Route Origin Authorization

$ rpki-client -vvf repo.rpki.space/repo/Infiniroute/1/326131343a3763303a333930303a3a2f34302d3430203d3e203630323233.roa
File:                     326131343a3763303a333930303a3a2f34302d3430203d3e203630323233.roa (raw, json)
Hash identifier:          ecif7pgtfyhBXr3b5nigKSHQvUDgTHyZyIbr+x6HXe0=
Subject key identifier:   17:6F:D6:0C:7C:79:EC:94:7B:A9:57:44:DF:45:95:F2:9F:42:8C:81
Certificate issuer:       /CN=5b8e21c6890bd79ab764d91b60c39c3b7e4985e1
Certificate serial:       388DD29B77E28311B26D9F2F188FE392C3DF5E4F
Authority key identifier: 5B:8E:21:C6:89:0B:D7:9A:B7:64:D9:1B:60:C3:9C:3B:7E:49:85:E1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/W44hxokL15q3ZNkbYMOcO35JheE.cer
Subject info access:      rsync://repo.rpki.space/repo/Infiniroute/1/326131343a3763303a333930303a3a2f34302d3430203d3e203630323233.roa
Signing time:             Tue 28 May 2024 14:57:49 +0000
ROA not before:           Tue 28 May 2024 14:52:49 +0000
ROA not after:            Tue 27 May 2025 14:57:49 +0000
asID:                     60223
IP address blocks:        2a14:7c0:3900::/40 maxlen: 40

Validation:               OK
Signature path:           rsync://repo.rpki.space/repo/Infiniroute/1/5B8E21C6890BD79AB764D91B60C39C3B7E4985E1.crl
                          rsync://repo.rpki.space/repo/Infiniroute/1/5B8E21C6890BD79AB764D91B60C39C3B7E4985E1.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/W44hxokL15q3ZNkbYMOcO35JheE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 17:02:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            38:8d:d2:9b:77:e2:83:11:b2:6d:9f:2f:18:8f:e3:92:c3:df:5e:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5b8e21c6890bd79ab764d91b60c39c3b7e4985e1
        Validity
            Not Before: May 28 14:52:49 2024 GMT
            Not After : May 27 14:57:49 2025 GMT
        Subject: CN=176FD60C7C79EC947BA95744DF4595F29F428C81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:a8:f4:69:c9:b6:c5:5e:25:4d:6f:9f:f8:84:
                    c3:af:be:71:42:bd:de:92:fe:d1:a4:52:ee:86:bd:
                    c5:f5:12:a1:02:6f:3d:13:bd:47:05:73:08:5c:df:
                    22:48:3d:26:1e:cb:c1:65:f4:b4:ec:85:8a:16:d6:
                    c7:a7:b5:05:8f:ac:19:5f:ef:75:74:3f:89:fa:d1:
                    e3:7b:c0:78:54:59:1c:ed:52:9c:ab:33:3a:f7:08:
                    5e:a7:96:d3:08:0b:2d:7b:7b:5e:fe:43:9f:63:1e:
                    ab:de:71:4f:c2:f9:53:26:48:a1:7d:e5:3d:bf:9c:
                    4d:ce:4b:95:d7:b2:14:5c:9f:5f:63:9d:8b:fb:66:
                    00:60:58:37:e9:4a:04:6d:85:f5:00:1d:e1:0f:21:
                    18:82:4f:1d:af:b3:54:ed:14:ca:28:11:ea:05:05:
                    e5:72:87:55:e1:1a:18:64:c4:4e:8d:e4:32:20:de:
                    82:e0:8f:bd:74:f8:d7:4a:14:26:17:77:d3:35:92:
                    ff:c3:85:90:34:92:32:cc:08:30:12:2e:be:7f:21:
                    83:61:6f:7f:e1:63:6c:bc:00:52:ee:02:08:91:56:
                    a1:40:c1:35:1b:4b:07:1b:f1:c1:35:8f:29:33:b6:
                    be:5b:cf:74:99:13:62:5c:f6:28:2c:b0:c2:76:52:
                    a0:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:6F:D6:0C:7C:79:EC:94:7B:A9:57:44:DF:45:95:F2:9F:42:8C:81
            X509v3 Authority Key Identifier:
                keyid:5B:8E:21:C6:89:0B:D7:9A:B7:64:D9:1B:60:C3:9C:3B:7E:49:85:E1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo.rpki.space/repo/Infiniroute/1/5B8E21C6890BD79AB764D91B60C39C3B7E4985E1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W44hxokL15q3ZNkbYMOcO35JheE.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo.rpki.space/repo/Infiniroute/1/326131343a3763303a333930303a3a2f34302d3430203d3e203630323233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:7c0:3900::/40

    Signature Algorithm: sha256WithRSAEncryption
         7a:e2:bf:ed:fa:51:cb:57:f9:17:dc:98:d7:65:66:a5:4b:f1:
         b8:b6:d4:30:16:34:aa:a8:0e:b0:c8:88:bf:f5:82:6a:e0:10:
         a5:31:82:a9:8f:98:41:11:30:7f:40:7e:e7:c5:9b:e8:29:12:
         d8:bd:6d:c8:b5:8f:86:5a:06:fe:e9:2d:f7:fa:28:34:c4:f7:
         03:a1:62:c6:1a:2b:f4:57:a3:15:82:c4:9a:07:f9:f9:73:5c:
         e1:d9:b2:6c:11:43:c9:c5:8e:e1:59:f5:35:f0:2d:aa:6a:a8:
         e4:c1:bc:56:96:b7:6a:c4:f9:05:07:35:67:59:92:2c:c0:0c:
         3b:6d:31:ca:26:b1:86:ff:2b:94:7a:f6:4a:b8:53:1b:3f:4f:
         8b:da:a3:83:78:3b:bc:07:22:42:dc:4e:fa:28:e2:e1:27:11:
         0c:0d:8c:ef:f1:21:18:b9:dd:2c:13:a5:c0:3c:61:f6:4f:4a:
         79:f3:60:f5:16:2d:b1:b1:74:32:01:8f:01:2d:ff:52:9a:98:
         f4:2d:1f:cf:c2:9c:6e:c8:60:12:93:cb:a2:dd:e8:e5:d9:af:
         b0:9e:10:d2:c9:68:64:6e:39:3d:47:37:9e:00:40:ae:20:9f:
         1a:71:92:63:69:4a:b1:ce:c6:74:1e:24:21:9c:bc:5b:d8:aa:
         d4:9e:cd:aa
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgIUOI3Sm3figxGybZ8vGI/jksPfXk8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWI4ZTIxYzY4OTBiZDc5YWI3NjRkOTFiNjBjMzljM2I3
ZTQ5ODVlMTAeFw0yNDA1MjgxNDUyNDlaFw0yNTA1MjcxNDU3NDlaMDMxMTAvBgNV
BAMTKDE3NkZENjBDN0M3OUVDOTQ3QkE5NTc0NERGNDU5NUYyOUY0MjhDODEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsqPRpybbFXiVNb5/4hMOvvnFC
vd6S/tGkUu6GvcX1EqECbz0TvUcFcwhc3yJIPSYey8Fl9LTshYoW1sentQWPrBlf
73V0P4n60eN7wHhUWRztUpyrMzr3CF6nltMICy17e17+Q59jHqvecU/C+VMmSKF9
5T2/nE3OS5XXshRcn19jnYv7ZgBgWDfpSgRthfUAHeEPIRiCTx2vs1TtFMooEeoF
BeVyh1XhGhhkxE6N5DIg3oLgj710+NdKFCYXd9M1kv/DhZA0kjLMCDASLr5/IYNh
b3/hY2y8AFLuAgiRVqFAwTUbSwcb8cE1jykztr5bz3SZE2Jc9igssMJ2UqBzAgMB
AAGjggHrMIIB5zAdBgNVHQ4EFgQUF2/WDHx57JR7qVdE30WV8p9CjIEwHwYDVR0j
BBgwFoAUW44hxokL15q3ZNkbYMOcO35JheEwDgYDVR0PAQH/BAQDAgeAMGgGA1Ud
HwRhMF8wXaBboFmGV3JzeW5jOi8vcmVwby5ycGtpLnNwYWNlL3JlcG8vSW5maW5p
cm91dGUvMS81QjhFMjFDNjg5MEJENzlBQjc2NEQ5MUI2MEMzOUMzQjdFNDk4NUUx
LmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvVzQ0aHhva0wxNXEzWk5rYllNT2NP
MzVKaGVFLmNlcjCBhwYIKwYBBQUHAQsEezB5MHcGCCsGAQUFBzALhmtyc3luYzov
L3JlcG8ucnBraS5zcGFjZS9yZXBvL0luZmluaXJvdXRlLzEvMzI2MTMxMzQzYTM3
NjMzMDNhMzMzOTMwMzAzYTNhMmYzNDMwMmQzNDMwMjAzZDNlMjAzNjMwMzIzMjMz
LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIw
EDAOBAIAAjAIAwYAKhQHwDkwDQYJKoZIhvcNAQELBQADggEBAHriv+36UctX+Rfc
mNdlZqVL8bi21DAWNKqoDrDIiL/1gmrgEKUxgqmPmEERMH9AfufFm+gpEti9bci1
j4ZaBv7pLff6KDTE9wOhYsYaK/RXoxWCxJoH+flzXOHZsmwRQ8nFjuFZ9TXwLapq
qOTBvFaWt2rE+QUHNWdZkizADDttMcomsYb/K5R69kq4Uxs/T4vao4N4O7wHIkLc
Tvoo4uEnEQwNjO/xIRi53SwTpcA8YfZPSnnzYPUWLbGxdDIBjwEt/1KamPQtH8/C
nG7IYBKTy6Ld6OXZr7CeENLJaGRuOT1HN54AQK4gnxpxkmNpSrHOxnQeJCGcvFvY
qtSezao=
-----END CERTIFICATE-----
Generated at Fri Nov 22 23:37:27 2024 by rpki-client on console-fra.rpki-client.org