Route Origin Authorization

$ rpki-client -vvf repo.rpki.space/repo/Infiniroute/1/326131343a3763303a343830303a3a2f34302d3430203d3e20323135323932.roa
File:                     326131343a3763303a343830303a3a2f34302d3430203d3e20323135323932.roa (raw, json)
Hash identifier:          NpkxkcHKYR81RcaaolkPli24uoRJptG/cQxUuvN5c5I=
Subject key identifier:   D5:52:D0:76:27:D8:A5:68:51:39:24:90:7D:A2:3A:09:1E:59:52:95
Certificate issuer:       /CN=5b8e21c6890bd79ab764d91b60c39c3b7e4985e1
Certificate serial:       029A4EB90AC5D7FD6E2504590DE9DD4934934741
Authority key identifier: 5B:8E:21:C6:89:0B:D7:9A:B7:64:D9:1B:60:C3:9C:3B:7E:49:85:E1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/W44hxokL15q3ZNkbYMOcO35JheE.cer
Subject info access:      rsync://repo.rpki.space/repo/Infiniroute/1/326131343a3763303a343830303a3a2f34302d3430203d3e20323135323932.roa
Signing time:             Tue 28 May 2024 15:03:16 +0000
ROA not before:           Tue 28 May 2024 14:58:16 +0000
ROA not after:            Tue 27 May 2025 15:03:16 +0000
asID:                     215292
IP address blocks:        2a14:7c0:4800::/40 maxlen: 40

Validation:               OK
Signature path:           rsync://repo.rpki.space/repo/Infiniroute/1/5B8E21C6890BD79AB764D91B60C39C3B7E4985E1.crl
                          rsync://repo.rpki.space/repo/Infiniroute/1/5B8E21C6890BD79AB764D91B60C39C3B7E4985E1.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/W44hxokL15q3ZNkbYMOcO35JheE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 02 Jul 2024 21:43:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            02:9a:4e:b9:0a:c5:d7:fd:6e:25:04:59:0d:e9:dd:49:34:93:47:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5b8e21c6890bd79ab764d91b60c39c3b7e4985e1
        Validity
            Not Before: May 28 14:58:16 2024 GMT
            Not After : May 27 15:03:16 2025 GMT
        Subject: CN=D552D07627D8A568513924907DA23A091E595295
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:60:cf:a5:f3:db:fc:b8:12:35:13:b9:52:ca:
                    c2:b9:bd:2d:38:a7:12:a0:f2:93:4e:34:4f:41:4a:
                    df:f1:d9:2c:d6:60:e9:a1:45:cf:93:bd:9b:49:7f:
                    e1:f4:4d:fb:61:2e:b6:7a:df:8d:62:87:c3:c3:65:
                    e9:c4:3d:fb:f6:94:d8:f2:ef:3d:67:6f:84:ab:a5:
                    4e:17:50:a5:e4:9b:c4:6d:39:74:8d:ca:82:4f:93:
                    44:3d:f4:3f:fb:b9:38:1b:a2:9d:d3:f2:31:8f:e9:
                    a6:b1:dc:38:7c:9c:2a:fe:91:7e:56:70:a2:1c:7f:
                    8e:a9:80:86:07:d9:e4:39:9a:60:03:2a:ff:e8:16:
                    26:2b:4c:b8:25:4d:34:91:cb:34:96:b9:ca:3d:8d:
                    26:1d:49:42:77:01:67:a5:c3:56:be:2e:8f:72:5d:
                    c4:ba:cb:59:1e:77:12:3c:8a:53:ae:1f:25:39:15:
                    e2:96:ba:29:13:ab:ba:25:54:b7:27:49:6d:5f:47:
                    64:08:0b:a7:31:87:8a:cc:b1:8f:ae:66:ec:b6:11:
                    0b:f4:0f:40:f4:39:9e:ef:90:0f:92:87:1e:c2:c1:
                    51:d4:29:b4:8c:d0:3f:30:5f:78:63:35:cd:46:8a:
                    70:ae:13:69:37:e0:cb:83:03:c4:c1:da:d4:9d:6f:
                    7b:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:52:D0:76:27:D8:A5:68:51:39:24:90:7D:A2:3A:09:1E:59:52:95
            X509v3 Authority Key Identifier:
                keyid:5B:8E:21:C6:89:0B:D7:9A:B7:64:D9:1B:60:C3:9C:3B:7E:49:85:E1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo.rpki.space/repo/Infiniroute/1/5B8E21C6890BD79AB764D91B60C39C3B7E4985E1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W44hxokL15q3ZNkbYMOcO35JheE.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo.rpki.space/repo/Infiniroute/1/326131343a3763303a343830303a3a2f34302d3430203d3e20323135323932.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:7c0:4800::/40

    Signature Algorithm: sha256WithRSAEncryption
         4c:5f:64:09:59:9d:e2:97:58:85:b4:d7:dd:d6:9b:33:72:e5:
         ec:aa:e5:01:cd:ed:7d:84:72:74:85:83:64:31:fe:cd:45:1f:
         d4:f2:90:01:d0:f2:17:7e:8d:54:d1:70:78:bc:49:32:cc:30:
         b5:40:eb:9b:a2:72:57:71:81:e9:12:20:1f:9d:c3:52:e2:d7:
         d9:5c:79:4e:41:ca:b1:c4:49:6a:9b:c4:b7:7a:86:30:dd:f2:
         3f:28:63:03:28:c5:72:85:af:00:55:f2:a9:93:0a:7d:a1:da:
         d4:55:99:8d:83:2a:10:39:ce:ab:f7:1c:4d:57:dd:e0:13:8f:
         88:79:ac:83:e9:ae:fb:e6:e0:27:41:57:fc:e4:d4:6c:90:31:
         db:ae:c6:22:5f:08:35:19:e8:a0:30:6d:a2:c0:e2:3d:b4:25:
         d7:47:7b:0c:dd:b5:e8:ed:30:99:a1:51:5e:65:45:e7:91:9b:
         16:e9:71:35:25:f6:92:b2:7d:19:99:dd:50:9d:27:67:07:1a:
         75:aa:51:31:c5:75:79:ab:85:ea:01:ed:b6:21:61:4c:c3:70:
         63:b1:6f:a6:78:d6:79:27:46:61:42:9a:eb:5d:f9:c1:31:23:
         d0:38:08:78:5f:bf:bb:ee:c2:07:15:11:88:47:43:c2:a2:1d:
         f6:fd:df:91
-----BEGIN CERTIFICATE-----
MIIE4zCCA8ugAwIBAgIUAppOuQrF1/1uJQRZDendSTSTR0EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWI4ZTIxYzY4OTBiZDc5YWI3NjRkOTFiNjBjMzljM2I3
ZTQ5ODVlMTAeFw0yNDA1MjgxNDU4MTZaFw0yNTA1MjcxNTAzMTZaMDMxMTAvBgNV
BAMTKEQ1NTJEMDc2MjdEOEE1Njg1MTM5MjQ5MDdEQTIzQTA5MUU1OTUyOTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmYM+l89v8uBI1E7lSysK5vS04
pxKg8pNONE9BSt/x2SzWYOmhRc+TvZtJf+H0TfthLrZ6341ih8PDZenEPfv2lNjy
7z1nb4SrpU4XUKXkm8RtOXSNyoJPk0Q99D/7uTgbop3T8jGP6aax3Dh8nCr+kX5W
cKIcf46pgIYH2eQ5mmADKv/oFiYrTLglTTSRyzSWuco9jSYdSUJ3AWelw1a+Lo9y
XcS6y1kedxI8ilOuHyU5FeKWuikTq7olVLcnSW1fR2QIC6cxh4rMsY+uZuy2EQv0
D0D0OZ7vkA+Shx7CwVHUKbSM0D8wX3hjNc1GinCuE2k34MuDA8TB2tSdb3tXAgMB
AAGjggHtMIIB6TAdBgNVHQ4EFgQU1VLQdifYpWhROSSQfaI6CR5ZUpUwHwYDVR0j
BBgwFoAUW44hxokL15q3ZNkbYMOcO35JheEwDgYDVR0PAQH/BAQDAgeAMGgGA1Ud
HwRhMF8wXaBboFmGV3JzeW5jOi8vcmVwby5ycGtpLnNwYWNlL3JlcG8vSW5maW5p
cm91dGUvMS81QjhFMjFDNjg5MEJENzlBQjc2NEQ5MUI2MEMzOUMzQjdFNDk4NUUx
LmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvVzQ0aHhva0wxNXEzWk5rYllNT2NP
MzVKaGVFLmNlcjCBiQYIKwYBBQUHAQsEfTB7MHkGCCsGAQUFBzALhm1yc3luYzov
L3JlcG8ucnBraS5zcGFjZS9yZXBvL0luZmluaXJvdXRlLzEvMzI2MTMxMzQzYTM3
NjMzMDNhMzQzODMwMzAzYTNhMmYzNDMwMmQzNDMwMjAzZDNlMjAzMjMxMzUzMjM5
MzIucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8E
EjAQMA4EAgACMAgDBgAqFAfASDANBgkqhkiG9w0BAQsFAAOCAQEATF9kCVmd4pdY
hbTX3dabM3Ll7KrlAc3tfYRydIWDZDH+zUUf1PKQAdDyF36NVNFweLxJMswwtUDr
m6JyV3GB6RIgH53DUuLX2Vx5TkHKscRJapvEt3qGMN3yPyhjAyjFcoWvAFXyqZMK
faHa1FWZjYMqEDnOq/ccTVfd4BOPiHmsg+mu++bgJ0FX/OTUbJAx267GIl8INRno
oDBtosDiPbQl10d7DN216O0wmaFRXmVF55GbFulxNSX2krJ9GZndUJ0nZwcadapR
McV1eauF6gHttiFhTMNwY7FvpnjWeSdGYUKa6135wTEj0DgIeF+/u+7CBxURiEdD
wqId9v3fkQ==
-----END CERTIFICATE-----