Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/68ababbb-f048-4de1-9206-8d40f071808b/6/326130363a313238333a383030333a3a2f34382d313238203d3e20323131303636.roa
File:                     326130363a313238333a383030333a3a2f34382d313238203d3e20323131303636.roa (raw, json)
Hash identifier:          hYctHpFLZLrdZbOQKdUp5gBu76GVnDNrzAlSQDHkf8o=
Subject key identifier:   1A:68:56:B2:CF:0F:C7:A3:9F:61:4E:E0:AD:73:5E:6C:4F:C9:35:04
Certificate issuer:       /CN=D54D443B67C1CC5EA1B5446EA0643CAC3A7A8B2C
Certificate serial:       7F9D737E50698E651785A7715286D70F5B766BE6
Authority key identifier: D5:4D:44:3B:67:C1:CC:5E:A1:B5:44:6E:A0:64:3C:AC:3A:7A:8B:2C
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/4/D54D443B67C1CC5EA1B5446EA0643CAC3A7A8B2C.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/68ababbb-f048-4de1-9206-8d40f071808b/6/326130363a313238333a383030333a3a2f34382d313238203d3e20323131303636.roa
Signing time:             Sun 20 Jul 2025 23:44:05 +0000
ROA not before:           Sun 20 Jul 2025 23:39:05 +0000
ROA not after:            Sun 19 Jul 2026 23:44:05 +0000
asID:                     211066
IP address blocks:        2a06:1283:8003::/48 maxlen: 128
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/68ababbb-f048-4de1-9206-8d40f071808b/6/D54D443B67C1CC5EA1B5446EA0643CAC3A7A8B2C.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/68ababbb-f048-4de1-9206-8d40f071808b/6/D54D443B67C1CC5EA1B5446EA0643CAC3A7A8B2C.mft
                          rsync://rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/4/D54D443B67C1CC5EA1B5446EA0643CAC3A7A8B2C.cer
                          rsync://rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/4/4807C118BD348934B5CC59B3E8A7A8C14F29C3FB.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/4/4807C118BD348934B5CC59B3E8A7A8C14F29C3FB.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/4807C118BD348934B5CC59B3E8A7A8C14F29C3FB.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 23 Jul 2025 11:25:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7f:9d:73:7e:50:69:8e:65:17:85:a7:71:52:86:d7:0f:5b:76:6b:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D54D443B67C1CC5EA1B5446EA0643CAC3A7A8B2C
        Validity
            Not Before: Jul 20 23:39:05 2025 GMT
            Not After : Jul 19 23:44:05 2026 GMT
        Subject: CN=1A6856B2CF0FC7A39F614EE0AD735E6C4FC93504
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:92:fc:5f:74:b3:64:96:65:9b:d2:4d:4b:45:
                    09:dc:ac:50:c5:c0:cf:2b:21:a1:bb:5a:88:29:1c:
                    61:d9:6c:b8:3c:5c:3c:02:cc:e3:e3:4d:df:ee:4c:
                    1f:b8:29:9d:4e:4a:34:f9:8c:c9:95:1e:fd:43:0a:
                    ea:16:97:b9:29:c5:5e:5c:80:99:20:02:97:41:12:
                    0e:f2:51:19:56:f9:d2:b6:a5:19:fd:a6:aa:63:4a:
                    60:26:10:75:89:7b:0d:ae:88:aa:93:ca:28:41:a7:
                    05:03:a1:9f:87:2a:9f:13:e3:03:48:a2:01:37:12:
                    2d:19:61:a1:d7:cb:aa:5f:4b:21:69:f2:e2:8f:e2:
                    d5:b4:34:55:d3:90:59:6f:61:ff:a3:84:f0:aa:ea:
                    44:88:e7:2b:81:25:b1:ad:c7:6d:ac:86:d7:39:b1:
                    e5:c5:cf:49:1c:4c:ed:53:09:bb:84:20:f1:38:f2:
                    3f:7e:f2:1c:2a:70:ac:10:e5:16:8f:23:ed:3c:19:
                    d1:0a:48:9e:bb:ab:65:32:0a:d7:65:a6:ef:3d:f7:
                    1b:ab:83:4a:b9:04:66:3f:f4:00:4c:a1:cc:ad:ba:
                    3a:69:3a:95:75:cb:63:00:20:9f:6e:4c:2d:b4:a1:
                    e6:75:ac:9c:31:17:28:aa:8f:35:14:db:2d:92:dd:
                    54:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:68:56:B2:CF:0F:C7:A3:9F:61:4E:E0:AD:73:5E:6C:4F:C9:35:04
            X509v3 Authority Key Identifier:
                keyid:D5:4D:44:3B:67:C1:CC:5E:A1:B5:44:6E:A0:64:3C:AC:3A:7A:8B:2C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/68ababbb-f048-4de1-9206-8d40f071808b/6/D54D443B67C1CC5EA1B5446EA0643CAC3A7A8B2C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/4/D54D443B67C1CC5EA1B5446EA0643CAC3A7A8B2C.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/68ababbb-f048-4de1-9206-8d40f071808b/6/326130363a313238333a383030333a3a2f34382d313238203d3e20323131303636.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:1283:8003::/48

    Signature Algorithm: sha256WithRSAEncryption
         04:82:95:62:02:31:26:97:12:9a:5c:ca:cc:08:c0:90:15:79:
         ef:48:7a:26:fd:7f:78:53:ca:a0:1b:ac:bd:b8:9c:2f:64:1a:
         18:40:87:76:d9:bb:3e:fa:1a:d7:67:13:fa:59:e9:f4:d9:a5:
         0d:bf:77:f4:82:8b:db:0e:e8:20:97:7a:8c:df:01:4b:21:29:
         bc:67:d2:09:fd:f4:85:06:55:c5:cc:b9:72:c9:81:8f:35:c1:
         79:93:7a:00:22:b9:00:49:32:2c:96:b7:75:23:31:7e:f9:c0:
         f9:17:af:f0:ee:55:1e:4b:38:7f:9f:21:8e:3e:58:0d:76:26:
         ce:0f:13:a2:a8:6a:8f:3e:52:90:ee:25:40:19:41:fd:aa:51:
         da:fa:10:f5:dc:75:ed:f0:d0:f2:bb:d8:6a:0c:7a:f4:54:b0:
         39:01:20:ac:90:74:fa:2f:51:14:77:05:fc:8b:44:df:b7:0a:
         c6:b7:b7:fb:c5:5c:91:c7:83:49:15:34:70:91:33:51:f1:31:
         e3:c3:86:e8:c4:1e:97:69:50:22:ce:ea:03:e8:f5:f9:e8:56:
         c2:a9:95:97:d3:77:86:5f:f0:93:26:92:27:d2:4a:5c:95:af:
         18:18:ec:40:53:91:59:97:e0:58:8f:8d:94:e6:62:7a:2b:3d:
         8a:b3:aa:aa
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgIUf51zflBpjmUXhadxUobXD1t2a+YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDU0RDQ0M0I2N0MxQ0M1RUExQjU0NDZFQTA2NDNDQUMz
QTdBOEIyQzAeFw0yNTA3MjAyMzM5MDVaFw0yNjA3MTkyMzQ0MDVaMDMxMTAvBgNV
BAMTKDFBNjg1NkIyQ0YwRkM3QTM5RjYxNEVFMEFENzM1RTZDNEZDOTM1MDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnkvxfdLNklmWb0k1LRQncrFDF
wM8rIaG7WogpHGHZbLg8XDwCzOPjTd/uTB+4KZ1OSjT5jMmVHv1DCuoWl7kpxV5c
gJkgApdBEg7yURlW+dK2pRn9pqpjSmAmEHWJew2uiKqTyihBpwUDoZ+HKp8T4wNI
ogE3Ei0ZYaHXy6pfSyFp8uKP4tW0NFXTkFlvYf+jhPCq6kSI5yuBJbGtx22shtc5
seXFz0kcTO1TCbuEIPE48j9+8hwqcKwQ5RaPI+08GdEKSJ67q2UyCtdlpu899xur
g0q5BGY/9ABMocytujppOpV1y2MAIJ9uTC20oeZ1rJwxFyiqjzUU2y2S3VT5AgMB
AAGjggKHMIICgzAdBgNVHQ4EFgQUGmhWss8Px6OfYU7grXNebE/JNQQwHwYDVR0j
BBgwFoAU1U1EO2fBzF6htURuoGQ8rDp6iywwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNjhhYmFiYmItZjA0OC00ZGUxLTkyMDYtOGQ0MGYwNzE4
MDhiLzYvRDU0RDQ0M0I2N0MxQ0M1RUExQjU0NDZFQTA2NDNDQUMzQTdBOEIyQy5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8yYWY3M2E5Yy0yMDU4LTQz
YmItOWFjNi01YWI0MmRmYmY0MDkvNC9ENTRENDQzQjY3QzFDQzVFQTFCNTQ0NkVB
MDY0M0NBQzNBN0E4QjJDLmNlcjCBuQYIKwYBBQUHAQsEgawwgakwgaYGCCsGAQUF
BzALhoGZcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS82OGFiYWJiYi1mMDQ4LTRkZTEtOTIwNi04ZDQwZjA3MTgwOGIvNi8zMjYxMzAz
NjNhMzEzMjM4MzMzYTM4MzAzMDMzM2EzYTJmMzQzODJkMzEzMjM4MjAzZDNlMjAz
MjMxMzEzMDM2MzYucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYB
BQUHAQcBAf8EEzARMA8EAgACMAkDBwAqBhKDgAMwDQYJKoZIhvcNAQELBQADggEB
AASClWICMSaXEppcyswIwJAVee9Ieib9f3hTyqAbrL24nC9kGhhAh3bZuz76Gtdn
E/pZ6fTZpQ2/d/SCi9sO6CCXeozfAUshKbxn0gn99IUGVcXMuXLJgY81wXmTegAi
uQBJMiyWt3UjMX75wPkXr/DuVR5LOH+fIY4+WA12Js4PE6Koao8+UpDuJUAZQf2q
Udr6EPXcde3w0PK72GoMevRUsDkBIKyQdPovURR3BfyLRN+3Csa3t/vFXJHHg0kV
NHCRM1HxMePDhujEHpdpUCLO6gPo9fnoVsKplZfTd4Zf8JMmkifSSlyVrxgY7EBT
kVmX4FiPjZTmYnorPYqzqqo=
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:07:03 2025 by rpki-client