Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS200730.roa
File:                     AS200730.roa (raw, json)
Hash identifier:          FAqrvhDEQpZ1o44wn2DZ1DUUny3MTP4dY94PUZNZj8c=
Subject key identifier:   C6:7D:BD:0B:43:DC:42:AE:AB:3F:8F:33:01:C2:03:AF:D3:47:8C:57
Certificate issuer:       /CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Certificate serial:       1392DA9EC3113E67662651E6A5F23D0B746DEA24
Authority key identifier: D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS200730.roa
Signing time:             Thu 03 Jul 2025 15:52:07 +0000
ROA not before:           Thu 03 Jul 2025 15:47:07 +0000
ROA not after:            Thu 02 Jul 2026 15:52:07 +0000
asID:                     200730
IP address blocks:        2a06:a005:116f::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 05 Jul 2025 17:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            13:92:da:9e:c3:11:3e:67:66:26:51:e6:a5:f2:3d:0b:74:6d:ea:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
        Validity
            Not Before: Jul  3 15:47:07 2025 GMT
            Not After : Jul  2 15:52:07 2026 GMT
        Subject: CN=C67DBD0B43DC42AEAB3F8F3301C203AFD3478C57
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:e2:63:56:25:f5:ba:37:b4:ec:e4:59:bb:9f:
                    f8:a1:c7:a4:bf:eb:96:13:6a:b8:55:98:60:15:7f:
                    24:78:f5:e3:6c:31:9d:1a:25:f7:76:6d:48:7c:6f:
                    b9:69:7c:19:74:5f:94:12:e6:e7:1f:e3:24:59:18:
                    e4:58:e6:1f:32:52:6c:9c:6c:48:ad:ad:79:f9:41:
                    44:61:b8:42:ba:e6:d6:e1:64:7a:26:10:78:83:40:
                    ee:41:67:0a:93:a2:64:2b:92:b1:a1:e3:b0:9f:4c:
                    ed:3b:ba:88:f4:52:30:ff:3e:d8:4a:e5:31:08:b9:
                    c1:2d:6f:44:83:7f:3a:ac:84:19:04:9a:c0:50:d0:
                    b0:02:82:4a:1e:b2:28:23:a9:3f:e5:66:0b:a2:b8:
                    56:66:b6:c4:13:9c:c8:d0:dc:a4:61:86:ca:3b:fa:
                    40:fd:6a:66:a4:87:6d:1c:32:0d:ad:be:ae:56:65:
                    81:7c:d7:a2:b4:dc:01:a9:f9:bc:25:37:21:37:54:
                    d8:96:56:d1:34:a1:19:a1:06:83:d3:4d:e4:67:03:
                    25:86:97:41:79:76:52:a0:98:ff:68:f0:c5:b9:97:
                    85:6f:79:69:e8:cd:3c:af:bb:2c:ab:4d:9a:e2:4e:
                    30:a0:81:09:af:ac:9a:ec:af:30:59:2a:01:d2:50:
                    04:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:7D:BD:0B:43:DC:42:AE:AB:3F:8F:33:01:C2:03:AF:D3:47:8C:57
            X509v3 Authority Key Identifier:
                keyid:D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS200730.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:116f::/48

    Signature Algorithm: sha256WithRSAEncryption
         a6:46:5f:b9:a0:26:2d:a6:b4:8b:d5:2e:61:ce:55:de:78:ce:
         27:e4:d5:57:b3:2d:9e:6d:d4:7e:45:8b:7f:d0:ec:cc:6d:de:
         eb:51:83:a4:04:9c:b7:68:b9:68:a6:01:a7:e7:b1:9b:22:ef:
         9f:fc:80:e8:5e:f2:e3:a8:71:e8:34:24:b2:62:db:a8:3a:95:
         b2:14:90:85:87:52:10:98:d1:47:78:69:87:fe:88:e3:e6:75:
         c8:79:61:07:bd:86:b5:0c:69:0e:12:63:66:8d:3d:ec:1d:55:
         c5:5c:12:18:b4:d6:f7:5a:85:eb:ae:b2:07:65:04:3d:d9:14:
         9d:3d:6e:dc:64:49:90:d2:26:97:5d:2e:48:70:16:76:50:1f:
         be:be:2c:30:16:d1:ef:a6:65:a9:05:a0:60:2a:41:49:aa:e6:
         ca:ee:74:06:c3:08:49:2d:6a:55:d1:e0:2b:90:51:5e:50:35:
         c8:6b:8f:46:8a:13:07:24:fb:42:1e:71:28:62:ac:61:dd:43:
         fd:55:17:51:bf:d8:1c:f7:17:78:d2:81:e5:8a:b7:da:f9:9e:
         22:e0:de:1e:bd:a6:8c:89:ec:c0:ec:96:7b:1c:b3:d7:da:c2:
         08:5e:71:f4:d3:0a:7c:e1:3f:e9:25:04:93:6f:d8:a1:af:80:
         cc:aa:23:20
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUE5LansMRPmdmJlHmpfI9C3Rt6iQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDE0YjZmY2YyYjJjNjliZTA4NWU5Zjk1OTg3MmRjYmU4
ZWE1NDE3NzAeFw0yNTA3MDMxNTQ3MDdaFw0yNjA3MDIxNTUyMDdaMDMxMTAvBgNV
BAMTKEM2N0RCRDBCNDNEQzQyQUVBQjNGOEYzMzAxQzIwM0FGRDM0NzhDNTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC04mNWJfW6N7Ts5Fm7n/ihx6S/
65YTarhVmGAVfyR49eNsMZ0aJfd2bUh8b7lpfBl0X5QS5ucf4yRZGORY5h8yUmyc
bEitrXn5QURhuEK65tbhZHomEHiDQO5BZwqTomQrkrGh47CfTO07uoj0UjD/PthK
5TEIucEtb0SDfzqshBkEmsBQ0LACgkoesigjqT/lZguiuFZmtsQTnMjQ3KRhhso7
+kD9amakh20cMg2tvq5WZYF816K03AGp+bwlNyE3VNiWVtE0oRmhBoPTTeRnAyWG
l0F5dlKgmP9o8MW5l4VveWnozTyvuyyrTZriTjCggQmvrJrsrzBZKgHSUARXAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUxn29C0PcQq6rP48zAcIDr9NHjFcwHwYDVR0j
BBgwFoAU0Utvzyssab4IXp+VmHLcvo6lQXcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvNy9EMTRCNkZDRjJC
MkM2OUJFMDg1RTlGOTU5ODcyRENCRThFQTU0MTc3LmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMFV0dnp5c3NhYjRJWHAtVm1ITGN2bzZsUVhjLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC83L0FT
MjAwNzMwLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcAKgagBRFvMA0GCSqGSIb3DQEBCwUAA4IBAQCmRl+5
oCYtprSL1S5hzlXeeM4n5NVXsy2ebdR+RYt/0OzMbd7rUYOkBJy3aLlopgGn57Gb
Iu+f/IDoXvLjqHHoNCSyYtuoOpWyFJCFh1IQmNFHeGmH/ojj5nXIeWEHvYa1DGkO
EmNmjT3sHVXFXBIYtNb3WoXrrrIHZQQ92RSdPW7cZEmQ0iaXXS5IcBZ2UB++viww
FtHvpmWpBaBgKkFJqubK7nQGwwhJLWpV0eArkFFeUDXIa49GihMHJPtCHnEoYqxh
3UP9VRdRv9gc9xd40oHlirfa+Z4i4N4evaaMiezA7JZ7HLPX2sIIXnH00wp84T/p
JQSTb9ihr4DMqiMg
-----END CERTIFICATE-----