Route Origin Authorization

$ rpki-client -vvf repo.rpki.space/repo/Infiniroute/1/326131343a3763303a353830303a3a2f33382d3438203d3e20323134393637.roa
File:                     326131343a3763303a353830303a3a2f33382d3438203d3e20323134393637.roa (raw, json)
Hash identifier:          Esi69oKgRqdkfYmi7hHd2MNIh6xz++Q8oN3fGherT6k=
Subject key identifier:   D3:66:FE:45:C5:CF:F4:6B:C0:09:E9:C4:B1:63:37:29:32:B8:D6:CB
Certificate issuer:       /CN=5b8e21c6890bd79ab764d91b60c39c3b7e4985e1
Certificate serial:       184EE4AC5775BCDA9463D559EE02EAA9882ABD4E
Authority key identifier: 5B:8E:21:C6:89:0B:D7:9A:B7:64:D9:1B:60:C3:9C:3B:7E:49:85:E1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/W44hxokL15q3ZNkbYMOcO35JheE.cer
Subject info access:      rsync://repo.rpki.space/repo/Infiniroute/1/326131343a3763303a353830303a3a2f33382d3438203d3e20323134393637.roa
Signing time:             Sat 15 Jun 2024 19:30:40 +0000
ROA not before:           Sat 15 Jun 2024 19:25:40 +0000
ROA not after:            Sat 14 Jun 2025 19:30:40 +0000
asID:                     214967
IP address blocks:        2a14:7c0:5800::/38 maxlen: 48

Validation:               OK
Signature path:           rsync://repo.rpki.space/repo/Infiniroute/1/5B8E21C6890BD79AB764D91B60C39C3B7E4985E1.crl
                          rsync://repo.rpki.space/repo/Infiniroute/1/5B8E21C6890BD79AB764D91B60C39C3B7E4985E1.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/W44hxokL15q3ZNkbYMOcO35JheE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 02 Jul 2024 21:43:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            18:4e:e4:ac:57:75:bc:da:94:63:d5:59:ee:02:ea:a9:88:2a:bd:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5b8e21c6890bd79ab764d91b60c39c3b7e4985e1
        Validity
            Not Before: Jun 15 19:25:40 2024 GMT
            Not After : Jun 14 19:30:40 2025 GMT
        Subject: CN=D366FE45C5CFF46BC009E9C4B163372932B8D6CB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:c0:38:ee:fe:31:3d:eb:ab:d5:bd:9d:36:02:
                    8e:18:58:b1:92:11:4e:9d:aa:55:25:70:f9:27:5f:
                    3d:18:c3:0a:a6:f2:33:0d:3e:40:ec:42:95:f8:1a:
                    e0:9f:6d:f9:94:8a:4d:cb:19:e4:c1:2e:d0:7f:e1:
                    dd:51:e3:41:26:52:58:ae:a0:ec:f9:aa:6e:91:87:
                    d5:81:b8:51:98:91:43:1b:11:17:db:3b:5d:db:26:
                    70:93:e8:12:38:79:a4:1e:56:14:8f:61:59:72:a1:
                    fb:7f:5d:cd:c3:13:e1:3b:0e:bb:4b:dc:55:29:92:
                    3b:88:e8:d3:b1:3f:f6:8e:f7:32:4b:8f:77:19:c6:
                    42:67:2a:1b:b2:1d:82:80:4f:2d:38:43:f3:18:91:
                    d4:e3:5b:17:e0:e4:ce:5b:5f:4f:02:15:7e:a5:2c:
                    4d:88:8f:b9:86:61:1e:be:12:53:2e:46:4d:fd:90:
                    3e:bc:56:ea:0a:d9:6e:74:f7:28:a6:d2:c5:5e:a8:
                    f7:3e:71:b4:b6:11:57:ae:8a:c2:39:41:ff:83:fe:
                    f8:6f:31:86:dc:93:19:46:7c:e9:6e:a6:a7:b7:b1:
                    68:12:3c:4d:7b:d7:72:c5:ea:13:32:1d:05:2f:3e:
                    25:09:d8:44:67:91:48:7c:95:2b:55:b5:e4:73:99:
                    90:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:66:FE:45:C5:CF:F4:6B:C0:09:E9:C4:B1:63:37:29:32:B8:D6:CB
            X509v3 Authority Key Identifier:
                keyid:5B:8E:21:C6:89:0B:D7:9A:B7:64:D9:1B:60:C3:9C:3B:7E:49:85:E1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo.rpki.space/repo/Infiniroute/1/5B8E21C6890BD79AB764D91B60C39C3B7E4985E1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W44hxokL15q3ZNkbYMOcO35JheE.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo.rpki.space/repo/Infiniroute/1/326131343a3763303a353830303a3a2f33382d3438203d3e20323134393637.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:7c0:5800::/38

    Signature Algorithm: sha256WithRSAEncryption
         71:5c:5b:bd:ec:07:3c:f2:62:4e:fd:57:19:c4:5e:cc:b1:11:
         10:b2:b2:6d:19:06:1f:cb:1e:76:64:52:cc:bb:9b:2e:bd:74:
         cf:9a:59:a8:ec:94:52:fa:01:27:27:72:39:15:a5:9f:1a:ea:
         4b:01:a3:ee:29:23:06:9f:59:80:21:cc:12:72:f4:b3:4a:2a:
         a7:32:2a:c4:f6:bd:5b:3a:af:60:f5:f7:8a:73:4a:69:73:e9:
         8a:f6:52:97:55:c0:31:ef:38:ad:a6:14:01:35:4f:b1:1f:0b:
         af:09:f4:65:a6:eb:71:3b:3e:bb:76:05:13:2e:bb:58:87:cd:
         5e:02:d8:63:ef:90:da:c5:af:3d:1f:cf:ac:08:b5:b5:e9:f2:
         93:7b:6d:8a:60:ed:fc:68:01:1d:3d:0d:8a:48:2b:03:dc:cd:
         4f:48:03:78:ce:2c:86:f5:b8:bd:20:d1:a3:4f:3b:ae:41:6a:
         69:10:b0:c3:9d:b4:01:22:74:4f:e3:90:a6:77:6b:71:78:c2:
         bc:b1:42:c1:ec:de:cf:60:7a:24:60:dc:38:f6:eb:a3:b6:c4:
         28:1c:ba:72:4c:19:b8:51:7d:f5:37:1c:76:c6:b3:39:b6:38:
         83:25:9d:b0:26:ec:05:80:e4:55:c6:6b:8f:10:f4:e6:e5:70:
         64:73:f0:d8
-----BEGIN CERTIFICATE-----
MIIE4zCCA8ugAwIBAgIUGE7krFd1vNqUY9VZ7gLqqYgqvU4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWI4ZTIxYzY4OTBiZDc5YWI3NjRkOTFiNjBjMzljM2I3
ZTQ5ODVlMTAeFw0yNDA2MTUxOTI1NDBaFw0yNTA2MTQxOTMwNDBaMDMxMTAvBgNV
BAMTKEQzNjZGRTQ1QzVDRkY0NkJDMDA5RTlDNEIxNjMzNzI5MzJCOEQ2Q0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCOwDju/jE966vVvZ02Ao4YWLGS
EU6dqlUlcPknXz0Ywwqm8jMNPkDsQpX4GuCfbfmUik3LGeTBLtB/4d1R40EmUliu
oOz5qm6Rh9WBuFGYkUMbERfbO13bJnCT6BI4eaQeVhSPYVlyoft/Xc3DE+E7DrtL
3FUpkjuI6NOxP/aO9zJLj3cZxkJnKhuyHYKATy04Q/MYkdTjWxfg5M5bX08CFX6l
LE2Ij7mGYR6+ElMuRk39kD68VuoK2W509yim0sVeqPc+cbS2EVeuisI5Qf+D/vhv
MYbckxlGfOlupqe3sWgSPE1713LF6hMyHQUvPiUJ2ERnkUh8lStVteRzmZBLAgMB
AAGjggHtMIIB6TAdBgNVHQ4EFgQU02b+RcXP9GvACenEsWM3KTK41sswHwYDVR0j
BBgwFoAUW44hxokL15q3ZNkbYMOcO35JheEwDgYDVR0PAQH/BAQDAgeAMGgGA1Ud
HwRhMF8wXaBboFmGV3JzeW5jOi8vcmVwby5ycGtpLnNwYWNlL3JlcG8vSW5maW5p
cm91dGUvMS81QjhFMjFDNjg5MEJENzlBQjc2NEQ5MUI2MEMzOUMzQjdFNDk4NUUx
LmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvVzQ0aHhva0wxNXEzWk5rYllNT2NP
MzVKaGVFLmNlcjCBiQYIKwYBBQUHAQsEfTB7MHkGCCsGAQUFBzALhm1yc3luYzov
L3JlcG8ucnBraS5zcGFjZS9yZXBvL0luZmluaXJvdXRlLzEvMzI2MTMxMzQzYTM3
NjMzMDNhMzUzODMwMzAzYTNhMmYzMzM4MmQzNDM4MjAzZDNlMjAzMjMxMzQzOTM2
Mzcucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8E
EjAQMA4EAgACMAgDBgIqFAfAWDANBgkqhkiG9w0BAQsFAAOCAQEAcVxbvewHPPJi
Tv1XGcRezLERELKybRkGH8sedmRSzLubLr10z5pZqOyUUvoBJydyORWlnxrqSwGj
7ikjBp9ZgCHMEnL0s0oqpzIqxPa9WzqvYPX3inNKaXPpivZSl1XAMe84raYUATVP
sR8Lrwn0ZabrcTs+u3YFEy67WIfNXgLYY++Q2sWvPR/PrAi1tenyk3ttimDt/GgB
HT0NikgrA9zNT0gDeM4shvW4vSDRo087rkFqaRCww520ASJ0T+OQpndrcXjCvLFC
wezez2B6JGDcOPbro7bEKBy6ckwZuFF99TccdsazObY4gyWdsCbsBYDkVcZrjxD0
5uVwZHPw2A==
-----END CERTIFICATE-----