Route Origin Authorization

$ rpki-client -vvf repo.rpki.space/repo/Infiniroute/1/326131343a3763303a363030303a3a2f34302d3438203d3e20323134353135.roa
File:                     326131343a3763303a363030303a3a2f34302d3438203d3e20323134353135.roa (raw, json)
Hash identifier:          WKmvHJUqfczzZ20tUOi9J8XZdHhRqyxM2pXscd5QVGw=
Subject key identifier:   04:B6:D9:BA:FC:DE:36:6D:CF:45:74:5F:B6:57:22:8A:5E:75:75:DD
Certificate issuer:       /CN=5b8e21c6890bd79ab764d91b60c39c3b7e4985e1
Certificate serial:       6182295274E538EBD859F859E1C26FD284F3BB32
Authority key identifier: 5B:8E:21:C6:89:0B:D7:9A:B7:64:D9:1B:60:C3:9C:3B:7E:49:85:E1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/W44hxokL15q3ZNkbYMOcO35JheE.cer
Subject info access:      rsync://repo.rpki.space/repo/Infiniroute/1/326131343a3763303a363030303a3a2f34302d3438203d3e20323134353135.roa
Signing time:             Mon 25 Aug 2025 07:38:20 +0000
ROA not before:           Mon 25 Aug 2025 07:33:20 +0000
ROA not after:            Mon 24 Aug 2026 07:38:20 +0000
asID:                     214515
IP address blocks:        2a14:7c0:6000::/40 maxlen: 48
Validation:               OK
Signature path:           rsync://repo.rpki.space/repo/Infiniroute/1/5B8E21C6890BD79AB764D91B60C39C3B7E4985E1.crl
                          rsync://repo.rpki.space/repo/Infiniroute/1/5B8E21C6890BD79AB764D91B60C39C3B7E4985E1.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/W44hxokL15q3ZNkbYMOcO35JheE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 09 Sep 2025 01:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            61:82:29:52:74:e5:38:eb:d8:59:f8:59:e1:c2:6f:d2:84:f3:bb:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5b8e21c6890bd79ab764d91b60c39c3b7e4985e1
        Validity
            Not Before: Aug 25 07:33:20 2025 GMT
            Not After : Aug 24 07:38:20 2026 GMT
        Subject: CN=04B6D9BAFCDE366DCF45745FB657228A5E7575DD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:c3:4a:68:ea:3e:ab:16:53:05:54:fc:38:c8:
                    34:93:c2:38:ce:d1:d3:1a:d8:8b:ae:7e:4d:df:fb:
                    66:51:08:b1:da:c8:fc:cd:61:b6:93:b4:69:ae:7c:
                    47:db:39:3d:b2:d5:26:d9:6e:18:be:67:6a:e1:61:
                    e3:b7:a4:1f:5b:e8:91:62:6b:0e:ff:70:30:cc:71:
                    bc:56:e0:f5:e7:9e:20:4e:d7:eb:22:76:47:45:36:
                    f9:03:e0:67:71:28:a1:b2:72:4c:36:d9:1e:46:00:
                    14:37:a8:05:5c:f8:41:e0:6b:47:10:cc:07:2c:ff:
                    c3:8a:96:b0:39:52:87:20:65:9e:96:49:6f:19:72:
                    a3:d3:52:b7:b0:96:f6:3e:1a:cc:f3:2c:98:d7:12:
                    92:6f:10:48:04:dc:96:51:75:05:87:6a:20:54:46:
                    b5:ce:5c:53:21:40:dc:96:9f:46:c1:a9:4d:c9:c8:
                    f8:dd:d3:93:ae:22:b8:6e:81:83:43:14:84:a3:fa:
                    43:38:90:cb:b6:b0:19:a1:c0:c7:5d:b0:c7:6f:a2:
                    8b:ee:62:be:03:7d:ec:94:df:65:c5:2a:bb:13:59:
                    6d:aa:d1:84:e8:ae:01:c8:fd:21:e9:d3:b9:ba:e2:
                    1b:3e:73:d6:9e:b1:fd:e8:73:01:cd:17:ac:93:33:
                    0d:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:B6:D9:BA:FC:DE:36:6D:CF:45:74:5F:B6:57:22:8A:5E:75:75:DD
            X509v3 Authority Key Identifier:
                keyid:5B:8E:21:C6:89:0B:D7:9A:B7:64:D9:1B:60:C3:9C:3B:7E:49:85:E1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo.rpki.space/repo/Infiniroute/1/5B8E21C6890BD79AB764D91B60C39C3B7E4985E1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W44hxokL15q3ZNkbYMOcO35JheE.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo.rpki.space/repo/Infiniroute/1/326131343a3763303a363030303a3a2f34302d3438203d3e20323134353135.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:7c0:6000::/40

    Signature Algorithm: sha256WithRSAEncryption
         5b:3e:a2:63:01:d7:e6:9a:fa:6e:4e:81:d9:d8:20:20:ed:7a:
         7e:0c:9a:05:f2:9f:8b:1b:50:cb:8c:07:f0:3a:2e:f2:bf:11:
         35:f4:a8:94:55:97:42:5a:9f:32:81:e2:78:96:4e:e7:5f:13:
         7f:ba:f2:ea:fd:df:78:83:50:15:cb:76:0a:5b:b9:d3:84:73:
         a6:d0:df:db:af:cf:a7:54:11:d8:dd:31:db:75:fc:eb:a3:59:
         8c:99:dd:ca:d3:3d:5e:e4:1d:c3:95:9e:5a:60:c1:83:52:46:
         ba:f4:a9:2f:cd:2b:ee:1e:0c:c2:30:00:87:80:2c:a5:fe:b3:
         f9:6e:40:4e:e0:72:e7:74:04:43:f4:6f:60:38:f4:4a:fa:8b:
         32:83:80:13:85:b0:96:a8:4e:b1:47:64:85:4e:97:31:54:4e:
         1a:f2:ca:bb:22:69:8e:66:79:2f:37:45:d5:ad:87:71:cf:5b:
         f2:b4:d6:95:0a:78:c2:09:23:21:cf:cb:7b:61:c1:c6:b6:0c:
         01:93:13:24:e4:2c:e2:6f:a8:29:5d:69:9b:b1:3c:a1:b7:07:
         a0:39:17:2d:1d:8c:48:a5:77:27:15:f4:4d:f6:23:82:d1:5d:
         27:6c:30:b5:f9:cd:d5:41:ac:ec:3c:bc:ed:94:a3:29:24:7c:
         c9:20:bf:28
-----BEGIN CERTIFICATE-----
MIIE4zCCA8ugAwIBAgIUYYIpUnTlOOvYWfhZ4cJv0oTzuzIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWI4ZTIxYzY4OTBiZDc5YWI3NjRkOTFiNjBjMzljM2I3
ZTQ5ODVlMTAeFw0yNTA4MjUwNzMzMjBaFw0yNjA4MjQwNzM4MjBaMDMxMTAvBgNV
BAMTKDA0QjZEOUJBRkNERTM2NkRDRjQ1NzQ1RkI2NTcyMjhBNUU3NTc1REQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDlw0po6j6rFlMFVPw4yDSTwjjO
0dMa2Iuufk3f+2ZRCLHayPzNYbaTtGmufEfbOT2y1SbZbhi+Z2rhYeO3pB9b6JFi
aw7/cDDMcbxW4PXnniBO1+sidkdFNvkD4GdxKKGyckw22R5GABQ3qAVc+EHga0cQ
zAcs/8OKlrA5UocgZZ6WSW8ZcqPTUrewlvY+GszzLJjXEpJvEEgE3JZRdQWHaiBU
RrXOXFMhQNyWn0bBqU3JyPjd05OuIrhugYNDFISj+kM4kMu2sBmhwMddsMdvoovu
Yr4DfeyU32XFKrsTWW2q0YTorgHI/SHp07m64hs+c9aesf3ocwHNF6yTMw29AgMB
AAGjggHtMIIB6TAdBgNVHQ4EFgQUBLbZuvzeNm3PRXRftlciil51dd0wHwYDVR0j
BBgwFoAUW44hxokL15q3ZNkbYMOcO35JheEwDgYDVR0PAQH/BAQDAgeAMGgGA1Ud
HwRhMF8wXaBboFmGV3JzeW5jOi8vcmVwby5ycGtpLnNwYWNlL3JlcG8vSW5maW5p
cm91dGUvMS81QjhFMjFDNjg5MEJENzlBQjc2NEQ5MUI2MEMzOUMzQjdFNDk4NUUx
LmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvVzQ0aHhva0wxNXEzWk5rYllNT2NP
MzVKaGVFLmNlcjCBiQYIKwYBBQUHAQsEfTB7MHkGCCsGAQUFBzALhm1yc3luYzov
L3JlcG8ucnBraS5zcGFjZS9yZXBvL0luZmluaXJvdXRlLzEvMzI2MTMxMzQzYTM3
NjMzMDNhMzYzMDMwMzAzYTNhMmYzNDMwMmQzNDM4MjAzZDNlMjAzMjMxMzQzNTMx
MzUucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8E
EjAQMA4EAgACMAgDBgAqFAfAYDANBgkqhkiG9w0BAQsFAAOCAQEAWz6iYwHX5pr6
bk6B2dggIO16fgyaBfKfixtQy4wH8Dou8r8RNfSolFWXQlqfMoHieJZO518Tf7ry
6v3feINQFct2Clu504RzptDf26/Pp1QR2N0x23X866NZjJndytM9XuQdw5WeWmDB
g1JGuvSpL80r7h4MwjAAh4Aspf6z+W5ATuBy53QEQ/RvYDj0SvqLMoOAE4WwlqhO
sUdkhU6XMVROGvLKuyJpjmZ5LzdF1a2Hcc9b8rTWlQp4wgkjIc/Le2HBxrYMAZMT
JOQs4m+oKV1pm7E8obcHoDkXLR2MSKV3JxX0TfYjgtFdJ2wwtfnN1UGs7Dy87ZSj
KSR8ySC/KA==
-----END CERTIFICATE-----