Route Origin Authorization

$ rpki-client -vvf repo.rpki.space/repo/Pfcloud/0/326131343a3763323a3a2f33322d3438203d3e203531333936.roa
File:                     326131343a3763323a3a2f33322d3438203d3e203531333936.roa (raw, json)
Hash identifier:          57qSKDrIfRthqcW/vnt7Zy9Z2mIbcC8fLF1sziOWsAc=
Subject key identifier:   51:E9:27:1B:AF:8E:94:04:BA:EC:F8:EE:92:21:3A:70:57:A6:AD:6C
Certificate issuer:       /CN=43FB377824B048048B8756B6C65C599B82AEB5B9
Certificate serial:       262F9DDB76874F215C246A8B067A4E4B56A5F884
Authority key identifier: 43:FB:37:78:24:B0:48:04:8B:87:56:B6:C6:5C:59:9B:82:AE:B5:B9
Authority info access:    rsync://repo.rpki.space/repo/Infiniroute/1/43FB377824B048048B8756B6C65C599B82AEB5B9.cer
Subject info access:      rsync://repo.rpki.space/repo/Pfcloud/0/326131343a3763323a3a2f33322d3438203d3e203531333936.roa
Signing time:             Tue 28 May 2024 16:11:23 +0000
ROA not before:           Tue 28 May 2024 16:06:23 +0000
ROA not after:            Tue 27 May 2025 16:11:23 +0000
asID:                     51396
IP address blocks:        2a14:7c2::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://repo.rpki.space/repo/Pfcloud/0/43FB377824B048048B8756B6C65C599B82AEB5B9.crl
                          rsync://repo.rpki.space/repo/Pfcloud/0/43FB377824B048048B8756B6C65C599B82AEB5B9.mft
                          rsync://repo.rpki.space/repo/Infiniroute/1/43FB377824B048048B8756B6C65C599B82AEB5B9.cer
                          rsync://repo.rpki.space/repo/Infiniroute/1/5B8E21C6890BD79AB764D91B60C39C3B7E4985E1.crl
                          rsync://repo.rpki.space/repo/Infiniroute/1/5B8E21C6890BD79AB764D91B60C39C3B7E4985E1.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/W44hxokL15q3ZNkbYMOcO35JheE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 07 Jul 2024 13:53:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            26:2f:9d:db:76:87:4f:21:5c:24:6a:8b:06:7a:4e:4b:56:a5:f8:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43FB377824B048048B8756B6C65C599B82AEB5B9
        Validity
            Not Before: May 28 16:06:23 2024 GMT
            Not After : May 27 16:11:23 2025 GMT
        Subject: CN=51E9271BAF8E9404BAECF8EE92213A7057A6AD6C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:c1:9e:66:98:b2:37:fe:8e:af:dd:63:74:0d:
                    d7:31:b2:23:6c:c1:39:33:17:4f:65:d1:9d:03:57:
                    c7:84:d5:51:bb:14:fa:80:5b:71:e6:d5:cb:01:59:
                    8d:a2:9c:b3:11:61:85:30:6d:8a:80:e0:77:40:c9:
                    7d:1f:86:d4:12:ee:d3:be:7e:d4:c4:b3:02:12:d9:
                    95:e7:b8:ca:bd:c7:37:0d:84:a0:e1:0a:b2:e5:f4:
                    cd:19:a0:9f:b7:cf:94:0b:9e:83:bc:8d:d2:ea:8a:
                    20:60:08:6c:aa:e2:df:2d:51:24:03:39:e5:af:ba:
                    7f:ca:b9:57:24:da:a3:b9:cf:b8:cd:ff:7a:1e:be:
                    19:69:60:c8:df:a1:f0:68:ef:64:9a:0f:0f:b2:56:
                    fe:c0:e1:1b:d1:c1:1c:e4:46:d9:b6:f7:e6:57:9c:
                    7f:c6:86:0a:33:19:42:3c:35:98:1d:55:a6:e5:4a:
                    ad:bc:12:0a:eb:cd:69:f2:81:f3:7d:9a:84:be:fe:
                    f1:2a:19:74:4b:2a:3c:ed:7d:ff:c0:0c:eb:4e:50:
                    ae:f3:9b:a0:de:4f:ef:ed:bd:87:ff:bf:02:92:f2:
                    7c:a2:ed:f1:8e:09:07:ff:47:9e:a9:dd:9b:17:e4:
                    09:e2:bf:fd:c0:44:17:9c:5f:5b:6f:cb:42:89:0c:
                    f6:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:E9:27:1B:AF:8E:94:04:BA:EC:F8:EE:92:21:3A:70:57:A6:AD:6C
            X509v3 Authority Key Identifier:
                keyid:43:FB:37:78:24:B0:48:04:8B:87:56:B6:C6:5C:59:9B:82:AE:B5:B9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo.rpki.space/repo/Pfcloud/0/43FB377824B048048B8756B6C65C599B82AEB5B9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo.rpki.space/repo/Infiniroute/1/43FB377824B048048B8756B6C65C599B82AEB5B9.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo.rpki.space/repo/Pfcloud/0/326131343a3763323a3a2f33322d3438203d3e203531333936.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:7c2::/32

    Signature Algorithm: sha256WithRSAEncryption
         2b:70:45:d3:0e:f6:12:b3:2e:1b:ba:6e:3f:a4:51:59:5f:eb:
         68:fe:07:7d:09:4b:d8:1b:b8:9b:30:ea:84:e4:0b:25:17:6b:
         b6:e5:13:22:47:eb:2f:5b:6b:18:b4:e5:d7:1c:1b:75:a1:5f:
         d1:05:30:82:c4:60:68:30:cf:ab:22:71:62:29:f6:05:3c:e7:
         4a:23:55:29:ef:61:26:58:7f:cc:a3:6a:7c:07:b5:e0:42:08:
         36:d4:3c:20:63:84:59:c7:48:0e:bf:d0:15:90:1f:f8:ed:e2:
         ca:67:f4:f2:fd:a4:20:c9:64:70:d4:43:e2:57:4f:6f:9f:56:
         32:64:1f:f0:4e:cb:7d:f2:6a:43:9a:a2:32:6b:4a:a7:da:66:
         c8:2c:7d:c9:80:83:eb:e8:dd:ee:3f:f3:fb:e0:be:2b:d1:b6:
         ae:de:7c:84:13:fb:b0:95:1b:f7:ca:d3:15:f4:6a:a3:86:5f:
         3a:29:11:cc:c1:da:61:cc:c0:1f:bb:0d:45:aa:03:e2:89:d0:
         8b:e7:18:36:6c:76:f9:41:7d:26:98:63:90:2a:7c:3f:e9:a2:
         f9:b8:63:d5:4c:d1:67:24:5c:6d:5c:ff:74:57:44:b4:42:3b:
         77:96:53:05:f2:d5:74:c8:75:14:af:d6:17:e7:ad:da:f6:00:
         c1:c1:ca:f2
-----BEGIN CERTIFICATE-----
MIIE3DCCA8SgAwIBAgIUJi+d23aHTyFcJGqLBnpOS1al+IQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDNGQjM3NzgyNEIwNDgwNDhCODc1NkI2QzY1QzU5OUI4
MkFFQjVCOTAeFw0yNDA1MjgxNjA2MjNaFw0yNTA1MjcxNjExMjNaMDMxMTAvBgNV
BAMTKDUxRTkyNzFCQUY4RTk0MDRCQUVDRjhFRTkyMjEzQTcwNTdBNkFENkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9wZ5mmLI3/o6v3WN0DdcxsiNs
wTkzF09l0Z0DV8eE1VG7FPqAW3Hm1csBWY2inLMRYYUwbYqA4HdAyX0fhtQS7tO+
ftTEswIS2ZXnuMq9xzcNhKDhCrLl9M0ZoJ+3z5QLnoO8jdLqiiBgCGyq4t8tUSQD
OeWvun/KuVck2qO5z7jN/3oevhlpYMjfofBo72SaDw+yVv7A4RvRwRzkRtm29+ZX
nH/GhgozGUI8NZgdVablSq28EgrrzWnygfN9moS+/vEqGXRLKjztff/ADOtOUK7z
m6DeT+/tvYf/vwKS8nyi7fGOCQf/R56p3ZsX5Aniv/3ARBecX1tvy0KJDPadAgMB
AAGjggHmMIIB4jAdBgNVHQ4EFgQUUeknG6+OlAS67PjukiE6cFemrWwwHwYDVR0j
BBgwFoAUQ/s3eCSwSASLh1a2xlxZm4KutbkwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud
HwRdMFswWaBXoFWGU3JzeW5jOi8vcmVwby5ycGtpLnNwYWNlL3JlcG8vUGZjbG91
ZC8wLzQzRkIzNzc4MjRCMDQ4MDQ4Qjg3NTZCNkM2NUM1OTlCODJBRUI1QjkuY3Js
MHMGCCsGAQUFBwEBBGcwZTBjBggrBgEFBQcwAoZXcnN5bmM6Ly9yZXBvLnJwa2ku
c3BhY2UvcmVwby9JbmZpbmlyb3V0ZS8xLzQzRkIzNzc4MjRCMDQ4MDQ4Qjg3NTZC
NkM2NUM1OTlCODJBRUI1QjkuY2VyMHkGCCsGAQUFBwELBG0wazBpBggrBgEFBQcw
C4ZdcnN5bmM6Ly9yZXBvLnJwa2kuc3BhY2UvcmVwby9QZmNsb3VkLzAvMzI2MTMx
MzQzYTM3NjMzMjNhM2EyZjMzMzIyZDM0MzgyMDNkM2UyMDM1MzEzMzM5MzYucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0E
AgACMAcDBQAqFAfCMA0GCSqGSIb3DQEBCwUAA4IBAQArcEXTDvYSsy4bum4/pFFZ
X+to/gd9CUvYG7ibMOqE5AslF2u25RMiR+svW2sYtOXXHBt1oV/RBTCCxGBoMM+r
InFiKfYFPOdKI1Up72EmWH/Mo2p8B7XgQgg21DwgY4RZx0gOv9AVkB/47eLKZ/Ty
/aQgyWRw1EPiV09vn1YyZB/wTst98mpDmqIya0qn2mbILH3JgIPr6N3uP/P74L4r
0bau3nyEE/uwlRv3ytMV9Gqjhl86KRHMwdphzMAfuw1FqgPiidCL5xg2bHb5QX0m
mGOQKnw/6aL5uGPVTNFnJFxtXP90V0S0Qjt3llMF8tV0yHUUr9YX563a9gDBwcry
-----END CERTIFICATE-----