Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466333a3a2f34382d3438203d3e20323131383931.roa
File:                     326131313a323963303a336466333a3a2f34382d3438203d3e20323131383931.roa (raw, json)
Hash identifier:          rWIqA1DwS4khsifqawDFb8MXARG1uuYYL0wNBD11VVA=
Subject key identifier:   51:AC:F7:A5:0A:F5:2D:98:42:91:11:70:C5:ED:0F:B4:7F:74:9B:21
Certificate issuer:       /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial:       2EB80E32C761549DC6EB881D610573F84F395199
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466333a3a2f34382d3438203d3e20323131383931.roa
Signing time:             Wed 19 Jun 2024 14:01:18 +0000
ROA not before:           Wed 19 Jun 2024 13:56:18 +0000
ROA not after:            Wed 18 Jun 2025 14:01:18 +0000
asID:                     211891
IP address blocks:        2a11:29c0:3df3::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 26 Jun 2024 14:33:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2e:b8:0e:32:c7:61:54:9d:c6:eb:88:1d:61:05:73:f8:4f:39:51:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
        Validity
            Not Before: Jun 19 13:56:18 2024 GMT
            Not After : Jun 18 14:01:18 2025 GMT
        Subject: CN=51ACF7A50AF52D9842911170C5ED0FB47F749B21
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:1a:43:42:72:41:c3:07:ff:f9:ce:c4:77:d3:
                    9f:4f:8f:96:9d:38:3e:21:f4:66:c1:47:45:a6:42:
                    d4:e6:ed:47:82:85:cb:03:47:fe:83:c2:59:90:6e:
                    85:bc:ab:15:02:3f:79:d4:ac:6e:43:74:33:59:77:
                    92:a6:81:de:46:83:db:ca:84:bd:65:dc:08:d1:ab:
                    a4:b2:cd:1a:ed:86:f6:40:70:22:e8:a7:c5:b4:9b:
                    25:84:77:be:af:4d:4a:45:e7:37:11:d7:53:ab:26:
                    a0:80:dc:d0:32:cf:a8:a7:98:12:17:4d:c6:d9:2d:
                    86:b5:0c:16:4a:2a:bb:a8:8c:9a:ff:ed:1f:2b:d1:
                    ee:9d:ef:69:12:79:58:dd:78:ea:06:d7:69:b9:3c:
                    56:a6:79:03:21:de:64:c0:bd:f6:77:98:16:28:ee:
                    a6:9c:2b:da:9a:d0:4d:5d:31:15:f7:cc:36:c2:f7:
                    a5:f2:4b:f4:93:ff:e2:1f:3a:d7:80:d3:54:62:c4:
                    6b:68:90:5a:9b:2e:d7:96:06:27:2c:e4:94:00:47:
                    c8:5f:5b:95:ae:c1:f4:b5:7b:18:32:ac:fd:ec:b5:
                    a5:e5:07:f5:ef:e3:dc:06:3a:6d:a0:01:d6:66:e5:
                    47:7d:9a:13:e5:6c:18:91:96:e4:68:6f:e1:3d:94:
                    7f:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:AC:F7:A5:0A:F5:2D:98:42:91:11:70:C5:ED:0F:B4:7F:74:9B:21
            X509v3 Authority Key Identifier:
                keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466333a3a2f34382d3438203d3e20323131383931.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:29c0:3df3::/48

    Signature Algorithm: sha256WithRSAEncryption
         73:86:a6:06:12:15:b0:a7:dc:bd:e5:83:5b:d2:e1:f8:e2:1d:
         f4:88:da:5c:c8:d2:f2:b7:47:70:d1:5b:8c:ac:96:ed:64:29:
         ef:bb:37:15:9f:50:fd:7d:5b:0f:d8:03:44:2b:86:af:44:82:
         e2:d0:60:a5:fc:38:c0:da:0e:81:d5:72:f9:6b:7c:b4:9b:37:
         4c:c2:6f:d1:64:af:23:66:ef:50:f6:2a:f4:2e:4c:03:49:bc:
         da:b6:a1:ca:97:ba:c8:b3:99:df:b2:2f:5b:b9:f4:0a:bd:93:
         f8:23:1f:04:5d:a0:a3:c0:92:16:ae:6a:51:e3:46:59:f0:3f:
         31:87:2b:9d:e2:47:e0:ed:7d:c8:c4:88:41:ec:64:74:1d:59:
         a6:12:f1:0e:b3:a9:cf:5b:71:0f:a8:3f:0b:f5:fd:20:e8:5a:
         24:d7:5a:b0:13:cc:6c:82:52:33:8e:a9:12:ec:16:6b:ab:92:
         49:45:f2:11:d8:8d:c4:93:a4:5b:74:7f:bd:f5:5d:10:c5:45:
         47:a6:4b:55:b8:17:57:5d:b9:d8:d7:e8:f9:0e:10:91:b6:f5:
         df:63:f4:9c:42:45:a0:51:63:40:ea:25:89:ff:50:36:c4:a8:
         41:59:59:0f:24:ff:a1:9e:d6:4c:07:c2:66:50:17:07:b0:df:
         07:36:34:58
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIULrgOMsdhVJ3G64gdYQVz+E85UZkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNDA2MTkxMzU2MThaFw0yNTA2MTgxNDAxMThaMDMxMTAvBgNV
BAMTKDUxQUNGN0E1MEFGNTJEOTg0MjkxMTE3MEM1RUQwRkI0N0Y3NDlCMjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNGkNCckHDB//5zsR3059Pj5ad
OD4h9GbBR0WmQtTm7UeChcsDR/6DwlmQboW8qxUCP3nUrG5DdDNZd5Kmgd5Gg9vK
hL1l3AjRq6SyzRrthvZAcCLop8W0myWEd76vTUpF5zcR11OrJqCA3NAyz6inmBIX
TcbZLYa1DBZKKruojJr/7R8r0e6d72kSeVjdeOoG12m5PFameQMh3mTAvfZ3mBYo
7qacK9qa0E1dMRX3zDbC96XyS/ST/+IfOteA01RixGtokFqbLteWBics5JQAR8hf
W5WuwfS1exgyrP3staXlB/Xv49wGOm2gAdZm5Ud9mhPlbBiRluRob+E9lH8lAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUUaz3pQr1LZhCkRFwxe0PtH90myEwHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzMzY0NjYzMzNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzMTM4MzkzMS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoRKcA98zANBgkqhkiG9w0BAQsFAAOCAQEAc4amBhIVsKfcveWD
W9Lh+OId9IjaXMjS8rdHcNFbjKyW7WQp77s3FZ9Q/X1bD9gDRCuGr0SC4tBgpfw4
wNoOgdVy+Wt8tJs3TMJv0WSvI2bvUPYq9C5MA0m82rahype6yLOZ37IvW7n0Cr2T
+CMfBF2go8CSFq5qUeNGWfA/MYcrneJH4O19yMSIQexkdB1ZphLxDrOpz1txD6g/
C/X9IOhaJNdasBPMbIJSM46pEuwWa6uSSUXyEdiNxJOkW3R/vfVdEMVFR6ZLVbgX
V1252Nfo+Q4Qkbb132P0nEJFoFFjQOolif9QNsSoQVlZDyT/oZ7WTAfCZlAXB7Df
BzY0WA==
-----END CERTIFICATE-----
Generated at Tue Jun 25 20:25:27 2024 by rpki-client on console-ams.rpki-client.org