Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466643a3a2f34382d3438203d3e20323036303538.roa
File:                     326131313a323963303a336466643a3a2f34382d3438203d3e20323036303538.roa (raw, json)
Hash identifier:          gw8jfGHSlzeK7pkKLz1fOubWve0r41DV7Vp66/meEoo=
Subject key identifier:   55:89:24:88:95:1D:86:7C:C7:DD:CA:74:B4:9A:34:79:55:A6:37:65
Certificate issuer:       /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial:       1B374EC6CD9DE7B04B49FFA775AD146DAD47D724
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466643a3a2f34382d3438203d3e20323036303538.roa
Signing time:             Wed 19 Jun 2024 14:01:16 +0000
ROA not before:           Wed 19 Jun 2024 13:56:16 +0000
ROA not after:            Wed 18 Jun 2025 14:01:16 +0000
asID:                     206058
IP address blocks:        2a11:29c0:3dfd::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 26 Jun 2024 14:33:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1b:37:4e:c6:cd:9d:e7:b0:4b:49:ff:a7:75:ad:14:6d:ad:47:d7:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
        Validity
            Not Before: Jun 19 13:56:16 2024 GMT
            Not After : Jun 18 14:01:16 2025 GMT
        Subject: CN=55892488951D867CC7DDCA74B49A347955A63765
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:4d:65:51:53:ab:f9:0c:38:99:29:23:6d:24:
                    98:75:28:d4:6b:46:7b:70:c1:b6:a3:f1:64:49:5c:
                    71:58:e4:f8:8b:c1:51:ec:73:fb:c3:6a:df:b4:d8:
                    24:54:9d:67:50:44:28:be:35:8f:bb:73:2b:9b:29:
                    c9:96:30:74:1c:a9:be:78:45:18:c2:ba:64:a8:3d:
                    6f:ef:48:ab:96:d1:5f:e2:8f:7c:4f:75:ec:68:da:
                    29:ad:fa:7b:95:04:4e:29:b9:65:fc:ca:7f:0b:ab:
                    0e:8e:f1:79:95:be:90:b8:8a:46:c2:30:67:5b:33:
                    c7:47:19:66:15:71:31:6c:5a:dd:75:b8:c2:36:b0:
                    3a:88:8b:51:8f:0d:b1:47:4a:3f:67:54:33:d7:36:
                    73:62:3e:63:a6:0b:98:8b:92:b7:3d:03:67:54:32:
                    e4:b7:c1:bf:44:93:34:c4:70:0f:af:34:38:f6:b2:
                    7e:4e:e7:12:d0:5a:6f:f7:6f:ba:6c:16:c4:e1:f0:
                    40:fb:45:c4:86:e4:2b:b7:4c:27:7c:aa:85:a1:ec:
                    4a:fc:24:b2:0b:02:a1:4d:0e:f0:87:59:1f:0e:c7:
                    9c:02:78:85:92:64:25:16:ff:80:e9:b3:4d:1a:af:
                    7e:3a:06:de:a1:01:26:94:c4:7c:6f:5c:25:37:bb:
                    e7:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:89:24:88:95:1D:86:7C:C7:DD:CA:74:B4:9A:34:79:55:A6:37:65
            X509v3 Authority Key Identifier:
                keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a336466643a3a2f34382d3438203d3e20323036303538.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:29c0:3dfd::/48

    Signature Algorithm: sha256WithRSAEncryption
         94:87:c3:cf:86:6f:9a:e3:73:a3:f5:8f:ed:17:87:b3:f4:43:
         6e:55:e0:41:1e:1b:7f:9d:61:3b:90:d1:bf:e7:6b:00:1e:e6:
         66:04:ef:65:5a:ca:0c:e9:ff:08:15:fc:02:d8:7e:d2:13:b2:
         99:23:3d:df:e4:6f:18:cf:72:80:a0:ea:04:24:97:80:b9:04:
         b3:d4:bd:05:32:8f:d4:14:c2:f6:39:1d:5a:e7:f0:3d:be:f5:
         e4:ae:7c:21:1f:2a:93:f2:6c:20:ce:4e:01:14:38:d4:79:3a:
         df:a7:c6:4e:df:09:32:34:60:0f:ef:9e:e5:59:02:50:c3:15:
         fe:50:bc:f4:86:53:8d:39:51:8d:41:5b:59:cf:4a:b1:5c:d4:
         0c:0b:88:12:d8:9e:0f:59:f5:63:85:5b:9a:46:b8:30:21:16:
         80:bf:d6:9a:02:70:9a:50:db:da:b2:88:e1:d6:e4:af:55:0d:
         44:ee:8b:28:3c:3a:b3:e9:77:4b:5d:36:7a:9c:c8:1a:21:1e:
         1b:f2:ec:08:d6:11:0c:1f:34:c3:29:15:d2:25:c5:00:f7:0c:
         ac:aa:ae:4a:b0:54:bf:59:ea:7a:5f:28:5c:17:c8:dc:30:a3:
         8c:59:12:d0:c5:cd:ff:8a:ae:59:8d:1f:72:c6:b4:60:ce:2f:
         48:1c:21:85
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUGzdOxs2d57BLSf+nda0Uba1H1yQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yNDA2MTkxMzU2MTZaFw0yNTA2MTgxNDAxMTZaMDMxMTAvBgNV
BAMTKDU1ODkyNDg4OTUxRDg2N0NDN0REQ0E3NEI0OUEzNDc5NTVBNjM3NjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCUTWVRU6v5DDiZKSNtJJh1KNRr
Rntwwbaj8WRJXHFY5PiLwVHsc/vDat+02CRUnWdQRCi+NY+7cyubKcmWMHQcqb54
RRjCumSoPW/vSKuW0V/ij3xPdexo2imt+nuVBE4puWX8yn8Lqw6O8XmVvpC4ikbC
MGdbM8dHGWYVcTFsWt11uMI2sDqIi1GPDbFHSj9nVDPXNnNiPmOmC5iLkrc9A2dU
MuS3wb9EkzTEcA+vNDj2sn5O5xLQWm/3b7psFsTh8ED7RcSG5Cu3TCd8qoWh7Er8
JLILAqFNDvCHWR8Ox5wCeIWSZCUW/4Dps00ar346Bt6hASaUxHxvXCU3u+ffAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUVYkkiJUdhnzH3cp0tJo0eVWmN2UwHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2EzMzY0NjY2NDNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAzNjMwMzUzOC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoRKcA9/TANBgkqhkiG9w0BAQsFAAOCAQEAlIfDz4ZvmuNzo/WP
7ReHs/RDblXgQR4bf51hO5DRv+drAB7mZgTvZVrKDOn/CBX8Ath+0hOymSM93+Rv
GM9ygKDqBCSXgLkEs9S9BTKP1BTC9jkdWufwPb715K58IR8qk/JsIM5OARQ41Hk6
36fGTt8JMjRgD++e5VkCUMMV/lC89IZTjTlRjUFbWc9KsVzUDAuIEtieD1n1Y4Vb
mka4MCEWgL/WmgJwmlDb2rKI4dbkr1UNRO6LKDw6s+l3S102epzIGiEeG/LsCNYR
DB80wykV0iXFAPcMrKquSrBUv1nqel8oXBfI3DCjjFkS0MXN/4quWY0fcsa0YM4v
SBwhhQ==
-----END CERTIFICATE-----
Generated at Tue Jun 25 21:57:50 2024 by rpki-client on console-fra.rpki-client.org