Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS207445.roa
File:                     AS207445.roa (raw, json)
Hash identifier:          TnhQg0spZRhbUeBSkI/BPJSBZHblBL10z3xGo7QeCSY=
Subject key identifier:   A0:33:E0:94:69:FC:B9:2F:A1:22:87:A0:7F:54:BB:D2:FA:95:41:FF
Certificate issuer:       /CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
Certificate serial:       7346E714AD9DFF360465D5B411E712EABC66CEBE
Authority key identifier: D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS207445.roa
Signing time:             Thu 04 Jun 2026 15:58:51 +0000
ROA not before:           Thu 04 Jun 2026 15:53:51 +0000
ROA not after:            Thu 03 Jun 2027 15:58:51 +0000
asID:                     207445
IP address blocks:        2a06:a005:f90::/44 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 01:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            73:46:e7:14:ad:9d:ff:36:04:65:d5:b4:11:e7:12:ea:bc:66:ce:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d14b6fcf2b2c69be085e9f959872dcbe8ea54177
        Validity
            Not Before: Jun  4 15:53:51 2026 GMT
            Not After : Jun  3 15:58:51 2027 GMT
        Subject: CN=A033E09469FCB92FA12287A07F54BBD2FA9541FF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:40:ec:6a:b4:3b:9a:9a:df:06:50:78:98:a5:
                    33:87:a5:61:bb:9b:79:0a:25:3e:04:65:cc:a6:35:
                    ea:fc:ea:14:2b:29:c2:82:a5:99:d3:38:1e:fc:6e:
                    c3:4f:3c:66:77:02:3b:8e:cc:ce:5f:2b:72:0f:b5:
                    ca:c0:14:bd:2c:97:e2:88:58:0e:45:43:8e:13:ed:
                    89:4f:0e:43:df:0f:60:3a:b3:63:88:4a:cb:64:c1:
                    b9:e0:9c:db:57:15:9e:84:98:f8:1c:92:ab:2b:57:
                    ef:ed:c0:fd:f7:aa:7e:d6:c8:c3:7a:d3:f9:16:c2:
                    9e:6d:60:a4:83:17:a9:09:59:94:59:b5:58:d1:f9:
                    75:1f:35:0b:31:20:da:f8:05:09:da:2a:4f:40:a8:
                    db:76:ab:3c:2b:97:49:69:2c:44:e7:ea:4c:88:88:
                    b8:33:8c:7f:8a:20:ef:45:86:9f:ff:db:b3:c9:17:
                    52:3f:f7:43:43:78:bc:69:33:e6:45:8e:1b:cd:b1:
                    94:c0:54:4f:a7:e6:59:77:57:68:d8:88:95:93:80:
                    c9:80:19:31:cf:83:cf:c5:df:bb:87:0d:8f:48:2e:
                    51:cb:4a:32:32:46:1e:24:bf:4b:a7:7f:17:b7:98:
                    df:f3:55:82:10:6a:e0:37:64:d6:bf:35:5b:9d:83:
                    da:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:33:E0:94:69:FC:B9:2F:A1:22:87:A0:7F:54:BB:D2:FA:95:41:FF
            X509v3 Authority Key Identifier:
                keyid:D1:4B:6F:CF:2B:2C:69:BE:08:5E:9F:95:98:72:DC:BE:8E:A5:41:77

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/AS207445.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:f90::/44

    Signature Algorithm: sha256WithRSAEncryption
         18:34:fa:60:a5:15:14:e9:14:4d:71:1e:96:bd:d1:6b:e4:77:
         07:62:be:b9:ba:50:66:85:84:d7:df:0b:9f:62:45:9e:92:ff:
         05:b1:5d:2d:d8:60:d1:c2:9e:2d:d6:e7:c9:b0:aa:70:39:e7:
         5d:c3:c7:9e:37:f7:bb:12:08:c1:a4:52:ae:79:17:8b:9b:14:
         a3:29:6b:b6:60:0f:91:5a:92:5d:46:6b:29:87:6a:2a:c7:77:
         93:eb:4b:54:7b:86:11:4b:1d:e9:06:e6:2e:12:a6:39:e2:2e:
         1c:f3:75:24:f6:4c:de:8c:8d:34:33:af:4c:9e:ee:a9:9c:68:
         50:19:88:a1:1b:cb:b1:13:90:29:0f:df:6e:71:21:ef:53:00:
         9e:17:37:fc:0e:93:b7:3c:09:2b:e1:0a:80:2a:dd:c8:1e:21:
         8a:f7:88:51:3e:5e:d8:2a:b7:68:51:47:e5:21:65:db:f3:58:
         bf:6d:c0:6d:2c:bb:69:62:ef:e7:20:6d:18:99:6d:ee:22:44:
         5c:ee:35:7a:d8:56:f2:92:d4:c1:f8:7b:76:90:6a:0d:f9:a0:
         3c:95:c8:dc:93:62:57:2b:47:58:b5:86:78:ce:32:f1:6d:28:
         4b:08:2a:2d:28:5f:8a:13:75:87:ef:6d:58:ee:34:0e:50:31:
         af:77:2d:4c
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUc0bnFK2d/zYEZdW0EecS6rxmzr4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDE0YjZmY2YyYjJjNjliZTA4NWU5Zjk1OTg3MmRjYmU4
ZWE1NDE3NzAeFw0yNjA2MDQxNTUzNTFaFw0yNzA2MDMxNTU4NTFaMDMxMTAvBgNV
BAMTKEEwMzNFMDk0NjlGQ0I5MkZBMTIyODdBMDdGNTRCQkQyRkE5NTQxRkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCXQOxqtDuamt8GUHiYpTOHpWG7
m3kKJT4EZcymNer86hQrKcKCpZnTOB78bsNPPGZ3AjuOzM5fK3IPtcrAFL0sl+KI
WA5FQ44T7YlPDkPfD2A6s2OISstkwbngnNtXFZ6EmPgckqsrV+/twP33qn7WyMN6
0/kWwp5tYKSDF6kJWZRZtVjR+XUfNQsxINr4BQnaKk9AqNt2qzwrl0lpLETn6kyI
iLgzjH+KIO9Fhp//27PJF1I/90NDeLxpM+ZFjhvNsZTAVE+n5ll3V2jYiJWTgMmA
GTHPg8/F37uHDY9ILlHLSjIyRh4kv0unfxe3mN/zVYIQauA3ZNa/NVudg9onAgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUoDPglGn8uS+hIoegf1S70vqVQf8wHwYDVR0j
BBgwFoAU0Utvzyssab4IXp+VmHLcvo6lQXcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvNy9EMTRCNkZDRjJC
MkM2OUJFMDg1RTlGOTU5ODcyRENCRThFQTU0MTc3LmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMFV0dnp5c3NhYjRJWHAtVm1ITGN2bzZsUVhjLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC83L0FT
MjA3NDQ1LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcEKgagBQ+QMA0GCSqGSIb3DQEBCwUAA4IBAQAYNPpg
pRUU6RRNcR6WvdFr5HcHYr65ulBmhYTX3wufYkWekv8FsV0t2GDRwp4t1ufJsKpw
Oeddw8eeN/e7EgjBpFKueReLmxSjKWu2YA+RWpJdRmsph2oqx3eT60tUe4YRSx3p
BuYuEqY54i4c83Uk9kzejI00M69Mnu6pnGhQGYihG8uxE5ApD99ucSHvUwCeFzf8
DpO3PAkr4QqAKt3IHiGK94hRPl7YKrdoUUflIWXb81i/bcBtLLtpYu/nIG0YmW3u
IkRc7jV62FbyktTB+Ht2kGoN+aA8lcjck2JXK0dYtYZ4zjLxbShLCCotKF+KE3WH
721Y7jQOUDGvdy1M
-----END CERTIFICATE-----