Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a643a3a2f34382d3438203d3e203530333931.roa
File:                     326131313a323963303a643a3a2f34382d3438203d3e203530333931.roa (raw, json)
Hash identifier:          njjxJjoUoAIZjoFQbYFICSx/7OhfL+6Swx1pWA/n3Q8=
Subject key identifier:   EA:B3:05:97:41:8C:DD:36:C6:FC:77:DE:B2:01:FA:BD:E2:37:44:A2
Certificate issuer:       /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial:       7F6FA957D46AFC095382E5C9210467DBEADDB191
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a643a3a2f34382d3438203d3e203530333931.roa
Signing time:             Wed 19 Jul 2023 13:29:58 +0000
ROA not before:           Wed 19 Jul 2023 13:24:58 +0000
ROA not after:            Wed 17 Jul 2024 13:29:58 +0000
asID:                     50391
IP address blocks:        2a11:29c0:d::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Jun 2024 08:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7f:6f:a9:57:d4:6a:fc:09:53:82:e5:c9:21:04:67:db:ea:dd:b1:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
        Validity
            Not Before: Jul 19 13:24:58 2023 GMT
            Not After : Jul 17 13:29:58 2024 GMT
        Subject: CN=EAB30597418CDD36C6FC77DEB201FABDE23744A2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:ef:f6:20:94:de:05:83:9b:cf:79:92:7d:a1:
                    2e:67:82:a9:6e:b2:1d:98:9e:0e:fe:e1:ef:d0:12:
                    c5:be:b7:81:c0:58:29:49:8c:86:42:ca:c9:3e:a1:
                    2b:29:a0:a3:16:87:d3:eb:2a:2a:c0:18:e7:3f:fd:
                    d2:e2:c9:79:3c:ea:81:bf:f7:d1:bf:bd:ac:c8:b5:
                    fa:96:c4:73:02:1b:dd:8e:78:55:da:cd:3b:1b:f1:
                    1e:ec:28:8c:7a:31:ef:8d:96:72:a7:fa:b0:90:ef:
                    86:c5:68:64:78:9c:fe:f0:ca:a6:e2:ed:dc:54:99:
                    d7:bd:cb:66:be:e3:33:21:a5:51:81:7d:07:d6:53:
                    88:bb:bb:26:b0:c8:bf:8f:9d:41:37:59:00:28:9c:
                    02:bd:0b:e0:67:65:d8:94:a9:ef:b8:8d:22:f8:32:
                    ba:f0:a4:62:78:c3:52:ca:0a:30:ee:2b:f0:bf:10:
                    01:7a:e1:05:dc:db:f9:bc:5f:a6:d2:b6:9c:40:1d:
                    85:1d:b4:e0:26:04:fd:da:f2:0d:4d:1a:80:21:4e:
                    ba:47:76:86:4a:ca:8a:bd:80:d6:bb:30:e8:81:a5:
                    da:66:db:d6:73:63:e4:44:5e:63:53:5c:7a:e0:c6:
                    dd:95:42:ec:f2:1c:99:7f:94:19:08:41:94:04:47:
                    de:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:B3:05:97:41:8C:DD:36:C6:FC:77:DE:B2:01:FA:BD:E2:37:44:A2
            X509v3 Authority Key Identifier:
                keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963303a643a3a2f34382d3438203d3e203530333931.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:29c0:d::/48

    Signature Algorithm: sha256WithRSAEncryption
         6e:c3:ea:4a:f2:c4:c3:18:7d:6c:be:e1:ee:11:3c:12:c0:c8:
         e5:16:65:fa:a8:42:d8:80:fc:75:fd:48:38:4e:1a:3c:c4:ad:
         c2:86:a1:19:58:95:bd:92:97:48:4c:f5:62:04:9b:5c:88:2e:
         60:c7:66:16:a7:a5:db:84:77:a2:69:d7:9e:17:a7:8e:90:63:
         1b:5c:c4:4d:97:d8:b8:e4:04:e3:fd:ac:79:50:0f:52:f8:88:
         fd:f6:aa:65:92:54:66:9a:45:b1:d6:44:bd:66:2e:93:66:3d:
         80:8d:2e:93:94:cd:f7:94:46:b0:65:16:6b:bd:d5:93:08:ed:
         ab:67:24:af:50:5a:e7:16:60:ae:2e:5b:4d:5d:d7:d2:32:19:
         e3:56:34:7b:af:56:1c:d8:22:b3:a2:31:af:6b:1e:d8:cb:c5:
         2e:b7:81:c6:9b:89:4b:b2:84:b4:13:a7:64:49:26:b5:2c:fb:
         6a:51:ef:e7:d7:07:89:28:ad:af:d2:2c:d6:1f:3d:85:d9:57:
         08:4d:3f:f2:c2:4b:95:fb:9e:4d:83:4e:34:d8:3a:2e:42:6d:
         30:cb:05:30:16:ea:e5:61:2a:68:ea:02:b7:37:ab:a3:0e:38:
         45:78:23:53:63:6c:b3:56:f3:07:99:4a:b5:7d:50:28:d3:56:
         0c:28:ed:67
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUf2+pV9Rq/AlTguXJIQRn2+rdsZEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yMzA3MTkxMzI0NThaFw0yNDA3MTcxMzI5NThaMDMxMTAvBgNV
BAMTKEVBQjMwNTk3NDE4Q0REMzZDNkZDNzdERUIyMDFGQUJERTIzNzQ0QTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDn7/YglN4Fg5vPeZJ9oS5ngqlu
sh2Yng7+4e/QEsW+t4HAWClJjIZCysk+oSspoKMWh9PrKirAGOc//dLiyXk86oG/
99G/vazItfqWxHMCG92OeFXazTsb8R7sKIx6Me+NlnKn+rCQ74bFaGR4nP7wyqbi
7dxUmde9y2a+4zMhpVGBfQfWU4i7uyawyL+PnUE3WQAonAK9C+BnZdiUqe+4jSL4
MrrwpGJ4w1LKCjDuK/C/EAF64QXc2/m8X6bStpxAHYUdtOAmBP3a8g1NGoAhTrpH
doZKyoq9gNa7MOiBpdpm29ZzY+REXmNTXHrgxt2VQuzyHJl/lBkIQZQER97hAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQU6rMFl0GM3TbG/HfesgH6veI3RKIwHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzMw
M2E2NDNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDM1MzAzMzM5MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkD
BwAqESnAAA0wDQYJKoZIhvcNAQELBQADggEBAG7D6kryxMMYfWy+4e4RPBLAyOUW
ZfqoQtiA/HX9SDhOGjzErcKGoRlYlb2Sl0hM9WIEm1yILmDHZhanpduEd6Jp154X
p46QYxtcxE2X2LjkBOP9rHlQD1L4iP32qmWSVGaaRbHWRL1mLpNmPYCNLpOUzfeU
RrBlFmu91ZMI7atnJK9QWucWYK4uW01d19IyGeNWNHuvVhzYIrOiMa9rHtjLxS63
gcabiUuyhLQTp2RJJrUs+2pR7+fXB4kora/SLNYfPYXZVwhNP/LCS5X7nk2DTjTY
Oi5CbTDLBTAW6uVhKmjqArc3q6MOOEV4I1NjbLNW8weZSrV9UCjTVgwo7Wc=
-----END CERTIFICATE-----
Generated at Sun Jun 16 15:59:02 2024 by rpki-client on console-fra.rpki-client.org