Route Origin Authorization

$ rpki-client -vvf repo.rpki.space/repo/Infiniroute/1/326131343a3763303a346530303a3a2f34302d3438203d3e20323134383334.roa
File:                     326131343a3763303a346530303a3a2f34302d3438203d3e20323134383334.roa (raw, json)
Hash identifier:          UzE7uL2siBSVY0Eqn4a8Sxglm6UzJqwJhk/q42P09A0=
Subject key identifier:   B4:29:FD:2C:0C:08:28:35:03:68:C4:DE:FF:98:EC:0E:6C:F2:5E:68
Certificate issuer:       /CN=5b8e21c6890bd79ab764d91b60c39c3b7e4985e1
Certificate serial:       37CC5A044062D30C45B43DC9F3B434AC5E3C2FB2
Authority key identifier: 5B:8E:21:C6:89:0B:D7:9A:B7:64:D9:1B:60:C3:9C:3B:7E:49:85:E1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/W44hxokL15q3ZNkbYMOcO35JheE.cer
Subject info access:      rsync://repo.rpki.space/repo/Infiniroute/1/326131343a3763303a346530303a3a2f34302d3438203d3e20323134383334.roa
Signing time:             Sat 03 Aug 2024 20:16:01 +0000
ROA not before:           Sat 03 Aug 2024 20:11:01 +0000
ROA not after:            Sat 02 Aug 2025 20:16:01 +0000
asID:                     214834
IP address blocks:        2a14:7c0:4e00::/40 maxlen: 48

Validation:               OK
Signature path:           rsync://repo.rpki.space/repo/Infiniroute/1/5B8E21C6890BD79AB764D91B60C39C3B7E4985E1.crl
                          rsync://repo.rpki.space/repo/Infiniroute/1/5B8E21C6890BD79AB764D91B60C39C3B7E4985E1.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/W44hxokL15q3ZNkbYMOcO35JheE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 09:57:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            37:cc:5a:04:40:62:d3:0c:45:b4:3d:c9:f3:b4:34:ac:5e:3c:2f:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5b8e21c6890bd79ab764d91b60c39c3b7e4985e1
        Validity
            Not Before: Aug  3 20:11:01 2024 GMT
            Not After : Aug  2 20:16:01 2025 GMT
        Subject: CN=B429FD2C0C0828350368C4DEFF98EC0E6CF25E68
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:32:a1:d2:f1:b2:59:f5:38:b1:a0:12:bb:d8:
                    3a:b4:6e:f6:8f:34:00:49:4e:3b:d5:b8:87:69:d8:
                    fc:4e:82:0e:51:bf:58:cc:74:ef:e2:bc:62:9e:83:
                    65:52:92:f6:ad:b3:fb:dd:c5:42:b1:10:55:8f:7e:
                    6e:88:c1:30:17:d0:e8:a2:49:4b:f2:20:15:11:c6:
                    da:43:1d:c7:e9:80:09:9d:5f:ba:eb:52:6e:f1:47:
                    0e:0d:95:37:c3:4c:2a:4e:03:9f:e7:da:f2:3b:db:
                    3e:8b:37:43:7e:be:78:99:df:07:95:19:5e:44:6a:
                    27:a7:d2:70:3e:19:ad:87:eb:2c:b2:cf:90:2f:7b:
                    a0:55:3c:6b:89:60:2d:c4:93:78:7b:2b:e7:2a:1e:
                    77:45:94:95:8f:d0:54:06:c0:ec:9a:be:40:9d:b7:
                    12:45:f1:6f:fd:7a:7e:3e:7b:5c:53:d3:5a:b5:ad:
                    c7:ff:53:c9:1a:36:bd:fb:19:6e:01:27:dc:52:d2:
                    cf:62:f0:30:83:3e:e6:c2:4c:92:40:88:e7:0f:32:
                    ea:ad:58:42:fd:86:02:cc:1c:29:97:41:3d:7b:99:
                    4b:eb:d2:35:5f:51:74:3a:34:89:10:df:9c:18:93:
                    c4:57:e3:ae:86:2e:56:ac:f9:89:f5:a9:0d:37:93:
                    ba:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:29:FD:2C:0C:08:28:35:03:68:C4:DE:FF:98:EC:0E:6C:F2:5E:68
            X509v3 Authority Key Identifier:
                keyid:5B:8E:21:C6:89:0B:D7:9A:B7:64:D9:1B:60:C3:9C:3B:7E:49:85:E1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo.rpki.space/repo/Infiniroute/1/5B8E21C6890BD79AB764D91B60C39C3B7E4985E1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W44hxokL15q3ZNkbYMOcO35JheE.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo.rpki.space/repo/Infiniroute/1/326131343a3763303a346530303a3a2f34302d3438203d3e20323134383334.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:7c0:4e00::/40

    Signature Algorithm: sha256WithRSAEncryption
         14:66:68:6c:6d:50:4d:bd:b3:7e:3e:40:7e:a7:71:ab:c2:e9:
         02:cd:9b:47:38:32:94:69:fd:6d:92:bc:07:d3:29:17:5d:2c:
         a1:62:c8:22:1f:0a:e9:ee:7c:04:da:af:f9:82:c2:97:08:2f:
         bb:ef:45:e5:7c:10:cb:76:a6:44:01:5d:d7:76:10:d2:0e:ce:
         f3:d6:7e:49:b7:12:ee:2e:8e:ac:be:d9:92:dc:9b:fa:07:6f:
         f0:be:79:03:49:4d:28:ca:5c:e4:0b:97:86:85:31:16:2e:13:
         87:6a:6b:28:53:57:b7:bb:a8:8a:52:23:60:b7:3e:f8:d3:35:
         09:22:a9:41:aa:98:ac:7d:d1:b3:32:37:a6:a2:0f:2e:3c:89:
         20:b5:40:dc:0f:97:f2:06:67:72:d9:fc:0b:25:da:64:ae:ba:
         c5:8a:50:14:df:37:c8:db:de:15:5a:ac:43:89:55:ac:c5:6f:
         ba:96:4b:9e:cd:7f:31:cd:23:99:8e:d7:bc:fe:46:b7:74:52:
         74:27:9c:ec:03:92:59:e6:5c:18:43:8b:8e:6b:38:34:10:bb:
         05:ff:02:54:cc:f0:05:58:f6:d6:ab:fe:8e:dc:a2:01:c3:3f:
         bd:ee:ae:25:90:0b:99:c9:b7:15:da:d6:d1:37:8b:7a:2e:d4:
         af:36:07:bb
-----BEGIN CERTIFICATE-----
MIIE4zCCA8ugAwIBAgIUN8xaBEBi0wxFtD3J87Q0rF48L7IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWI4ZTIxYzY4OTBiZDc5YWI3NjRkOTFiNjBjMzljM2I3
ZTQ5ODVlMTAeFw0yNDA4MDMyMDExMDFaFw0yNTA4MDIyMDE2MDFaMDMxMTAvBgNV
BAMTKEI0MjlGRDJDMEMwODI4MzUwMzY4QzRERUZGOThFQzBFNkNGMjVFNjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkMqHS8bJZ9TixoBK72Dq0bvaP
NABJTjvVuIdp2PxOgg5Rv1jMdO/ivGKeg2VSkvats/vdxUKxEFWPfm6IwTAX0Oii
SUvyIBURxtpDHcfpgAmdX7rrUm7xRw4NlTfDTCpOA5/n2vI72z6LN0N+vniZ3weV
GV5Eaien0nA+Ga2H6yyyz5Ave6BVPGuJYC3Ek3h7K+cqHndFlJWP0FQGwOyavkCd
txJF8W/9en4+e1xT01q1rcf/U8kaNr37GW4BJ9xS0s9i8DCDPubCTJJAiOcPMuqt
WEL9hgLMHCmXQT17mUvr0jVfUXQ6NIkQ35wYk8RX466GLlas+Yn1qQ03k7pjAgMB
AAGjggHtMIIB6TAdBgNVHQ4EFgQUtCn9LAwIKDUDaMTe/5jsDmzyXmgwHwYDVR0j
BBgwFoAUW44hxokL15q3ZNkbYMOcO35JheEwDgYDVR0PAQH/BAQDAgeAMGgGA1Ud
HwRhMF8wXaBboFmGV3JzeW5jOi8vcmVwby5ycGtpLnNwYWNlL3JlcG8vSW5maW5p
cm91dGUvMS81QjhFMjFDNjg5MEJENzlBQjc2NEQ5MUI2MEMzOUMzQjdFNDk4NUUx
LmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvVzQ0aHhva0wxNXEzWk5rYllNT2NP
MzVKaGVFLmNlcjCBiQYIKwYBBQUHAQsEfTB7MHkGCCsGAQUFBzALhm1yc3luYzov
L3JlcG8ucnBraS5zcGFjZS9yZXBvL0luZmluaXJvdXRlLzEvMzI2MTMxMzQzYTM3
NjMzMDNhMzQ2NTMwMzAzYTNhMmYzNDMwMmQzNDM4MjAzZDNlMjAzMjMxMzQzODMz
MzQucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8E
EjAQMA4EAgACMAgDBgAqFAfATjANBgkqhkiG9w0BAQsFAAOCAQEAFGZobG1QTb2z
fj5Afqdxq8LpAs2bRzgylGn9bZK8B9MpF10soWLIIh8K6e58BNqv+YLClwgvu+9F
5XwQy3amRAFd13YQ0g7O89Z+SbcS7i6OrL7Zktyb+gdv8L55A0lNKMpc5AuXhoUx
Fi4Th2prKFNXt7uoilIjYLc++NM1CSKpQaqYrH3RszI3pqIPLjyJILVA3A+X8gZn
ctn8CyXaZK66xYpQFN83yNveFVqsQ4lVrMVvupZLns1/Mc0jmY7XvP5Gt3RSdCec
7AOSWeZcGEOLjms4NBC7Bf8CVMzwBVj21qv+jtyiAcM/ve6uJZALmcm3FdrW0TeL
ei7UrzYHuw==
-----END CERTIFICATE-----
Generated at Thu Nov 21 15:45:24 2024 by rpki-client on console-ams.rpki-client.org