Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466383a3a2f34382d3438203d3e20323038373439.roa
File:                     326131313a323963303a336466383a3a2f34382d3438203d3e20323038373439.roa (raw, json)
Hash identifier:          lHFdNXP4XFmdaNl9jWNXNcEZN2kqbQ9G8E7VJsFaghM=
Subject key identifier:   4E:2C:41:BD:EB:06:D6:12:DB:4B:F7:6D:90:91:90:47:BD:5F:CC:49
Certificate issuer:       /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial:       6D8A31D165BA8AC809B4A7BC86D94DC8AA1EB63D
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466383a3a2f34382d3438203d3e20323038373439.roa
Signing time:             Wed 19 Jul 2023 13:30:14 +0000
ROA not before:           Wed 19 Jul 2023 13:25:14 +0000
ROA not after:            Wed 17 Jul 2024 13:30:14 +0000
asID:                     208749
IP address blocks:        2a11:29c0:3df8::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Jun 2024 08:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6d:8a:31:d1:65:ba:8a:c8:09:b4:a7:bc:86:d9:4d:c8:aa:1e:b6:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
        Validity
            Not Before: Jul 19 13:25:14 2023 GMT
            Not After : Jul 17 13:30:14 2024 GMT
        Subject: CN=4E2C41BDEB06D612DB4BF76D90919047BD5FCC49
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:87:ca:e7:47:75:c1:f7:58:55:6f:c3:86:6c:
                    c7:22:1d:03:64:0d:25:61:63:a3:df:9e:be:4e:87:
                    18:c3:ee:d0:16:09:39:1d:8b:32:f5:b5:73:42:f1:
                    1f:49:3b:da:30:c4:ff:04:74:d5:76:0b:fc:da:28:
                    30:bb:25:30:fb:31:3e:94:2c:94:7f:6b:db:e1:97:
                    11:2c:90:76:2d:bd:49:85:6a:f5:80:e2:aa:85:1b:
                    af:b0:c4:e8:1d:f1:b2:cf:fd:dc:7d:f9:5c:7d:c3:
                    87:3c:15:4d:e4:d8:ad:44:5d:05:67:f9:09:f9:a6:
                    bc:81:a5:1a:2e:9a:de:6b:4d:14:d4:57:39:8d:2f:
                    51:44:a4:59:cc:dc:e4:f1:89:66:85:90:ae:b3:9a:
                    f5:87:c8:dd:84:e7:31:17:f5:26:2f:26:c2:c8:18:
                    6f:61:f7:bf:e2:11:6b:02:89:38:e3:61:68:ac:9b:
                    12:17:dc:65:26:59:a4:31:de:ea:d1:9f:81:95:65:
                    d1:83:d1:fa:0c:b2:37:c3:d3:a7:a0:50:cc:c2:38:
                    40:39:20:44:cd:1a:9e:0d:8a:24:74:8b:30:73:91:
                    a1:e3:6f:b6:94:25:f5:60:34:15:5e:63:a3:fa:f6:
                    2c:70:de:17:7d:bf:c8:f7:d6:4b:1d:49:8f:7e:01:
                    06:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:2C:41:BD:EB:06:D6:12:DB:4B:F7:6D:90:91:90:47:BD:5F:CC:49
            X509v3 Authority Key Identifier:
                keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466383a3a2f34382d3438203d3e20323038373439.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:29c0:3df8::/48

    Signature Algorithm: sha256WithRSAEncryption
         6c:4f:bb:e0:13:6b:70:34:d3:fa:d5:af:6a:ea:e5:04:5e:a7:
         56:26:84:3d:91:f6:61:0a:b7:3f:04:41:0f:af:b6:0a:21:ca:
         83:c0:ba:38:fd:c8:84:c4:4a:f2:33:b3:8d:8b:a8:db:5a:36:
         ed:92:34:b7:08:2a:f9:44:56:e7:97:a5:80:96:ad:18:9d:15:
         1f:cb:36:80:77:bf:89:46:fa:38:1f:94:2f:50:85:d0:fc:f3:
         1d:94:2a:13:15:40:c4:be:fd:b1:8e:c2:52:d4:7d:b2:35:dd:
         30:35:01:90:bd:80:c7:54:28:af:d0:cf:c6:03:c7:46:9c:7f:
         83:3a:fe:a6:b0:5e:ef:2f:dd:1d:8f:89:ec:2e:b3:7c:33:dc:
         43:63:c8:05:00:e1:e2:47:bf:3e:2d:36:7d:f1:d3:a9:f7:cc:
         77:e6:16:64:91:8a:f3:fa:6a:52:8b:1f:fa:43:4e:b0:30:b8:
         0b:29:53:87:ff:d1:b5:7f:34:c1:fb:fe:db:77:f2:05:88:48:
         78:83:49:5c:71:25:36:5e:1d:1f:5f:c9:f1:31:98:3d:f0:3d:
         1a:b1:3b:16:d7:02:c0:27:38:16:61:5c:be:57:50:90:23:40:
         85:8c:99:42:1c:ed:5b:aa:e5:a9:74:f3:29:1f:c8:16:0c:37:
         b5:ce:c6:fe
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUbYox0WW6isgJtKe8htlNyKoetj0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yMzA3MTkxMzI1MTRaFw0yNDA3MTcxMzMwMTRaMDMxMTAvBgNV
BAMTKDRFMkM0MUJERUIwNkQ2MTJEQjRCRjc2RDkwOTE5MDQ3QkQ1RkNDNDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAh8rnR3XB91hVb8OGbMciHQNk
DSVhY6Pfnr5OhxjD7tAWCTkdizL1tXNC8R9JO9owxP8EdNV2C/zaKDC7JTD7MT6U
LJR/a9vhlxEskHYtvUmFavWA4qqFG6+wxOgd8bLP/dx9+Vx9w4c8FU3k2K1EXQVn
+Qn5pryBpRoumt5rTRTUVzmNL1FEpFnM3OTxiWaFkK6zmvWHyN2E5zEX9SYvJsLI
GG9h97/iEWsCiTjjYWismxIX3GUmWaQx3urRn4GVZdGD0foMsjfD06egUMzCOEA5
IETNGp4NiiR0izBzkaHjb7aUJfVgNBVeY6P69ixw3hd9v8j31ksdSY9+AQYhAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUTixBvesG1hLbS/dtkJGQR71fzEkwHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzMzY0NjYzODNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAzODM3MzQzOS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoRKcA9+DANBgkqhkiG9w0BAQsFAAOCAQEAbE+74BNrcDTT+tWv
aurlBF6nViaEPZH2YQq3PwRBD6+2CiHKg8C6OP3IhMRK8jOzjYuo21o27ZI0twgq
+URW55elgJatGJ0VH8s2gHe/iUb6OB+UL1CF0PzzHZQqExVAxL79sY7CUtR9sjXd
MDUBkL2Ax1Qor9DPxgPHRpx/gzr+prBe7y/dHY+J7C6zfDPcQ2PIBQDh4ke/Pi02
ffHTqffMd+YWZJGK8/pqUosf+kNOsDC4CylTh//RtX80wfv+23fyBYhIeINJXHEl
Nl4dH1/J8TGYPfA9GrE7FtcCwCc4FmFcvldQkCNAhYyZQhztW6rlqXTzKR/IFgw3
tc7G/g==
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:58:21 2024 by rpki-client on console-ams.rpki-client.org