Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963373a623030623a3a2f34382d3438203d3e20323132313439.roa
File:                     326131313a323963373a623030623a3a2f34382d3438203d3e20323132313439.roa (raw, json)
Hash identifier:          0dUKw3hgrfogLYmAtXiNaTrJ120LxOaB70vTdB+hVdM=
Subject key identifier:   B9:02:5A:02:E5:83:10:3B:24:02:7E:37:2C:E1:EF:FF:21:FC:EF:CA
Certificate issuer:       /CN=e96d85996e9354d1005e44c781d38adcf1082873
Certificate serial:       4AD1727B233EBF87C8185022A1EE75BC49757FC9
Authority key identifier: E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963373a623030623a3a2f34382d3438203d3e20323132313439.roa
Signing time:             Wed 19 Jul 2023 13:30:53 +0000
ROA not before:           Wed 19 Jul 2023 13:25:53 +0000
ROA not after:            Wed 17 Jul 2024 13:30:53 +0000
asID:                     212149
IP address blocks:        2a11:29c7:b00b::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Jun 2024 08:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4a:d1:72:7b:23:3e:bf:87:c8:18:50:22:a1:ee:75:bc:49:75:7f:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e96d85996e9354d1005e44c781d38adcf1082873
        Validity
            Not Before: Jul 19 13:25:53 2023 GMT
            Not After : Jul 17 13:30:53 2024 GMT
        Subject: CN=B9025A02E583103B24027E372CE1EFFF21FCEFCA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:b6:2d:42:66:55:43:ce:07:0a:2e:d3:4e:f7:
                    c2:06:76:34:99:40:7e:22:59:61:21:fd:3c:10:27:
                    bb:82:b9:f2:25:6d:fb:c9:54:03:b7:ef:f3:4f:c1:
                    bf:71:88:29:53:c0:5e:1a:76:38:d7:92:0b:16:0a:
                    f6:37:58:af:c2:28:a0:26:ab:bd:ab:8d:8c:25:52:
                    d6:71:95:1e:88:44:a6:3f:65:71:31:ea:16:35:9f:
                    87:cd:df:cc:ec:21:3a:7d:6d:07:f8:73:6b:af:c5:
                    27:2a:e9:5c:f2:2d:4b:dd:aa:63:02:a1:0e:ac:b2:
                    6b:c7:48:ad:c0:ab:13:20:af:75:4e:aa:60:55:5f:
                    b9:bb:d6:2f:08:16:95:25:c1:5c:47:c5:bb:da:22:
                    a3:8c:6e:39:df:9e:40:79:e4:be:af:44:c2:47:3b:
                    fd:ab:e0:9b:59:35:2c:90:40:c7:5a:f9:f6:ef:69:
                    62:cf:8e:dc:82:b1:70:5b:fc:d1:e8:dc:94:11:f9:
                    27:d5:74:2e:e8:d5:8b:11:db:fa:f9:c2:16:1f:9a:
                    e8:a0:ef:0b:28:45:46:b0:76:34:f8:28:58:0d:a5:
                    c5:1d:a4:f9:46:81:90:bf:e5:b0:03:00:ac:70:68:
                    f0:42:92:1c:2c:99:82:8f:10:71:82:14:c8:de:a9:
                    04:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:02:5A:02:E5:83:10:3B:24:02:7E:37:2C:E1:EF:FF:21:FC:EF:CA
            X509v3 Authority Key Identifier:
                keyid:E9:6D:85:99:6E:93:54:D1:00:5E:44:C7:81:D3:8A:DC:F1:08:28:73

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/E96D85996E9354D1005E44C781D38ADCF1082873.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6W2FmW6TVNEAXkTHgdOK3PEIKHM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/326131313a323963373a623030623a3a2f34382d3438203d3e20323132313439.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:29c7:b00b::/48

    Signature Algorithm: sha256WithRSAEncryption
         82:a5:a4:1b:b9:c9:bf:20:ba:d2:a5:98:6c:25:52:e2:df:cb:
         6f:99:e2:7a:2c:53:60:48:d3:5d:9e:5f:77:1f:d8:59:94:63:
         48:0c:1f:dd:20:63:12:64:0c:60:ca:2c:98:81:90:8e:0a:44:
         6b:4f:c2:c6:9a:f1:dd:aa:02:ec:b8:7f:a6:a6:35:28:0c:f3:
         77:cb:45:53:3d:bc:de:ef:45:31:7e:86:6c:e8:8e:85:31:7d:
         7c:64:a7:9d:a2:40:16:8e:b0:c1:40:48:1e:41:48:c1:d3:49:
         d4:3d:6d:f3:6b:13:ed:7f:58:7e:cb:24:5f:f4:27:43:2c:57:
         a2:1f:de:a8:f9:f5:e9:00:a0:36:f2:4a:da:01:a2:df:73:26:
         6b:ba:a2:14:fa:62:2a:33:15:49:45:37:60:cc:9e:44:87:5e:
         ba:ec:74:73:1f:13:b3:4c:fe:95:0b:75:13:85:86:a4:2d:93:
         10:66:d6:75:fd:74:76:ff:a9:bb:4c:7c:32:dc:61:32:7a:da:
         28:5c:7c:05:8e:7f:16:bf:94:57:b5:c5:4c:28:f2:92:4e:dd:
         92:2e:55:8e:66:b9:2f:4e:fd:5b:fe:50:a8:7a:a0:34:cf:82:
         d0:03:99:30:e4:01:09:5b:43:7c:53:95:f8:7c:cf:18:d3:be:
         61:f4:4e:36
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUStFyeyM+v4fIGFAioe51vEl1f8kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTk2ZDg1OTk2ZTkzNTRkMTAwNWU0NGM3ODFkMzhhZGNm
MTA4Mjg3MzAeFw0yMzA3MTkxMzI1NTNaFw0yNDA3MTcxMzMwNTNaMDMxMTAvBgNV
BAMTKEI5MDI1QTAyRTU4MzEwM0IyNDAyN0UzNzJDRTFFRkZGMjFGQ0VGQ0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDati1CZlVDzgcKLtNO98IGdjSZ
QH4iWWEh/TwQJ7uCufIlbfvJVAO37/NPwb9xiClTwF4adjjXkgsWCvY3WK/CKKAm
q72rjYwlUtZxlR6IRKY/ZXEx6hY1n4fN38zsITp9bQf4c2uvxScq6VzyLUvdqmMC
oQ6ssmvHSK3AqxMgr3VOqmBVX7m71i8IFpUlwVxHxbvaIqOMbjnfnkB55L6vRMJH
O/2r4JtZNSyQQMda+fbvaWLPjtyCsXBb/NHo3JQR+SfVdC7o1YsR2/r5whYfmuig
7wsoRUawdjT4KFgNpcUdpPlGgZC/5bADAKxwaPBCkhwsmYKPEHGCFMjeqQQrAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUuQJaAuWDEDskAn43LOHv/yH878owHwYDVR0j
BBgwFoAU6W2FmW6TVNEAXkTHgdOK3PEIKHMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExMTViYzYtMTBmNi00YWYzLWJhMDktOGI2ODdhNTZm
YmY1LzAvRTk2RDg1OTk2RTkzNTREMTAwNUU0NEM3ODFEMzhBRENGMTA4Mjg3My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZXMkZtVzZUVk5FQVhrVEhnZE9LM1BF
SUtITS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExMTViYzYt
MTBmNi00YWYzLWJhMDktOGI2ODdhNTZmYmY1LzAvMzI2MTMxMzEzYTMyMzk2MzM3
M2E2MjMwMzA2MjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzMjMxMzQzOS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoRKcewCzANBgkqhkiG9w0BAQsFAAOCAQEAgqWkG7nJvyC60qWY
bCVS4t/Lb5nieixTYEjTXZ5fdx/YWZRjSAwf3SBjEmQMYMosmIGQjgpEa0/Cxprx
3aoC7Lh/pqY1KAzzd8tFUz283u9FMX6GbOiOhTF9fGSnnaJAFo6wwUBIHkFIwdNJ
1D1t82sT7X9YfsskX/QnQyxXoh/eqPn16QCgNvJK2gGi33Mma7qiFPpiKjMVSUU3
YMyeRIdeuux0cx8Ts0z+lQt1E4WGpC2TEGbWdf10dv+pu0x8MtxhMnraKFx8BY5/
Fr+UV7XFTCjykk7dki5Vjma5L079W/5QqHqgNM+C0AOZMOQBCVtDfFOV+HzPGNO+
YfRONg==
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:58:21 2024 by rpki-client on console-ams.rpki-client.org