Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/71098c23-a977-4f9a-97c9-cd4e759dea09/2/326130613a363034343a623334333a3a2f34382d3438203d3e20323039373335.roa
File:                     326130613a363034343a623334333a3a2f34382d3438203d3e20323039373335.roa (raw, json)
Hash identifier:          gl3XcUXLDzu/fH6TlbsYQk5DZAQEnfCBBv+yPT42ay4=
Subject key identifier:   DC:28:4D:B7:92:A2:E1:25:D9:60:47:1A:8E:91:7D:01:AB:DF:79:20
Certificate issuer:       /CN=B3F0D773DCBE523A3FB1F5D26D00334874BC9FB2
Certificate serial:       4F8FD44DC862CC56ADA862E9B4B0795058B4109D
Authority key identifier: B3:F0:D7:73:DC:BE:52:3A:3F:B1:F5:D2:6D:00:33:48:74:BC:9F:B2
Authority info access:    rsync://krill.47272.net/repo/HYEHOST/5/B3F0D773DCBE523A3FB1F5D26D00334874BC9FB2.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/71098c23-a977-4f9a-97c9-cd4e759dea09/2/326130613a363034343a623334333a3a2f34382d3438203d3e20323039373335.roa
Signing time:             Thu 24 Jul 2025 11:06:03 +0000
ROA not before:           Thu 24 Jul 2025 11:01:03 +0000
ROA not after:            Thu 23 Jul 2026 11:06:03 +0000
asID:                     209735
IP address blocks:        2a0a:6044:b343::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/71098c23-a977-4f9a-97c9-cd4e759dea09/2/B3F0D773DCBE523A3FB1F5D26D00334874BC9FB2.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/71098c23-a977-4f9a-97c9-cd4e759dea09/2/B3F0D773DCBE523A3FB1F5D26D00334874BC9FB2.mft
                          rsync://krill.47272.net/repo/HYEHOST/5/B3F0D773DCBE523A3FB1F5D26D00334874BC9FB2.cer
                          rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl
                          rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 27 Jul 2025 10:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4f:8f:d4:4d:c8:62:cc:56:ad:a8:62:e9:b4:b0:79:50:58:b4:10:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=B3F0D773DCBE523A3FB1F5D26D00334874BC9FB2
        Validity
            Not Before: Jul 24 11:01:03 2025 GMT
            Not After : Jul 23 11:06:03 2026 GMT
        Subject: CN=DC284DB792A2E125D960471A8E917D01ABDF7920
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:df:bc:c3:9c:db:ff:cf:1f:44:b6:60:c9:f8:
                    84:0e:2b:a2:b5:33:36:66:54:59:26:8f:cf:e6:4c:
                    49:d3:91:26:8f:92:b0:b8:6b:2c:c7:3c:68:5c:2d:
                    9e:81:ba:16:d8:bd:7a:19:f5:4a:4c:ad:9e:90:db:
                    54:46:b0:bf:e4:e8:9b:2d:00:86:f7:52:0c:44:cb:
                    0a:d8:f0:59:61:bd:7d:3c:aa:3c:1d:e3:6a:4d:07:
                    2f:f8:5e:c6:43:1f:23:26:71:6c:d7:4a:ab:cc:42:
                    35:f7:14:67:43:77:e8:99:6f:a0:6a:62:eb:f1:df:
                    ee:36:52:13:14:a4:86:d7:05:7e:d8:45:fe:84:26:
                    74:c3:d3:23:aa:89:5c:b0:db:bf:47:57:41:38:b8:
                    8e:8d:84:f1:2f:89:5a:f8:9c:00:73:b1:a8:c7:0f:
                    3e:58:62:46:49:1e:20:14:46:03:ec:91:2a:a5:c9:
                    aa:b9:57:66:9f:b7:39:f8:2d:26:66:57:e3:50:10:
                    e5:67:0c:19:a4:c0:54:7b:05:e8:30:59:fb:70:a6:
                    2e:34:49:32:20:97:18:19:b6:8c:68:e9:d4:2d:ab:
                    03:e4:5b:e3:cb:68:b5:22:1b:29:36:f1:6b:16:0e:
                    15:c3:e8:f5:56:4e:d0:fd:a1:37:68:37:cc:21:6b:
                    61:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:28:4D:B7:92:A2:E1:25:D9:60:47:1A:8E:91:7D:01:AB:DF:79:20
            X509v3 Authority Key Identifier:
                keyid:B3:F0:D7:73:DC:BE:52:3A:3F:B1:F5:D2:6D:00:33:48:74:BC:9F:B2

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/71098c23-a977-4f9a-97c9-cd4e759dea09/2/B3F0D773DCBE523A3FB1F5D26D00334874BC9FB2.crl

            Authority Information Access:
                CA Issuers - URI:rsync://krill.47272.net/repo/HYEHOST/5/B3F0D773DCBE523A3FB1F5D26D00334874BC9FB2.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/71098c23-a977-4f9a-97c9-cd4e759dea09/2/326130613a363034343a623334333a3a2f34382d3438203d3e20323039373335.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:6044:b343::/48

    Signature Algorithm: sha256WithRSAEncryption
         90:e2:28:d6:88:70:bd:cc:9b:4d:06:3e:df:b5:c1:69:f4:9e:
         d9:23:d5:7e:22:5d:52:03:80:56:98:b9:9d:5c:b7:eb:4b:95:
         af:98:92:f2:a2:ff:62:28:16:35:f9:6e:69:f7:f6:01:ce:57:
         cd:54:44:7f:57:12:40:b5:c2:e6:f0:df:54:54:0d:99:56:6d:
         10:49:81:76:ab:5c:35:8d:37:b1:d9:aa:42:05:4d:0d:85:bb:
         26:c6:ba:f7:fa:d7:29:91:47:bd:f8:c5:e2:3e:e7:e8:22:0f:
         15:38:53:4a:72:b5:2a:89:83:a5:34:f4:9b:fb:66:66:92:9f:
         f2:52:9d:fd:82:37:37:ef:8a:66:8c:cb:15:1b:fc:84:91:3f:
         83:c4:c0:e5:47:fc:5f:31:3d:2f:d9:db:e4:7f:45:e2:ee:67:
         23:ef:fe:2b:eb:99:29:4d:c4:29:6b:1d:b4:68:31:f3:de:a5:
         c4:fb:80:1a:99:e9:69:8a:ff:69:83:e4:c3:87:6a:5e:25:5b:
         b0:7f:7a:f6:3e:41:c8:ed:f8:2d:80:05:73:37:53:25:57:a0:
         94:85:60:df:c9:ba:4f:c5:a9:6f:cb:8c:e2:c9:4c:a2:31:06:
         cd:8e:98:b4:43:db:53:df:3d:75:21:fc:ed:0c:ee:9c:c2:5b:
         fb:83:63:d9
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgIUT4/UTchizFatqGLptLB5UFi0EJ0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjNGMEQ3NzNEQ0JFNTIzQTNGQjFGNUQyNkQwMDMzNDg3
NEJDOUZCMjAeFw0yNTA3MjQxMTAxMDNaFw0yNjA3MjMxMTA2MDNaMDMxMTAvBgNV
BAMTKERDMjg0REI3OTJBMkUxMjVEOTYwNDcxQThFOTE3RDAxQUJERjc5MjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC637zDnNv/zx9EtmDJ+IQOK6K1
MzZmVFkmj8/mTEnTkSaPkrC4ayzHPGhcLZ6BuhbYvXoZ9UpMrZ6Q21RGsL/k6Jst
AIb3UgxEywrY8FlhvX08qjwd42pNBy/4XsZDHyMmcWzXSqvMQjX3FGdDd+iZb6Bq
Yuvx3+42UhMUpIbXBX7YRf6EJnTD0yOqiVyw279HV0E4uI6NhPEviVr4nABzsajH
Dz5YYkZJHiAURgPskSqlyaq5V2aftzn4LSZmV+NQEOVnDBmkwFR7BegwWftwpi40
STIglxgZtoxo6dQtqwPkW+PLaLUiGyk28WsWDhXD6PVWTtD9oTdoN8wha2HNAgMB
AAGjggJVMIICUTAdBgNVHQ4EFgQU3ChNt5Ki4SXZYEcajpF9AavfeSAwHwYDVR0j
BBgwFoAUs/DXc9y+Ujo/sfXSbQAzSHS8n7IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzEwOThjMjMtYTk3Ny00ZjlhLTk3YzktY2Q0ZTc1OWRl
YTA5LzIvQjNGMEQ3NzNEQ0JFNTIzQTNGQjFGNUQyNkQwMDMzNDg3NEJDOUZCMi5j
cmwwbwYIKwYBBQUHAQEEYzBhMF8GCCsGAQUFBzAChlNyc3luYzovL2tyaWxsLjQ3
MjcyLm5ldC9yZXBvL0hZRUhPU1QvNS9CM0YwRDc3M0RDQkU1MjNBM0ZCMUY1RDI2
RDAwMzM0ODc0QkM5RkIyLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS83MTA5OGMyMy1hOTc3LTRmOWEtOTdjOS1jZDRlNzU5ZGVhMDkvMi8zMjYxMzA2
MTNhMzYzMDM0MzQzYTYyMzMzNDMzM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz
MDM5MzczMzM1LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAKgpgRLNDMA0GCSqGSIb3DQEBCwUAA4IBAQCQ
4ijWiHC9zJtNBj7ftcFp9J7ZI9V+Il1SA4BWmLmdXLfrS5WvmJLyov9iKBY1+W5p
9/YBzlfNVER/VxJAtcLm8N9UVA2ZVm0QSYF2q1w1jTex2apCBU0Nhbsmxrr3+tcp
kUe9+MXiPufoIg8VOFNKcrUqiYOlNPSb+2Zmkp/yUp39gjc374pmjMsVG/yEkT+D
xMDlR/xfMT0v2dvkf0Xi7mcj7/4r65kpTcQpax20aDHz3qXE+4Aamelpiv9pg+TD
h2peJVuwf3r2PkHI7fgtgAVzN1MlV6CUhWDfybpPxalvy4ziyUyiMQbNjpi0Q9tT
3z11IfztDO6cwlv7g2PZ
-----END CERTIFICATE-----
Generated at Sun Jul 27 01:25:13 2025 by rpki-client