Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS202467.roa
File:                     AS202467.roa (raw, json)
Hash identifier:          whNWl93Z3O+lQ72wjrOIPnDBJQGfj19W6vVFcmCeU4g=
Subject key identifier:   50:EB:07:7B:21:42:6B:EB:FE:10:C2:5A:6A:9E:50:1C:69:E4:8A:C7
Certificate issuer:       /CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Certificate serial:       0AD0E2348BB7871C2E4E36D4722A882F7F634E9B
Authority key identifier: D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS202467.roa
Signing time:             Thu 03 Jul 2025 15:51:42 +0000
ROA not before:           Thu 03 Jul 2025 15:46:42 +0000
ROA not after:            Thu 02 Jul 2026 15:51:42 +0000
asID:                     202467
IP address blocks:        2a06:a005:1162::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 05 Jul 2025 17:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0a:d0:e2:34:8b:b7:87:1c:2e:4e:36:d4:72:2a:88:2f:7f:63:4e:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
        Validity
            Not Before: Jul  3 15:46:42 2025 GMT
            Not After : Jul  2 15:51:42 2026 GMT
        Subject: CN=50EB077B21426BEBFE10C25A6A9E501C69E48AC7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:60:a6:38:75:d6:cf:4b:0e:3f:64:fc:64:3c:
                    dd:52:b5:4b:75:c8:bc:54:80:d2:9d:a5:bb:d4:17:
                    4e:97:80:d8:47:a4:85:e9:3e:c4:e8:92:38:9a:2c:
                    df:1a:3f:83:c6:2f:f0:fd:0a:2e:40:08:a4:19:28:
                    2a:54:e8:ae:a8:d8:02:22:64:02:6d:93:ca:58:be:
                    47:a5:2d:2f:72:e7:21:77:ce:c8:aa:84:12:bb:51:
                    62:8f:ea:a9:70:0c:a0:8b:aa:7c:6d:0d:c5:59:d9:
                    e9:de:3d:8f:12:95:a3:45:8b:77:dd:9c:93:9f:56:
                    10:59:c5:91:f8:d5:5c:89:f9:86:bc:84:71:a4:6a:
                    a3:1e:00:98:3e:33:7c:aa:20:83:c6:96:0b:b5:93:
                    ce:0d:3e:e1:a1:67:3f:db:a3:38:60:05:f0:3b:3d:
                    6c:2e:03:82:93:4b:6a:d7:c5:16:9d:29:48:a5:34:
                    a8:a6:6f:35:f4:42:9d:86:48:73:27:82:ac:9f:be:
                    55:34:fb:ea:75:53:8b:4a:85:33:90:66:b0:a8:84:
                    3b:7d:48:8c:1e:e7:69:05:d5:af:33:7d:b6:42:c5:
                    9a:fb:27:2b:ac:1e:cf:ee:3b:2b:86:ee:1a:29:c5:
                    26:8c:35:e7:cd:95:29:13:cf:f1:c4:f0:64:0c:d2:
                    11:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:EB:07:7B:21:42:6B:EB:FE:10:C2:5A:6A:9E:50:1C:69:E4:8A:C7
            X509v3 Authority Key Identifier:
                keyid:D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS202467.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:1162::/48

    Signature Algorithm: sha256WithRSAEncryption
         9d:98:b7:3e:e8:27:6f:9e:4a:73:f8:5b:eb:6d:44:58:6d:fe:
         9e:6d:85:d0:50:1e:00:de:f9:da:1c:f0:3f:5a:e5:8f:0c:3b:
         02:78:14:58:1f:69:11:a3:43:8e:3f:5a:06:48:db:17:85:23:
         a4:9b:fe:6b:c1:08:79:b0:67:9f:7c:07:4c:7a:74:86:ad:22:
         a3:56:21:68:11:08:23:cf:91:b1:d4:85:4e:72:89:3f:ca:63:
         19:fc:7d:64:67:7f:45:06:4d:4b:17:38:7f:85:cd:c8:b4:53:
         1c:5b:d4:46:3f:a7:53:bb:e3:f4:39:0c:8c:9b:44:84:5f:2c:
         45:8e:2f:14:0b:44:6b:4c:04:0f:d8:aa:74:7c:6a:37:fd:1b:
         73:a5:01:27:20:4b:cc:4d:c2:dc:17:43:ee:8d:cd:9c:ef:4a:
         c3:e0:82:63:3c:43:fd:83:32:48:ec:c1:b9:da:f0:ea:98:54:
         56:3d:c7:f7:d0:0c:b7:a2:45:a7:95:a5:0b:d5:c0:f1:02:bd:
         3d:10:20:4a:e6:a7:83:9c:bd:ea:04:8c:69:19:40:3f:62:f8:
         a3:cd:1f:50:70:ce:2a:33:60:24:6d:69:48:f6:40:fe:85:9b:
         1c:5f:87:ad:ed:f4:88:64:b2:6d:dd:c3:18:30:1f:ce:77:6e:
         09:c4:3e:80
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUCtDiNIu3hxwuTjbUciqIL39jTpswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDE0YjZmY2YyYjJjNjliZTA4NWU5Zjk1OTg3MmRjYmU4
ZWE1NDE3NzAeFw0yNTA3MDMxNTQ2NDJaFw0yNjA3MDIxNTUxNDJaMDMxMTAvBgNV
BAMTKDUwRUIwNzdCMjE0MjZCRUJGRTEwQzI1QTZBOUU1MDFDNjlFNDhBQzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCcYKY4ddbPSw4/ZPxkPN1StUt1
yLxUgNKdpbvUF06XgNhHpIXpPsTokjiaLN8aP4PGL/D9Ci5ACKQZKCpU6K6o2AIi
ZAJtk8pYvkelLS9y5yF3zsiqhBK7UWKP6qlwDKCLqnxtDcVZ2enePY8SlaNFi3fd
nJOfVhBZxZH41VyJ+Ya8hHGkaqMeAJg+M3yqIIPGlgu1k84NPuGhZz/bozhgBfA7
PWwuA4KTS2rXxRadKUilNKimbzX0Qp2GSHMngqyfvlU0++p1U4tKhTOQZrCohDt9
SIwe52kF1a8zfbZCxZr7JyusHs/uOyuG7hopxSaMNefNlSkTz/HE8GQM0hFFAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUUOsHeyFCa+v+EMJaap5QHGnkiscwHwYDVR0j
BBgwFoAU0Utvzyssab4IXp+VmHLcvo6lQXcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvNy9EMTRCNkZDRjJC
MkM2OUJFMDg1RTlGOTU5ODcyRENCRThFQTU0MTc3LmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMFV0dnp5c3NhYjRJWHAtVm1ITGN2bzZsUVhjLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC83L0FT
MjAyNDY3LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcAKgagBRFiMA0GCSqGSIb3DQEBCwUAA4IBAQCdmLc+
6Cdvnkpz+FvrbURYbf6ebYXQUB4A3vnaHPA/WuWPDDsCeBRYH2kRo0OOP1oGSNsX
hSOkm/5rwQh5sGeffAdMenSGrSKjViFoEQgjz5Gx1IVOcok/ymMZ/H1kZ39FBk1L
Fzh/hc3ItFMcW9RGP6dTu+P0OQyMm0SEXyxFji8UC0RrTAQP2Kp0fGo3/RtzpQEn
IEvMTcLcF0Pujc2c70rD4IJjPEP9gzJI7MG52vDqmFRWPcf30Ay3okWnlaUL1cDx
Ar09ECBK5qeDnL3qBIxpGUA/YvijzR9QcM4qM2AkbWlI9kD+hZscX4et7fSIZLJt
3cMYMB/Od24JxD6A
-----END CERTIFICATE-----