Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a31313a3a2f34382d3438203d3e203530333931.roa
File:                     326131313a323963303a31313a3a2f34382d3438203d3e203530333931.roa (raw, json)
Hash identifier:          tktjkJihXGwc5WIUjUTwOmwoknJBtXK0uTN0hk4o2To=
Subject key identifier:   D7:DB:6F:F6:74:11:8A:05:D7:CD:E0:F4:DB:54:7D:EB:BE:89:C6:95
Certificate issuer:       /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial:       75FF8668A7BFA5DC9FFC41EFDE0D1CE03CB557CB
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a31313a3a2f34382d3438203d3e203530333931.roa
Signing time:             Wed 19 Jul 2023 13:30:04 +0000
ROA not before:           Wed 19 Jul 2023 13:25:04 +0000
ROA not after:            Wed 17 Jul 2024 13:30:04 +0000
asID:                     50391
IP address blocks:        2a11:29c0:11::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Jun 2024 08:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            75:ff:86:68:a7:bf:a5:dc:9f:fc:41:ef:de:0d:1c:e0:3c:b5:57:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
        Validity
            Not Before: Jul 19 13:25:04 2023 GMT
            Not After : Jul 17 13:30:04 2024 GMT
        Subject: CN=D7DB6FF674118A05D7CDE0F4DB547DEBBE89C695
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:68:3d:85:48:af:ba:34:5f:ed:37:5f:ed:99:
                    7a:1b:3c:a4:81:b4:e8:89:c3:98:8e:6a:3e:d7:0b:
                    b0:47:8f:f5:41:d0:c0:61:c1:7a:bb:74:42:f4:6f:
                    9f:5f:d2:9c:97:2e:46:b1:2c:23:06:af:c7:4b:79:
                    76:32:47:4c:80:1a:e7:3e:e8:0b:05:7a:a2:9d:63:
                    b4:20:f7:e7:a9:45:7d:d6:a4:91:c7:b8:28:a1:5b:
                    f8:e3:e7:4f:f3:d4:d5:24:28:17:57:83:5b:9e:d1:
                    4a:f9:42:50:24:bf:44:33:97:9d:38:d4:79:e3:2d:
                    d5:45:a8:92:f6:8d:95:b9:7b:6a:e0:39:ce:dd:17:
                    10:84:dd:3e:5d:fd:ee:52:38:a5:46:a9:70:ae:db:
                    cf:31:47:d9:f0:76:2b:9d:d5:0a:fa:26:50:67:a5:
                    36:92:c0:f0:03:40:24:55:cc:b5:97:51:24:04:b2:
                    9f:5a:67:37:f4:e6:bf:0b:87:a0:51:d2:0f:d8:f6:
                    6a:16:a5:79:8f:62:fb:67:81:80:4a:ac:fa:3b:4f:
                    06:e0:28:f9:ca:d0:34:48:15:a9:0f:42:b5:50:b2:
                    ec:2a:5c:f1:a4:06:3b:e8:66:ca:ea:25:ac:7b:a6:
                    f2:ab:d6:a1:00:d5:b6:3c:21:8e:55:be:b1:c2:f0:
                    25:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:DB:6F:F6:74:11:8A:05:D7:CD:E0:F4:DB:54:7D:EB:BE:89:C6:95
            X509v3 Authority Key Identifier:
                keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a31313a3a2f34382d3438203d3e203530333931.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:29c0:11::/48

    Signature Algorithm: sha256WithRSAEncryption
         17:26:20:f7:9a:ca:91:31:3a:25:95:6c:c6:9c:91:bb:53:71:
         8b:36:9c:72:b4:5b:58:07:f2:22:9b:e2:0b:96:95:b6:02:9b:
         d3:22:25:6d:58:2d:4e:86:9c:2c:53:03:16:e4:d4:22:b0:a9:
         a2:30:e7:b1:83:8c:28:bb:c9:8f:62:bc:40:4e:1a:44:e8:af:
         ec:60:0e:fb:69:3b:7e:5a:31:93:14:52:e7:77:38:52:e4:a0:
         37:23:89:bf:54:c4:9f:ff:3e:99:74:d5:7f:95:54:1f:20:41:
         6b:71:6c:79:4e:40:07:de:fc:2a:22:de:a1:f2:0b:de:42:2b:
         81:81:02:b5:8f:1a:fe:72:cc:a6:f0:0f:91:0a:5a:03:de:b0:
         44:b6:97:61:d5:c5:41:e0:8b:1d:17:3f:cb:20:07:1e:c3:ca:
         b8:3f:ac:05:a9:52:cd:82:f4:e6:79:a2:bc:4a:74:d9:47:6a:
         4f:46:fd:a3:f8:89:7f:e9:21:d9:11:aa:84:cd:0d:d0:e0:16:
         46:c6:6b:4d:2b:cb:10:4b:5a:ff:51:e9:cb:50:4f:61:94:09:
         a0:52:0d:a2:b1:66:6a:ef:0c:33:88:bb:4c:f9:3b:a4:39:ce:
         30:ec:49:28:1a:7c:1c:bd:6b:3a:dd:b7:f7:8c:46:13:4a:9e:
         78:75:51:6e
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUdf+GaKe/pdyf/EHv3g0c4Dy1V8swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yMzA3MTkxMzI1MDRaFw0yNDA3MTcxMzMwMDRaMDMxMTAvBgNV
BAMTKEQ3REI2RkY2NzQxMThBMDVEN0NERTBGNERCNTQ3REVCQkU4OUM2OTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAaD2FSK+6NF/tN1/tmXobPKSB
tOiJw5iOaj7XC7BHj/VB0MBhwXq7dEL0b59f0pyXLkaxLCMGr8dLeXYyR0yAGuc+
6AsFeqKdY7Qg9+epRX3WpJHHuCihW/jj50/z1NUkKBdXg1ue0Ur5QlAkv0Qzl504
1HnjLdVFqJL2jZW5e2rgOc7dFxCE3T5d/e5SOKVGqXCu288xR9nwdiud1Qr6JlBn
pTaSwPADQCRVzLWXUSQEsp9aZzf05r8Lh6BR0g/Y9moWpXmPYvtngYBKrPo7Twbg
KPnK0DRIFakPQrVQsuwqXPGkBjvoZsrqJax7pvKr1qEA1bY8IY5VvrHC8CUvAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQU19tv9nQRigXXzeD021R9676JxpUwHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzMTMxM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzUzMDMzMzkzMS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHACoRKcAAETANBgkqhkiG9w0BAQsFAAOCAQEAFyYg95rKkTE6JZVsxpyRu1Nx
izaccrRbWAfyIpviC5aVtgKb0yIlbVgtToacLFMDFuTUIrCpojDnsYOMKLvJj2K8
QE4aROiv7GAO+2k7floxkxRS53c4UuSgNyOJv1TEn/8+mXTVf5VUHyBBa3FseU5A
B978KiLeofIL3kIrgYECtY8a/nLMpvAPkQpaA96wRLaXYdXFQeCLHRc/yyAHHsPK
uD+sBalSzYL05nmivEp02UdqT0b9o/iJf+kh2RGqhM0N0OAWRsZrTSvLEEta/1Hp
y1BPYZQJoFINorFmau8MM4i7TPk7pDnOMOxJKBp8HL1rOt2394xGE0qeeHVRbg==
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:58:21 2024 by rpki-client on console-ams.rpki-client.org