Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS208680.roa
File:                     AS208680.roa (raw, json)
Hash identifier:          FMxgE8Jo2MBTtoNXF/JRal1hyFUSWzzaADzxsKXoWis=
Subject key identifier:   F9:E1:E2:E6:87:0A:82:D1:0A:89:86:DA:2D:F9:C1:07:8C:8D:A2:B1
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       23B76F1445552F67F58E9E8266B280C6F561693D
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS208680.roa
Signing time:             Tue 05 Dec 2023 02:44:11 +0000
ROA not before:           Tue 05 Dec 2023 02:39:11 +0000
ROA not after:            Tue 03 Dec 2024 02:44:11 +0000
asID:                     208680
IP address blocks:        2a06:a005:2f0::/44 maxlen: 48
                          2a06:a005:300::/44 maxlen: 48
                          2a06:a005:310::/44 maxlen: 48
                          2a06:a005:320::/44 maxlen: 48
                          2a06:a005:330::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 04 May 2024 14:41:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            23:b7:6f:14:45:55:2f:67:f5:8e:9e:82:66:b2:80:c6:f5:61:69:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Dec  5 02:39:11 2023 GMT
            Not After : Dec  3 02:44:11 2024 GMT
        Subject: CN=F9E1E2E6870A82D10A8986DA2DF9C1078C8DA2B1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:bc:7b:b0:ac:ac:e3:00:8a:1d:e8:c0:27:74:
                    b2:6d:e3:fd:3c:29:fa:af:77:a6:7b:88:38:9c:e8:
                    ad:19:a5:83:c4:52:86:2e:00:9d:72:05:9c:04:f9:
                    28:7c:d6:72:fb:7c:94:92:f0:19:66:43:83:a3:32:
                    bc:84:25:c4:cd:cf:15:c6:85:a7:b8:bc:79:21:38:
                    57:79:12:ec:8f:17:67:b2:b6:56:d7:f6:f6:e0:3d:
                    01:53:8f:c5:2c:9c:e3:85:c4:de:17:6c:b8:49:5b:
                    9b:79:a3:e0:f6:cf:ab:2e:99:39:2a:9a:1d:cd:db:
                    82:03:c6:de:af:e5:10:ca:2a:7e:ac:98:55:84:71:
                    61:dd:28:24:5d:4a:73:5e:37:e5:2c:e3:1a:86:fd:
                    86:3f:15:a5:9f:c5:82:55:ed:71:9e:da:5c:31:3b:
                    2c:2c:7f:33:ae:3a:d5:6e:f7:fe:a7:0c:21:f3:2b:
                    f3:a2:b4:64:82:62:57:52:cd:5a:e2:aa:61:2d:6f:
                    5a:ec:5c:79:da:15:e8:78:28:15:dd:eb:41:ea:fe:
                    c9:8b:bf:c1:c6:ca:35:71:f4:ea:80:dd:fd:02:c9:
                    f3:dd:38:40:50:a0:57:1e:30:ad:a9:f3:8d:54:28:
                    b2:3e:bf:96:a2:5b:94:5f:1b:80:58:b2:b1:85:aa:
                    19:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:E1:E2:E6:87:0A:82:D1:0A:89:86:DA:2D:F9:C1:07:8C:8D:A2:B1
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS208680.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:2f0::-2a06:a005:33f:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         06:50:d9:4e:6c:f3:d8:53:42:a4:34:af:9b:98:2f:c3:a2:12:
         65:44:a7:c8:8a:60:29:ed:c0:a2:1b:dd:b1:c7:1d:16:56:da:
         96:d3:d4:18:89:81:4a:0b:03:4e:ae:20:b9:cf:3d:81:b6:97:
         91:28:4c:9f:50:a0:44:bc:9b:3c:9d:1c:13:ef:88:72:ee:f2:
         8c:5e:d0:5d:49:c3:5f:72:b0:6d:d3:94:95:b6:1d:48:ed:79:
         fb:1c:d0:c1:49:af:f1:1b:ee:25:35:6b:06:b9:da:e3:18:71:
         3a:6b:32:05:fb:c9:c5:12:3d:0b:12:e6:7f:c3:fd:d8:78:57:
         25:99:a2:a7:f6:95:3d:72:b4:2d:92:c7:16:79:35:cf:84:8e:
         83:98:7a:ae:81:0d:ba:5b:f5:5e:18:a7:c3:95:3c:e8:45:63:
         fb:75:86:97:3d:b3:d8:55:97:8c:35:6c:7c:08:cf:c3:97:2a:
         31:33:d2:19:41:2b:84:30:69:fa:c7:e5:62:73:0f:12:c0:91:
         26:e9:ff:81:77:7f:40:c5:39:88:5f:59:35:81:b2:98:ea:a0:
         37:be:c8:98:c8:7a:8f:a0:fb:9a:b1:7d:69:03:10:ab:38:34:
         bb:81:ea:06:34:da:5e:d3:7c:11:35:d2:b7:c5:6b:79:38:3a:
         73:05:14:35
-----BEGIN CERTIFICATE-----
MIIE8zCCA9ugAwIBAgIUI7dvFEVVL2f1jp6CZrKAxvVhaT0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yMzEyMDUwMjM5MTFaFw0yNDEyMDMwMjQ0MTFaMDMxMTAvBgNV
BAMTKEY5RTFFMkU2ODcwQTgyRDEwQTg5ODZEQTJERjlDMTA3OEM4REEyQjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmvHuwrKzjAIod6MAndLJt4/08
Kfqvd6Z7iDic6K0ZpYPEUoYuAJ1yBZwE+Sh81nL7fJSS8BlmQ4OjMryEJcTNzxXG
hae4vHkhOFd5EuyPF2eytlbX9vbgPQFTj8UsnOOFxN4XbLhJW5t5o+D2z6sumTkq
mh3N24IDxt6v5RDKKn6smFWEcWHdKCRdSnNeN+Us4xqG/YY/FaWfxYJV7XGe2lwx
OywsfzOuOtVu9/6nDCHzK/OitGSCYldSzVriqmEtb1rsXHnaFeh4KBXd60Hq/smL
v8HGyjVx9OqA3f0CyfPdOEBQoFceMK2p841UKLI+v5aiW5RfG4BYsrGFqhn/AgMB
AAGjggH9MIIB+TAdBgNVHQ4EFgQU+eHi5ocKgtEKiYbaLfnBB4yNorEwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjA4NjgwLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEH
AQH/BB4wHDAaBAIAAjAUMBIDBwQqBqAFAvADBwYqBqAFAwAwDQYJKoZIhvcNAQEL
BQADggEBAAZQ2U5s89hTQqQ0r5uYL8OiEmVEp8iKYCntwKIb3bHHHRZW2pbT1BiJ
gUoLA06uILnPPYG2l5EoTJ9QoES8mzydHBPviHLu8oxe0F1Jw19ysG3TlJW2HUjt
efsc0MFJr/Eb7iU1awa52uMYcTprMgX7ycUSPQsS5n/D/dh4VyWZoqf2lT1ytC2S
xxZ5Nc+EjoOYeq6BDbpb9V4Yp8OVPOhFY/t1hpc9s9hVl4w1bHwIz8OXKjEz0hlB
K4QwafrH5WJzDxLAkSbp/4F3f0DFOYhfWTWBspjqoDe+yJjIeo+g+5qxfWkDEKs4
NLuB6gY02l7TfBE10rfFa3k4OnMFFDU=
-----END CERTIFICATE-----