Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a32383a3a2f34382d3438203d3e20323136313934.roa
File:                     326131313a323963303a32383a3a2f34382d3438203d3e20323136313934.roa (raw, json)
Hash identifier:          qPab+pGAXZ4eGy9LieJ9zRrVgipVSaAbblbFl8PcbZ4=
Subject key identifier:   1D:E5:5E:99:45:98:D9:00:0B:26:F1:F4:5D:C7:32:D5:AC:70:19:58
Certificate issuer:       /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial:       70EF4FF2E6C7252B217683A4734211E543C95E56
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a32383a3a2f34382d3438203d3e20323136313934.roa
Signing time:             Wed 11 Oct 2023 21:31:06 +0000
ROA not before:           Wed 11 Oct 2023 21:26:06 +0000
ROA not after:            Wed 09 Oct 2024 21:31:06 +0000
asID:                     216194
IP address blocks:        2a11:29c0:28::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Jun 2024 08:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            70:ef:4f:f2:e6:c7:25:2b:21:76:83:a4:73:42:11:e5:43:c9:5e:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
        Validity
            Not Before: Oct 11 21:26:06 2023 GMT
            Not After : Oct  9 21:31:06 2024 GMT
        Subject: CN=1DE55E994598D9000B26F1F45DC732D5AC701958
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f9:1a:31:b5:08:a0:6c:1a:dd:63:cb:a8:64:89:
                    18:a5:80:42:92:c5:2f:8a:b2:59:17:f0:ca:99:3a:
                    d3:b0:77:30:35:ce:cc:15:f4:1f:0b:e9:c3:7d:0b:
                    bb:48:89:6d:84:66:d0:93:6a:b4:cf:fb:57:91:06:
                    75:11:cd:5b:cb:18:8c:61:9d:2f:34:2b:a6:46:14:
                    fe:2f:94:9c:9e:4a:56:2a:cb:76:8f:c1:1e:de:7f:
                    4e:33:00:29:3b:0b:58:76:7a:99:a1:eb:63:13:37:
                    53:e2:b9:74:90:f1:55:fb:5e:c6:71:dd:69:07:3e:
                    e0:44:da:7b:8a:54:c4:77:7f:a7:5d:36:04:f8:21:
                    71:88:af:86:a8:8f:79:42:0a:aa:c3:e4:de:b6:7b:
                    c6:1c:96:10:e1:09:4a:17:d7:58:d4:cf:88:f7:41:
                    82:7b:ed:9c:fb:33:89:b7:df:fd:51:35:d2:f0:43:
                    54:a4:27:fb:e5:4c:66:d2:6c:94:23:b5:a2:f9:e4:
                    3b:9a:cd:1c:63:87:15:4f:86:7d:25:6d:d5:d6:ca:
                    76:8d:a5:d7:35:3a:2d:e1:d7:47:73:d9:16:31:76:
                    a8:09:df:40:7d:7c:c1:ae:20:2c:de:35:89:d8:83:
                    98:d2:0d:fd:51:24:81:70:37:c7:47:96:cb:a5:63:
                    20:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:E5:5E:99:45:98:D9:00:0B:26:F1:F4:5D:C7:32:D5:AC:70:19:58
            X509v3 Authority Key Identifier:
                keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a32383a3a2f34382d3438203d3e20323136313934.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:29c0:28::/48

    Signature Algorithm: sha256WithRSAEncryption
         02:54:78:45:10:f9:24:38:15:bd:27:65:f7:d2:d3:ac:39:7b:
         78:30:a7:05:da:93:69:38:94:49:1a:0e:69:2c:41:77:63:d9:
         81:54:f5:61:aa:df:64:93:df:c1:87:6e:bb:cc:65:36:6e:5d:
         86:1b:37:66:f8:89:9e:6a:8c:47:4e:6e:f1:ba:87:30:f8:f5:
         df:82:20:ef:35:e3:af:6f:56:19:c9:76:14:90:d5:fa:f2:bb:
         b8:e1:0b:35:f2:f7:2a:9d:e9:3f:ae:c5:02:f6:61:d7:7a:1d:
         af:40:71:41:49:3e:9c:df:51:e5:f6:ca:e1:bd:82:3b:a5:33:
         18:a4:82:53:6c:8a:88:21:5f:80:ac:95:c7:2c:e3:56:83:9b:
         4b:79:ea:ba:16:05:1c:5e:4c:3d:73:36:00:4c:34:9b:f0:ef:
         a5:ca:e5:07:56:02:d1:64:79:4f:8a:52:5c:97:de:0b:f1:4d:
         5c:8b:66:ac:67:b6:91:5a:a4:09:92:a7:98:dd:1e:7a:c4:0a:
         1b:de:30:94:61:17:34:45:b9:a2:e6:f8:b8:7f:c0:65:a3:e5:
         e8:97:74:32:bf:0e:3f:22:28:73:67:13:33:bd:21:3d:d3:33:
         b7:f5:cb:21:9b:cf:ab:9c:ce:32:65:45:56:ab:79:e9:c5:58:
         83:ae:77:bb
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUcO9P8ubHJSshdoOkc0IR5UPJXlYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yMzEwMTEyMTI2MDZaFw0yNDEwMDkyMTMxMDZaMDMxMTAvBgNV
BAMTKDFERTU1RTk5NDU5OEQ5MDAwQjI2RjFGNDVEQzczMkQ1QUM3MDE5NTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD5GjG1CKBsGt1jy6hkiRilgEKS
xS+KslkX8MqZOtOwdzA1zswV9B8L6cN9C7tIiW2EZtCTarTP+1eRBnURzVvLGIxh
nS80K6ZGFP4vlJyeSlYqy3aPwR7ef04zACk7C1h2epmh62MTN1PiuXSQ8VX7XsZx
3WkHPuBE2nuKVMR3f6ddNgT4IXGIr4aoj3lCCqrD5N62e8YclhDhCUoX11jUz4j3
QYJ77Zz7M4m33/1RNdLwQ1SkJ/vlTGbSbJQjtaL55DuazRxjhxVPhn0lbdXWynaN
pdc1Oi3h10dz2RYxdqgJ30B9fMGuICzeNYnYg5jSDf1RJIFwN8dHlsulYyB7AgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUHeVemUWY2QALJvH0Xccy1axwGVgwHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzMjM4M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzMTM2MzEzOTM0LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAKhEpwAAoMA0GCSqGSIb3DQEBCwUAA4IBAQACVHhFEPkkOBW9J2X30tOs
OXt4MKcF2pNpOJRJGg5pLEF3Y9mBVPVhqt9kk9/Bh267zGU2bl2GGzdm+ImeaoxH
Tm7xuocw+PXfgiDvNeOvb1YZyXYUkNX68ru44Qs18vcqnek/rsUC9mHXeh2vQHFB
ST6c31Hl9srhvYI7pTMYpIJTbIqIIV+ArJXHLONWg5tLeeq6FgUcXkw9czYATDSb
8O+lyuUHVgLRZHlPilJcl94L8U1ci2asZ7aRWqQJkqeY3R56xAob3jCUYRc0Rbmi
5vi4f8Blo+Xol3Qyvw4/IihzZxMzvSE90zO39cshm8+rnM4yZUVWq3npxViDrne7
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:58:21 2024 by rpki-client on console-ams.rpki-client.org