Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a32333a3a2f34382d3438203d3e20323135393530.roa
File:                     326131313a323963303a32333a3a2f34382d3438203d3e20323135393530.roa (raw, json)
Hash identifier:          tsb8pxP6SvBuNp/X+4yK5vTr38UWufyrDkuUQ+daTHk=
Subject key identifier:   2E:20:B2:72:49:31:08:01:20:E4:4B:69:DC:69:86:D1:CB:10:59:01
Certificate issuer:       /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial:       631F5FB8ABECB953C7A6D8345046D4F401273C97
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a32333a3a2f34382d3438203d3e20323135393530.roa
Signing time:             Thu 23 Nov 2023 13:35:21 +0000
ROA not before:           Thu 23 Nov 2023 13:30:21 +0000
ROA not after:            Thu 21 Nov 2024 13:35:21 +0000
asID:                     215950
IP address blocks:        2a11:29c0:23::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Jun 2024 08:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            63:1f:5f:b8:ab:ec:b9:53:c7:a6:d8:34:50:46:d4:f4:01:27:3c:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
        Validity
            Not Before: Nov 23 13:30:21 2023 GMT
            Not After : Nov 21 13:35:21 2024 GMT
        Subject: CN=2E20B2724931080120E44B69DC6986D1CB105901
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:9b:df:e0:00:19:16:f9:b0:01:34:ca:a0:4b:
                    3c:4e:3a:af:2d:19:17:0c:aa:32:76:70:b9:7e:a4:
                    81:bc:3a:66:45:25:eb:d1:ab:ba:ce:19:32:08:9a:
                    a5:52:5e:a0:9b:cb:47:65:40:93:2b:4e:00:92:17:
                    d0:f7:8c:7b:61:e6:0e:cc:6a:d4:20:36:33:a9:9b:
                    f0:ac:3e:ab:30:d9:32:26:fa:fc:39:ad:bb:bb:51:
                    f2:5e:fc:8d:2a:d2:b1:2e:c6:83:20:90:1d:7a:44:
                    f8:e4:f8:29:50:27:7f:55:d7:9b:6b:2b:2e:00:09:
                    85:48:16:48:1f:02:78:af:98:6f:79:9d:bc:4b:e3:
                    ef:d8:e3:af:a2:c4:30:cf:f7:69:21:b9:15:36:cb:
                    20:9a:44:5f:e1:bc:a2:65:e9:e2:b5:c4:62:d1:e2:
                    58:03:4c:af:f8:e0:15:a0:54:45:e3:55:ed:78:b6:
                    34:71:7e:a5:bf:a3:a9:5d:d7:fb:b5:cd:df:80:ae:
                    46:00:17:0d:72:1b:31:8a:ba:77:99:b7:02:64:5d:
                    aa:52:49:2e:60:34:f1:68:b6:d9:1f:6f:7c:92:e5:
                    53:a6:8f:d5:70:e4:74:e3:1e:d9:a3:59:78:28:8f:
                    72:c8:f8:00:9f:aa:41:74:86:57:4d:d4:67:62:74:
                    a8:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:20:B2:72:49:31:08:01:20:E4:4B:69:DC:69:86:D1:CB:10:59:01
            X509v3 Authority Key Identifier:
                keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a32333a3a2f34382d3438203d3e20323135393530.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:29c0:23::/48

    Signature Algorithm: sha256WithRSAEncryption
         0c:f1:04:68:25:0e:ff:82:6d:ea:f6:99:1a:73:b6:d4:f7:13:
         9e:93:fd:6f:8c:d1:3f:64:76:d7:85:fa:fd:14:06:ac:d5:8c:
         77:5f:f5:97:10:d4:5e:43:03:f3:f9:b7:d4:79:c8:6b:9d:65:
         ea:b7:3e:91:0c:7e:b8:35:ee:76:3a:3d:c8:b0:5c:f3:9d:c3:
         ae:06:ae:10:5e:69:78:5d:0a:96:aa:04:00:ee:b9:54:1f:39:
         60:51:62:71:7a:71:c8:08:74:42:67:48:d9:25:b8:76:84:2f:
         c5:c6:f6:f3:df:34:f5:7c:ca:0f:a3:c1:39:91:de:bf:1b:3e:
         6c:c5:77:b5:12:f0:59:29:86:4a:ad:52:b5:9a:19:b0:0d:65:
         b5:56:82:39:3e:71:4b:9d:61:6c:f7:5a:cc:02:06:47:c6:cf:
         df:e5:78:bb:45:53:24:a2:3d:cc:f1:9a:f4:5b:0f:b2:fc:da:
         0f:fd:3c:15:4a:dc:06:31:76:af:6c:64:04:73:9f:1d:93:94:
         be:e9:a1:58:47:a9:ef:0c:c4:35:d5:8a:5e:1e:25:38:a6:d7:
         61:88:d4:21:38:f6:56:31:e7:e5:f9:88:d5:5c:4f:9a:ea:bd:
         7a:0d:f2:14:ed:16:df:13:2d:63:82:24:b8:2e:d3:cc:c5:86:
         f2:48:2c:5e
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUYx9fuKvsuVPHptg0UEbU9AEnPJcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yMzExMjMxMzMwMjFaFw0yNDExMjExMzM1MjFaMDMxMTAvBgNV
BAMTKDJFMjBCMjcyNDkzMTA4MDEyMEU0NEI2OURDNjk4NkQxQ0IxMDU5MDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4m9/gABkW+bABNMqgSzxOOq8t
GRcMqjJ2cLl+pIG8OmZFJevRq7rOGTIImqVSXqCby0dlQJMrTgCSF9D3jHth5g7M
atQgNjOpm/CsPqsw2TIm+vw5rbu7UfJe/I0q0rEuxoMgkB16RPjk+ClQJ39V15tr
Ky4ACYVIFkgfAnivmG95nbxL4+/Y46+ixDDP92khuRU2yyCaRF/hvKJl6eK1xGLR
4lgDTK/44BWgVEXjVe14tjRxfqW/o6ld1/u1zd+ArkYAFw1yGzGKuneZtwJkXapS
SS5gNPFottkfb3yS5VOmj9Vw5HTjHtmjWXgoj3LI+ACfqkF0hldN1GdidKgzAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQULiCyckkxCAEg5Etp3GmG0csQWQEwHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzMjMzM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzMTM1MzkzNTMwLnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAKhEpwAAjMA0GCSqGSIb3DQEBCwUAA4IBAQAM8QRoJQ7/gm3q9pkac7bU
9xOek/1vjNE/ZHbXhfr9FAas1Yx3X/WXENReQwPz+bfUechrnWXqtz6RDH64Ne52
Oj3IsFzzncOuBq4QXml4XQqWqgQA7rlUHzlgUWJxenHICHRCZ0jZJbh2hC/Fxvbz
3zT1fMoPo8E5kd6/Gz5sxXe1EvBZKYZKrVK1mhmwDWW1VoI5PnFLnWFs91rMAgZH
xs/f5Xi7RVMkoj3M8Zr0Ww+y/NoP/TwVStwGMXavbGQEc58dk5S+6aFYR6nvDMQ1
1YpeHiU4ptdhiNQhOPZWMefl+YjVXE+a6r16DfIU7RbfEy1jgiS4LtPMxYbySCxe
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:58:21 2024 by rpki-client on console-ams.rpki-client.org