Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS200169.roa
File:                     AS200169.roa (raw, json)
Hash identifier:          sg8wHveY+UDLS56vZqY+SSUtKGUdV4FQl6OarXYlKWA=
Subject key identifier:   36:BE:7B:2F:0B:F7:91:B9:09:97:7B:9C:29:98:B8:7F:69:C2:C9:28
Certificate issuer:       /CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Certificate serial:       7C4EEA1FA21CB62F424E72C94090BC6F0391CC73
Authority key identifier: D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS200169.roa
Signing time:             Thu 04 Jun 2026 15:58:53 +0000
ROA not before:           Thu 04 Jun 2026 15:53:53 +0000
ROA not after:            Thu 03 Jun 2027 15:58:53 +0000
asID:                     200169
IP address blocks:        2a06:a005:2c90::/44 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 01:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7c:4e:ea:1f:a2:1c:b6:2f:42:4e:72:c9:40:90:bc:6f:03:91:cc:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
        Validity
            Not Before: Jun  4 15:53:53 2026 GMT
            Not After : Jun  3 15:58:53 2027 GMT
        Subject: CN=36BE7B2F0BF791B909977B9C2998B87F69C2C928
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:dc:0c:48:0b:e2:97:d6:93:e0:34:b7:38:86:
                    64:7c:85:d3:47:32:a1:b9:01:ee:d2:8c:92:89:ff:
                    69:9b:6a:cb:31:e7:00:53:ce:fb:c1:a9:7b:3d:9c:
                    0e:e8:a6:5a:49:ee:0f:c8:e1:e3:22:d4:34:58:2f:
                    ee:f4:86:64:a7:43:29:49:c5:71:f9:2b:83:58:02:
                    51:3f:89:36:a8:fa:9a:df:16:a4:15:ce:66:3c:d9:
                    a8:5e:2a:4a:c6:0e:93:51:93:07:f3:1e:08:5c:f3:
                    c0:80:bd:88:c5:61:be:c9:ab:81:7a:95:fd:9e:32:
                    a4:c3:75:68:65:32:bb:67:03:26:34:1b:42:37:8c:
                    a9:b1:b9:c5:cd:f0:55:98:95:12:70:d0:ff:2f:80:
                    bd:eb:14:50:9e:20:a8:c5:a9:ce:5d:1e:0d:73:f1:
                    75:a0:fa:84:8a:bc:de:f8:1d:26:83:7d:48:8b:86:
                    36:2b:d6:08:75:48:f5:7e:71:d3:23:31:0b:05:33:
                    7e:d9:ad:87:69:9c:44:56:a5:e9:79:84:c7:a8:a4:
                    52:a0:93:f3:72:53:e5:9a:aa:d4:ff:ab:5e:05:f1:
                    f7:71:9d:0d:82:c1:86:8e:e4:db:e6:14:a6:2b:05:
                    b4:35:82:70:1a:cf:43:40:2d:da:fc:50:c2:dd:ee:
                    41:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:BE:7B:2F:0B:F7:91:B9:09:97:7B:9C:29:98:B8:7F:69:C2:C9:28
            X509v3 Authority Key Identifier:
                keyid:D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS200169.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:2c90::/44

    Signature Algorithm: sha256WithRSAEncryption
         81:fa:e2:b7:d1:8f:04:36:54:3e:ff:77:ff:76:a1:38:b9:54:
         18:ac:21:3b:1a:b4:36:46:b4:f6:fc:73:2a:bd:a4:1f:eb:9e:
         40:9d:90:e8:b7:d8:13:a2:bd:19:92:b0:16:69:0a:32:a3:8a:
         91:52:a3:e7:2b:c9:ef:f2:9c:1b:95:ac:e2:10:65:31:24:c6:
         cb:70:38:5b:11:19:d7:9c:ca:8e:d8:69:6b:02:e7:87:7d:1c:
         64:88:08:65:a7:a1:e4:33:30:1e:4a:65:31:25:e6:26:ba:4a:
         84:aa:66:33:d3:e9:f7:a0:62:8b:3c:7e:75:7e:a8:75:d1:d9:
         7d:a0:79:86:ce:ec:77:04:18:64:55:08:0f:7e:95:45:86:8c:
         32:c4:a2:ec:b0:a4:96:67:16:2b:eb:85:9c:79:51:a1:ad:ca:
         82:14:83:d7:7c:19:ce:bc:06:68:b6:29:03:fa:ee:2f:66:22:
         e9:91:fc:ec:95:0c:46:2c:5c:8a:5e:e5:dd:92:5d:bd:5c:ea:
         a4:29:15:f5:19:16:9b:63:b8:85:45:03:94:25:3b:73:11:1a:
         f6:60:48:01:98:49:35:88:94:26:74:70:f8:37:4b:d0:41:bc:
         68:29:18:6a:7b:9f:4b:d7:5e:d5:11:12:9e:e3:3a:4a:31:e7:
         24:38:8b:e6
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUfE7qH6Icti9CTnLJQJC8bwORzHMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDE0YjZmY2YyYjJjNjliZTA4NWU5Zjk1OTg3MmRjYmU4
ZWE1NDE3NzAeFw0yNjA2MDQxNTUzNTNaFw0yNzA2MDMxNTU4NTNaMDMxMTAvBgNV
BAMTKDM2QkU3QjJGMEJGNzkxQjkwOTk3N0I5QzI5OThCODdGNjlDMkM5MjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCL3AxIC+KX1pPgNLc4hmR8hdNH
MqG5Ae7SjJKJ/2mbassx5wBTzvvBqXs9nA7oplpJ7g/I4eMi1DRYL+70hmSnQylJ
xXH5K4NYAlE/iTao+prfFqQVzmY82aheKkrGDpNRkwfzHghc88CAvYjFYb7Jq4F6
lf2eMqTDdWhlMrtnAyY0G0I3jKmxucXN8FWYlRJw0P8vgL3rFFCeIKjFqc5dHg1z
8XWg+oSKvN74HSaDfUiLhjYr1gh1SPV+cdMjMQsFM37ZrYdpnERWpel5hMeopFKg
k/NyU+WaqtT/q14F8fdxnQ2CwYaO5NvmFKYrBbQ1gnAaz0NALdr8UMLd7kF5AgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUNr57Lwv3kbkJl3ucKZi4f2nCySgwHwYDVR0j
BBgwFoAU0Utvzyssab4IXp+VmHLcvo6lQXcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvNy9EMTRCNkZDRjJC
MkM2OUJFMDg1RTlGOTU5ODcyRENCRThFQTU0MTc3LmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMFV0dnp5c3NhYjRJWHAtVm1ITGN2bzZsUVhjLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC83L0FT
MjAwMTY5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcEKgagBSyQMA0GCSqGSIb3DQEBCwUAA4IBAQCB+uK3
0Y8ENlQ+/3f/dqE4uVQYrCE7GrQ2RrT2/HMqvaQf655AnZDot9gTor0ZkrAWaQoy
o4qRUqPnK8nv8pwblaziEGUxJMbLcDhbERnXnMqO2GlrAueHfRxkiAhlp6HkMzAe
SmUxJeYmukqEqmYz0+n3oGKLPH51fqh10dl9oHmGzux3BBhkVQgPfpVFhowyxKLs
sKSWZxYr64WceVGhrcqCFIPXfBnOvAZotikD+u4vZiLpkfzslQxGLFyKXuXdkl29
XOqkKRX1GRabY7iFRQOUJTtzERr2YEgBmEk1iJQmdHD4N0vQQbxoKRhqe59L117V
ERKe4zpKMeckOIvm
-----END CERTIFICATE-----