Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS203062.roa
File:                     AS203062.roa (raw, json)
Hash identifier:          zma71/UbSMreyWR0CegYsn+ATmo3Xgn8f5HstWsDAJI=
Subject key identifier:   B2:49:A2:7D:83:CE:01:4F:30:97:C6:28:A9:BD:44:A0:94:E2:20:9F
Certificate issuer:       /CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Certificate serial:       28E9B72B0FBA84DEE2A113462FFE4126C6C278FF
Authority key identifier: D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS203062.roa
Signing time:             Thu 04 Jun 2026 15:58:49 +0000
ROA not before:           Thu 04 Jun 2026 15:53:49 +0000
ROA not after:            Thu 03 Jun 2027 15:58:49 +0000
asID:                     203062
IP address blocks:        2a06:a005:1d40::/44 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 01:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            28:e9:b7:2b:0f:ba:84:de:e2:a1:13:46:2f:fe:41:26:c6:c2:78:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
        Validity
            Not Before: Jun  4 15:53:49 2026 GMT
            Not After : Jun  3 15:58:49 2027 GMT
        Subject: CN=B249A27D83CE014F3097C628A9BD44A094E2209F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:55:ef:2e:2e:db:94:0e:5d:c1:73:fd:fe:dc:
                    47:4b:5b:da:b1:c7:3c:8c:6c:7a:4b:ed:d6:de:18:
                    c4:53:eb:84:35:4b:79:c4:7e:d7:52:1a:50:c7:2b:
                    ec:13:bd:62:62:a0:43:66:43:68:cc:bc:d5:84:1b:
                    1c:ab:bb:94:cc:f9:c5:ba:55:9a:3d:10:c4:0c:e1:
                    36:3f:57:e8:67:41:88:3b:0e:c6:ca:1b:f0:60:4e:
                    66:9e:7d:c9:45:eb:ca:0f:b8:46:53:0f:46:45:61:
                    39:6f:54:7d:a3:57:66:73:16:0c:2b:88:76:f4:2d:
                    70:3e:7e:1e:f7:3c:ae:99:4d:cb:59:e1:24:2c:14:
                    a9:a0:14:0a:5c:11:d9:4e:08:ae:4e:ec:26:e7:d4:
                    25:0d:43:16:05:92:2f:4b:67:8b:26:85:39:8f:eb:
                    5b:46:b2:3c:7a:8f:4e:36:90:ee:3d:50:17:3a:b6:
                    2d:27:c4:a6:1e:4b:71:9b:f1:b9:4d:7b:3c:d4:a2:
                    55:4b:3b:02:de:1a:b1:0e:cc:54:81:64:e6:ca:92:
                    86:07:db:ed:97:75:1c:52:36:f9:52:fc:93:87:e4:
                    92:4b:b3:9f:04:a4:b1:ce:2d:4d:e1:de:bd:71:a0:
                    76:7f:ba:16:86:cb:e4:b2:8a:df:69:0f:38:29:af:
                    da:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:49:A2:7D:83:CE:01:4F:30:97:C6:28:A9:BD:44:A0:94:E2:20:9F
            X509v3 Authority Key Identifier:
                keyid:D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS203062.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:1d40::/44

    Signature Algorithm: sha256WithRSAEncryption
         33:6d:10:1b:47:58:7e:4c:d8:fd:48:68:d3:90:e2:94:0c:55:
         51:c2:d6:9f:d6:b5:ea:d4:7c:d2:d1:7f:2b:fb:93:eb:44:45:
         bb:d2:45:44:9a:88:2c:39:52:06:91:e5:0e:22:51:ba:9a:bf:
         b0:e6:4e:d2:0a:6b:46:1e:c8:c2:e4:24:9b:54:02:e4:b4:8c:
         af:ba:2a:ab:e3:a8:b8:e0:7e:fd:68:34:ce:27:60:f3:04:37:
         e7:48:60:bd:f2:49:0a:d0:20:f7:3a:0f:59:b8:6e:01:c9:86:
         48:54:f1:57:89:cc:a6:ee:17:68:1d:a1:19:da:7d:56:b6:54:
         c9:59:a9:63:63:98:be:7c:12:a8:10:99:6c:c1:dd:76:c3:81:
         40:ca:c2:83:e5:08:ff:c7:48:d1:e5:60:f0:72:46:04:f5:ac:
         89:31:a8:3f:7c:0d:38:d0:2f:5f:6d:9c:66:71:72:60:0d:de:
         ff:16:34:05:a9:e1:91:c7:bc:6c:ca:3b:b1:86:6e:9c:35:44:
         8e:76:37:18:46:f9:14:7b:45:26:d1:b5:81:78:9f:4b:e0:fd:
         d7:eb:d7:80:95:9a:e0:16:be:ea:b6:0a:8e:93:3c:79:fe:9a:
         0c:77:34:65:98:60:75:d5:7f:14:36:7e:e1:9e:b7:16:c5:d8:
         2f:81:8b:07
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUKOm3Kw+6hN7ioRNGL/5BJsbCeP8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDE0YjZmY2YyYjJjNjliZTA4NWU5Zjk1OTg3MmRjYmU4
ZWE1NDE3NzAeFw0yNjA2MDQxNTUzNDlaFw0yNzA2MDMxNTU4NDlaMDMxMTAvBgNV
BAMTKEIyNDlBMjdEODNDRTAxNEYzMDk3QzYyOEE5QkQ0NEEwOTRFMjIwOUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDVe8uLtuUDl3Bc/3+3EdLW9qx
xzyMbHpL7dbeGMRT64Q1S3nEftdSGlDHK+wTvWJioENmQ2jMvNWEGxyru5TM+cW6
VZo9EMQM4TY/V+hnQYg7DsbKG/BgTmaefclF68oPuEZTD0ZFYTlvVH2jV2ZzFgwr
iHb0LXA+fh73PK6ZTctZ4SQsFKmgFApcEdlOCK5O7Cbn1CUNQxYFki9LZ4smhTmP
61tGsjx6j042kO49UBc6ti0nxKYeS3Gb8blNezzUolVLOwLeGrEOzFSBZObKkoYH
2+2XdRxSNvlS/JOH5JJLs58EpLHOLU3h3r1xoHZ/uhaGy+Syit9pDzgpr9q7AgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUskmifYPOAU8wl8Yoqb1EoJTiIJ8wHwYDVR0j
BBgwFoAU0Utvzyssab4IXp+VmHLcvo6lQXcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvNy9EMTRCNkZDRjJC
MkM2OUJFMDg1RTlGOTU5ODcyRENCRThFQTU0MTc3LmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMFV0dnp5c3NhYjRJWHAtVm1ITGN2bzZsUVhjLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC83L0FT
MjAzMDYyLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcEKgagBR1AMA0GCSqGSIb3DQEBCwUAA4IBAQAzbRAb
R1h+TNj9SGjTkOKUDFVRwtaf1rXq1HzS0X8r+5PrREW70kVEmogsOVIGkeUOIlG6
mr+w5k7SCmtGHsjC5CSbVALktIyvuiqr46i44H79aDTOJ2DzBDfnSGC98kkK0CD3
Og9ZuG4ByYZIVPFXicym7hdoHaEZ2n1WtlTJWaljY5i+fBKoEJlswd12w4FAysKD
5Qj/x0jR5WDwckYE9ayJMag/fA040C9fbZxmcXJgDd7/FjQFqeGRx7xsyjuxhm6c
NUSOdjcYRvkUe0Um0bWBeJ9L4P3X69eAlZrgFr7qtgqOkzx5/poMdzRlmGB11X8U
Nn7hnrcWxdgvgYsH
-----END CERTIFICATE-----