Route Origin Authorization

$ rpki-client -vvf repo.rpki.space/repo/Infiniroute/1/326131343a3763303a363330303a3a2f34302d3438203d3e20323134363936.roa
File:                     326131343a3763303a363330303a3a2f34302d3438203d3e20323134363936.roa (raw, json)
Hash identifier:          MIZjhZ1BznTpizfaeepB+ORb2nLITR0h6yEEBrHOcAk=
Subject key identifier:   B9:C9:E2:7F:5A:6E:E4:C0:08:B1:8A:9A:15:F3:24:04:85:C9:25:F0
Certificate issuer:       /CN=5b8e21c6890bd79ab764d91b60c39c3b7e4985e1
Certificate serial:       30CF2752D77C8513FC41161907E0DA792D1E2822
Authority key identifier: 5B:8E:21:C6:89:0B:D7:9A:B7:64:D9:1B:60:C3:9C:3B:7E:49:85:E1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/W44hxokL15q3ZNkbYMOcO35JheE.cer
Subject info access:      rsync://repo.rpki.space/repo/Infiniroute/1/326131343a3763303a363330303a3a2f34302d3438203d3e20323134363936.roa
Signing time:             Sat 18 Apr 2026 12:52:35 +0000
ROA not before:           Sat 18 Apr 2026 12:47:35 +0000
ROA not after:            Sat 17 Apr 2027 12:52:35 +0000
asID:                     214696
IP address blocks:        2a14:7c0:6300::/40 maxlen: 48
Validation:               OK
Signature path:           rsync://repo.rpki.space/repo/Infiniroute/1/5B8E21C6890BD79AB764D91B60C39C3B7E4985E1.crl
                          rsync://repo.rpki.space/repo/Infiniroute/1/5B8E21C6890BD79AB764D91B60C39C3B7E4985E1.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/W44hxokL15q3ZNkbYMOcO35JheE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 28 Apr 2026 02:36:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            30:cf:27:52:d7:7c:85:13:fc:41:16:19:07:e0:da:79:2d:1e:28:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5b8e21c6890bd79ab764d91b60c39c3b7e4985e1
        Validity
            Not Before: Apr 18 12:47:35 2026 GMT
            Not After : Apr 17 12:52:35 2027 GMT
        Subject: CN=B9C9E27F5A6EE4C008B18A9A15F3240485C925F0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:f1:21:fa:7b:e8:a2:dd:ef:d5:54:4b:a5:71:
                    11:7f:59:c0:b4:ab:58:0b:f0:12:28:f1:22:7a:77:
                    e9:a9:f5:a9:76:33:de:f6:50:1f:c0:29:a4:78:95:
                    70:26:36:15:3b:11:63:cb:95:18:81:02:8d:6b:c3:
                    5d:14:da:d9:15:32:01:c8:13:7e:79:55:aa:80:6f:
                    30:cb:af:6e:12:8d:95:5d:c1:ac:8f:af:8b:b3:31:
                    c4:81:5c:44:bd:e1:55:68:05:d5:18:c5:37:84:8e:
                    89:72:97:57:1c:47:24:cb:7f:9f:ba:ac:de:cb:da:
                    75:2f:6f:f4:04:dc:2c:32:82:17:9b:de:8e:b1:06:
                    e5:21:72:84:b1:30:35:81:19:4e:74:55:b0:8f:0e:
                    68:0c:5e:01:83:9d:00:3f:c8:70:8f:c3:51:64:75:
                    68:b5:0c:6f:0c:1d:b5:f0:bb:8d:70:84:76:ae:52:
                    ad:2e:9a:78:b1:24:80:f4:01:a1:cb:b9:84:3d:ea:
                    b7:2b:7d:7e:64:1b:b5:26:f2:c0:79:d6:24:85:53:
                    1d:6b:0e:73:03:71:58:a9:74:c4:17:82:3b:ed:f3:
                    d7:e0:90:8c:fb:06:af:ba:83:58:5f:d3:c6:12:7a:
                    ef:28:f4:23:61:34:cf:b8:a1:0d:7a:8a:de:2f:70:
                    b4:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:C9:E2:7F:5A:6E:E4:C0:08:B1:8A:9A:15:F3:24:04:85:C9:25:F0
            X509v3 Authority Key Identifier:
                keyid:5B:8E:21:C6:89:0B:D7:9A:B7:64:D9:1B:60:C3:9C:3B:7E:49:85:E1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo.rpki.space/repo/Infiniroute/1/5B8E21C6890BD79AB764D91B60C39C3B7E4985E1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W44hxokL15q3ZNkbYMOcO35JheE.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo.rpki.space/repo/Infiniroute/1/326131343a3763303a363330303a3a2f34302d3438203d3e20323134363936.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:7c0:6300::/40

    Signature Algorithm: sha256WithRSAEncryption
         81:9b:d0:ef:b9:5f:af:33:51:a3:6f:27:84:46:5c:6e:da:08:
         6d:44:96:65:7b:97:5b:34:0a:f9:fa:7d:d4:c2:c9:0d:e8:1f:
         67:72:92:d9:05:0e:4b:1e:51:d8:b0:57:95:c4:d2:9d:0d:e8:
         ed:be:a5:2e:d6:c0:bf:b8:10:fa:b4:31:55:72:6c:e4:21:ed:
         fa:37:ac:54:2f:9a:f8:68:ee:e2:3a:0c:1f:34:9d:d3:9a:d0:
         2d:d0:ed:29:6f:2e:f8:99:ae:76:76:c5:54:85:bc:b4:2f:48:
         56:1a:2c:bb:f4:43:d0:25:00:4a:46:ff:9f:21:c2:3b:a6:6a:
         32:f4:24:f3:02:7f:5c:d4:61:0e:a6:f6:a5:88:5b:41:61:ba:
         ed:88:2f:77:d7:bd:a0:9f:d8:a6:72:97:8a:e5:af:55:e1:8a:
         8b:bd:b1:ec:05:f7:7b:93:94:6c:68:cf:0c:f8:a3:73:86:c4:
         ce:b6:a2:1c:59:40:69:1e:06:4a:16:2a:3b:4c:12:71:04:4d:
         4e:57:36:d1:8d:25:64:f9:ce:63:a7:97:1d:ae:35:ba:08:d6:
         00:f2:dd:b4:a4:5d:2f:ae:03:94:bb:51:67:85:f5:b0:1a:bc:
         a9:81:16:c3:d3:db:09:1d:93:83:32:0d:bf:c5:b0:89:5a:43:
         74:11:ab:e3
-----BEGIN CERTIFICATE-----
MIIE4zCCA8ugAwIBAgIUMM8nUtd8hRP8QRYZB+DaeS0eKCIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWI4ZTIxYzY4OTBiZDc5YWI3NjRkOTFiNjBjMzljM2I3
ZTQ5ODVlMTAeFw0yNjA0MTgxMjQ3MzVaFw0yNzA0MTcxMjUyMzVaMDMxMTAvBgNV
BAMTKEI5QzlFMjdGNUE2RUU0QzAwOEIxOEE5QTE1RjMyNDA0ODVDOTI1RjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDg8SH6e+ii3e/VVEulcRF/WcC0
q1gL8BIo8SJ6d+mp9al2M972UB/AKaR4lXAmNhU7EWPLlRiBAo1rw10U2tkVMgHI
E355VaqAbzDLr24SjZVdwayPr4uzMcSBXES94VVoBdUYxTeEjolyl1ccRyTLf5+6
rN7L2nUvb/QE3Cwygheb3o6xBuUhcoSxMDWBGU50VbCPDmgMXgGDnQA/yHCPw1Fk
dWi1DG8MHbXwu41whHauUq0umnixJID0AaHLuYQ96rcrfX5kG7Um8sB51iSFUx1r
DnMDcVipdMQXgjvt89fgkIz7Bq+6g1hf08YSeu8o9CNhNM+4oQ16it4vcLSTAgMB
AAGjggHtMIIB6TAdBgNVHQ4EFgQUucnif1pu5MAIsYqaFfMkBIXJJfAwHwYDVR0j
BBgwFoAUW44hxokL15q3ZNkbYMOcO35JheEwDgYDVR0PAQH/BAQDAgeAMGgGA1Ud
HwRhMF8wXaBboFmGV3JzeW5jOi8vcmVwby5ycGtpLnNwYWNlL3JlcG8vSW5maW5p
cm91dGUvMS81QjhFMjFDNjg5MEJENzlBQjc2NEQ5MUI2MEMzOUMzQjdFNDk4NUUx
LmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvVzQ0aHhva0wxNXEzWk5rYllNT2NP
MzVKaGVFLmNlcjCBiQYIKwYBBQUHAQsEfTB7MHkGCCsGAQUFBzALhm1yc3luYzov
L3JlcG8ucnBraS5zcGFjZS9yZXBvL0luZmluaXJvdXRlLzEvMzI2MTMxMzQzYTM3
NjMzMDNhMzYzMzMwMzAzYTNhMmYzNDMwMmQzNDM4MjAzZDNlMjAzMjMxMzQzNjM5
MzYucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8E
EjAQMA4EAgACMAgDBgAqFAfAYzANBgkqhkiG9w0BAQsFAAOCAQEAgZvQ77lfrzNR
o28nhEZcbtoIbUSWZXuXWzQK+fp91MLJDegfZ3KS2QUOSx5R2LBXlcTSnQ3o7b6l
LtbAv7gQ+rQxVXJs5CHt+jesVC+a+Gju4joMHzSd05rQLdDtKW8u+JmudnbFVIW8
tC9IVhosu/RD0CUASkb/nyHCO6ZqMvQk8wJ/XNRhDqb2pYhbQWG67Ygvd9e9oJ/Y
pnKXiuWvVeGKi72x7AX3e5OUbGjPDPijc4bEzraiHFlAaR4GShYqO0wScQRNTlc2
0Y0lZPnOY6eXHa41ugjWAPLdtKRdL64DlLtRZ4X1sBq8qYEWw9PbCR2TgzINv8Ww
iVpDdBGr4w==
-----END CERTIFICATE-----