Route Origin Authorization

$ rpki-client -vvf repo.rpki.space/repo/Infiniroute/1/326131343a3763303a353230303a3a2f34302d3438203d3e20323134373331.roa
File:                     326131343a3763303a353230303a3a2f34302d3438203d3e20323134373331.roa (raw, json)
Hash identifier:          r93vG62IzrF1ZTLzQr5uNnnw8PX6g5BC4ykmj8Hj5ms=
Subject key identifier:   8A:2F:7A:BC:01:03:9A:85:C2:EA:A0:63:55:AF:BD:5E:CC:46:0F:67
Certificate issuer:       /CN=5b8e21c6890bd79ab764d91b60c39c3b7e4985e1
Certificate serial:       1BF17DC2FE3795734405DE76D593901D98BC2F62
Authority key identifier: 5B:8E:21:C6:89:0B:D7:9A:B7:64:D9:1B:60:C3:9C:3B:7E:49:85:E1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/W44hxokL15q3ZNkbYMOcO35JheE.cer
Subject info access:      rsync://repo.rpki.space/repo/Infiniroute/1/326131343a3763303a353230303a3a2f34302d3438203d3e20323134373331.roa
Signing time:             Sat 18 Apr 2026 10:52:35 +0000
ROA not before:           Sat 18 Apr 2026 10:47:35 +0000
ROA not after:            Sat 17 Apr 2027 10:52:35 +0000
asID:                     214731
IP address blocks:        2a14:7c0:5200::/40 maxlen: 48
Validation:               OK
Signature path:           rsync://repo.rpki.space/repo/Infiniroute/1/5B8E21C6890BD79AB764D91B60C39C3B7E4985E1.crl
                          rsync://repo.rpki.space/repo/Infiniroute/1/5B8E21C6890BD79AB764D91B60C39C3B7E4985E1.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/W44hxokL15q3ZNkbYMOcO35JheE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 28 Apr 2026 02:36:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1b:f1:7d:c2:fe:37:95:73:44:05:de:76:d5:93:90:1d:98:bc:2f:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5b8e21c6890bd79ab764d91b60c39c3b7e4985e1
        Validity
            Not Before: Apr 18 10:47:35 2026 GMT
            Not After : Apr 17 10:52:35 2027 GMT
        Subject: CN=8A2F7ABC01039A85C2EAA06355AFBD5ECC460F67
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:bf:ab:12:c6:01:1c:7a:83:94:77:4a:89:aa:
                    ff:f7:0b:14:b0:0d:45:23:e5:7f:25:66:77:81:c0:
                    f7:22:07:26:1d:47:28:e9:18:98:3c:66:a8:dd:e1:
                    2e:3e:e6:08:76:f8:b0:55:16:70:7e:8f:b3:74:ac:
                    35:01:0d:97:8c:eb:34:ef:15:77:3f:d3:90:5e:54:
                    68:63:cd:c2:28:b9:d4:ab:81:d9:e8:0d:4d:1a:dd:
                    7c:30:31:3c:59:7f:a6:a6:9d:76:7b:69:d6:2b:17:
                    4d:8e:12:fb:61:15:f6:a1:30:65:a1:0a:99:08:91:
                    08:50:cc:f4:0b:df:c9:90:f6:c6:ca:ad:0c:3d:ab:
                    31:f2:d8:f1:67:0a:44:c4:2a:0b:3d:77:09:3f:64:
                    27:0c:59:12:0f:a2:93:a6:5f:f3:58:3e:27:df:3f:
                    1a:95:8d:c1:72:42:47:80:d2:a9:f0:1e:b5:73:dc:
                    b3:4f:97:f9:f1:fe:af:81:26:3a:01:8b:ab:07:54:
                    cf:f7:a2:3f:ff:61:35:5f:59:a4:65:ae:e0:15:0f:
                    60:39:b5:4e:14:47:9c:4e:e9:f9:ee:46:65:be:f0:
                    c4:77:be:80:c5:ef:6c:be:12:7d:9a:c0:f0:0f:8f:
                    e8:72:ef:a7:0e:de:45:c6:5b:ed:97:81:59:20:7a:
                    4a:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:2F:7A:BC:01:03:9A:85:C2:EA:A0:63:55:AF:BD:5E:CC:46:0F:67
            X509v3 Authority Key Identifier:
                keyid:5B:8E:21:C6:89:0B:D7:9A:B7:64:D9:1B:60:C3:9C:3B:7E:49:85:E1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo.rpki.space/repo/Infiniroute/1/5B8E21C6890BD79AB764D91B60C39C3B7E4985E1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W44hxokL15q3ZNkbYMOcO35JheE.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo.rpki.space/repo/Infiniroute/1/326131343a3763303a353230303a3a2f34302d3438203d3e20323134373331.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:7c0:5200::/40

    Signature Algorithm: sha256WithRSAEncryption
         88:4d:81:3a:32:0c:10:61:13:d1:6d:2f:e0:a9:5a:e6:78:c5:
         bf:e1:a5:7f:3a:0e:f8:e1:e4:9e:c0:b7:3d:18:30:47:33:e4:
         7d:a0:18:24:ef:ae:22:32:ca:33:fa:85:91:21:60:f7:2f:62:
         15:0c:82:34:a1:a5:be:66:f6:62:e0:20:6f:33:e2:e1:b2:4c:
         25:41:0b:10:e4:71:43:4c:60:d4:66:b9:30:17:3e:e2:71:f3:
         bb:e4:f8:1b:30:f5:e3:4f:37:f5:c4:1a:38:f6:d8:5e:4c:b5:
         1d:da:c7:3f:9d:d8:71:49:e7:5a:0d:51:18:84:8d:46:4f:ee:
         6c:3e:f5:75:18:e3:74:78:13:9b:02:b4:96:97:4a:b2:a5:35:
         c3:29:63:63:ec:80:7c:40:47:52:2c:4b:f6:f8:df:44:a5:e4:
         46:b2:e8:69:6b:0a:fc:23:79:30:6f:9d:f4:57:40:f9:d4:17:
         c0:df:d1:6a:06:dc:01:c4:69:ee:c1:b4:05:6d:80:5c:4b:a9:
         c1:3d:18:a4:fc:96:96:3a:35:3b:f3:f1:51:7f:8f:28:03:7b:
         da:3a:fb:45:e4:5b:68:3b:02:e2:e0:76:46:e3:2e:ba:eb:23:
         9a:bf:51:4a:bf:af:d7:80:54:c1:78:68:dc:8b:c6:34:26:b8:
         4c:c6:84:5c
-----BEGIN CERTIFICATE-----
MIIE4zCCA8ugAwIBAgIUG/F9wv43lXNEBd521ZOQHZi8L2IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWI4ZTIxYzY4OTBiZDc5YWI3NjRkOTFiNjBjMzljM2I3
ZTQ5ODVlMTAeFw0yNjA0MTgxMDQ3MzVaFw0yNzA0MTcxMDUyMzVaMDMxMTAvBgNV
BAMTKDhBMkY3QUJDMDEwMzlBODVDMkVBQTA2MzU1QUZCRDVFQ0M0NjBGNjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDlv6sSxgEceoOUd0qJqv/3CxSw
DUUj5X8lZneBwPciByYdRyjpGJg8Zqjd4S4+5gh2+LBVFnB+j7N0rDUBDZeM6zTv
FXc/05BeVGhjzcIoudSrgdnoDU0a3XwwMTxZf6amnXZ7adYrF02OEvthFfahMGWh
CpkIkQhQzPQL38mQ9sbKrQw9qzHy2PFnCkTEKgs9dwk/ZCcMWRIPopOmX/NYPiff
PxqVjcFyQkeA0qnwHrVz3LNPl/nx/q+BJjoBi6sHVM/3oj//YTVfWaRlruAVD2A5
tU4UR5xO6fnuRmW+8MR3voDF72y+En2awPAPj+hy76cO3kXGW+2XgVkgekqlAgMB
AAGjggHtMIIB6TAdBgNVHQ4EFgQUii96vAEDmoXC6qBjVa+9XsxGD2cwHwYDVR0j
BBgwFoAUW44hxokL15q3ZNkbYMOcO35JheEwDgYDVR0PAQH/BAQDAgeAMGgGA1Ud
HwRhMF8wXaBboFmGV3JzeW5jOi8vcmVwby5ycGtpLnNwYWNlL3JlcG8vSW5maW5p
cm91dGUvMS81QjhFMjFDNjg5MEJENzlBQjc2NEQ5MUI2MEMzOUMzQjdFNDk4NUUx
LmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvVzQ0aHhva0wxNXEzWk5rYllNT2NP
MzVKaGVFLmNlcjCBiQYIKwYBBQUHAQsEfTB7MHkGCCsGAQUFBzALhm1yc3luYzov
L3JlcG8ucnBraS5zcGFjZS9yZXBvL0luZmluaXJvdXRlLzEvMzI2MTMxMzQzYTM3
NjMzMDNhMzUzMjMwMzAzYTNhMmYzNDMwMmQzNDM4MjAzZDNlMjAzMjMxMzQzNzMz
MzEucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8E
EjAQMA4EAgACMAgDBgAqFAfAUjANBgkqhkiG9w0BAQsFAAOCAQEAiE2BOjIMEGET
0W0v4Kla5njFv+GlfzoO+OHknsC3PRgwRzPkfaAYJO+uIjLKM/qFkSFg9y9iFQyC
NKGlvmb2YuAgbzPi4bJMJUELEORxQ0xg1Ga5MBc+4nHzu+T4GzD140839cQaOPbY
Xky1HdrHP53YcUnnWg1RGISNRk/ubD71dRjjdHgTmwK0lpdKsqU1wyljY+yAfEBH
UixL9vjfRKXkRrLoaWsK/CN5MG+d9FdA+dQXwN/RagbcAcRp7sG0BW2AXEupwT0Y
pPyWljo1O/PxUX+PKAN72jr7ReRbaDsC4uB2RuMuuusjmr9RSr+v14BUwXho3IvG
NCa4TMaEXA==
-----END CERTIFICATE-----