Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466383a3a2f34382d3438203d3e20323038373439.roa
File:                     326131313a323963303a336466383a3a2f34382d3438203d3e20323038373439.roa (raw, json)
Hash identifier:          XOYvmM+ZCL2SAsQkSRsuWfmMMahUCUTLjsw3iLi/N0w=
Subject key identifier:   B2:E3:B5:B1:47:63:D0:53:14:5E:A0:0D:FE:EB:EA:28:DA:C5:1F:03
Certificate issuer:       /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial:       022AAE629B7E3F3AE9867FCF11061011AAE9C2E0
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466383a3a2f34382d3438203d3e20323038373439.roa
Signing time:             Wed 19 Jun 2024 14:01:15 +0000
ROA not before:           Wed 19 Jun 2024 13:56:15 +0000
ROA not after:            Wed 18 Jun 2025 14:01:15 +0000
asID:                     208749
IP address blocks:        2a11:29c0:3df8::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 26 Jun 2024 14:33:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            02:2a:ae:62:9b:7e:3f:3a:e9:86:7f:cf:11:06:10:11:aa:e9:c2:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
        Validity
            Not Before: Jun 19 13:56:15 2024 GMT
            Not After : Jun 18 14:01:15 2025 GMT
        Subject: CN=B2E3B5B14763D053145EA00DFEEBEA28DAC51F03
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:70:b6:02:dc:42:45:80:e2:1c:58:73:4e:c5:
                    1d:70:d6:5f:25:a7:13:b9:d2:47:30:de:85:ff:6d:
                    5f:a7:9f:dd:e2:32:e8:77:f0:9f:93:0b:f4:84:fe:
                    62:e5:37:83:09:43:78:8e:9b:9d:ed:17:7c:31:27:
                    38:22:c7:30:ff:03:64:9f:9c:c5:2e:2c:c1:5e:e1:
                    ab:e0:f5:b4:ec:64:ae:bc:be:54:0a:e1:27:f2:2b:
                    10:ab:04:68:d5:1a:12:11:a8:b9:72:70:49:41:1f:
                    5a:93:46:cc:f3:f1:ee:43:63:99:e2:1d:2b:f4:2e:
                    30:5f:42:e7:49:3d:9a:68:ca:60:d7:f4:56:cb:59:
                    53:ed:43:1d:55:a7:1f:8a:8a:f6:cb:f8:ec:ce:6a:
                    ae:28:e2:95:95:6f:b2:2f:44:cd:6e:9b:aa:8f:e3:
                    23:0a:07:e8:e5:b8:06:d8:b6:c0:27:15:31:89:99:
                    9b:c6:30:25:f4:cc:9b:26:6b:86:08:68:e4:f6:d8:
                    b7:40:12:5d:2c:10:a6:7d:28:c5:00:6c:af:09:15:
                    cb:fe:83:41:6d:21:0f:7a:61:29:4e:fe:c6:1d:9f:
                    ce:5e:5e:25:ae:02:ef:1f:b1:e2:4f:38:ce:00:1f:
                    f7:6c:bb:6d:f6:be:4b:25:17:e5:4c:c0:24:52:88:
                    f8:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:E3:B5:B1:47:63:D0:53:14:5E:A0:0D:FE:EB:EA:28:DA:C5:1F:03
            X509v3 Authority Key Identifier:
                keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466383a3a2f34382d3438203d3e20323038373439.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:29c0:3df8::/48

    Signature Algorithm: sha256WithRSAEncryption
         59:6b:ab:7a:3f:f0:8c:3b:d9:51:90:94:dc:b4:a3:79:45:77:
         fd:bb:f0:3a:3c:b3:78:18:2c:97:f6:1f:64:66:dd:a1:98:a4:
         e2:8c:22:3f:ab:7e:8c:33:c3:ae:ad:2d:e1:1e:4a:d3:6b:75:
         ce:4d:0f:30:cc:98:f9:65:ee:b6:42:b3:41:26:5b:7f:e1:f2:
         c1:1b:bc:65:cc:d9:91:1f:b9:8f:9f:81:3e:56:6c:b1:25:bc:
         9b:e1:20:a3:62:5e:4d:d3:d2:aa:79:dd:25:1c:07:20:e7:8e:
         93:f3:14:30:3e:30:70:40:1c:05:e3:e0:1e:df:74:6b:a9:c0:
         07:dc:fb:53:6e:81:d3:67:68:b5:e6:de:16:88:e7:3e:36:e3:
         46:65:4a:a4:99:43:c0:4d:04:a4:96:fa:fa:1e:c3:07:47:56:
         ec:9f:e7:4d:d8:5e:6f:28:c4:5d:ed:4a:5f:c4:27:69:2e:ae:
         56:59:da:a2:d6:45:64:60:8b:de:40:b4:ca:7b:5d:93:09:40:
         ee:1a:d9:66:bb:7f:65:d2:64:22:00:ee:f8:6e:56:c8:8b:00:
         93:fd:6b:a7:77:7d:9b:ec:57:ad:2d:cb:e9:6e:07:99:ae:2a:
         0a:73:40:ef:ef:fd:40:f5:17:95:95:6a:1e:b4:51:03:73:a0:
         93:23:bc:93
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUAiquYpt+Pzrphn/PEQYQEarpwuAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNDA2MTkxMzU2MTVaFw0yNTA2MTgxNDAxMTVaMDMxMTAvBgNV
BAMTKEIyRTNCNUIxNDc2M0QwNTMxNDVFQTAwREZFRUJFQTI4REFDNTFGMDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvcLYC3EJFgOIcWHNOxR1w1l8l
pxO50kcw3oX/bV+nn93iMuh38J+TC/SE/mLlN4MJQ3iOm53tF3wxJzgixzD/A2Sf
nMUuLMFe4avg9bTsZK68vlQK4SfyKxCrBGjVGhIRqLlycElBH1qTRszz8e5DY5ni
HSv0LjBfQudJPZpoymDX9FbLWVPtQx1Vpx+KivbL+OzOaq4o4pWVb7IvRM1um6qP
4yMKB+jluAbYtsAnFTGJmZvGMCX0zJsma4YIaOT22LdAEl0sEKZ9KMUAbK8JFcv+
g0FtIQ96YSlO/sYdn85eXiWuAu8fseJPOM4AH/dsu232vkslF+VMwCRSiPh9AgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUsuO1sUdj0FMUXqAN/uvqKNrFHwMwHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzMzY0NjYzODNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAzODM3MzQzOS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoRKcA9+DANBgkqhkiG9w0BAQsFAAOCAQEAWWurej/wjDvZUZCU
3LSjeUV3/bvwOjyzeBgsl/YfZGbdoZik4owiP6t+jDPDrq0t4R5K02t1zk0PMMyY
+WXutkKzQSZbf+HywRu8ZczZkR+5j5+BPlZssSW8m+Ego2JeTdPSqnndJRwHIOeO
k/MUMD4wcEAcBePgHt90a6nAB9z7U26B02dotebeFojnPjbjRmVKpJlDwE0EpJb6
+h7DB0dW7J/nTdhebyjEXe1KX8QnaS6uVlnaotZFZGCL3kC0yntdkwlA7hrZZrt/
ZdJkIgDu+G5WyIsAk/1rp3d9m+xXrS3L6W4Hma4qCnNA7+/9QPUXlZVqHrRRA3Og
kyO8kw==
-----END CERTIFICATE-----
Generated at Tue Jun 25 21:57:50 2024 by rpki-client on console-fra.rpki-client.org