Route Origin Authorization

$ rpki-client -vvf repo.rpki.space/repo/Infiniroute/1/326131343a3763303a3130303a3a2f34302d3438203d3e20323135343530.roa
File:                     326131343a3763303a3130303a3a2f34302d3438203d3e20323135343530.roa (raw, json)
Hash identifier:          svGRm74fiX8NucRPCAUyGHBEEvvvIlwRuLiU8FQqm7w=
Subject key identifier:   D1:BC:05:3C:05:BE:1F:C4:B7:AC:35:11:62:80:88:B0:0D:55:AC:8F
Certificate issuer:       /CN=5b8e21c6890bd79ab764d91b60c39c3b7e4985e1
Certificate serial:       0746E5D288464761B92B97CCB2B0512E4ACC2F07
Authority key identifier: 5B:8E:21:C6:89:0B:D7:9A:B7:64:D9:1B:60:C3:9C:3B:7E:49:85:E1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/W44hxokL15q3ZNkbYMOcO35JheE.cer
Subject info access:      rsync://repo.rpki.space/repo/Infiniroute/1/326131343a3763303a3130303a3a2f34302d3438203d3e20323135343530.roa
Signing time:             Tue 25 Jun 2024 20:02:31 +0000
ROA not before:           Tue 25 Jun 2024 19:57:31 +0000
ROA not after:            Tue 24 Jun 2025 20:02:31 +0000
asID:                     215450
IP address blocks:        2a14:7c0:100::/40 maxlen: 48

Validation:               OK
Signature path:           rsync://repo.rpki.space/repo/Infiniroute/1/5B8E21C6890BD79AB764D91B60C39C3B7E4985E1.crl
                          rsync://repo.rpki.space/repo/Infiniroute/1/5B8E21C6890BD79AB764D91B60C39C3B7E4985E1.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/W44hxokL15q3ZNkbYMOcO35JheE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 02 Jul 2024 21:43:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            07:46:e5:d2:88:46:47:61:b9:2b:97:cc:b2:b0:51:2e:4a:cc:2f:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5b8e21c6890bd79ab764d91b60c39c3b7e4985e1
        Validity
            Not Before: Jun 25 19:57:31 2024 GMT
            Not After : Jun 24 20:02:31 2025 GMT
        Subject: CN=D1BC053C05BE1FC4B7AC3511628088B00D55AC8F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:c7:5c:6a:f5:21:7d:34:1e:db:dd:60:d8:c0:
                    72:16:0e:73:e1:3e:82:2d:d1:d9:0c:01:90:4d:a8:
                    da:bd:22:73:11:e8:3b:47:96:f0:60:50:57:df:bf:
                    4f:5c:4e:e7:ca:7a:42:fd:19:c0:3f:71:7f:dc:b6:
                    69:bb:2c:9e:b4:9f:d5:32:7b:c9:a9:f0:5b:d9:51:
                    53:21:7e:89:76:82:ec:d3:16:eb:0b:f9:ea:22:dd:
                    0a:63:1e:5e:3d:32:f0:e8:86:bd:e0:71:c7:6a:66:
                    b8:81:fe:d6:74:18:35:46:a7:e2:17:77:0d:2a:1f:
                    70:fa:9a:9d:93:b4:5b:06:18:4b:7c:26:43:4b:c6:
                    38:21:5c:59:71:b9:92:d4:84:d1:f7:3c:3c:38:ed:
                    b9:7e:40:de:42:bd:30:03:f4:00:98:94:d6:f5:94:
                    90:f1:b8:1a:95:5d:a5:fb:a4:0e:5f:25:cc:4b:58:
                    5e:cd:61:61:6b:0d:e2:1a:3d:90:9a:fd:71:5d:29:
                    91:68:9f:5a:44:dd:29:1f:85:a1:c1:67:92:c6:c0:
                    cb:36:7d:7c:ba:52:ef:41:46:1f:42:32:5e:01:97:
                    a8:16:86:29:19:1c:4c:51:0c:51:84:9c:8c:fe:8d:
                    aa:76:4e:f7:67:a7:1f:51:27:55:53:f0:c2:3a:cc:
                    58:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:BC:05:3C:05:BE:1F:C4:B7:AC:35:11:62:80:88:B0:0D:55:AC:8F
            X509v3 Authority Key Identifier:
                keyid:5B:8E:21:C6:89:0B:D7:9A:B7:64:D9:1B:60:C3:9C:3B:7E:49:85:E1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo.rpki.space/repo/Infiniroute/1/5B8E21C6890BD79AB764D91B60C39C3B7E4985E1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W44hxokL15q3ZNkbYMOcO35JheE.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo.rpki.space/repo/Infiniroute/1/326131343a3763303a3130303a3a2f34302d3438203d3e20323135343530.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:7c0:100::/40

    Signature Algorithm: sha256WithRSAEncryption
         2c:99:38:5a:12:da:1a:1a:c6:6e:81:ff:30:2e:13:ca:7c:32:
         f0:79:18:74:00:3d:8f:2a:43:de:2e:3b:fb:55:4c:1a:69:b4:
         32:b9:b7:1d:55:e1:d0:00:e1:6e:05:38:72:6b:16:31:81:83:
         ad:55:bc:5c:54:c1:87:0b:e4:fa:f9:f5:6c:9b:04:75:d3:2b:
         d0:7c:19:41:e6:dc:8d:93:9c:bd:75:6e:85:b9:77:32:cc:93:
         2e:c3:4d:e6:ab:52:4e:0d:a6:0a:ce:8c:c8:1b:98:2b:2d:9b:
         4f:79:cc:a8:6b:1b:44:ed:1b:27:11:39:54:68:9a:a5:de:d2:
         80:20:32:40:7c:ae:24:a9:e2:26:9c:a7:15:e5:13:03:4f:1c:
         8a:61:e9:eb:36:fc:c0:6d:2a:9a:40:f2:9a:87:9c:e8:ca:60:
         c7:28:3c:f4:d2:8b:8f:5e:20:e2:d9:4c:b7:88:df:85:0c:a9:
         99:79:73:85:a2:43:82:d0:70:e9:52:49:7d:be:38:34:a3:14:
         64:4e:e4:2f:90:cc:b6:8e:be:90:6c:c5:84:17:3a:63:94:2d:
         a7:83:e2:ce:d9:b0:00:f1:70:72:60:ce:9e:26:be:76:43:b3:
         db:cf:0c:26:58:d2:f6:a4:28:a2:c5:14:dd:97:16:f3:5d:1c:
         cf:01:ce:8e
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgIUB0bl0ohGR2G5K5fMsrBRLkrMLwcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWI4ZTIxYzY4OTBiZDc5YWI3NjRkOTFiNjBjMzljM2I3
ZTQ5ODVlMTAeFw0yNDA2MjUxOTU3MzFaFw0yNTA2MjQyMDAyMzFaMDMxMTAvBgNV
BAMTKEQxQkMwNTNDMDVCRTFGQzRCN0FDMzUxMTYyODA4OEIwMEQ1NUFDOEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDhx1xq9SF9NB7b3WDYwHIWDnPh
PoIt0dkMAZBNqNq9InMR6DtHlvBgUFffv09cTufKekL9GcA/cX/ctmm7LJ60n9Uy
e8mp8FvZUVMhfol2guzTFusL+eoi3QpjHl49MvDohr3gccdqZriB/tZ0GDVGp+IX
dw0qH3D6mp2TtFsGGEt8JkNLxjghXFlxuZLUhNH3PDw47bl+QN5CvTAD9ACYlNb1
lJDxuBqVXaX7pA5fJcxLWF7NYWFrDeIaPZCa/XFdKZFon1pE3SkfhaHBZ5LGwMs2
fXy6Uu9BRh9CMl4Bl6gWhikZHExRDFGEnIz+jap2Tvdnpx9RJ1VT8MI6zFhdAgMB
AAGjggHrMIIB5zAdBgNVHQ4EFgQU0bwFPAW+H8S3rDURYoCIsA1VrI8wHwYDVR0j
BBgwFoAUW44hxokL15q3ZNkbYMOcO35JheEwDgYDVR0PAQH/BAQDAgeAMGgGA1Ud
HwRhMF8wXaBboFmGV3JzeW5jOi8vcmVwby5ycGtpLnNwYWNlL3JlcG8vSW5maW5p
cm91dGUvMS81QjhFMjFDNjg5MEJENzlBQjc2NEQ5MUI2MEMzOUMzQjdFNDk4NUUx
LmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvVzQ0aHhva0wxNXEzWk5rYllNT2NP
MzVKaGVFLmNlcjCBhwYIKwYBBQUHAQsEezB5MHcGCCsGAQUFBzALhmtyc3luYzov
L3JlcG8ucnBraS5zcGFjZS9yZXBvL0luZmluaXJvdXRlLzEvMzI2MTMxMzQzYTM3
NjMzMDNhMzEzMDMwM2EzYTJmMzQzMDJkMzQzODIwM2QzZTIwMzIzMTM1MzQzNTMw
LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIw
EDAOBAIAAjAIAwYAKhQHwAEwDQYJKoZIhvcNAQELBQADggEBACyZOFoS2hoaxm6B
/zAuE8p8MvB5GHQAPY8qQ94uO/tVTBpptDK5tx1V4dAA4W4FOHJrFjGBg61VvFxU
wYcL5Pr59WybBHXTK9B8GUHm3I2TnL11boW5dzLMky7DTearUk4NpgrOjMgbmCst
m095zKhrG0TtGycROVRomqXe0oAgMkB8riSp4iacpxXlEwNPHIph6es2/MBtKppA
8pqHnOjKYMcoPPTSi49eIOLZTLeI34UMqZl5c4WiQ4LQcOlSSX2+ODSjFGRO5C+Q
zLaOvpBsxYQXOmOULaeD4s7ZsADxcHJgzp4mvnZDs9vPDCZY0vakKKLFFN2XFvNd
HM8Bzo4=
-----END CERTIFICATE-----