Route Origin Authorization

$ rpki-client -vvf repo.rpki.space/repo/Infiniroute/1/326131343a3763303a363030303a3a2f34302d3438203d3e20323134353135.roa
File:                     326131343a3763303a363030303a3a2f34302d3438203d3e20323134353135.roa (raw, json)
Hash identifier:          pyTuppvDF9cRSGuarK9EvGBUYNAUjQsnbPvghmYyJLk=
Subject key identifier:   42:F4:92:BF:7A:84:49:6D:8D:08:C9:AC:B6:AD:66:31:8D:BD:B6:F6
Certificate issuer:       /CN=5b8e21c6890bd79ab764d91b60c39c3b7e4985e1
Certificate serial:       46B49F9F09C590AD8F878E5D4C10B9D2E477626D
Authority key identifier: 5B:8E:21:C6:89:0B:D7:9A:B7:64:D9:1B:60:C3:9C:3B:7E:49:85:E1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/W44hxokL15q3ZNkbYMOcO35JheE.cer
Subject info access:      rsync://repo.rpki.space/repo/Infiniroute/1/326131343a3763303a363030303a3a2f34302d3438203d3e20323134353135.roa
Signing time:             Sun 15 Sep 2024 12:47:32 +0000
ROA not before:           Sun 15 Sep 2024 12:42:32 +0000
ROA not after:            Sun 14 Sep 2025 12:47:32 +0000
asID:                     214515
IP address blocks:        2a14:7c0:6000::/40 maxlen: 48

Validation:               OK
Signature path:           rsync://repo.rpki.space/repo/Infiniroute/1/5B8E21C6890BD79AB764D91B60C39C3B7E4985E1.crl
                          rsync://repo.rpki.space/repo/Infiniroute/1/5B8E21C6890BD79AB764D91B60C39C3B7E4985E1.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/W44hxokL15q3ZNkbYMOcO35JheE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 09:57:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            46:b4:9f:9f:09:c5:90:ad:8f:87:8e:5d:4c:10:b9:d2:e4:77:62:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5b8e21c6890bd79ab764d91b60c39c3b7e4985e1
        Validity
            Not Before: Sep 15 12:42:32 2024 GMT
            Not After : Sep 14 12:47:32 2025 GMT
        Subject: CN=42F492BF7A84496D8D08C9ACB6AD66318DBDB6F6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:ef:ee:ce:9a:e6:39:40:af:a4:ec:e6:31:3f:
                    3c:d0:61:8f:2c:47:61:2d:4d:b5:ac:7e:fb:c1:72:
                    54:69:32:ff:59:2a:c1:7f:13:ae:27:59:b2:63:eb:
                    4c:aa:46:dc:d8:35:71:01:55:f9:bd:cc:81:f8:c7:
                    14:86:63:9c:cb:aa:0f:b7:9b:02:10:e9:3c:e4:f4:
                    fe:ad:6d:a9:ce:d6:3e:75:46:48:b0:ba:5d:09:1e:
                    17:3e:28:e1:40:cb:0c:fa:db:82:3e:0d:92:9e:b3:
                    c5:91:e7:57:24:2c:27:d9:1a:df:99:62:01:35:9a:
                    17:f4:a0:ee:f0:0f:3b:d3:95:92:48:a8:ac:85:75:
                    67:81:15:76:8f:b3:70:24:6d:bc:bd:c8:ae:88:c9:
                    0d:95:32:4e:fb:41:72:4c:b6:b8:3b:d4:e9:42:76:
                    79:7e:f0:5a:39:eb:9c:a2:38:ca:92:ef:09:d9:ef:
                    63:02:5b:e8:e6:c3:5a:0e:e8:8b:ba:14:f7:d4:a2:
                    89:db:69:f0:4b:1f:3a:e8:9c:98:b0:89:35:1a:cf:
                    ad:8c:5e:a5:6d:a1:0f:f3:c0:99:f8:bd:ec:4e:48:
                    e4:99:4d:f4:11:a1:5d:93:fc:74:be:cc:4f:54:7e:
                    71:fa:ff:d4:0e:59:ff:c5:1d:82:90:54:bd:03:66:
                    c4:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:F4:92:BF:7A:84:49:6D:8D:08:C9:AC:B6:AD:66:31:8D:BD:B6:F6
            X509v3 Authority Key Identifier:
                keyid:5B:8E:21:C6:89:0B:D7:9A:B7:64:D9:1B:60:C3:9C:3B:7E:49:85:E1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo.rpki.space/repo/Infiniroute/1/5B8E21C6890BD79AB764D91B60C39C3B7E4985E1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W44hxokL15q3ZNkbYMOcO35JheE.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo.rpki.space/repo/Infiniroute/1/326131343a3763303a363030303a3a2f34302d3438203d3e20323134353135.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:7c0:6000::/40

    Signature Algorithm: sha256WithRSAEncryption
         92:35:88:49:9a:03:59:82:dd:a5:b1:e9:63:97:0b:44:73:b2:
         fd:2a:44:04:03:14:3b:15:d0:30:1a:28:4d:c7:5f:fb:bd:dd:
         e7:f6:02:88:44:c3:41:e6:67:9e:6d:50:5e:c1:54:7b:9f:42:
         45:ba:09:5c:5f:59:92:fc:1e:0f:26:f0:0a:5f:03:11:63:f4:
         0a:cb:f9:f3:fb:e5:92:f0:ca:5d:bd:83:40:70:8c:26:d5:a6:
         96:61:3b:d4:73:bc:d8:6e:e8:a2:1d:6b:b5:cd:03:6f:3f:02:
         e6:e2:e9:b5:ce:6f:68:00:3f:7f:27:d5:19:1f:d5:00:c1:a1:
         71:22:c7:8f:3d:3e:af:63:80:9d:a2:c0:01:46:a8:3c:4e:e8:
         5e:94:40:5b:3e:b1:33:af:ee:cf:9d:5b:49:24:d3:e0:df:14:
         15:a2:7d:14:33:ed:a1:31:9e:51:f6:47:2c:9f:36:c0:b7:6d:
         04:d2:35:2a:64:6e:ec:29:36:aa:24:6d:7d:51:47:eb:a3:ed:
         fc:98:f8:b3:5b:55:fd:8d:c5:7a:9f:b0:12:fd:d2:d6:aa:08:
         a0:ef:d2:79:68:2f:2b:fa:9d:e4:d7:61:16:1c:52:42:78:74:
         80:f0:89:23:68:95:99:80:88:80:c5:24:90:f7:68:bb:e7:21:
         da:f8:6c:2b
-----BEGIN CERTIFICATE-----
MIIE4zCCA8ugAwIBAgIURrSfnwnFkK2Ph45dTBC50uR3Ym0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWI4ZTIxYzY4OTBiZDc5YWI3NjRkOTFiNjBjMzljM2I3
ZTQ5ODVlMTAeFw0yNDA5MTUxMjQyMzJaFw0yNTA5MTQxMjQ3MzJaMDMxMTAvBgNV
BAMTKDQyRjQ5MkJGN0E4NDQ5NkQ4RDA4QzlBQ0I2QUQ2NjMxOERCREI2RjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDG7+7OmuY5QK+k7OYxPzzQYY8s
R2EtTbWsfvvBclRpMv9ZKsF/E64nWbJj60yqRtzYNXEBVfm9zIH4xxSGY5zLqg+3
mwIQ6Tzk9P6tbanO1j51Rkiwul0JHhc+KOFAywz624I+DZKes8WR51ckLCfZGt+Z
YgE1mhf0oO7wDzvTlZJIqKyFdWeBFXaPs3Akbby9yK6IyQ2VMk77QXJMtrg71OlC
dnl+8Fo565yiOMqS7wnZ72MCW+jmw1oO6Iu6FPfUoonbafBLHzronJiwiTUaz62M
XqVtoQ/zwJn4vexOSOSZTfQRoV2T/HS+zE9UfnH6/9QOWf/FHYKQVL0DZsQ1AgMB
AAGjggHtMIIB6TAdBgNVHQ4EFgQUQvSSv3qESW2NCMmstq1mMY29tvYwHwYDVR0j
BBgwFoAUW44hxokL15q3ZNkbYMOcO35JheEwDgYDVR0PAQH/BAQDAgeAMGgGA1Ud
HwRhMF8wXaBboFmGV3JzeW5jOi8vcmVwby5ycGtpLnNwYWNlL3JlcG8vSW5maW5p
cm91dGUvMS81QjhFMjFDNjg5MEJENzlBQjc2NEQ5MUI2MEMzOUMzQjdFNDk4NUUx
LmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvVzQ0aHhva0wxNXEzWk5rYllNT2NP
MzVKaGVFLmNlcjCBiQYIKwYBBQUHAQsEfTB7MHkGCCsGAQUFBzALhm1yc3luYzov
L3JlcG8ucnBraS5zcGFjZS9yZXBvL0luZmluaXJvdXRlLzEvMzI2MTMxMzQzYTM3
NjMzMDNhMzYzMDMwMzAzYTNhMmYzNDMwMmQzNDM4MjAzZDNlMjAzMjMxMzQzNTMx
MzUucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8E
EjAQMA4EAgACMAgDBgAqFAfAYDANBgkqhkiG9w0BAQsFAAOCAQEAkjWISZoDWYLd
pbHpY5cLRHOy/SpEBAMUOxXQMBooTcdf+73d5/YCiETDQeZnnm1QXsFUe59CRboJ
XF9ZkvweDybwCl8DEWP0Csv58/vlkvDKXb2DQHCMJtWmlmE71HO82G7ooh1rtc0D
bz8C5uLptc5vaAA/fyfVGR/VAMGhcSLHjz0+r2OAnaLAAUaoPE7oXpRAWz6xM6/u
z51bSSTT4N8UFaJ9FDPtoTGeUfZHLJ82wLdtBNI1KmRu7Ck2qiRtfVFH66Pt/Jj4
s1tV/Y3Fep+wEv3S1qoIoO/SeWgvK/qd5NdhFhxSQnh0gPCJI2iVmYCIgMUkkPdo
u+ch2vhsKw==
-----END CERTIFICATE-----
Generated at Thu Nov 21 15:45:25 2024 by rpki-client on console-ams.rpki-client.org