Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a31303a3a2f34382d3438203d3e203530333931.roa
File:                     326131313a323963303a31303a3a2f34382d3438203d3e203530333931.roa (raw, json)
Hash identifier:          SpdrYPEL2L8ucDjg8nUq29xHg4r64rE/R3Krat4OWxo=
Subject key identifier:   E9:48:15:4F:96:2C:D2:AF:19:DE:14:F4:B9:52:A9:A1:82:45:38:CA
Certificate issuer:       /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial:       32497968B0CF0DF225B6BF0AF1453006341CADFF
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a31303a3a2f34382d3438203d3e203530333931.roa
Signing time:             Wed 19 Jul 2023 13:30:02 +0000
ROA not before:           Wed 19 Jul 2023 13:25:02 +0000
ROA not after:            Wed 17 Jul 2024 13:30:02 +0000
asID:                     50391
IP address blocks:        2a11:29c0:10::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Jun 2024 08:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            32:49:79:68:b0:cf:0d:f2:25:b6:bf:0a:f1:45:30:06:34:1c:ad:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
        Validity
            Not Before: Jul 19 13:25:02 2023 GMT
            Not After : Jul 17 13:30:02 2024 GMT
        Subject: CN=E948154F962CD2AF19DE14F4B952A9A1824538CA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:fe:09:fe:69:d3:a8:04:b7:47:47:76:fb:06:
                    72:be:a6:b4:35:b7:5c:d4:e5:fc:6a:5f:e4:8f:06:
                    d8:2f:52:65:64:40:b6:f8:34:2c:b2:36:33:79:f3:
                    2d:94:ef:1e:23:50:b9:3e:23:71:89:35:0c:c9:f4:
                    a4:fc:22:9e:6a:52:a5:c9:55:29:87:70:ee:7a:3e:
                    ba:ad:0a:96:02:9d:80:4f:a2:0b:28:c5:c1:af:c4:
                    f5:92:8e:c5:2a:d1:59:2b:69:52:39:40:f2:60:be:
                    e9:44:2f:53:a0:09:e7:78:20:22:d1:09:67:ed:1b:
                    f9:4d:80:94:41:83:7a:fe:bb:ce:29:b9:8c:72:72:
                    84:64:49:42:a7:f5:4d:15:e7:88:59:88:28:ad:3f:
                    cd:17:87:ba:d2:f3:52:de:a5:1e:da:09:f5:33:82:
                    40:ad:89:7d:51:64:1b:8c:61:24:50:d5:02:a8:0d:
                    90:d3:6b:48:9c:39:a1:88:fe:4a:09:20:fe:65:8f:
                    08:f9:5e:87:34:d6:d5:84:13:d3:2e:9f:ce:47:45:
                    d9:4e:06:b4:ec:d7:20:86:99:d8:f2:b7:76:f8:6b:
                    7b:c0:c3:99:78:76:5a:2a:8d:1d:a9:6c:41:19:b3:
                    f1:08:2b:50:6a:6b:2f:91:8d:e1:ba:3e:29:27:7b:
                    86:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:48:15:4F:96:2C:D2:AF:19:DE:14:F4:B9:52:A9:A1:82:45:38:CA
            X509v3 Authority Key Identifier:
                keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a31303a3a2f34382d3438203d3e203530333931.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:29c0:10::/48

    Signature Algorithm: sha256WithRSAEncryption
         17:2e:30:a5:4f:e1:cc:e8:97:33:c1:e0:e4:98:50:7c:56:5d:
         4e:ff:25:48:68:19:8b:42:7e:66:8c:0f:b7:fa:68:54:f6:75:
         76:fa:11:32:9b:eb:86:8f:02:e6:db:17:0d:f6:8a:76:64:cb:
         d1:71:2b:98:e1:3d:1f:2f:f5:75:ba:c1:e2:0f:e4:07:3b:37:
         aa:26:a7:fb:8e:24:a2:62:6f:62:6c:8d:77:92:10:9c:f3:2d:
         cd:18:67:4c:d5:74:e0:07:3c:32:13:72:a1:4c:dc:61:5f:72:
         f1:a2:2b:60:f5:cb:dd:b1:3c:b2:44:c6:65:d5:f6:53:86:45:
         78:ae:2b:3c:fa:5d:61:82:8c:cc:30:d7:f0:23:3f:c1:d6:1b:
         c2:03:e9:b5:9a:27:41:de:69:0b:f8:46:38:e9:40:a4:b6:86:
         79:32:cc:c2:4e:35:a5:f4:77:a5:8d:b7:3a:53:d1:95:49:d7:
         d5:44:46:8a:cf:94:7c:b0:41:04:c3:97:2a:5d:b4:04:24:fa:
         37:90:03:a8:7a:a7:ac:89:24:c0:1e:95:01:4d:40:72:df:76:
         e0:fb:f3:34:a3:84:79:c4:6e:d4:7e:eb:aa:55:d6:d4:ec:e3:
         99:fb:af:25:c6:1b:37:1a:fc:6d:75:ec:74:48:f0:30:4a:c9:
         85:0c:f6:eb
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUMkl5aLDPDfIltr8K8UUwBjQcrf8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yMzA3MTkxMzI1MDJaFw0yNDA3MTcxMzMwMDJaMDMxMTAvBgNV
BAMTKEU5NDgxNTRGOTYyQ0QyQUYxOURFMTRGNEI5NTJBOUExODI0NTM4Q0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDC/gn+adOoBLdHR3b7BnK+prQ1
t1zU5fxqX+SPBtgvUmVkQLb4NCyyNjN58y2U7x4jULk+I3GJNQzJ9KT8Ip5qUqXJ
VSmHcO56PrqtCpYCnYBPogsoxcGvxPWSjsUq0VkraVI5QPJgvulEL1OgCed4ICLR
CWftG/lNgJRBg3r+u84puYxycoRkSUKn9U0V54hZiCitP80Xh7rS81LepR7aCfUz
gkCtiX1RZBuMYSRQ1QKoDZDTa0icOaGI/koJIP5ljwj5Xoc01tWEE9Mun85HRdlO
BrTs1yCGmdjyt3b4a3vAw5l4dloqjR2pbEEZs/EIK1Bqay+RjeG6Pikne4Z5AgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQU6UgVT5Ys0q8Z3hT0uVKpoYJFOMowHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzMTMwM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzUzMDMzMzkzMS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHACoRKcAAEDANBgkqhkiG9w0BAQsFAAOCAQEAFy4wpU/hzOiXM8Hg5JhQfFZd
Tv8lSGgZi0J+ZowPt/poVPZ1dvoRMpvrho8C5tsXDfaKdmTL0XErmOE9Hy/1dbrB
4g/kBzs3qian+44komJvYmyNd5IQnPMtzRhnTNV04Ac8MhNyoUzcYV9y8aIrYPXL
3bE8skTGZdX2U4ZFeK4rPPpdYYKMzDDX8CM/wdYbwgPptZonQd5pC/hGOOlApLaG
eTLMwk41pfR3pY23OlPRlUnX1URGis+UfLBBBMOXKl20BCT6N5ADqHqnrIkkwB6V
AU1Act924PvzNKOEecRu1H7rqlXW1OzjmfuvJcYbNxr8bXXsdEjwMErJhQz26w==
-----END CERTIFICATE-----
Generated at Sun Jun 16 15:59:01 2024 by rpki-client on console-fra.rpki-client.org