Route Origin Authorization

$ rpki-client -vvf repo.rpki.space/repo/Infiniroute/1/326131343a3763303a313734303a3a2f34382d3438203d3e20323134343937.roa
File:                     326131343a3763303a313734303a3a2f34382d3438203d3e20323134343937.roa (raw, json)
Hash identifier:          JwVqyFBjoqlTsYA2odGlY6Q3v3r1HbZ4dG0EDF8ub+w=
Subject key identifier:   AD:BD:2A:3E:4C:6B:F0:E1:84:55:13:08:45:2F:30:CF:D6:12:DC:1E
Certificate issuer:       /CN=5b8e21c6890bd79ab764d91b60c39c3b7e4985e1
Certificate serial:       68BB9C9823C61D16BB3CC7990930991CFCA908D1
Authority key identifier: 5B:8E:21:C6:89:0B:D7:9A:B7:64:D9:1B:60:C3:9C:3B:7E:49:85:E1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/W44hxokL15q3ZNkbYMOcO35JheE.cer
Subject info access:      rsync://repo.rpki.space/repo/Infiniroute/1/326131343a3763303a313734303a3a2f34382d3438203d3e20323134343937.roa
Signing time:             Tue 09 Sep 2025 07:36:04 +0000
ROA not before:           Tue 09 Sep 2025 07:31:04 +0000
ROA not after:            Tue 08 Sep 2026 07:36:04 +0000
asID:                     214497
IP address blocks:        2a14:7c0:1740::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://repo.rpki.space/repo/Infiniroute/1/5B8E21C6890BD79AB764D91B60C39C3B7E4985E1.crl
                          rsync://repo.rpki.space/repo/Infiniroute/1/5B8E21C6890BD79AB764D91B60C39C3B7E4985E1.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/W44hxokL15q3ZNkbYMOcO35JheE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 23 Oct 2025 05:53:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            68:bb:9c:98:23:c6:1d:16:bb:3c:c7:99:09:30:99:1c:fc:a9:08:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5b8e21c6890bd79ab764d91b60c39c3b7e4985e1
        Validity
            Not Before: Sep  9 07:31:04 2025 GMT
            Not After : Sep  8 07:36:04 2026 GMT
        Subject: CN=ADBD2A3E4C6BF0E184551308452F30CFD612DC1E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:97:e6:eb:2b:50:0a:50:76:68:a8:fe:f5:51:
                    2c:2f:2c:3e:d6:46:20:17:ff:35:d7:18:3e:54:bb:
                    d6:ae:51:3b:e9:18:9f:e6:05:9b:60:ab:a1:8a:0c:
                    51:90:80:9f:52:62:a0:5f:3c:15:b1:93:fb:4a:53:
                    8e:ff:65:75:16:0e:43:6c:72:c3:26:ce:b7:e0:e0:
                    0d:ae:fe:40:1c:81:87:b9:26:1c:9c:36:c3:7c:33:
                    cb:32:e1:04:10:20:d3:80:cb:a1:88:bd:07:48:70:
                    75:aa:6a:f4:79:03:e6:8e:49:3d:8d:ed:51:37:c0:
                    dd:5d:76:6e:14:cd:c8:62:00:f1:cf:48:7a:02:65:
                    6e:54:8c:f9:29:7a:96:40:e2:01:d7:b0:31:70:1d:
                    3c:f1:97:4b:11:81:74:04:d9:66:38:dc:ec:02:58:
                    8d:d0:31:60:eb:a7:97:1b:3b:76:73:98:cb:f2:c5:
                    39:46:7c:b4:50:47:5e:ef:b1:58:ab:10:42:0b:5e:
                    5e:c9:fb:02:55:fc:e4:1f:3f:12:87:a0:c2:2e:c1:
                    dc:a2:44:3b:ca:03:52:6f:50:02:e1:7d:a3:e4:77:
                    19:28:0b:96:1c:51:22:b4:af:32:af:5c:8f:f1:8e:
                    0b:0a:1f:55:f6:95:19:06:97:9c:f5:ba:db:40:d2:
                    dc:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:BD:2A:3E:4C:6B:F0:E1:84:55:13:08:45:2F:30:CF:D6:12:DC:1E
            X509v3 Authority Key Identifier:
                keyid:5B:8E:21:C6:89:0B:D7:9A:B7:64:D9:1B:60:C3:9C:3B:7E:49:85:E1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo.rpki.space/repo/Infiniroute/1/5B8E21C6890BD79AB764D91B60C39C3B7E4985E1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W44hxokL15q3ZNkbYMOcO35JheE.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo.rpki.space/repo/Infiniroute/1/326131343a3763303a313734303a3a2f34382d3438203d3e20323134343937.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:7c0:1740::/48

    Signature Algorithm: sha256WithRSAEncryption
         79:54:e7:e7:dc:78:cd:84:99:00:54:14:59:89:05:ae:67:0d:
         2c:62:59:03:bf:ae:4e:66:cb:db:f5:e8:ff:da:4d:19:4f:1d:
         f1:40:a0:40:aa:55:be:26:52:39:7a:8e:6b:f9:a7:c3:51:9f:
         b5:9c:2c:59:83:fa:42:04:a2:b9:d2:8e:21:f0:53:a9:87:a8:
         65:b1:ef:21:17:ec:88:e4:75:17:29:77:95:94:85:08:6d:0d:
         5e:79:cb:5b:ca:7d:81:5a:48:db:cc:a2:84:6c:ef:36:7e:e1:
         9e:07:a4:6d:7b:b6:2a:e4:15:e6:1f:9e:ba:2f:a8:9f:f6:1a:
         4b:8d:dd:79:54:fc:1e:14:36:0c:25:45:0b:fc:fa:d4:69:de:
         9e:7f:97:f9:41:91:61:51:f5:2b:b2:5f:c6:aa:4a:8d:2d:9b:
         56:42:d7:07:e7:0a:cf:1a:97:3c:4d:09:9e:b0:f4:3a:d7:2f:
         59:78:8a:cb:30:f7:a9:b4:d4:ad:96:ce:f4:78:01:77:1e:81:
         cb:b9:8d:5a:73:68:94:03:8c:eb:c7:7f:21:44:f1:85:6d:41:
         03:27:e8:36:50:da:12:e8:7d:00:bb:ad:b7:70:c0:7a:01:66:
         4e:c7:b2:64:9e:ef:78:1f:6f:61:82:ce:f7:23:45:2f:68:5b:
         24:2c:f0:2d
-----BEGIN CERTIFICATE-----
MIIE5DCCA8ygAwIBAgIUaLucmCPGHRa7PMeZCTCZHPypCNEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWI4ZTIxYzY4OTBiZDc5YWI3NjRkOTFiNjBjMzljM2I3
ZTQ5ODVlMTAeFw0yNTA5MDkwNzMxMDRaFw0yNjA5MDgwNzM2MDRaMDMxMTAvBgNV
BAMTKEFEQkQyQTNFNEM2QkYwRTE4NDU1MTMwODQ1MkYzMENGRDYxMkRDMUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfl+brK1AKUHZoqP71USwvLD7W
RiAX/zXXGD5Uu9auUTvpGJ/mBZtgq6GKDFGQgJ9SYqBfPBWxk/tKU47/ZXUWDkNs
csMmzrfg4A2u/kAcgYe5JhycNsN8M8sy4QQQINOAy6GIvQdIcHWqavR5A+aOST2N
7VE3wN1ddm4UzchiAPHPSHoCZW5UjPkpepZA4gHXsDFwHTzxl0sRgXQE2WY43OwC
WI3QMWDrp5cbO3ZzmMvyxTlGfLRQR17vsVirEEILXl7J+wJV/OQfPxKHoMIuwdyi
RDvKA1JvUALhfaPkdxkoC5YcUSK0rzKvXI/xjgsKH1X2lRkGl5z1uttA0tyPAgMB
AAGjggHuMIIB6jAdBgNVHQ4EFgQUrb0qPkxr8OGEVRMIRS8wz9YS3B4wHwYDVR0j
BBgwFoAUW44hxokL15q3ZNkbYMOcO35JheEwDgYDVR0PAQH/BAQDAgeAMGgGA1Ud
HwRhMF8wXaBboFmGV3JzeW5jOi8vcmVwby5ycGtpLnNwYWNlL3JlcG8vSW5maW5p
cm91dGUvMS81QjhFMjFDNjg5MEJENzlBQjc2NEQ5MUI2MEMzOUMzQjdFNDk4NUUx
LmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvVzQ0aHhva0wxNXEzWk5rYllNT2NP
MzVKaGVFLmNlcjCBiQYIKwYBBQUHAQsEfTB7MHkGCCsGAQUFBzALhm1yc3luYzov
L3JlcG8ucnBraS5zcGFjZS9yZXBvL0luZmluaXJvdXRlLzEvMzI2MTMxMzQzYTM3
NjMzMDNhMzEzNzM0MzAzYTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMjMxMzQzNDM5
Mzcucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAqFAfAF0AwDQYJKoZIhvcNAQELBQADggEBAHlU5+fceM2E
mQBUFFmJBa5nDSxiWQO/rk5my9v16P/aTRlPHfFAoECqVb4mUjl6jmv5p8NRn7Wc
LFmD+kIEornSjiHwU6mHqGWx7yEX7IjkdRcpd5WUhQhtDV55y1vKfYFaSNvMooRs
7zZ+4Z4HpG17tirkFeYfnrovqJ/2GkuN3XlU/B4UNgwlRQv8+tRp3p5/l/lBkWFR
9SuyX8aqSo0tm1ZC1wfnCs8alzxNCZ6w9DrXL1l4issw96m01K2WzvR4AXcegcu5
jVpzaJQDjOvHfyFE8YVtQQMn6DZQ2hLofQC7rbdwwHoBZk7HsmSe73gfb2GCzvcj
RS9oWyQs8C0=
-----END CERTIFICATE-----