Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS202776.roa
File:                     AS202776.roa (raw, json)
Hash identifier:          M06Y075M041nX36gQ4i84xRVssdyLPzx8PiPeFyfg5w=
Subject key identifier:   D6:80:7A:41:FA:57:4C:87:98:41:3B:B2:9C:62:48:A1:7C:6B:78:9A
Certificate issuer:       /CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Certificate serial:       434A78C6AF958DAD20DFEB69E1A8EEE199F36E4E
Authority key identifier: D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS202776.roa
Signing time:             Thu 03 Jul 2025 15:51:43 +0000
ROA not before:           Thu 03 Jul 2025 15:46:43 +0000
ROA not after:            Thu 02 Jul 2026 15:51:43 +0000
asID:                     202776
IP address blocks:        2a06:a005:2b90::/44 maxlen: 48
                          2a06:a005:2d10::/44 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 05 Jul 2025 17:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            43:4a:78:c6:af:95:8d:ad:20:df:eb:69:e1:a8:ee:e1:99:f3:6e:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
        Validity
            Not Before: Jul  3 15:46:43 2025 GMT
            Not After : Jul  2 15:51:43 2026 GMT
        Subject: CN=D6807A41FA574C8798413BB29C6248A17C6B789A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:84:ed:6d:cb:16:50:5c:d5:a6:35:3d:89:bc:
                    87:d2:d4:a7:0c:42:fb:1c:f3:7e:dc:b9:ec:2c:64:
                    74:a9:32:46:c4:3d:11:26:f3:f9:c4:7d:eb:c8:53:
                    b2:3a:01:5b:f6:56:16:ab:65:34:bd:59:62:10:1e:
                    00:b7:2f:3e:2e:db:b5:ab:5c:ac:09:48:09:76:96:
                    15:84:19:2d:9d:5a:8a:bd:90:ff:62:7d:90:4b:7e:
                    6c:c3:0a:4a:14:fd:45:6d:59:aa:8a:d6:bc:7d:0d:
                    3c:4b:36:65:b6:9e:bd:25:06:3e:a9:59:a1:c0:74:
                    8f:ef:6f:93:bb:5d:d8:4f:ca:99:3f:52:1a:13:bc:
                    fd:4c:09:98:b9:49:b2:d7:5b:e0:1b:1e:a1:23:f1:
                    b6:69:42:cd:54:c9:c7:b7:ed:2f:b1:42:b6:a9:47:
                    7b:89:d3:32:e2:12:40:4f:bf:a1:07:33:44:a8:fc:
                    81:eb:20:11:2a:4e:dd:8f:9f:72:c6:6a:86:6d:bd:
                    3e:f2:45:9a:8c:c3:98:f5:5b:ac:38:27:fa:15:80:
                    5c:67:1d:c3:9f:b3:5e:75:a9:0e:e1:51:da:a6:e6:
                    0b:38:e4:d7:34:ec:8c:e6:9d:11:8e:1f:de:85:55:
                    0e:1e:71:fc:d3:e7:6a:8b:d7:23:c8:2c:94:54:be:
                    13:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:80:7A:41:FA:57:4C:87:98:41:3B:B2:9C:62:48:A1:7C:6B:78:9A
            X509v3 Authority Key Identifier:
                keyid:D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS202776.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:2b90::/44
                  2a06:a005:2d10::/44

    Signature Algorithm: sha256WithRSAEncryption
         35:2e:f5:b6:79:99:a7:ec:49:01:b2:ad:82:9e:01:13:90:c2:
         ac:70:da:27:a1:00:c9:bd:2a:8d:0f:9b:2b:ea:05:31:6b:e9:
         3a:fd:de:2f:5b:51:17:59:cf:45:91:80:ea:46:66:c7:2e:bb:
         18:9d:77:11:e5:2c:eb:62:41:2c:bc:56:f7:0d:34:73:2a:28:
         75:a4:c9:16:c9:50:ee:e6:ec:ca:f5:1c:bd:8b:8e:d8:18:77:
         05:ae:71:13:9a:dc:8b:b5:28:ae:9e:26:4a:d4:00:a3:eb:0e:
         d5:c0:3b:89:e3:4d:09:b4:3a:3a:64:63:72:e9:2d:d4:77:a8:
         76:23:13:23:6f:98:d8:24:7c:c9:01:b3:50:b3:88:32:78:fb:
         43:88:74:98:75:b4:6a:5f:40:6a:5f:ab:40:b7:b3:c0:e0:d8:
         94:c8:4d:65:05:0b:65:a4:47:b0:50:d5:17:fa:f8:3c:ce:5b:
         45:b0:10:7b:2e:86:b9:33:46:9e:0c:09:f7:7e:86:8d:7d:77:
         b1:05:e3:cf:96:89:71:29:f2:ed:7c:5e:f5:e8:35:ca:17:51:
         ce:10:22:83:da:f7:86:c2:f5:4f:99:37:fe:ed:98:b9:7a:90:
         06:70:ab:13:6f:56:8d:61:90:0f:8e:af:18:28:57:38:cc:87:
         28:7f:75:ee
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIUQ0p4xq+Vja0g3+tp4aju4Znzbk4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDE0YjZmY2YyYjJjNjliZTA4NWU5Zjk1OTg3MmRjYmU4
ZWE1NDE3NzAeFw0yNTA3MDMxNTQ2NDNaFw0yNjA3MDIxNTUxNDNaMDMxMTAvBgNV
BAMTKEQ2ODA3QTQxRkE1NzRDODc5ODQxM0JCMjlDNjI0OEExN0M2Qjc4OUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFhO1tyxZQXNWmNT2JvIfS1KcM
Qvsc837cuewsZHSpMkbEPREm8/nEfevIU7I6AVv2VharZTS9WWIQHgC3Lz4u27Wr
XKwJSAl2lhWEGS2dWoq9kP9ifZBLfmzDCkoU/UVtWaqK1rx9DTxLNmW2nr0lBj6p
WaHAdI/vb5O7XdhPypk/UhoTvP1MCZi5SbLXW+AbHqEj8bZpQs1Uyce37S+xQrap
R3uJ0zLiEkBPv6EHM0So/IHrIBEqTt2Pn3LGaoZtvT7yRZqMw5j1W6w4J/oVgFxn
HcOfs151qQ7hUdqm5gs45Nc07IzmnRGOH96FVQ4ecfzT52qL1yPILJRUvhOTAgMB
AAGjggH7MIIB9zAdBgNVHQ4EFgQU1oB6QfpXTIeYQTuynGJIoXxreJowHwYDVR0j
BBgwFoAU0Utvzyssab4IXp+VmHLcvo6lQXcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvNy9EMTRCNkZDRjJC
MkM2OUJFMDg1RTlGOTU5ODcyRENCRThFQTU0MTc3LmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMFV0dnp5c3NhYjRJWHAtVm1ITGN2bzZsUVhjLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC83L0FT
MjAyNzc2LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEH
AQH/BBwwGjAYBAIAAjASAwcEKgagBSuQAwcEKgagBS0QMA0GCSqGSIb3DQEBCwUA
A4IBAQA1LvW2eZmn7EkBsq2CngETkMKscNonoQDJvSqND5sr6gUxa+k6/d4vW1EX
Wc9FkYDqRmbHLrsYnXcR5SzrYkEsvFb3DTRzKih1pMkWyVDu5uzK9Ry9i47YGHcF
rnETmtyLtSiuniZK1ACj6w7VwDuJ400JtDo6ZGNy6S3Ud6h2IxMjb5jYJHzJAbNQ
s4gyePtDiHSYdbRqX0BqX6tAt7PA4NiUyE1lBQtlpEewUNUX+vg8zltFsBB7Loa5
M0aeDAn3foaNfXexBePPlolxKfLtfF716DXKF1HOECKD2veGwvVPmTf+7Zi5epAG
cKsTb1aNYZAPjq8YKFc4zIcof3Xu
-----END CERTIFICATE-----