Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS203577.roa
File:                     AS203577.roa (raw, json)
Hash identifier:          m3I2MgdkInPbdfGov4NckuZQ5bantQH35+PW0qVbpJA=
Subject key identifier:   98:AB:04:8C:AA:72:35:4B:A3:09:F0:84:52:B6:E5:90:A9:55:AF:9E
Certificate issuer:       /CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Certificate serial:       7DA1E6FC5D953DC3C13DAA9DB2538181A5692C58
Authority key identifier: D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS203577.roa
Signing time:             Thu 03 Jul 2025 15:52:04 +0000
ROA not before:           Thu 03 Jul 2025 15:47:04 +0000
ROA not after:            Thu 02 Jul 2026 15:52:04 +0000
asID:                     203577
IP address blocks:        2a06:a005:1f50::/44 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 05 Jul 2025 17:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7d:a1:e6:fc:5d:95:3d:c3:c1:3d:aa:9d:b2:53:81:81:a5:69:2c:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
        Validity
            Not Before: Jul  3 15:47:04 2025 GMT
            Not After : Jul  2 15:52:04 2026 GMT
        Subject: CN=98AB048CAA72354BA309F08452B6E590A955AF9E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:c0:41:bf:d4:8c:7b:4d:f2:90:8f:29:a6:0d:
                    4a:8e:ed:99:68:f4:8e:fa:54:f6:be:16:d6:7c:34:
                    dc:60:ac:dd:e3:1c:fe:1c:de:52:70:58:04:2a:7d:
                    bd:16:f1:b3:77:a8:9e:68:dc:b7:ef:e2:78:99:df:
                    53:88:98:d9:40:67:2d:8d:8c:b9:a8:2d:eb:b8:ea:
                    af:f3:bd:63:ef:8c:2e:d0:0e:cb:00:97:a1:28:66:
                    aa:a5:cc:ac:cb:4b:33:39:30:cc:b0:a2:8f:2b:86:
                    e2:53:3d:fa:07:a9:f7:21:b1:36:f9:e3:d6:11:c8:
                    72:52:19:16:66:09:ff:97:21:4c:21:00:87:dc:fe:
                    07:2f:2d:01:d3:7c:d4:d9:0e:23:7c:f3:9e:ac:b6:
                    a6:72:36:bd:10:3c:97:a7:5d:37:bd:f1:a5:67:0f:
                    6c:f3:69:26:94:40:d0:ec:52:b3:c4:c3:ef:58:49:
                    a2:df:48:2a:0b:84:8b:ab:61:16:cc:8e:cd:b6:54:
                    0d:94:86:fb:3b:2c:18:96:52:19:c7:43:9a:a0:be:
                    4b:3d:30:10:f8:9c:cc:82:24:11:ea:b9:0c:6b:7b:
                    5d:c9:94:13:4c:54:f1:c4:6b:b1:50:e7:b2:1f:c7:
                    65:4e:3e:01:d3:f2:e6:72:30:aa:86:02:2d:f5:fd:
                    b4:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:AB:04:8C:AA:72:35:4B:A3:09:F0:84:52:B6:E5:90:A9:55:AF:9E
            X509v3 Authority Key Identifier:
                keyid:D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS203577.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:1f50::/44

    Signature Algorithm: sha256WithRSAEncryption
         6a:43:1a:b0:26:03:98:7d:6c:36:a8:5c:46:65:fd:b4:7e:54:
         ce:ff:44:35:c7:73:dd:7b:d5:07:e5:5d:7c:89:57:6c:9c:a9:
         db:ad:ee:17:57:82:c7:3c:42:d5:04:a1:a3:e1:bf:b8:24:e3:
         9a:1f:b3:a7:0f:76:63:8e:1e:93:f9:3b:e5:2b:3c:b9:f8:e4:
         75:20:88:db:9f:8e:a5:43:2a:20:df:ca:a1:ae:bf:6e:19:29:
         a0:f9:7e:cf:9a:e2:a3:91:e4:8d:2b:cf:b0:22:ac:11:ea:57:
         a1:ba:bb:33:06:66:fd:63:6b:99:3c:7c:0b:13:ad:51:d0:78:
         1b:c6:3c:2e:41:0d:06:42:a0:dd:ac:0d:6f:0f:d5:48:db:42:
         d6:03:42:48:0c:e1:d6:2c:e3:dc:14:af:4e:22:26:13:e4:3b:
         a8:31:d7:94:69:04:82:2a:d4:73:56:33:c8:ff:ab:4a:5f:f5:
         6b:2b:51:54:5d:6e:56:3f:2c:9d:ef:79:e9:a6:84:2d:21:eb:
         5b:e0:c9:b0:50:01:25:24:a8:b5:75:7d:4d:1a:70:3c:34:30:
         44:54:4a:b5:d7:2d:d1:b6:e8:8e:54:d4:40:d4:f7:67:f8:31:
         4b:10:b0:2c:d6:89:40:b5:c0:e3:ae:33:ac:5e:f9:84:4b:0b:
         89:09:7d:6a
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUfaHm/F2VPcPBPaqdslOBgaVpLFgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDE0YjZmY2YyYjJjNjliZTA4NWU5Zjk1OTg3MmRjYmU4
ZWE1NDE3NzAeFw0yNTA3MDMxNTQ3MDRaFw0yNjA3MDIxNTUyMDRaMDMxMTAvBgNV
BAMTKDk4QUIwNDhDQUE3MjM1NEJBMzA5RjA4NDUyQjZFNTkwQTk1NUFGOUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrwEG/1Ix7TfKQjymmDUqO7Zlo
9I76VPa+FtZ8NNxgrN3jHP4c3lJwWAQqfb0W8bN3qJ5o3Lfv4niZ31OImNlAZy2N
jLmoLeu46q/zvWPvjC7QDssAl6EoZqqlzKzLSzM5MMywoo8rhuJTPfoHqfchsTb5
49YRyHJSGRZmCf+XIUwhAIfc/gcvLQHTfNTZDiN8856stqZyNr0QPJenXTe98aVn
D2zzaSaUQNDsUrPEw+9YSaLfSCoLhIurYRbMjs22VA2Uhvs7LBiWUhnHQ5qgvks9
MBD4nMyCJBHquQxre13JlBNMVPHEa7FQ57Ifx2VOPgHT8uZyMKqGAi31/bTXAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUmKsEjKpyNUujCfCEUrblkKlVr54wHwYDVR0j
BBgwFoAU0Utvzyssab4IXp+VmHLcvo6lQXcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvNy9EMTRCNkZDRjJC
MkM2OUJFMDg1RTlGOTU5ODcyRENCRThFQTU0MTc3LmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMFV0dnp5c3NhYjRJWHAtVm1ITGN2bzZsUVhjLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC83L0FT
MjAzNTc3LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcEKgagBR9QMA0GCSqGSIb3DQEBCwUAA4IBAQBqQxqw
JgOYfWw2qFxGZf20flTO/0Q1x3Pde9UH5V18iVdsnKnbre4XV4LHPELVBKGj4b+4
JOOaH7OnD3Zjjh6T+TvlKzy5+OR1IIjbn46lQyog38qhrr9uGSmg+X7PmuKjkeSN
K8+wIqwR6lehurszBmb9Y2uZPHwLE61R0HgbxjwuQQ0GQqDdrA1vD9VI20LWA0JI
DOHWLOPcFK9OIiYT5DuoMdeUaQSCKtRzVjPI/6tKX/VrK1FUXW5WPyyd73nppoQt
Ietb4MmwUAElJKi1dX1NGnA8NDBEVEq11y3RtuiOVNRA1Pdn+DFLELAs1olAtcDj
rjOsXvmESwuJCX1q
-----END CERTIFICATE-----