Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/1/323630323a663939323a66333a3a2f34382d3438203d3e203333333837.roa
File:                     323630323a663939323a66333a3a2f34382d3438203d3e203333333837.roa (raw, json)
Hash identifier:          NUE/UX3oXJFnmyAE2FoTGPVQs404K4mf9BK/aBACO14=
Subject key identifier:   C9:86:7E:C0:AC:6A:8C:AF:A8:F0:74:01:11:CD:6E:47:85:21:87:04
Certificate issuer:       /CN=a1ba1093bbf34991bf59a35b2bcaf49ab828176fa4310b6355
Certificate serial:       1D3AE719E966A28E7173D1C3BFE7B1BC9E33D398
Authority key identifier: 2F:0F:1B:C6:7D:D2:B9:A7:E2:54:56:38:C1:73:D5:EC:06:0C:27:D0
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/4ab7ae4d-bd7b-4b33-9a88-5b22d2a8337d/b915810d-b97a-4696-955d-495d5d12c3b5/a1ba1093bbf34991bf59a35b2bcaf49ab828176fa4310b6355.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/1/323630323a663939323a66333a3a2f34382d3438203d3e203333333837.roa
Signing time:             Tue 08 Jul 2025 09:56:43 +0000
ROA not before:           Tue 08 Jul 2025 09:51:43 +0000
ROA not after:            Tue 07 Jul 2026 09:56:43 +0000
asID:                     33387
IP address blocks:        2602:f992:f3::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/1/2F0F1BC67DD2B9A7E2545638C173D5EC060C27D0.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/1/2F0F1BC67DD2B9A7E2545638C173D5EC060C27D0.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/4ab7ae4d-bd7b-4b33-9a88-5b22d2a8337d/b915810d-b97a-4696-955d-495d5d12c3b5/a1ba1093bbf34991bf59a35b2bcaf49ab828176fa4310b6355.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/4ab7ae4d-bd7b-4b33-9a88-5b22d2a8337d/b915810d-b97a-4696-955d-495d5d12c3b5/b915810d-b97a-4696-955d-495d5d12c3b5.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/4ab7ae4d-bd7b-4b33-9a88-5b22d2a8337d/b915810d-b97a-4696-955d-495d5d12c3b5/b915810d-b97a-4696-955d-495d5d12c3b5.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/4ab7ae4d-bd7b-4b33-9a88-5b22d2a8337d/b915810d-b97a-4696-955d-495d5d12c3b5.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/4ab7ae4d-bd7b-4b33-9a88-5b22d2a8337d/4ab7ae4d-bd7b-4b33-9a88-5b22d2a8337d.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/4ab7ae4d-bd7b-4b33-9a88-5b22d2a8337d/4ab7ae4d-bd7b-4b33-9a88-5b22d2a8337d.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/4ab7ae4d-bd7b-4b33-9a88-5b22d2a8337d.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 23 Jul 2025 18:44:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1d:3a:e7:19:e9:66:a2:8e:71:73:d1:c3:bf:e7:b1:bc:9e:33:d3:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1ba1093bbf34991bf59a35b2bcaf49ab828176fa4310b6355
        Validity
            Not Before: Jul  8 09:51:43 2025 GMT
            Not After : Jul  7 09:56:43 2026 GMT
        Subject: CN=C9867EC0AC6A8CAFA8F0740111CD6E4785218704
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:f0:70:a5:4d:1d:83:7e:d2:8a:65:ec:0e:01:
                    06:c9:aa:06:0d:2e:00:d4:66:35:5b:0d:4e:a7:b1:
                    58:f0:bf:67:f8:40:5a:6f:c1:77:76:c8:00:90:d4:
                    5e:de:e0:2c:2f:b9:dc:ba:2e:8b:fa:dc:19:4f:dc:
                    c5:b8:70:02:e7:75:53:59:85:7b:77:c9:65:68:e5:
                    61:a5:58:cc:c7:5d:7a:cd:a4:dc:e2:49:c2:53:6f:
                    85:e7:ee:11:5f:c6:be:9e:38:a4:1a:30:f1:ce:23:
                    5c:30:3e:11:85:29:48:39:d3:46:35:0d:8f:c8:f4:
                    13:52:41:b2:8a:97:de:fa:3c:54:03:9b:bd:7c:4c:
                    37:65:88:93:77:c2:a6:ec:5b:30:ed:be:30:fb:17:
                    dd:f4:70:47:d5:b8:42:bc:07:1c:68:b4:27:bc:d1:
                    15:5a:e2:f0:53:2a:31:da:1b:cb:62:b7:03:02:4c:
                    7b:1c:96:eb:fa:d9:ab:d5:f6:7c:b6:34:80:5a:c4:
                    c9:13:6d:60:f8:21:80:cf:ba:f8:33:1d:38:e0:f0:
                    69:79:2d:7d:43:f6:da:bf:da:8c:d9:33:00:eb:92:
                    20:b5:c3:48:42:5b:5b:9e:58:d2:55:23:9c:7c:21:
                    b7:4c:e4:ae:96:50:d3:78:63:e2:27:4d:d2:34:7e:
                    b0:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:86:7E:C0:AC:6A:8C:AF:A8:F0:74:01:11:CD:6E:47:85:21:87:04
            X509v3 Authority Key Identifier:
                keyid:2F:0F:1B:C6:7D:D2:B9:A7:E2:54:56:38:C1:73:D5:EC:06:0C:27:D0

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/1/2F0F1BC67DD2B9A7E2545638C173D5EC060C27D0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/4ab7ae4d-bd7b-4b33-9a88-5b22d2a8337d/b915810d-b97a-4696-955d-495d5d12c3b5/a1ba1093bbf34991bf59a35b2bcaf49ab828176fa4310b6355.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/1/323630323a663939323a66333a3a2f34382d3438203d3e203333333837.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2602:f992:f3::/48

    Signature Algorithm: sha256WithRSAEncryption
         0d:04:d4:0c:f2:1f:48:1f:d6:76:1e:ed:2a:cf:d8:33:8b:d2:
         d1:37:0f:d0:3b:d6:dd:08:39:80:67:b0:0a:9c:89:54:b2:4b:
         46:b7:c4:b1:83:c0:7d:97:f8:a1:72:4e:f7:50:c7:a5:56:9e:
         93:8f:62:77:67:f1:70:da:56:02:7c:96:b6:34:2a:1c:12:8a:
         6a:cb:d8:ac:83:33:56:ad:7e:c4:b1:5e:5e:ad:73:85:90:1a:
         74:6e:28:be:cb:ad:7c:b7:4a:8a:0a:09:46:65:d0:d1:95:c3:
         d9:36:49:66:ff:a7:00:4c:e6:2e:cf:eb:e9:ee:86:bc:34:99:
         80:95:3a:fd:1f:14:0b:dc:7f:cc:8d:66:1c:a9:8b:f8:e7:10:
         f7:33:79:b3:f3:dc:d0:42:e6:07:fe:d8:90:8a:56:13:9c:4c:
         60:9a:95:20:15:06:d0:33:c2:55:2b:f0:59:f4:e5:7b:a3:7a:
         45:f0:a7:66:21:63:0e:c9:3e:8b:d9:ed:3a:d1:78:30:10:dd:
         b2:1c:c8:7b:27:99:ac:60:bf:36:1d:15:71:ac:f0:e5:a6:0b:
         25:61:dd:c9:9f:4c:1b:c2:fd:42:cb:8d:b4:47:98:db:d9:59:
         89:0d:cd:cc:1b:16:4b:32:5c:4f:c7:c2:df:ee:44:c6:c7:94:
         7f:cc:2e:1b
-----BEGIN CERTIFICATE-----
MIIF1DCCBLygAwIBAgIUHTrnGelmoo5xc9HDv+exvJ4z05gwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYTFiYTEwOTNiYmYzNDk5MWJmNTlhMzViMmJjYWY0OWFi
ODI4MTc2ZmE0MzEwYjYzNTUwHhcNMjUwNzA4MDk1MTQzWhcNMjYwNzA3MDk1NjQz
WjAzMTEwLwYDVQQDEyhDOTg2N0VDMEFDNkE4Q0FGQThGMDc0MDExMUNENkU0Nzg1
MjE4NzA0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/BwpU0dg37S
imXsDgEGyaoGDS4A1GY1Ww1Op7FY8L9n+EBab8F3dsgAkNRe3uAsL7ncui6L+twZ
T9zFuHAC53VTWYV7d8llaOVhpVjMx116zaTc4knCU2+F5+4RX8a+njikGjDxziNc
MD4RhSlIOdNGNQ2PyPQTUkGyipfe+jxUA5u9fEw3ZYiTd8Km7Fsw7b4w+xfd9HBH
1bhCvAccaLQnvNEVWuLwUyox2hvLYrcDAkx7HJbr+tmr1fZ8tjSAWsTJE21g+CGA
z7r4Mx044PBpeS19Q/bav9qM2TMA65IgtcNIQltbnljSVSOcfCG3TOSullDTeGPi
J03SNH6wKQIDAQABo4IC1DCCAtAwHQYDVR0OBBYEFMmGfsCsaoyvqPB0ARHNbkeF
IYcEMB8GA1UdIwQYMBaAFC8PG8Z90rmn4lRWOMFz1ewGDCfQMA4GA1UdDwEB/wQE
AwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3JzeW5jLnBhYXMu
cnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUtNDI5OS1iMDc5
LTMwOWVkOTdmMzgyNC8xLzJGMEYxQkM2N0REMkI5QTdFMjU0NTYzOEMxNzNENUVD
MDYwQzI3RDAuY3JsMIHzBggrBgEFBQcBAQSB5jCB4zCB4AYIKwYBBQUHMAKGgdNy
c3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0
YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzRhYjdhZTRkLWJkN2It
NGIzMy05YTg4LTViMjJkMmE4MzM3ZC9iOTE1ODEwZC1iOTdhLTQ2OTYtOTU1ZC00
OTVkNWQxMmMzYjUvYTFiYTEwOTNiYmYzNDk5MWJmNTlhMzViMmJjYWY0OWFiODI4
MTc2ZmE0MzEwYjYzNTUuY2VyMIGxBggrBgEFBQcBCwSBpDCBoTCBngYIKwYBBQUH
MAuGgZFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
Lzg5MjcwZjZjLWEzZmUtNDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8xLzMyMzYzMDMy
M2E2NjM5MzkzMjNhNjYzMzNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMzMzMzMzM4
Mzcucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAmAvmSAPMwDQYJKoZIhvcNAQELBQADggEBAA0E1AzyH0gf
1nYe7SrP2DOL0tE3D9A71t0IOYBnsAqciVSyS0a3xLGDwH2X+KFyTvdQx6VWnpOP
Yndn8XDaVgJ8lrY0KhwSimrL2KyDM1atfsSxXl6tc4WQGnRuKL7LrXy3SooKCUZl
0NGVw9k2SWb/pwBM5i7P6+nuhrw0mYCVOv0fFAvcf8yNZhypi/jnEPczebPz3NBC
5gf+2JCKVhOcTGCalSAVBtAzwlUr8Fn05XujekXwp2YhYw7JPovZ7TrReDAQ3bIc
yHsnmaxgvzYdFXGs8OWmCyVh3cmfTBvC/ULLjbRHmNvZWYkNzcwbFksyXE/Hwt/u
RMbHlH/MLhs=
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:28:07 2025 by rpki-client