Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466623a3a2f34382d3438203d3e20323130333335.roa
File:                     326131313a323963303a336466623a3a2f34382d3438203d3e20323130333335.roa (raw, json)
Hash identifier:          mvaZ10XpA1crcJLQ1/xwPJoj3DHfKScmVRO9y/CSdxY=
Subject key identifier:   F5:6E:E2:3B:E2:83:FE:E7:DE:0F:AC:F3:FF:EA:A2:BD:59:1B:B8:57
Certificate issuer:       /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial:       3F7DE0CBDE93050D58FD3CBADD220A0ABB90F07B
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466623a3a2f34382d3438203d3e20323130333335.roa
Signing time:             Wed 19 Jul 2023 13:30:22 +0000
ROA not before:           Wed 19 Jul 2023 13:25:22 +0000
ROA not after:            Wed 17 Jul 2024 13:30:22 +0000
asID:                     210335
IP address blocks:        2a11:29c0:3dfb::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Jun 2024 08:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3f:7d:e0:cb:de:93:05:0d:58:fd:3c:ba:dd:22:0a:0a:bb:90:f0:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
        Validity
            Not Before: Jul 19 13:25:22 2023 GMT
            Not After : Jul 17 13:30:22 2024 GMT
        Subject: CN=F56EE23BE283FEE7DE0FACF3FFEAA2BD591BB857
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:99:c3:0d:64:e6:21:93:c3:ae:74:05:28:bb:
                    58:c9:b8:f1:48:16:03:c9:a9:42:25:f0:8a:48:1e:
                    24:6a:76:7d:4d:33:1c:5b:c3:40:52:0c:0d:9f:77:
                    a1:2c:c2:18:23:42:2b:f5:1e:1d:fb:40:7a:15:fb:
                    5f:42:ab:aa:ff:25:e0:81:f8:ef:da:dd:fa:43:30:
                    75:77:20:3f:07:e8:dd:38:02:9a:72:7f:d6:3c:cf:
                    6c:1b:36:87:37:08:09:03:39:6c:33:ef:5a:74:a6:
                    7d:44:b7:3e:19:b0:92:a2:a1:e0:7c:7a:e3:47:79:
                    c8:cc:07:67:76:3a:96:96:73:29:98:ab:2b:40:1c:
                    c7:11:95:b0:39:06:0e:b9:98:0f:fd:68:67:16:f8:
                    f7:a2:ab:3c:b9:ff:ff:ef:7e:dd:71:27:6f:00:92:
                    46:db:fa:9a:5a:cd:7f:ff:76:27:6e:62:a4:8a:18:
                    83:de:f9:99:58:a4:49:6a:c5:96:c3:79:9f:30:70:
                    e2:57:18:a5:37:0c:5a:ac:74:2a:86:05:f8:4c:2f:
                    cd:1a:e6:ac:96:6f:8c:25:2d:7e:3e:1b:3b:23:f4:
                    94:54:4b:1a:77:c7:a1:a8:c2:c5:2e:78:25:5e:08:
                    6d:00:df:eb:3a:29:1e:6e:ca:0e:ca:5c:0d:90:ef:
                    2f:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:6E:E2:3B:E2:83:FE:E7:DE:0F:AC:F3:FF:EA:A2:BD:59:1B:B8:57
            X509v3 Authority Key Identifier:
                keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466623a3a2f34382d3438203d3e20323130333335.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:29c0:3dfb::/48

    Signature Algorithm: sha256WithRSAEncryption
         06:ae:03:ca:d1:0b:e8:75:c5:a3:bf:f6:e9:8c:db:8f:6a:a7:
         da:f1:23:f7:d3:22:3a:86:57:ab:a2:1a:c7:ed:b0:a5:95:0e:
         24:12:a1:da:0e:51:51:b7:58:ae:ed:f7:b0:21:fc:2c:44:94:
         cd:93:5e:0a:fd:94:43:90:9c:85:45:6c:8f:12:0e:3a:b8:67:
         25:1c:56:1d:5b:7f:c7:f6:a9:e2:2e:44:8d:7c:b1:e8:4b:be:
         52:c2:d7:8a:ae:91:c0:00:d3:5c:e4:7c:dd:36:c2:25:12:a0:
         01:92:6a:11:bd:67:31:7d:67:81:e9:5b:a9:82:78:42:76:ce:
         ab:23:da:68:94:b4:83:6e:b3:3e:85:b1:fd:37:65:85:46:b2:
         a1:6a:c7:79:a2:fd:55:37:c1:b0:cf:a9:01:5b:f4:8d:13:f6:
         9f:cc:a5:97:b9:a2:10:f7:4a:c0:d0:be:41:fa:7c:05:ec:0c:
         94:56:56:c7:f0:b7:34:9b:48:92:99:32:e7:cc:bf:2c:bd:05:
         5a:f8:e8:66:1f:c8:81:84:23:e4:74:c3:df:00:e1:1f:62:f1:
         a1:98:a0:b8:c3:e6:44:72:36:ff:5a:7a:94:99:1f:8e:dd:c9:
         3d:f1:d4:ec:39:38:da:5c:c0:d7:6c:fa:b8:f1:5d:cf:6a:57:
         b4:e1:b1:56
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUP33gy96TBQ1Y/Ty63SIKCruQ8HswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yMzA3MTkxMzI1MjJaFw0yNDA3MTcxMzMwMjJaMDMxMTAvBgNV
BAMTKEY1NkVFMjNCRTI4M0ZFRTdERTBGQUNGM0ZGRUFBMkJENTkxQkI4NTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvmcMNZOYhk8OudAUou1jJuPFI
FgPJqUIl8IpIHiRqdn1NMxxbw0BSDA2fd6EswhgjQiv1Hh37QHoV+19Cq6r/JeCB
+O/a3fpDMHV3ID8H6N04Appyf9Y8z2wbNoc3CAkDOWwz71p0pn1Etz4ZsJKioeB8
euNHecjMB2d2OpaWcymYqytAHMcRlbA5Bg65mA/9aGcW+Peiqzy5///vft1xJ28A
kkbb+ppazX//diduYqSKGIPe+ZlYpElqxZbDeZ8wcOJXGKU3DFqsdCqGBfhML80a
5qyWb4wlLX4+Gzsj9JRUSxp3x6GowsUueCVeCG0A3+s6KR5uyg7KXA2Q7y+7AgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQU9W7iO+KD/ufeD6zz/+qivVkbuFcwHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzMzY0NjY2MjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzMDMzMzMzNS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoRKcA9+zANBgkqhkiG9w0BAQsFAAOCAQEABq4DytEL6HXFo7/2
6Yzbj2qn2vEj99MiOoZXq6Iax+2wpZUOJBKh2g5RUbdYru33sCH8LESUzZNeCv2U
Q5CchUVsjxIOOrhnJRxWHVt/x/ap4i5EjXyx6Eu+UsLXiq6RwADTXOR83TbCJRKg
AZJqEb1nMX1ngelbqYJ4QnbOqyPaaJS0g26zPoWx/TdlhUayoWrHeaL9VTfBsM+p
AVv0jRP2n8yll7miEPdKwNC+Qfp8BewMlFZWx/C3NJtIkpky58y/LL0FWvjoZh/I
gYQj5HTD3wDhH2LxoZiguMPmRHI2/1p6lJkfjt3JPfHU7Dk42lzA12z6uPFdz2pX
tOGxVg==
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:58:21 2024 by rpki-client on console-ams.rpki-client.org