Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9c7d2512-e4bf-411b-b00a-e79e3a378b46/1/326130623a346530373a6130303a3a2f34302d3438203d3e20323036363034.roa
File:                     326130623a346530373a6130303a3a2f34302d3438203d3e20323036363034.roa (raw, json)
Hash identifier:          QCnIKEpXKZe1AF5x39w6gWUBez/vufMOaY+BXKXTWAg=
Subject key identifier:   46:ED:12:24:13:C0:28:DA:86:31:63:12:E1:59:FB:EB:D2:5F:BB:CA
Certificate issuer:       /CN=966427869FCAD15ECBE4F1C77A3FB3C68BD1F917
Certificate serial:       4E35646D173BF90DEA2FA94DE7718A6B2F457B
Authority key identifier: 96:64:27:86:9F:CA:D1:5E:CB:E4:F1:C7:7A:3F:B3:C6:8B:D1:F9:17
Authority info access:    rsync://rpki-rps.arin.net/repository/81a44566458e4578b67eed3053f820f5/1/966427869FCAD15ECBE4F1C77A3FB3C68BD1F917.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/9c7d2512-e4bf-411b-b00a-e79e3a378b46/1/326130623a346530373a6130303a3a2f34302d3438203d3e20323036363034.roa
Signing time:             Sun 20 Jul 2025 11:32:37 +0000
ROA not before:           Sun 20 Jul 2025 11:27:37 +0000
ROA not after:            Sun 19 Jul 2026 11:32:37 +0000
asID:                     206604
IP address blocks:        2a0b:4e07:a00::/40 maxlen: 48
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/9c7d2512-e4bf-411b-b00a-e79e3a378b46/1/966427869FCAD15ECBE4F1C77A3FB3C68BD1F917.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/9c7d2512-e4bf-411b-b00a-e79e3a378b46/1/966427869FCAD15ECBE4F1C77A3FB3C68BD1F917.mft
                          rsync://rpki-rps.arin.net/repository/81a44566458e4578b67eed3053f820f5/1/966427869FCAD15ECBE4F1C77A3FB3C68BD1F917.cer
                          rsync://rpki-rps.arin.net/repository/81a44566458e4578b67eed3053f820f5/1/5124C31FCFA4E82C4D0F6E09A30A04A55C9778BF.crl
                          rsync://rpki-rps.arin.net/repository/81a44566458e4578b67eed3053f820f5/1/5124C31FCFA4E82C4D0F6E09A30A04A55C9778BF.mft
                          rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/5124C31FCFA4E82C4D0F6E09A30A04A55C9778BF.cer
                          rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/42E508FBA8960F48071B119ACCBF57BDBF3A8057.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/42E508FBA8960F48071B119ACCBF57BDBF3A8057.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QuUI-6iWD0gHGxGazL9Xvb86gFc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Jul 2025 23:27:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4e:35:64:6d:17:3b:f9:0d:ea:2f:a9:4d:e7:71:8a:6b:2f:45:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=966427869FCAD15ECBE4F1C77A3FB3C68BD1F917
        Validity
            Not Before: Jul 20 11:27:37 2025 GMT
            Not After : Jul 19 11:32:37 2026 GMT
        Subject: CN=46ED122413C028DA86316312E159FBEBD25FBBCA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:ce:5f:49:55:90:66:9b:96:bb:13:57:4d:8e:
                    3b:f8:fb:dd:fc:a6:33:59:f1:4c:24:4b:48:33:d2:
                    31:8b:50:39:6a:48:14:f1:de:44:3f:19:fc:01:e6:
                    eb:c9:ec:79:41:ab:5f:96:44:4e:3a:2d:02:47:4a:
                    b9:a2:aa:d9:14:d4:8c:67:91:b3:d1:4a:da:73:c1:
                    b8:25:18:aa:b4:f4:e2:13:70:68:9c:91:8e:10:29:
                    e9:94:a5:81:54:eb:17:0d:7a:b1:57:ab:34:5f:09:
                    dc:1a:49:62:5e:66:f0:35:9f:30:ce:0a:1c:c7:34:
                    ae:0f:5f:91:e6:2c:e8:d8:83:fb:36:c4:f3:33:dd:
                    a0:cc:9b:33:8a:24:2e:29:06:29:52:17:0f:c5:00:
                    d3:5a:50:93:e0:69:18:a0:48:54:b7:64:3c:10:de:
                    cf:71:14:3a:58:d5:16:e2:2a:a6:8d:a6:c8:aa:a4:
                    1c:8e:5c:e7:6d:97:c1:72:38:98:d7:3e:05:a2:7a:
                    44:c6:dc:7c:0d:9b:cb:df:59:a5:d1:aa:58:be:be:
                    22:49:dc:8b:2b:a5:57:37:0e:fe:01:04:cb:ea:fb:
                    ab:c8:12:13:99:8a:cc:2d:27:4f:7c:e8:1d:83:d2:
                    15:43:9c:65:ba:37:3d:15:fc:8e:e1:95:89:20:6f:
                    0e:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:ED:12:24:13:C0:28:DA:86:31:63:12:E1:59:FB:EB:D2:5F:BB:CA
            X509v3 Authority Key Identifier:
                keyid:96:64:27:86:9F:CA:D1:5E:CB:E4:F1:C7:7A:3F:B3:C6:8B:D1:F9:17

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/9c7d2512-e4bf-411b-b00a-e79e3a378b46/1/966427869FCAD15ECBE4F1C77A3FB3C68BD1F917.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/81a44566458e4578b67eed3053f820f5/1/966427869FCAD15ECBE4F1C77A3FB3C68BD1F917.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9c7d2512-e4bf-411b-b00a-e79e3a378b46/1/326130623a346530373a6130303a3a2f34302d3438203d3e20323036363034.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0b:4e07:a00::/40

    Signature Algorithm: sha256WithRSAEncryption
         17:22:b9:01:d4:cf:15:48:de:a9:f8:22:13:41:50:0d:0e:33:
         7a:d8:b2:49:22:87:88:71:68:43:c4:92:95:cb:09:1d:26:ff:
         10:2a:54:f8:c0:22:df:5e:79:9d:32:a3:66:86:78:2c:5d:53:
         ba:9c:5e:74:e5:21:4e:e9:0c:7f:71:a3:5c:df:39:69:ad:c1:
         24:fc:df:f2:b5:d5:16:3b:36:25:ec:f6:94:2a:fe:a0:a1:91:
         f7:36:df:3d:34:63:44:62:eb:65:e7:64:2d:e2:40:23:b3:fd:
         f8:c6:f3:d5:e7:49:d6:4c:0c:6a:84:1b:34:b3:71:ee:9b:6b:
         db:6d:de:e4:4e:2a:3b:1e:2e:c7:9e:61:af:6f:8a:86:90:22:
         24:c4:8c:18:d9:24:89:38:59:6c:79:15:a8:8f:08:27:16:01:
         8d:26:63:fe:bf:96:84:29:66:cd:eb:25:81:57:f7:55:50:84:
         d2:59:d5:26:45:27:a5:be:67:e4:ba:3f:59:35:12:86:f0:a3:
         58:10:62:7b:3e:6a:65:d3:0b:bc:0e:bf:a4:6a:a4:e7:60:7e:
         60:0b:c7:49:78:1c:e2:c5:a0:a0:00:6f:6d:25:66:3f:9f:ad:
         21:48:bf:f2:04:da:d7:9a:57:a1:a4:d0:06:22:57:eb:e2:11:
         66:70:50:52
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgITTjVkbRc7+Q3qL6lN53GKay9FezANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEyg5NjY0Mjc4NjlGQ0FEMTVFQ0JFNEYxQzc3QTNGQjNDNjhC
RDFGOTE3MB4XDTI1MDcyMDExMjczN1oXDTI2MDcxOTExMzIzN1owMzExMC8GA1UE
AxMoNDZFRDEyMjQxM0MwMjhEQTg2MzE2MzEyRTE1OUZCRUJEMjVGQkJDQTCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMfOX0lVkGablrsTV02OO/j73fym
M1nxTCRLSDPSMYtQOWpIFPHeRD8Z/AHm68nseUGrX5ZETjotAkdKuaKq2RTUjGeR
s9FK2nPBuCUYqrT04hNwaJyRjhAp6ZSlgVTrFw16sVerNF8J3BpJYl5m8DWfMM4K
HMc0rg9fkeYs6NiD+zbE8zPdoMybM4okLikGKVIXD8UA01pQk+BpGKBIVLdkPBDe
z3EUOljVFuIqpo2myKqkHI5c522XwXI4mNc+BaJ6RMbcfA2by99ZpdGqWL6+Iknc
iyulVzcO/gEEy+r7q8gSE5mKzC0nT3zoHYPSFUOcZbo3PRX8juGViSBvDiUCAwEA
AaOCAncwggJzMB0GA1UdDgQWBBRG7RIkE8Ao2oYxYxLhWfvr0l+7yjAfBgNVHSME
GDAWgBSWZCeGn8rRXsvk8cd6P7PGi9H5FzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5u
ZXQvcmVwb3NpdG9yeS85YzdkMjUxMi1lNGJmLTQxMWItYjAwYS1lNzllM2EzNzhi
NDYvMS85NjY0Mjc4NjlGQ0FEMTVFQ0JFNEYxQzc3QTNGQjNDNjhCRDFGOTE3LmNy
bDCBkwYIKwYBBQUHAQEEgYYwgYMwgYAGCCsGAQUFBzAChnRyc3luYzovL3Jwa2kt
cnBzLmFyaW4ubmV0L3JlcG9zaXRvcnkvODFhNDQ1NjY0NThlNDU3OGI2N2VlZDMw
NTNmODIwZjUvMS85NjY0Mjc4NjlGQ0FEMTVFQ0JFNEYxQzc3QTNGQjNDNjhCRDFG
OTE3LmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUFBzALhoGVcnN5bmM6
Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS85YzdkMjUxMi1l
NGJmLTQxMWItYjAwYS1lNzllM2EzNzhiNDYvMS8zMjYxMzA2MjNhMzQ2NTMwMzcz
YTYxMzAzMDNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMyMzAzNjM2MzAzNC5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQC
AAIwCAMGACoLTgcKMA0GCSqGSIb3DQEBCwUAA4IBAQAXIrkB1M8VSN6p+CITQVAN
DjN62LJJIoeIcWhDxJKVywkdJv8QKlT4wCLfXnmdMqNmhngsXVO6nF505SFO6Qx/
caNc3zlprcEk/N/ytdUWOzYl7PaUKv6goZH3Nt89NGNEYutl52Qt4kAjs/34xvPV
50nWTAxqhBs0s3Hum2vbbd7kTio7Hi7HnmGvb4qGkCIkxIwY2SSJOFlseRWojwgn
FgGNJmP+v5aEKWbN6yWBV/dVUITSWdUmRSelvmfkuj9ZNRKG8KNYEGJ7Pmpl0wu8
Dr+kaqTnYH5gC8dJeBzixaCgAG9tJWY/n60hSL/yBNrXmlehpNAGIlfr4hFmcFBS
-----END CERTIFICATE-----
Generated at Tue Jul 22 12:29:59 2025 by rpki-client