Route Origin Authorization

$ rpki-client -vvf repo.rpki.space/repo/Infiniroute/1/326131343a3763303a313734313a3a2f34382d3438203d3e20323134383139.roa
File:                     326131343a3763303a313734313a3a2f34382d3438203d3e20323134383139.roa (raw, json)
Hash identifier:          95D7/BsGo2E7BESet5ecYvJBCxhZllpNfSsuOxNhfbU=
Subject key identifier:   C6:E2:D7:9A:85:43:22:0C:38:84:3C:6E:2A:30:07:88:18:38:6A:48
Certificate issuer:       /CN=5b8e21c6890bd79ab764d91b60c39c3b7e4985e1
Certificate serial:       1B20D2152C030D4789EE45C5F75CD14FA5CEF982
Authority key identifier: 5B:8E:21:C6:89:0B:D7:9A:B7:64:D9:1B:60:C3:9C:3B:7E:49:85:E1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/W44hxokL15q3ZNkbYMOcO35JheE.cer
Subject info access:      rsync://repo.rpki.space/repo/Infiniroute/1/326131343a3763303a313734313a3a2f34382d3438203d3e20323134383139.roa
Signing time:             Sun 08 Jun 2025 10:19:30 +0000
ROA not before:           Sun 08 Jun 2025 10:14:30 +0000
ROA not after:            Sun 07 Jun 2026 10:19:30 +0000
asID:                     214819
IP address blocks:        2a14:7c0:1741::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://repo.rpki.space/repo/Infiniroute/1/5B8E21C6890BD79AB764D91B60C39C3B7E4985E1.crl
                          rsync://repo.rpki.space/repo/Infiniroute/1/5B8E21C6890BD79AB764D91B60C39C3B7E4985E1.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/W44hxokL15q3ZNkbYMOcO35JheE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 17:48:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1b:20:d2:15:2c:03:0d:47:89:ee:45:c5:f7:5c:d1:4f:a5:ce:f9:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5b8e21c6890bd79ab764d91b60c39c3b7e4985e1
        Validity
            Not Before: Jun  8 10:14:30 2025 GMT
            Not After : Jun  7 10:19:30 2026 GMT
        Subject: CN=C6E2D79A8543220C38843C6E2A30078818386A48
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:90:d5:f0:78:b3:ca:e4:2a:6e:8c:2d:fb:dc:
                    28:d3:43:56:5d:ef:14:b0:f3:c9:56:d3:b2:52:03:
                    e5:5b:1c:0f:b6:3a:90:b6:8f:0f:0e:0a:5b:13:3b:
                    7b:6b:a2:54:00:15:e7:8f:bf:a5:f3:56:5c:29:e2:
                    03:63:5b:00:27:e0:3f:a9:2a:5c:c9:0d:23:a5:c7:
                    c8:8e:5d:7b:f4:d3:90:de:47:9d:24:99:0c:8a:3d:
                    4c:f1:d8:40:94:d2:09:3b:41:d4:61:dd:cb:b7:23:
                    6d:c9:03:c3:b2:66:25:63:d8:50:48:01:5d:4f:73:
                    fd:2b:16:da:46:dd:19:f7:0c:41:d2:c7:77:93:04:
                    80:d4:3f:7d:09:7f:ac:ad:38:2b:d8:23:a6:3c:1b:
                    f7:09:1a:4e:e2:97:3f:aa:f0:a2:1c:5d:1e:f6:07:
                    8c:fd:0b:9b:1a:2d:9f:db:bf:ba:38:27:0c:46:ef:
                    c5:61:ef:18:41:3a:cb:61:21:a3:a4:ec:68:da:0b:
                    c3:83:61:48:0a:31:c7:c8:ca:58:16:87:7d:f3:fb:
                    7c:90:14:ef:71:5f:d2:a0:c9:40:d7:47:1a:75:28:
                    d5:39:f8:02:d9:9f:d0:71:f0:37:8d:e3:de:02:d1:
                    11:f8:f7:38:e6:c5:50:9f:2f:94:72:5c:33:fa:d3:
                    1d:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:E2:D7:9A:85:43:22:0C:38:84:3C:6E:2A:30:07:88:18:38:6A:48
            X509v3 Authority Key Identifier:
                keyid:5B:8E:21:C6:89:0B:D7:9A:B7:64:D9:1B:60:C3:9C:3B:7E:49:85:E1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo.rpki.space/repo/Infiniroute/1/5B8E21C6890BD79AB764D91B60C39C3B7E4985E1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W44hxokL15q3ZNkbYMOcO35JheE.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo.rpki.space/repo/Infiniroute/1/326131343a3763303a313734313a3a2f34382d3438203d3e20323134383139.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:7c0:1741::/48

    Signature Algorithm: sha256WithRSAEncryption
         5d:0e:8b:17:e2:53:f7:a3:8a:b7:12:ad:ef:9c:22:18:20:1f:
         23:47:6c:0f:0c:04:d5:75:b9:2f:78:31:5c:8b:6c:a6:f7:78:
         85:58:9d:db:72:e0:8f:4e:ca:43:a3:33:1d:df:4d:8c:56:2d:
         fd:5e:2e:2e:20:94:26:27:70:37:7c:a1:f0:2b:56:48:52:47:
         fc:2f:37:5e:cb:66:fe:a7:71:85:de:98:67:5a:14:81:9e:4a:
         3e:08:80:ca:e9:4c:8c:d1:92:17:59:c2:1d:90:39:39:e6:fb:
         c2:e2:46:a4:55:dc:c0:de:45:c7:84:b6:3e:53:77:cb:eb:e4:
         d0:52:d6:30:68:df:04:c1:55:90:16:ee:e5:ba:da:2f:64:f1:
         7a:19:56:6b:90:e7:07:45:9f:83:a8:6c:bb:b8:11:f5:0d:73:
         2e:d4:68:6c:4d:ef:13:82:63:25:93:c4:b7:49:25:56:83:77:
         3b:71:30:97:23:c8:ca:d8:3a:da:66:2d:0e:e5:f9:c3:25:03:
         04:ec:d7:ab:b9:cb:6b:c2:93:c6:01:dd:56:dd:71:12:62:ee:
         dd:6b:94:4c:c2:01:37:6e:52:0b:1d:d8:27:86:15:95:77:c3:
         73:7f:81:88:f3:31:ce:76:1b:f9:13:7b:9d:24:d0:e7:39:b7:
         e4:15:f6:23
-----BEGIN CERTIFICATE-----
MIIE5DCCA8ygAwIBAgIUGyDSFSwDDUeJ7kXF91zRT6XO+YIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWI4ZTIxYzY4OTBiZDc5YWI3NjRkOTFiNjBjMzljM2I3
ZTQ5ODVlMTAeFw0yNTA2MDgxMDE0MzBaFw0yNjA2MDcxMDE5MzBaMDMxMTAvBgNV
BAMTKEM2RTJENzlBODU0MzIyMEMzODg0M0M2RTJBMzAwNzg4MTgzODZBNDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+kNXweLPK5CpujC373CjTQ1Zd
7xSw88lW07JSA+VbHA+2OpC2jw8OClsTO3trolQAFeePv6XzVlwp4gNjWwAn4D+p
KlzJDSOlx8iOXXv005DeR50kmQyKPUzx2ECU0gk7QdRh3cu3I23JA8OyZiVj2FBI
AV1Pc/0rFtpG3Rn3DEHSx3eTBIDUP30Jf6ytOCvYI6Y8G/cJGk7ilz+q8KIcXR72
B4z9C5saLZ/bv7o4JwxG78Vh7xhBOsthIaOk7GjaC8ODYUgKMcfIylgWh33z+3yQ
FO9xX9KgyUDXRxp1KNU5+ALZn9Bx8DeN494C0RH49zjmxVCfL5RyXDP60x0HAgMB
AAGjggHuMIIB6jAdBgNVHQ4EFgQUxuLXmoVDIgw4hDxuKjAHiBg4akgwHwYDVR0j
BBgwFoAUW44hxokL15q3ZNkbYMOcO35JheEwDgYDVR0PAQH/BAQDAgeAMGgGA1Ud
HwRhMF8wXaBboFmGV3JzeW5jOi8vcmVwby5ycGtpLnNwYWNlL3JlcG8vSW5maW5p
cm91dGUvMS81QjhFMjFDNjg5MEJENzlBQjc2NEQ5MUI2MEMzOUMzQjdFNDk4NUUx
LmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvVzQ0aHhva0wxNXEzWk5rYllNT2NP
MzVKaGVFLmNlcjCBiQYIKwYBBQUHAQsEfTB7MHkGCCsGAQUFBzALhm1yc3luYzov
L3JlcG8ucnBraS5zcGFjZS9yZXBvL0luZmluaXJvdXRlLzEvMzI2MTMxMzQzYTM3
NjMzMDNhMzEzNzM0MzEzYTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMjMxMzQzODMx
Mzkucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAqFAfAF0EwDQYJKoZIhvcNAQELBQADggEBAF0OixfiU/ej
ircSre+cIhggHyNHbA8MBNV1uS94MVyLbKb3eIVYndty4I9OykOjMx3fTYxWLf1e
Li4glCYncDd8ofArVkhSR/wvN17LZv6ncYXemGdaFIGeSj4IgMrpTIzRkhdZwh2Q
OTnm+8LiRqRV3MDeRceEtj5Td8vr5NBS1jBo3wTBVZAW7uW62i9k8XoZVmuQ5wdF
n4OobLu4EfUNcy7UaGxN7xOCYyWTxLdJJVaDdztxMJcjyMrYOtpmLQ7l+cMlAwTs
16u5y2vCk8YB3VbdcRJi7t1rlEzCATduUgsd2CeGFZV3w3N/gYjzMc52G/kTe50k
0Oc5t+QV9iM=
-----END CERTIFICATE-----