Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS207252.roa
File:                     AS207252.roa (raw, json)
Hash identifier:          Y8NOvJal3kHxxX8pjWuK7iPnK6ETwIXtgH2hj1naaGk=
Subject key identifier:   07:3E:A6:0D:FC:7D:AD:8C:5D:DB:3A:F0:60:8E:01:B6:E1:C5:75:2D
Certificate issuer:       /CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Certificate serial:       6D140B54ABEE21F45FB322D045A8910C6FE0CF55
Authority key identifier: D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS207252.roa
Signing time:             Thu 04 Jun 2026 15:58:48 +0000
ROA not before:           Thu 04 Jun 2026 15:53:48 +0000
ROA not after:            Thu 03 Jun 2027 15:58:48 +0000
asID:                     207252
IP address blocks:        2a06:a005:2b60::/44 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 01:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6d:14:0b:54:ab:ee:21:f4:5f:b3:22:d0:45:a8:91:0c:6f:e0:cf:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
        Validity
            Not Before: Jun  4 15:53:48 2026 GMT
            Not After : Jun  3 15:58:48 2027 GMT
        Subject: CN=073EA60DFC7DAD8C5DDB3AF0608E01B6E1C5752D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:c5:b5:53:90:7f:e9:55:fc:21:0f:14:f3:a4:
                    8b:ea:22:34:af:ba:b1:82:2f:82:ea:66:fd:95:44:
                    f2:d2:66:4b:28:58:33:8f:32:5e:f7:46:85:70:a1:
                    be:cc:80:07:bb:dd:ab:d8:ba:2a:46:35:59:ef:11:
                    a2:e2:78:0f:c5:7b:74:fe:7b:c0:f4:ab:e1:c3:5e:
                    89:74:9d:2e:a3:b9:17:64:d8:df:f2:e3:9c:df:89:
                    2f:fa:8c:4f:99:9f:b0:00:13:52:0a:72:d5:55:37:
                    cd:21:4d:75:e1:b4:94:bb:5c:85:d2:fb:f8:1d:f8:
                    7f:33:37:26:3a:c6:a1:e3:31:41:26:e8:70:fa:a8:
                    98:f7:91:91:7b:a7:06:8b:45:68:d6:44:de:6f:72:
                    d5:b0:25:95:04:57:43:5f:0c:dc:64:ae:95:e0:1c:
                    7d:bb:e6:3b:f8:b7:f2:4b:0c:f4:c8:d6:3b:9a:1c:
                    5a:cd:67:3b:67:ce:09:fc:8a:9d:56:37:14:2e:bd:
                    86:3f:be:e1:8d:5c:1d:94:9d:f8:69:73:77:c8:97:
                    93:d1:fd:93:59:b5:6d:d8:99:bf:e7:53:f7:7b:73:
                    18:7f:a2:4f:da:80:06:6e:24:b1:0f:df:32:8e:8f:
                    80:1b:36:25:32:59:06:6b:c6:70:49:1d:8b:71:fd:
                    20:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:3E:A6:0D:FC:7D:AD:8C:5D:DB:3A:F0:60:8E:01:B6:E1:C5:75:2D
            X509v3 Authority Key Identifier:
                keyid:D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS207252.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:2b60::/44

    Signature Algorithm: sha256WithRSAEncryption
         70:03:79:7b:f3:da:e9:c9:24:3d:1e:1e:34:8c:82:64:2a:02:
         86:83:19:4b:21:be:35:22:9a:3a:7e:94:98:36:e7:4b:79:5b:
         21:bd:39:77:03:58:2d:b0:2a:06:aa:a2:69:b0:85:7b:f1:2d:
         bb:61:58:21:5a:8f:43:95:ef:5a:31:bf:9e:29:ea:cf:51:af:
         63:36:09:93:b1:a3:75:0f:a4:2b:c6:f5:e6:95:06:59:8e:8d:
         16:7f:3e:88:b1:24:9c:39:7f:82:96:16:a8:11:06:90:86:e9:
         da:de:b2:90:73:d6:d0:49:a9:aa:fb:68:95:20:2d:37:ab:87:
         2e:36:82:f8:5d:8c:c2:23:7c:e3:ee:f2:bb:f4:c9:1f:25:ce:
         22:7f:c8:bc:68:3c:77:31:aa:b4:45:4a:ce:f4:fd:d8:d6:51:
         40:e0:3f:a4:87:c4:a5:aa:72:8f:32:0e:a4:66:92:bd:80:b9:
         6f:ca:79:b6:c7:53:3a:0f:e2:ad:b3:97:0a:04:3d:2d:67:62:
         06:37:7f:d5:12:90:32:ee:14:19:0d:48:37:f7:c4:05:d3:f4:
         5d:55:04:6b:fe:d8:ec:4b:de:56:da:fd:1a:23:72:ac:65:c1:
         ca:cf:cb:0c:71:32:f0:56:4a:9d:1a:86:ee:08:ea:de:da:fe:
         10:d5:8d:77
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUbRQLVKvuIfRfsyLQRaiRDG/gz1UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDE0YjZmY2YyYjJjNjliZTA4NWU5Zjk1OTg3MmRjYmU4
ZWE1NDE3NzAeFw0yNjA2MDQxNTUzNDhaFw0yNzA2MDMxNTU4NDhaMDMxMTAvBgNV
BAMTKDA3M0VBNjBERkM3REFEOEM1RERCM0FGMDYwOEUwMUI2RTFDNTc1MkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfxbVTkH/pVfwhDxTzpIvqIjSv
urGCL4LqZv2VRPLSZksoWDOPMl73RoVwob7MgAe73avYuipGNVnvEaLieA/Fe3T+
e8D0q+HDXol0nS6juRdk2N/y45zfiS/6jE+Zn7AAE1IKctVVN80hTXXhtJS7XIXS
+/gd+H8zNyY6xqHjMUEm6HD6qJj3kZF7pwaLRWjWRN5vctWwJZUEV0NfDNxkrpXg
HH275jv4t/JLDPTI1juaHFrNZztnzgn8ip1WNxQuvYY/vuGNXB2Unfhpc3fIl5PR
/ZNZtW3Ymb/nU/d7cxh/ok/agAZuJLEP3zKOj4AbNiUyWQZrxnBJHYtx/SCVAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUBz6mDfx9rYxd2zrwYI4BtuHFdS0wHwYDVR0j
BBgwFoAU0Utvzyssab4IXp+VmHLcvo6lQXcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvNy9EMTRCNkZDRjJC
MkM2OUJFMDg1RTlGOTU5ODcyRENCRThFQTU0MTc3LmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMFV0dnp5c3NhYjRJWHAtVm1ITGN2bzZsUVhjLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC83L0FT
MjA3MjUyLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcEKgagBStgMA0GCSqGSIb3DQEBCwUAA4IBAQBwA3l7
89rpySQ9Hh40jIJkKgKGgxlLIb41Ipo6fpSYNudLeVshvTl3A1gtsCoGqqJpsIV7
8S27YVghWo9Dle9aMb+eKerPUa9jNgmTsaN1D6QrxvXmlQZZjo0Wfz6IsSScOX+C
lhaoEQaQhuna3rKQc9bQSamq+2iVIC03q4cuNoL4XYzCI3zj7vK79MkfJc4if8i8
aDx3Maq0RUrO9P3Y1lFA4D+kh8SlqnKPMg6kZpK9gLlvynm2x1M6D+Kts5cKBD0t
Z2IGN3/VEpAy7hQZDUg398QF0/RdVQRr/tjsS95W2v0aI3KsZcHKz8sMcTLwVkqd
GobuCOre2v4Q1Y13
-----END CERTIFICATE-----