Route Origin Authorization

$ rpki-client -vvf repo.rpki.space/repo/Infiniroute/1/326131343a3763303a346530303a3a2f34302d3438203d3e20323134373831.roa
File:                     326131343a3763303a346530303a3a2f34302d3438203d3e20323134373831.roa (raw, json)
Hash identifier:          TezyyIdlR9IcdXy0LZ5MqaheOPTarTN8ZkdBmkymTiY=
Subject key identifier:   61:48:7E:DB:B3:5C:6B:90:C2:86:2C:DB:AF:6B:DA:FE:6C:75:A6:1C
Certificate issuer:       /CN=5b8e21c6890bd79ab764d91b60c39c3b7e4985e1
Certificate serial:       3286E2A532DEF5EF621DA10DC574E0721EB9043B
Authority key identifier: 5B:8E:21:C6:89:0B:D7:9A:B7:64:D9:1B:60:C3:9C:3B:7E:49:85:E1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/W44hxokL15q3ZNkbYMOcO35JheE.cer
Subject info access:      rsync://repo.rpki.space/repo/Infiniroute/1/326131343a3763303a346530303a3a2f34302d3438203d3e20323134373831.roa
Signing time:             Wed 05 Jun 2024 22:24:58 +0000
ROA not before:           Wed 05 Jun 2024 22:19:58 +0000
ROA not after:            Wed 04 Jun 2025 22:24:58 +0000
asID:                     214781
IP address blocks:        2a14:7c0:4e00::/40 maxlen: 48

Validation:               OK
Signature path:           rsync://repo.rpki.space/repo/Infiniroute/1/5B8E21C6890BD79AB764D91B60C39C3B7E4985E1.crl
                          rsync://repo.rpki.space/repo/Infiniroute/1/5B8E21C6890BD79AB764D91B60C39C3B7E4985E1.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/W44hxokL15q3ZNkbYMOcO35JheE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 02 Jul 2024 21:43:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            32:86:e2:a5:32:de:f5:ef:62:1d:a1:0d:c5:74:e0:72:1e:b9:04:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5b8e21c6890bd79ab764d91b60c39c3b7e4985e1
        Validity
            Not Before: Jun  5 22:19:58 2024 GMT
            Not After : Jun  4 22:24:58 2025 GMT
        Subject: CN=61487EDBB35C6B90C2862CDBAF6BDAFE6C75A61C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:7b:6c:eb:c7:eb:c0:8a:79:cb:87:52:aa:64:
                    00:1f:60:e1:65:b1:7d:cf:d1:9a:e9:f0:be:72:be:
                    11:7c:4b:4b:a5:ab:16:ca:9e:26:7f:98:0e:6c:26:
                    d2:fa:8c:ee:4b:bf:49:b0:6f:b2:1d:a3:8e:e1:9b:
                    bd:51:0f:34:26:a3:fd:87:75:c7:95:ee:02:6a:a7:
                    c8:07:e2:c9:e9:f8:6c:eb:b1:4c:a2:ff:4a:23:fe:
                    f3:15:72:a6:12:46:10:5e:03:96:23:29:29:d7:f4:
                    f4:d6:cd:03:cf:34:36:2a:00:f1:74:67:58:52:1a:
                    b1:ab:f2:9d:55:77:79:4e:5d:7c:25:cc:3f:83:f1:
                    72:4a:b1:8a:b6:99:e3:14:60:b8:6c:96:fa:5a:fb:
                    c0:91:4b:f1:71:d2:81:7f:c1:f3:78:17:63:ee:2a:
                    a4:68:7d:ad:ca:d5:86:b8:e6:fd:d6:9e:97:6c:31:
                    ae:33:8d:6e:bb:ef:eb:f8:aa:78:9a:1f:0b:96:e8:
                    1b:81:68:ae:fd:1c:0d:83:68:da:a5:3e:1f:03:3b:
                    de:36:45:c7:1c:d3:d4:e7:60:96:57:a0:29:33:74:
                    b2:a3:6a:7b:5f:75:a9:d7:ed:07:ee:86:57:f0:0a:
                    b5:33:ad:24:3f:81:42:25:f8:fa:bc:d7:f3:d6:fd:
                    5a:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:48:7E:DB:B3:5C:6B:90:C2:86:2C:DB:AF:6B:DA:FE:6C:75:A6:1C
            X509v3 Authority Key Identifier:
                keyid:5B:8E:21:C6:89:0B:D7:9A:B7:64:D9:1B:60:C3:9C:3B:7E:49:85:E1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo.rpki.space/repo/Infiniroute/1/5B8E21C6890BD79AB764D91B60C39C3B7E4985E1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W44hxokL15q3ZNkbYMOcO35JheE.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo.rpki.space/repo/Infiniroute/1/326131343a3763303a346530303a3a2f34302d3438203d3e20323134373831.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:7c0:4e00::/40

    Signature Algorithm: sha256WithRSAEncryption
         2e:63:c1:22:5b:a3:5b:3b:37:2f:c8:42:f8:3d:16:3e:a8:c2:
         1e:b1:02:20:8b:b5:fe:24:4b:03:b0:fc:97:85:53:fa:94:07:
         91:ad:a3:da:ac:69:4e:3a:e1:9c:3d:a0:d6:aa:12:5d:6f:54:
         94:29:6e:31:54:82:a1:a3:1e:0d:86:62:8e:c6:b5:cc:e6:05:
         e5:c4:a2:d5:61:46:df:1a:fc:78:56:62:e7:43:8f:58:cf:18:
         22:6c:42:54:eb:e8:aa:49:40:77:91:22:5b:81:96:f4:cb:c9:
         2a:f9:4a:d5:a7:ff:3d:4d:75:e0:c6:47:fe:3e:d2:cf:da:a2:
         72:83:ae:48:ea:21:53:94:a4:12:1b:9e:1e:2c:6a:61:65:94:
         11:4c:72:06:56:63:9f:69:60:04:85:63:11:bc:03:cc:e1:46:
         7d:7e:35:69:fe:91:28:64:d8:4c:2b:18:57:75:42:5d:ae:62:
         a6:20:04:c1:a2:09:cf:49:d6:84:00:52:1a:fc:88:52:4c:f9:
         ce:99:1c:56:91:88:ee:2f:90:49:ca:57:4c:8b:d5:e3:3d:6b:
         37:c8:fe:bb:6c:1a:8e:6b:d1:e4:17:e4:a4:cd:2f:04:ab:ec:
         53:4d:68:b0:da:9f:13:ea:5a:6e:53:3e:46:c3:c1:4e:c4:39:
         54:b7:23:83
-----BEGIN CERTIFICATE-----
MIIE4zCCA8ugAwIBAgIUMobipTLe9e9iHaENxXTgch65BDswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWI4ZTIxYzY4OTBiZDc5YWI3NjRkOTFiNjBjMzljM2I3
ZTQ5ODVlMTAeFw0yNDA2MDUyMjE5NThaFw0yNTA2MDQyMjI0NThaMDMxMTAvBgNV
BAMTKDYxNDg3RURCQjM1QzZCOTBDMjg2MkNEQkFGNkJEQUZFNkM3NUE2MUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCue2zrx+vAinnLh1KqZAAfYOFl
sX3P0Zrp8L5yvhF8S0ulqxbKniZ/mA5sJtL6jO5Lv0mwb7Ido47hm71RDzQmo/2H
dceV7gJqp8gH4snp+GzrsUyi/0oj/vMVcqYSRhBeA5YjKSnX9PTWzQPPNDYqAPF0
Z1hSGrGr8p1Vd3lOXXwlzD+D8XJKsYq2meMUYLhslvpa+8CRS/Fx0oF/wfN4F2Pu
KqRofa3K1Ya45v3WnpdsMa4zjW677+v4qniaHwuW6BuBaK79HA2DaNqlPh8DO942
Rccc09TnYJZXoCkzdLKjantfdanX7QfuhlfwCrUzrSQ/gUIl+Pq81/PW/VrxAgMB
AAGjggHtMIIB6TAdBgNVHQ4EFgQUYUh+27Nca5DChizbr2va/mx1phwwHwYDVR0j
BBgwFoAUW44hxokL15q3ZNkbYMOcO35JheEwDgYDVR0PAQH/BAQDAgeAMGgGA1Ud
HwRhMF8wXaBboFmGV3JzeW5jOi8vcmVwby5ycGtpLnNwYWNlL3JlcG8vSW5maW5p
cm91dGUvMS81QjhFMjFDNjg5MEJENzlBQjc2NEQ5MUI2MEMzOUMzQjdFNDk4NUUx
LmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvVzQ0aHhva0wxNXEzWk5rYllNT2NP
MzVKaGVFLmNlcjCBiQYIKwYBBQUHAQsEfTB7MHkGCCsGAQUFBzALhm1yc3luYzov
L3JlcG8ucnBraS5zcGFjZS9yZXBvL0luZmluaXJvdXRlLzEvMzI2MTMxMzQzYTM3
NjMzMDNhMzQ2NTMwMzAzYTNhMmYzNDMwMmQzNDM4MjAzZDNlMjAzMjMxMzQzNzM4
MzEucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8E
EjAQMA4EAgACMAgDBgAqFAfATjANBgkqhkiG9w0BAQsFAAOCAQEALmPBIlujWzs3
L8hC+D0WPqjCHrECIIu1/iRLA7D8l4VT+pQHka2j2qxpTjrhnD2g1qoSXW9UlClu
MVSCoaMeDYZijsa1zOYF5cSi1WFG3xr8eFZi50OPWM8YImxCVOvoqklAd5EiW4GW
9MvJKvlK1af/PU114MZH/j7Sz9qicoOuSOohU5SkEhueHixqYWWUEUxyBlZjn2lg
BIVjEbwDzOFGfX41af6RKGTYTCsYV3VCXa5ipiAEwaIJz0nWhABSGvyIUkz5zpkc
VpGI7i+QScpXTIvV4z1rN8j+u2wajmvR5BfkpM0vBKvsU01osNqfE+pablM+RsPB
TsQ5VLcjgw==
-----END CERTIFICATE-----