Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS202222.roa
File:                     AS202222.roa (raw, json)
Hash identifier:          pUJye7cuE5VZJ+X3bxxsTX+RgIYJglA4IiSCteYdHQQ=
Subject key identifier:   EC:62:32:90:7F:35:3D:EF:A7:A2:80:74:E0:D1:41:93:79:A0:3A:98
Certificate issuer:       /CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Certificate serial:       6680F4EAFFA594633E3DAD221187A0C5EE9FB3A9
Authority key identifier: D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS202222.roa
Signing time:             Thu 03 Jul 2025 15:52:06 +0000
ROA not before:           Thu 03 Jul 2025 15:47:06 +0000
ROA not after:            Thu 02 Jul 2026 15:52:06 +0000
asID:                     202222
IP address blocks:        2a06:a005:d2c::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 05 Jul 2025 17:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            66:80:f4:ea:ff:a5:94:63:3e:3d:ad:22:11:87:a0:c5:ee:9f:b3:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
        Validity
            Not Before: Jul  3 15:47:06 2025 GMT
            Not After : Jul  2 15:52:06 2026 GMT
        Subject: CN=EC6232907F353DEFA7A28074E0D1419379A03A98
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:22:4d:9a:94:4a:62:cb:dd:8c:5b:27:1b:18:
                    6d:d1:f9:4f:3f:e1:2f:c8:07:0c:cf:5f:55:5c:93:
                    b5:e7:56:2e:27:9a:3b:c9:e8:ad:ea:9b:d7:b3:e4:
                    a2:d4:74:9f:20:0f:a7:b6:f4:d5:44:32:c9:93:66:
                    c7:5d:83:3a:a5:80:25:9c:74:fa:aa:49:77:9e:16:
                    ad:b2:41:67:ab:eb:f6:9e:b6:ab:bf:e1:29:b2:ba:
                    fe:a3:bf:59:e8:c3:80:bd:f1:c9:4d:bd:75:0e:36:
                    7e:e2:88:21:38:c7:54:b4:22:31:93:f5:45:41:ad:
                    f0:99:fe:bc:e5:91:29:48:a2:7b:85:57:15:db:c4:
                    40:e1:e5:01:f4:63:6a:fa:f2:41:dc:30:bb:85:bd:
                    c5:27:bf:7d:59:06:e2:1a:88:d4:05:c9:8a:d2:fd:
                    bd:13:18:df:9b:db:76:30:27:12:c2:91:08:bc:1e:
                    df:b4:73:03:c7:a5:61:00:c2:fe:c1:4c:5b:88:b5:
                    cd:59:7b:b6:ff:f7:7f:37:29:a1:9c:4d:52:b0:c2:
                    94:2f:63:8b:fc:d9:a6:f9:76:2a:d1:c0:62:83:e9:
                    79:7c:40:4c:70:64:02:42:08:b1:d9:94:46:aa:06:
                    14:e5:78:bc:17:49:fe:6f:eb:a2:13:cb:7e:4c:50:
                    69:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:62:32:90:7F:35:3D:EF:A7:A2:80:74:E0:D1:41:93:79:A0:3A:98
            X509v3 Authority Key Identifier:
                keyid:D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS202222.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:d2c::/48

    Signature Algorithm: sha256WithRSAEncryption
         14:a7:d8:b1:cf:28:94:9f:c4:61:bb:f8:2f:f0:a5:7a:f1:e3:
         cb:1a:03:5d:0a:4e:02:c1:38:70:01:87:dd:cf:3e:34:6d:ad:
         36:eb:24:a8:09:de:b0:f2:86:cc:7e:86:47:c6:85:bf:0d:9a:
         06:b5:13:d3:b5:29:13:22:4e:14:36:23:58:77:62:c4:66:62:
         7c:bd:ee:23:73:26:20:43:e6:ac:59:5a:f9:c6:61:fb:07:d2:
         71:b0:27:df:13:7c:7c:b1:a3:48:fe:f5:03:5e:57:35:9f:d0:
         ab:ee:20:a6:21:5e:20:c3:03:fc:55:83:45:94:72:cd:23:12:
         df:94:21:72:cf:29:8f:d0:f6:56:50:63:fb:71:f5:5a:b5:a4:
         a4:22:00:ed:4f:6a:49:4e:a1:fc:94:f6:73:5f:b4:93:dc:ed:
         71:6c:4e:5e:6f:12:cc:5c:0b:01:bc:88:ed:40:7e:5e:70:ea:
         3d:88:76:97:ed:65:3e:8a:7d:3c:fa:a4:17:63:37:e6:d5:92:
         5d:f3:e8:5e:b7:e2:aa:5a:a6:62:fe:65:0b:e3:d3:7f:f0:0a:
         4d:0b:f2:17:f6:4b:cd:9d:1e:29:33:8a:d0:14:5d:8d:d0:ce:
         64:0c:23:f2:da:3e:be:b3:34:06:b9:00:45:d5:86:d1:f6:71:
         ff:1d:39:c9
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUZoD06v+llGM+Pa0iEYegxe6fs6kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDE0YjZmY2YyYjJjNjliZTA4NWU5Zjk1OTg3MmRjYmU4
ZWE1NDE3NzAeFw0yNTA3MDMxNTQ3MDZaFw0yNjA3MDIxNTUyMDZaMDMxMTAvBgNV
BAMTKEVDNjIzMjkwN0YzNTNERUZBN0EyODA3NEUwRDE0MTkzNzlBMDNBOTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkIk2alEpiy92MWycbGG3R+U8/
4S/IBwzPX1Vck7XnVi4nmjvJ6K3qm9ez5KLUdJ8gD6e29NVEMsmTZsddgzqlgCWc
dPqqSXeeFq2yQWer6/aetqu/4Smyuv6jv1now4C98clNvXUONn7iiCE4x1S0IjGT
9UVBrfCZ/rzlkSlIonuFVxXbxEDh5QH0Y2r68kHcMLuFvcUnv31ZBuIaiNQFyYrS
/b0TGN+b23YwJxLCkQi8Ht+0cwPHpWEAwv7BTFuItc1Ze7b/9383KaGcTVKwwpQv
Y4v82ab5dirRwGKD6Xl8QExwZAJCCLHZlEaqBhTleLwXSf5v66ITy35MUGm3AgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQU7GIykH81Pe+nooB04NFBk3mgOpgwHwYDVR0j
BBgwFoAU0Utvzyssab4IXp+VmHLcvo6lQXcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvNy9EMTRCNkZDRjJC
MkM2OUJFMDg1RTlGOTU5ODcyRENCRThFQTU0MTc3LmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMFV0dnp5c3NhYjRJWHAtVm1ITGN2bzZsUVhjLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC83L0FT
MjAyMjIyLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcAKgagBQ0sMA0GCSqGSIb3DQEBCwUAA4IBAQAUp9ix
zyiUn8Rhu/gv8KV68ePLGgNdCk4CwThwAYfdzz40ba026ySoCd6w8obMfoZHxoW/
DZoGtRPTtSkTIk4UNiNYd2LEZmJ8ve4jcyYgQ+asWVr5xmH7B9JxsCffE3x8saNI
/vUDXlc1n9Cr7iCmIV4gwwP8VYNFlHLNIxLflCFyzymP0PZWUGP7cfVataSkIgDt
T2pJTqH8lPZzX7ST3O1xbE5ebxLMXAsBvIjtQH5ecOo9iHaX7WU+in08+qQXYzfm
1ZJd8+het+KqWqZi/mUL49N/8ApNC/IX9kvNnR4pM4rQFF2N0M5kDCPy2j6+szQG
uQBF1YbR9nH/HTnJ
-----END CERTIFICATE-----