Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466623a3a2f34382d3438203d3e20323130333335.roa
File:                     326131313a323963303a336466623a3a2f34382d3438203d3e20323130333335.roa (raw, json)
Hash identifier:          LBnxYRRFm5G0d2y6XhmpRLIFDGt8PElFbkBb9Bi122U=
Subject key identifier:   7E:58:B3:67:00:DF:A9:7D:9B:76:77:7A:53:12:C7:04:16:4E:00:2D
Certificate issuer:       /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial:       2FCB583B78C61EA3E8094A09AD5DE609EF557A1C
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466623a3a2f34382d3438203d3e20323130333335.roa
Signing time:             Wed 19 Jun 2024 14:01:16 +0000
ROA not before:           Wed 19 Jun 2024 13:56:16 +0000
ROA not after:            Wed 18 Jun 2025 14:01:16 +0000
asID:                     210335
IP address blocks:        2a11:29c0:3dfb::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 26 Jun 2024 14:33:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2f:cb:58:3b:78:c6:1e:a3:e8:09:4a:09:ad:5d:e6:09:ef:55:7a:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
        Validity
            Not Before: Jun 19 13:56:16 2024 GMT
            Not After : Jun 18 14:01:16 2025 GMT
        Subject: CN=7E58B36700DFA97D9B76777A5312C704164E002D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:46:ea:34:d0:f2:9d:64:4d:c7:6c:94:75:db:
                    29:4d:1f:a5:40:70:9d:f0:2b:65:41:72:9a:9d:9a:
                    c1:a3:b9:c5:88:e4:94:eb:87:5f:c9:27:ab:67:03:
                    43:f1:2d:37:93:2a:77:55:70:94:1d:d6:9a:5c:e7:
                    6e:d2:de:c1:61:65:70:06:20:bf:8d:ad:c7:a0:23:
                    f4:50:d8:00:a2:3f:b0:35:f7:7f:6f:e3:14:d5:12:
                    23:cc:72:cb:db:25:18:54:aa:c2:4e:09:45:7b:cf:
                    59:73:3c:ce:ae:9c:52:ee:bf:cc:66:7f:24:91:30:
                    1d:53:c1:f1:a3:ee:9e:8e:96:5a:26:6d:b8:d6:82:
                    0f:3c:7d:39:a4:77:4d:35:56:7a:72:1c:9c:4f:b9:
                    d2:7e:f7:0f:6f:4b:6c:84:11:07:c0:d7:9f:3f:f8:
                    d2:e5:8b:1a:8b:40:3d:ef:93:45:75:dc:e2:5b:04:
                    a6:ee:c1:2b:23:2e:49:05:d7:89:ad:c7:a4:ac:10:
                    16:d8:e9:1f:e9:c3:42:b1:73:67:51:fb:24:c0:17:
                    06:8d:7b:6c:74:2b:d6:bf:d2:56:32:33:f5:81:cc:
                    62:4d:38:be:f3:a3:86:55:b3:bf:ff:5b:ae:14:2d:
                    f9:40:d5:b7:8c:13:e3:b3:0e:4f:04:41:3b:da:56:
                    36:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:58:B3:67:00:DF:A9:7D:9B:76:77:7A:53:12:C7:04:16:4E:00:2D
            X509v3 Authority Key Identifier:
                keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466623a3a2f34382d3438203d3e20323130333335.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:29c0:3dfb::/48

    Signature Algorithm: sha256WithRSAEncryption
         72:f8:75:07:ed:7b:e9:32:96:e0:38:ef:fa:24:d3:d1:73:80:
         d0:50:ea:60:12:9a:44:31:bf:6c:cb:68:b3:3d:c6:9a:d8:c5:
         3d:81:a0:f2:2a:d0:b4:1e:e0:51:99:55:2e:81:c3:25:8a:96:
         93:98:2b:38:71:99:f1:22:2c:6a:43:1a:e7:3e:f2:fa:01:d5:
         e8:68:49:e8:30:7d:4e:1b:33:41:2b:d8:86:a2:b1:c0:70:b5:
         69:d2:f6:a4:5a:2a:97:81:85:4a:6d:34:db:07:7e:47:ee:9d:
         bb:86:18:d2:65:d6:23:19:58:0c:28:6b:92:8b:c0:f7:81:ae:
         86:64:a3:b3:19:85:8a:6c:dc:10:b2:e3:eb:29:b6:16:16:6a:
         87:53:15:0b:12:4b:24:a8:86:54:f9:d9:b5:2d:6e:d1:c4:d0:
         01:cc:36:65:81:9a:25:78:d2:e9:45:66:2e:af:fe:17:71:a7:
         3b:b8:6a:4f:66:7e:8c:24:4b:31:04:b4:a0:a9:78:67:da:c7:
         fc:b9:13:7c:b0:22:94:7f:48:b4:ae:72:4d:b7:49:fc:50:2e:
         e0:3c:bb:51:f9:89:f7:3b:6d:74:db:d8:79:a8:c2:77:b3:8b:
         b7:42:07:40:9d:b3:6a:c3:04:cd:0d:32:51:af:6d:31:02:9f:
         c8:f3:47:95
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUL8tYO3jGHqPoCUoJrV3mCe9VehwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNDA2MTkxMzU2MTZaFw0yNTA2MTgxNDAxMTZaMDMxMTAvBgNV
BAMTKDdFNThCMzY3MDBERkE5N0Q5Qjc2Nzc3QTUzMTJDNzA0MTY0RTAwMkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4Ruo00PKdZE3HbJR12ylNH6VA
cJ3wK2VBcpqdmsGjucWI5JTrh1/JJ6tnA0PxLTeTKndVcJQd1ppc527S3sFhZXAG
IL+NrcegI/RQ2ACiP7A1939v4xTVEiPMcsvbJRhUqsJOCUV7z1lzPM6unFLuv8xm
fySRMB1TwfGj7p6OllombbjWgg88fTmkd001VnpyHJxPudJ+9w9vS2yEEQfA158/
+NLlixqLQD3vk0V13OJbBKbuwSsjLkkF14mtx6SsEBbY6R/pw0Kxc2dR+yTAFwaN
e2x0K9a/0lYyM/WBzGJNOL7zo4ZVs7//W64ULflA1beME+OzDk8EQTvaVjahAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUflizZwDfqX2bdnd6UxLHBBZOAC0wHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzMzY0NjY2MjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzMDMzMzMzNS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoRKcA9+zANBgkqhkiG9w0BAQsFAAOCAQEAcvh1B+176TKW4Djv
+iTT0XOA0FDqYBKaRDG/bMtosz3GmtjFPYGg8irQtB7gUZlVLoHDJYqWk5grOHGZ
8SIsakMa5z7y+gHV6GhJ6DB9ThszQSvYhqKxwHC1adL2pFoql4GFSm002wd+R+6d
u4YY0mXWIxlYDChrkovA94GuhmSjsxmFimzcELLj6ym2FhZqh1MVCxJLJKiGVPnZ
tS1u0cTQAcw2ZYGaJXjS6UVmLq/+F3GnO7hqT2Z+jCRLMQS0oKl4Z9rH/LkTfLAi
lH9ItK5yTbdJ/FAu4Dy7UfmJ9zttdNvYeajCd7OLt0IHQJ2zasMEzQ0yUa9tMQKf
yPNHlQ==
-----END CERTIFICATE-----
Generated at Tue Jun 25 21:57:50 2024 by rpki-client on console-fra.rpki-client.org