                    15:a4:aa:e0:c8:85:7e:69:0a:46:b9:e5:1d:86:a6:
                    b6:e2:d9:82:ec:a2:68:c2:ac:b2:f9:41:a2:cc:d6:
                    86:7a:63:aa:c1:04:29:fc:27:4a:74:bc:91:ae:c1:
                    06:ac:72:9a:75:b2:83:be:db:4a:f6:c7:04:55:95:
                    de:5e:d8:3e:0b:d4:71:f8:5c:79:79:75:ce:9c:d8:
                    30:59:c3:86:b9:f4:8b:85:d4:09:83:fc:1f:a5:9b:
                    91:d6:fa:ad:03:d2:46:86:d9:36:ca:64:38:7a:7a:
                    cc:42:65:24:ef:37:1a:8a:5c:8d:b1:3c:be:39:ed:
                    ec:68:5e:e1:c3:23:32:38:dd:e7:44:e4:84:2c:aa:
                    3a:bd:d0:0c:26:d6:f3:0e:90:3b:b1:31:e9:50:c2:
                    dc:05:dd:e7:b3:22:17:ce:ae:70:08:46:47:6d:ee:
                    87:b3:e7:05:68:77:7c:1b:79:e0:92:13:99:0f:ea:
                    7d:2a:ad:50:a9:03:1b:ae:c2:c7:3b:70:7c:7d:92:
                    e5:37:ec:9f:cc:20:6a:86:a6:2f:e5:9f:7d:63:08:
                    d8:c0:47:be:a6:6c:4b:6b:36:97:e3:73:c8:69:4d:
                    05:9f:de:0c:5f:a9:2c:a1:e6:3f:92:a4:22:8d:f7:
                    ee:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:0A:0F:59:DC:D6:11:76:29:A8:E3:5E:B1:C3:C4:67:06:A8:F1:45
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS208679.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:8d0::/44
                  2a06:a005:9a0::/44

    Signature Algorithm: sha256WithRSAEncryption
         90:f1:db:c1:bf:89:92:77:fb:0a:3a:ac:3d:37:01:80:c2:eb:
         2b:c2:61:cb:ed:1b:25:82:20:8c:47:5c:33:db:e9:76:73:1c:
         88:d5:e2:ce:f1:93:df:5f:ef:16:e6:0c:2f:96:d7:d5:ea:cc:
         f9:c2:4c:1d:39:b5:f8:6b:fa:5f:05:52:51:56:0e:ae:46:c1:
         af:78:a3:97:d7:fb:91:86:e4:10:e1:26:3f:67:87:ee:86:ac:
         02:42:c0:49:71:f6:37:33:7b:37:dd:3b:ce:bd:01:01:6c:f6:
         f7:1b:33:ff:f1:5c:a0:43:0c:35:c2:d6:38:fa:b7:44:4d:8a:
         6f:28:82:e7:b8:4b:50:37:12:61:ab:ee:20:ce:22:e6:57:f4:
         db:39:9f:75:29:d0:59:f9:b0:49:c4:f9:48:14:b4:94:16:81:
         9f:e8:8e:53:d1:d8:bd:a7:63:b1:ab:bd:4e:2b:15:3e:19:52:
         84:cc:f2:67:d1:4a:26:6b:eb:d5:d2:6d:fd:78:1b:b8:fd:f7:
         25:f1:d1:4b:7c:7b:b2:08:ab:18:b0:df:ed:1f:66:4d:e6:a8:
         db:02:20:0c:fb:50:01:85:a5:6e:44:98:d8:35:67:bf:4c:5a:
         51:a8:15:f2:90:cf:8d:a6:cd:45:78:ca:dd:ef:0e:ee:8b:5b:
         a8:5b:f8:95
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIUbnDX3I5i5D1IkntUydGWEgmE1/UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzEyMDUwMjM5MThaFw0yNDEyMDMwMjQ0MThaMDMxMTAvBgNV
BAMTKDFBMEEwRjU5RENENjExNzYyOUE4RTM1RUIxQzNDNDY3MDZBOEYxNDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDV34ap/IhwO6Y4A++ANxWkquDI
hX5pCka55R2Gprbi2YLsomjCrLL5QaLM1oZ6Y6rBBCn8J0p0vJGuwQascpp1soO+
20r2xwRVld5e2D4L1HH4XHl5dc6c2DBZw4a59IuF1AmD/B+lm5HW+q0D0kaG2TbK
ZDh6esxCZSTvNxqKXI2xPL457exoXuHDIzI43edE5IQsqjq90Awm1vMOkDuxMelQ
wtwF3eezIhfOrnAIRkdt7oez5wVod3wbeeCSE5kP6n0qrVCpAxuuwsc7cHx9kuU3
7J/MIGqGpi/ln31jCNjAR76mbEtrNpfjc8hpTQWf3gxfqSyh5j+SpCKN9+7xAgMB
AAGjggH7MIIB9zAdBgNVHQ4EFgQUGgoPWdzWEXYpqONescPEZwao8UUwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjA4Njc5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEH
AQH/BBwwGjAYBAIAAjASAwcEKgagBQjQAwcEKgagBQmgMA0GCSqGSIb3DQEBCwUA
A4IBAQCQ8dvBv4mSd/sKOqw9NwGAwusrwmHL7RslgiCMR1wz2+l2cxyI1eLO8ZPf
X+8W5gwvltfV6sz5wkwdObX4a/pfBVJRVg6uRsGveKOX1/uRhuQQ4SY/Z4fuhqwC
QsBJcfY3M3s33TvOvQEBbPb3GzP/8VygQww1wtY4+rdETYpvKILnuEtQNxJhq+4g
ziLmV/TbOZ91KdBZ+bBJxPlIFLSUFoGf6I5T0di9p2Oxq71OKxU+GVKEzPJn0Uom
a+vV0m39eBu4/fcl8dFLfHuyCKsYsN/tH2ZN5qjbAiAM+1ABhaVuRJjYNWe/TFpR
qBXykM+Nps1FeMrd7w7ui1uoW/iV
-----END CERTIFICATE-----