Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3133302e36312e302f32342d3234203d3e20323732363936.roa
File:                     3138352e3133302e36312e302f32342d3234203d3e20323732363936.roa (raw, json)
Hash identifier:          hrqhy+ghapoQuf+edcxFFJ3w2fi/HO/mIqzNSGP59f4=
Subject key identifier:   07:0D:38:92:9A:F3:28:C3:BB:3B:99:05:88:80:10:46:E0:0C:F8:8D
Certificate issuer:       /CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Certificate serial:       519820294D929A0A2F2BC9A7504DC6FF98D0F83E
Authority key identifier: 3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3133302e36312e302f32342d3234203d3e20323732363936.roa
Signing time:             Thu 24 Aug 2023 16:43:26 +0000
ROA not before:           Thu 24 Aug 2023 16:38:26 +0000
ROA not after:            Thu 22 Aug 2024 16:43:26 +0000
asID:                     272696
IP address blocks:        185.130.61.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 11:16:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            51:98:20:29:4d:92:9a:0a:2f:2b:c9:a7:50:4d:c6:ff:98:d0:f8:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
        Validity
            Not Before: Aug 24 16:38:26 2023 GMT
            Not After : Aug 22 16:43:26 2024 GMT
        Subject: CN=070D38929AF328C3BB3B990588801046E00CF88D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:5d:c5:a6:b8:c0:ed:a1:8e:72:48:15:2b:53:
                    6e:54:8a:03:76:1c:49:76:8f:7c:d7:cb:34:8c:c5:
                    20:5d:97:72:da:ff:84:61:d9:fc:61:75:3d:e0:2e:
                    38:7f:e9:f7:64:7c:d7:49:89:d9:13:fc:3b:b7:94:
                    94:87:88:12:e4:42:67:a3:2b:0f:43:71:d8:9c:58:
                    1e:fa:79:76:29:02:1b:8f:ac:69:d2:16:c4:6b:8e:
                    1d:85:5a:e5:3f:1b:7b:b0:4b:c0:61:54:5b:2b:9f:
                    ae:b3:22:07:2d:d9:5a:d5:b6:7b:97:62:67:22:4e:
                    80:af:a7:dc:c4:cd:51:a9:6f:fa:c4:78:81:60:b0:
                    f2:69:09:fe:a4:81:bb:f8:79:65:69:86:48:ff:bf:
                    11:35:cb:5c:dc:12:d8:7a:39:b0:fe:33:77:27:d9:
                    a8:63:8c:41:3c:ef:95:50:0b:d8:30:61:e4:8d:1c:
                    88:cb:bc:7e:30:8a:a9:38:29:e8:7f:40:aa:76:c5:
                    f6:c8:c0:46:e3:b5:3f:29:ac:aa:e4:9c:85:0c:ec:
                    c5:cf:44:c7:64:5e:ed:3d:2f:25:6e:de:c3:70:a0:
                    05:30:4c:9a:2b:fd:97:75:a4:47:5c:70:a9:2f:e8:
                    44:97:91:40:af:8d:12:75:c7:22:13:98:c3:fc:51:
                    1b:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:0D:38:92:9A:F3:28:C3:BB:3B:99:05:88:80:10:46:E0:0C:F8:8D
            X509v3 Authority Key Identifier:
                keyid:3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3133302e36312e302f32342d3234203d3e20323732363936.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.130.61.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a9:20:1a:61:1e:92:da:42:72:b2:ef:5e:c7:e7:90:81:3e:7e:
         8f:d3:60:f3:ab:21:bf:4a:cc:5d:98:5f:37:6a:b6:5d:16:ef:
         b0:eb:8a:91:9c:52:ae:9b:d9:01:40:58:ef:48:22:cc:9a:08:
         b9:de:a6:5a:8d:53:30:bc:48:f7:80:43:53:3d:03:4e:d1:21:
         48:20:8d:2b:41:52:18:f6:57:a6:ba:46:de:dc:f3:d9:46:87:
         b2:aa:a9:db:71:23:46:29:39:8d:82:d4:13:fb:63:85:1e:9d:
         73:58:1b:6c:9c:b4:5b:00:08:ff:6d:12:d1:79:e5:06:27:bf:
         71:a3:05:ec:9f:67:93:ab:61:90:21:41:ae:50:7c:cd:63:76:
         8d:23:bc:75:9b:8d:70:2b:1a:32:0b:ef:2b:a1:ae:fa:42:40:
         eb:57:fa:a4:ea:f2:3d:ff:a6:46:b6:98:f2:ac:5b:4f:21:50:
         0f:3a:35:fd:45:c7:4a:75:04:4e:04:0f:f1:c8:cd:ce:b0:d7:
         53:1b:c6:4e:23:80:5b:26:09:a4:3f:fd:28:49:b4:83:05:45:
         49:2c:02:d8:ac:64:d0:36:85:80:2a:0b:72:93:30:ce:01:41:
         a2:92:3f:84:a5:ed:49:5c:35:63:f5:f4:e0:7e:4b:b6:cd:ee:
         71:76:4d:57
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUUZggKU2SmgovK8mnUE3G/5jQ+D4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2U4NzBiOWE3MDAzYzRmZDljNTFiZDM1NGE5ZGVmYTNm
Yjc3YjRhOTAeFw0yMzA4MjQxNjM4MjZaFw0yNDA4MjIxNjQzMjZaMDMxMTAvBgNV
BAMTKDA3MEQzODkyOUFGMzI4QzNCQjNCOTkwNTg4ODAxMDQ2RTAwQ0Y4OEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbXcWmuMDtoY5ySBUrU25UigN2
HEl2j3zXyzSMxSBdl3La/4Rh2fxhdT3gLjh/6fdkfNdJidkT/Du3lJSHiBLkQmej
Kw9DcdicWB76eXYpAhuPrGnSFsRrjh2FWuU/G3uwS8BhVFsrn66zIgct2VrVtnuX
YmciToCvp9zEzVGpb/rEeIFgsPJpCf6kgbv4eWVphkj/vxE1y1zcEth6ObD+M3cn
2ahjjEE875VQC9gwYeSNHIjLvH4wiqk4Keh/QKp2xfbIwEbjtT8prKrknIUM7MXP
RMdkXu09LyVu3sNwoAUwTJor/Zd1pEdccKkv6ESXkUCvjRJ1xyITmMP8URu3AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUBw04kprzKMO7O5kFiIAQRuAM+I0wHwYDVR0j
BBgwFoAUPocLmnADxP2cUb01Sp3vo/t3tKkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzVkMThlODItNGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQy
Mjc5LzAvM0U4NzBCOUE3MDAzQzRGRDlDNTFCRDM1NEE5REVGQTNGQjc3QjRBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1BvY0xtbkFEeFAyY1ViMDFTcDN2b190
M3RLay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzVkMThlODIt
NGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQyMjc5LzAvMzEzODM1MmUzMTMzMzAyZTM2
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM3MzIzNjM5MzYucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5gj0wDQYJKoZIhvcNAQELBQADggEBAKkgGmEektpCcrLvXsfnkIE+fo/TYPOr
Ib9KzF2YXzdqtl0W77DripGcUq6b2QFAWO9IIsyaCLneplqNUzC8SPeAQ1M9A07R
IUggjStBUhj2V6a6Rt7c89lGh7KqqdtxI0YpOY2C1BP7Y4UenXNYG2yctFsACP9t
EtF55QYnv3GjBeyfZ5OrYZAhQa5QfM1jdo0jvHWbjXArGjIL7yuhrvpCQOtX+qTq
8j3/pka2mPKsW08hUA86Nf1Fx0p1BE4ED/HIzc6w11Mbxk4jgFsmCaQ//ShJtIMF
RUksAtisZNA2hYAqC3KTMM4BQaKSP4Sl7UlcNWP19OB+S7bN7nF2TVc=
-----END CERTIFICATE-----
Generated at Sat Jun 15 19:32:54 2024 by rpki-client on console-ams.rpki-client.org