Route Origin Authorization

$ rpki-client -vvf repo.rpki.space/repo/Infiniroute/1/326131343a3763303a3230303a3a2f34302d3438203d3e20323135333930.roa
File:                     326131343a3763303a3230303a3a2f34302d3438203d3e20323135333930.roa (raw, json)
Hash identifier:          /aqOAkhJvH9GAzPC2F/Af7JAAqV8aDpH6EaXvs58Yl0=
Subject key identifier:   0A:F6:CB:DE:8A:B8:EE:A0:2E:D6:87:F6:6B:7E:F5:75:12:A7:97:51
Certificate issuer:       /CN=5b8e21c6890bd79ab764d91b60c39c3b7e4985e1
Certificate serial:       644C400577BE6738C96021EDEDD26C451575207A
Authority key identifier: 5B:8E:21:C6:89:0B:D7:9A:B7:64:D9:1B:60:C3:9C:3B:7E:49:85:E1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/W44hxokL15q3ZNkbYMOcO35JheE.cer
Subject info access:      rsync://repo.rpki.space/repo/Infiniroute/1/326131343a3763303a3230303a3a2f34302d3438203d3e20323135333930.roa
Signing time:             Tue 28 May 2024 15:04:58 +0000
ROA not before:           Tue 28 May 2024 14:59:58 +0000
ROA not after:            Tue 27 May 2025 15:04:58 +0000
asID:                     215390
IP address blocks:        2a14:7c0:200::/40 maxlen: 48

Validation:               OK
Signature path:           rsync://repo.rpki.space/repo/Infiniroute/1/5B8E21C6890BD79AB764D91B60C39C3B7E4985E1.crl
                          rsync://repo.rpki.space/repo/Infiniroute/1/5B8E21C6890BD79AB764D91B60C39C3B7E4985E1.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/W44hxokL15q3ZNkbYMOcO35JheE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 02 Jul 2024 21:43:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            64:4c:40:05:77:be:67:38:c9:60:21:ed:ed:d2:6c:45:15:75:20:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5b8e21c6890bd79ab764d91b60c39c3b7e4985e1
        Validity
            Not Before: May 28 14:59:58 2024 GMT
            Not After : May 27 15:04:58 2025 GMT
        Subject: CN=0AF6CBDE8AB8EEA02ED687F66B7EF57512A79751
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:81:a5:57:46:5f:2f:cb:b1:93:4e:87:93:61:
                    bf:ce:d0:38:c1:47:2f:f9:01:22:fd:76:0c:ae:28:
                    ef:9c:b7:ad:33:88:90:19:12:b2:44:11:5e:dc:dc:
                    ab:c3:1b:51:84:86:af:75:40:d9:5f:9f:29:fd:c6:
                    a4:1e:8f:aa:34:69:9e:74:70:84:e6:0a:53:66:66:
                    8a:b0:35:c8:c7:09:da:f3:7b:0a:37:70:b9:96:8b:
                    b9:d7:aa:71:a2:19:11:ca:c4:bf:46:e5:18:c8:ef:
                    14:3d:68:fe:a4:2d:29:84:94:0e:1a:f4:ce:95:bd:
                    22:dd:e7:98:54:93:fe:95:97:15:05:77:48:3a:c6:
                    77:fb:db:0f:31:d5:f1:68:5b:f4:b3:eb:b1:72:27:
                    45:78:f2:75:ff:2b:03:57:4c:19:21:9c:15:a2:75:
                    26:e3:da:e5:6e:60:66:21:56:50:ca:f1:eb:01:0a:
                    1d:c2:9f:db:46:51:a7:69:c5:ab:58:91:09:ad:68:
                    b0:a7:bb:b0:f8:be:6c:e3:40:23:09:d4:f6:a8:4f:
                    33:a4:da:8e:3f:8f:1e:12:9a:b5:01:8f:38:77:78:
                    49:77:e6:5b:7b:dd:3f:f1:10:e8:43:73:b6:6c:70:
                    d5:4c:8e:9e:95:3e:b4:45:e8:d8:5e:9a:ab:53:f7:
                    d2:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:F6:CB:DE:8A:B8:EE:A0:2E:D6:87:F6:6B:7E:F5:75:12:A7:97:51
            X509v3 Authority Key Identifier:
                keyid:5B:8E:21:C6:89:0B:D7:9A:B7:64:D9:1B:60:C3:9C:3B:7E:49:85:E1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo.rpki.space/repo/Infiniroute/1/5B8E21C6890BD79AB764D91B60C39C3B7E4985E1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W44hxokL15q3ZNkbYMOcO35JheE.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo.rpki.space/repo/Infiniroute/1/326131343a3763303a3230303a3a2f34302d3438203d3e20323135333930.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:7c0:200::/40

    Signature Algorithm: sha256WithRSAEncryption
         4a:64:79:33:77:57:d4:21:b8:2d:0d:94:80:31:7a:43:3b:7c:
         bc:17:0f:20:66:5c:3c:aa:c8:5f:b7:4f:5a:2a:ff:e2:ab:b9:
         ae:99:c3:63:e7:53:96:12:fa:74:3b:f4:ec:2e:0c:87:7e:23:
         8c:bc:f2:4b:f4:77:4f:f8:b9:3c:1b:b8:da:79:b3:da:d5:e2:
         d7:f2:5f:56:31:95:d0:b2:74:70:80:13:f9:8f:45:8b:2c:6c:
         ea:2e:b3:9d:a7:95:4d:1c:f0:24:3f:56:42:37:e0:1f:96:d3:
         34:06:1b:83:8d:f3:34:d6:d9:09:00:fe:2b:13:3c:bf:70:0f:
         ae:41:37:d9:e5:3e:05:d8:ad:96:58:6a:76:78:a7:9e:a6:9a:
         ec:8f:51:d0:a8:29:05:93:f3:24:9d:6e:4f:ca:de:97:87:80:
         ee:a2:58:9d:13:84:9f:7f:df:56:21:d3:16:18:1d:ce:33:e0:
         7d:f0:89:f5:3b:28:0b:d4:3c:07:13:84:b3:3d:11:91:78:1a:
         86:4d:62:2f:7a:55:86:03:5e:16:15:62:0f:1a:48:5b:36:b1:
         e2:87:88:c0:da:1e:f2:47:62:8a:10:01:ac:6f:3c:c8:26:54:
         3b:db:e4:0d:14:d1:9f:6c:2e:90:88:4d:4a:55:f2:1c:e6:ff:
         73:09:13:8c
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgIUZExABXe+ZzjJYCHt7dJsRRV1IHowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWI4ZTIxYzY4OTBiZDc5YWI3NjRkOTFiNjBjMzljM2I3
ZTQ5ODVlMTAeFw0yNDA1MjgxNDU5NThaFw0yNTA1MjcxNTA0NThaMDMxMTAvBgNV
BAMTKDBBRjZDQkRFOEFCOEVFQTAyRUQ2ODdGNjZCN0VGNTc1MTJBNzk3NTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFgaVXRl8vy7GTToeTYb/O0DjB
Ry/5ASL9dgyuKO+ct60ziJAZErJEEV7c3KvDG1GEhq91QNlfnyn9xqQej6o0aZ50
cITmClNmZoqwNcjHCdrzewo3cLmWi7nXqnGiGRHKxL9G5RjI7xQ9aP6kLSmElA4a
9M6VvSLd55hUk/6VlxUFd0g6xnf72w8x1fFoW/Sz67FyJ0V48nX/KwNXTBkhnBWi
dSbj2uVuYGYhVlDK8esBCh3Cn9tGUadpxatYkQmtaLCnu7D4vmzjQCMJ1PaoTzOk
2o4/jx4SmrUBjzh3eEl35lt73T/xEOhDc7ZscNVMjp6VPrRF6NhemqtT99KzAgMB
AAGjggHrMIIB5zAdBgNVHQ4EFgQUCvbL3oq47qAu1of2a371dRKnl1EwHwYDVR0j
BBgwFoAUW44hxokL15q3ZNkbYMOcO35JheEwDgYDVR0PAQH/BAQDAgeAMGgGA1Ud
HwRhMF8wXaBboFmGV3JzeW5jOi8vcmVwby5ycGtpLnNwYWNlL3JlcG8vSW5maW5p
cm91dGUvMS81QjhFMjFDNjg5MEJENzlBQjc2NEQ5MUI2MEMzOUMzQjdFNDk4NUUx
LmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvVzQ0aHhva0wxNXEzWk5rYllNT2NP
MzVKaGVFLmNlcjCBhwYIKwYBBQUHAQsEezB5MHcGCCsGAQUFBzALhmtyc3luYzov
L3JlcG8ucnBraS5zcGFjZS9yZXBvL0luZmluaXJvdXRlLzEvMzI2MTMxMzQzYTM3
NjMzMDNhMzIzMDMwM2EzYTJmMzQzMDJkMzQzODIwM2QzZTIwMzIzMTM1MzMzOTMw
LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIw
EDAOBAIAAjAIAwYAKhQHwAIwDQYJKoZIhvcNAQELBQADggEBAEpkeTN3V9QhuC0N
lIAxekM7fLwXDyBmXDyqyF+3T1oq/+Krua6Zw2PnU5YS+nQ79OwuDId+I4y88kv0
d0/4uTwbuNp5s9rV4tfyX1YxldCydHCAE/mPRYssbOous52nlU0c8CQ/VkI34B+W
0zQGG4ON8zTW2QkA/isTPL9wD65BN9nlPgXYrZZYanZ4p56mmuyPUdCoKQWT8ySd
bk/K3peHgO6iWJ0ThJ9/31Yh0xYYHc4z4H3wifU7KAvUPAcThLM9EZF4GoZNYi96
VYYDXhYVYg8aSFs2seKHiMDaHvJHYooQAaxvPMgmVDvb5A0U0Z9sLpCITUpV8hzm
/3MJE4w=
-----END CERTIFICATE-----