Route Origin Authorization

$ rpki-client -vvf repo.rpki.space/repo/Infiniroute/1/326131343a3763303a363130303a3a2f34302d3430203d3e203231373338.roa
File:                     326131343a3763303a363130303a3a2f34302d3430203d3e203231373338.roa (raw, json)
Hash identifier:          41xGqlwKz3E9xy5v6gbb4cxG93YS3orRjN8QkDDthT4=
Subject key identifier:   76:8B:49:D4:A2:51:B1:61:5F:9F:2A:71:CC:68:C0:AD:FE:31:14:E7
Certificate issuer:       /CN=5b8e21c6890bd79ab764d91b60c39c3b7e4985e1
Certificate serial:       53E6504D63B48C7A74AC16617F44BFAADB72F52E
Authority key identifier: 5B:8E:21:C6:89:0B:D7:9A:B7:64:D9:1B:60:C3:9C:3B:7E:49:85:E1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/W44hxokL15q3ZNkbYMOcO35JheE.cer
Subject info access:      rsync://repo.rpki.space/repo/Infiniroute/1/326131343a3763303a363130303a3a2f34302d3430203d3e203231373338.roa
Signing time:             Mon 25 Aug 2025 07:38:19 +0000
ROA not before:           Mon 25 Aug 2025 07:33:19 +0000
ROA not after:            Mon 24 Aug 2026 07:38:19 +0000
asID:                     21738
IP address blocks:        2a14:7c0:6100::/40 maxlen: 40
Validation:               OK
Signature path:           rsync://repo.rpki.space/repo/Infiniroute/1/5B8E21C6890BD79AB764D91B60C39C3B7E4985E1.crl
                          rsync://repo.rpki.space/repo/Infiniroute/1/5B8E21C6890BD79AB764D91B60C39C3B7E4985E1.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/W44hxokL15q3ZNkbYMOcO35JheE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 17:48:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            53:e6:50:4d:63:b4:8c:7a:74:ac:16:61:7f:44:bf:aa:db:72:f5:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5b8e21c6890bd79ab764d91b60c39c3b7e4985e1
        Validity
            Not Before: Aug 25 07:33:19 2025 GMT
            Not After : Aug 24 07:38:19 2026 GMT
        Subject: CN=768B49D4A251B1615F9F2A71CC68C0ADFE3114E7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:d2:1f:69:8e:50:da:89:e2:e0:75:81:b7:73:
                    3a:be:64:7b:70:65:58:77:14:84:5c:c4:15:f0:b4:
                    9f:50:83:d1:03:5e:6c:86:7c:36:44:75:0c:6e:8c:
                    d9:f3:2c:30:69:99:49:11:e6:ce:c1:aa:35:ca:f7:
                    37:70:b0:a2:70:ac:5c:40:15:2c:ca:50:e9:8a:cd:
                    b4:2c:ba:ad:53:af:e0:7d:99:41:32:7b:32:d8:88:
                    2c:73:77:e3:38:64:83:85:3e:86:aa:ac:14:c7:66:
                    cb:40:93:b6:e7:8a:aa:01:54:85:9a:a9:6b:ff:ed:
                    11:16:ab:6d:e3:3c:e5:c4:25:b6:de:73:87:73:67:
                    04:0d:9f:f1:e7:21:d9:ce:12:f7:2c:01:1f:c3:4d:
                    03:c6:71:5d:6c:32:ce:a3:11:0b:d7:d7:bb:5f:f9:
                    57:d1:14:88:51:16:52:41:d6:d0:bf:82:e1:e5:78:
                    60:ab:ce:a5:f4:00:df:e8:f6:f0:c9:82:80:8a:fc:
                    35:50:60:6d:67:80:83:5e:cb:87:41:f1:d7:42:37:
                    36:71:2a:65:2f:f8:6e:16:51:e8:26:27:0a:7b:65:
                    70:3d:bb:c3:1d:f7:32:98:db:cf:f5:15:c3:09:09:
                    d1:cc:28:b6:ec:64:f7:98:3e:dc:12:7c:ad:a9:c4:
                    55:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:8B:49:D4:A2:51:B1:61:5F:9F:2A:71:CC:68:C0:AD:FE:31:14:E7
            X509v3 Authority Key Identifier:
                keyid:5B:8E:21:C6:89:0B:D7:9A:B7:64:D9:1B:60:C3:9C:3B:7E:49:85:E1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo.rpki.space/repo/Infiniroute/1/5B8E21C6890BD79AB764D91B60C39C3B7E4985E1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W44hxokL15q3ZNkbYMOcO35JheE.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo.rpki.space/repo/Infiniroute/1/326131343a3763303a363130303a3a2f34302d3430203d3e203231373338.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:7c0:6100::/40

    Signature Algorithm: sha256WithRSAEncryption
         56:95:b8:b0:a0:fe:11:1b:87:d3:00:de:38:d8:80:87:a2:36:
         1d:53:0b:e9:86:2b:b7:c7:92:54:d2:b9:42:14:73:0c:3f:ba:
         47:9a:ad:20:cf:ea:b8:8d:e1:f6:c2:3b:b5:22:d4:41:de:d4:
         74:69:fe:06:70:e6:cb:99:94:54:02:a0:5c:61:2e:2c:2f:bd:
         98:5f:46:7b:7b:97:26:4d:42:db:61:73:95:66:be:9e:f9:46:
         3d:29:2d:f8:d8:a2:6f:39:71:37:6f:b6:bb:a9:55:81:3d:74:
         e7:27:67:08:4f:93:ca:fb:2d:39:34:ff:69:53:7e:41:97:37:
         ec:68:4d:6c:7a:cf:bc:db:76:87:16:15:1d:85:dc:ba:6b:5b:
         24:12:0a:71:3c:1d:b9:d1:51:98:20:fd:23:ed:6a:b2:49:36:
         27:cb:fc:df:8b:3f:47:2f:fb:6e:09:3c:19:ad:87:04:25:1d:
         30:e6:7e:06:74:55:69:2f:31:d2:ee:f1:e2:d0:9a:ee:81:1d:
         95:1f:89:8e:e4:30:56:e0:12:fa:86:c3:79:21:da:ad:6b:d9:
         4f:29:87:2b:31:62:90:fa:58:58:d3:9c:ca:48:b5:cf:d1:44:
         05:26:0f:cb:b2:5a:b0:74:d4:aa:65:c3:d0:31:e1:1a:7c:34:
         63:4d:55:17
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgIUU+ZQTWO0jHp0rBZhf0S/qtty9S4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWI4ZTIxYzY4OTBiZDc5YWI3NjRkOTFiNjBjMzljM2I3
ZTQ5ODVlMTAeFw0yNTA4MjUwNzMzMTlaFw0yNjA4MjQwNzM4MTlaMDMxMTAvBgNV
BAMTKDc2OEI0OUQ0QTI1MUIxNjE1RjlGMkE3MUNDNjhDMEFERkUzMTE0RTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCp0h9pjlDaieLgdYG3czq+ZHtw
ZVh3FIRcxBXwtJ9Qg9EDXmyGfDZEdQxujNnzLDBpmUkR5s7BqjXK9zdwsKJwrFxA
FSzKUOmKzbQsuq1Tr+B9mUEyezLYiCxzd+M4ZIOFPoaqrBTHZstAk7bniqoBVIWa
qWv/7REWq23jPOXEJbbec4dzZwQNn/HnIdnOEvcsAR/DTQPGcV1sMs6jEQvX17tf
+VfRFIhRFlJB1tC/guHleGCrzqX0AN/o9vDJgoCK/DVQYG1ngINey4dB8ddCNzZx
KmUv+G4WUegmJwp7ZXA9u8Md9zKY28/1FcMJCdHMKLbsZPeYPtwSfK2pxFWPAgMB
AAGjggHrMIIB5zAdBgNVHQ4EFgQUdotJ1KJRsWFfnypxzGjArf4xFOcwHwYDVR0j
BBgwFoAUW44hxokL15q3ZNkbYMOcO35JheEwDgYDVR0PAQH/BAQDAgeAMGgGA1Ud
HwRhMF8wXaBboFmGV3JzeW5jOi8vcmVwby5ycGtpLnNwYWNlL3JlcG8vSW5maW5p
cm91dGUvMS81QjhFMjFDNjg5MEJENzlBQjc2NEQ5MUI2MEMzOUMzQjdFNDk4NUUx
LmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvVzQ0aHhva0wxNXEzWk5rYllNT2NP
MzVKaGVFLmNlcjCBhwYIKwYBBQUHAQsEezB5MHcGCCsGAQUFBzALhmtyc3luYzov
L3JlcG8ucnBraS5zcGFjZS9yZXBvL0luZmluaXJvdXRlLzEvMzI2MTMxMzQzYTM3
NjMzMDNhMzYzMTMwMzAzYTNhMmYzNDMwMmQzNDMwMjAzZDNlMjAzMjMxMzczMzM4
LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIw
EDAOBAIAAjAIAwYAKhQHwGEwDQYJKoZIhvcNAQELBQADggEBAFaVuLCg/hEbh9MA
3jjYgIeiNh1TC+mGK7fHklTSuUIUcww/ukearSDP6riN4fbCO7Ui1EHe1HRp/gZw
5suZlFQCoFxhLiwvvZhfRnt7lyZNQtthc5Vmvp75Rj0pLfjYom85cTdvtrupVYE9
dOcnZwhPk8r7LTk0/2lTfkGXN+xoTWx6z7zbdocWFR2F3LprWyQSCnE8HbnRUZgg
/SPtarJJNifL/N+LP0cv+24JPBmthwQlHTDmfgZ0VWkvMdLu8eLQmu6BHZUfiY7k
MFbgEvqGw3kh2q1r2U8physxYpD6WFjTnMpItc/RRAUmD8uyWrB01Kplw9Ax4Rp8
NGNNVRc=
-----END CERTIFICATE-----