Route Origin Authorization

$ rpki-client -vvf repo.rpki.space/repo/Infiniroute/1/326131343a3763303a653030303a3a2f33362d3336203d3e203531333936.roa
File:                     326131343a3763303a653030303a3a2f33362d3336203d3e203531333936.roa (raw, json)
Hash identifier:          tSYOz0tCZIyFA2W3xl55w96gC4XO8Hq050MSuuzPiEY=
Subject key identifier:   CA:E5:F1:E0:0C:30:DC:E9:69:A6:A5:70:1B:C3:97:E1:56:02:DD:97
Certificate issuer:       /CN=5b8e21c6890bd79ab764d91b60c39c3b7e4985e1
Certificate serial:       59C1EBC38F50F099A9C1050E3092AE41051E22E4
Authority key identifier: 5B:8E:21:C6:89:0B:D7:9A:B7:64:D9:1B:60:C3:9C:3B:7E:49:85:E1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/W44hxokL15q3ZNkbYMOcO35JheE.cer
Subject info access:      rsync://repo.rpki.space/repo/Infiniroute/1/326131343a3763303a653030303a3a2f33362d3336203d3e203531333936.roa
Signing time:             Wed 30 Oct 2024 13:47:55 +0000
ROA not before:           Wed 30 Oct 2024 13:42:55 +0000
ROA not after:            Wed 29 Oct 2025 13:47:55 +0000
asID:                     51396
IP address blocks:        2a14:7c0:e000::/36 maxlen: 36

Validation:               OK
Signature path:           rsync://repo.rpki.space/repo/Infiniroute/1/5B8E21C6890BD79AB764D91B60C39C3B7E4985E1.crl
                          rsync://repo.rpki.space/repo/Infiniroute/1/5B8E21C6890BD79AB764D91B60C39C3B7E4985E1.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/W44hxokL15q3ZNkbYMOcO35JheE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 21 Nov 2024 15:27:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            59:c1:eb:c3:8f:50:f0:99:a9:c1:05:0e:30:92:ae:41:05:1e:22:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5b8e21c6890bd79ab764d91b60c39c3b7e4985e1
        Validity
            Not Before: Oct 30 13:42:55 2024 GMT
            Not After : Oct 29 13:47:55 2025 GMT
        Subject: CN=CAE5F1E00C30DCE969A6A5701BC397E15602DD97
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:2f:73:50:74:43:1a:7c:1e:ca:a2:8c:39:f7:
                    c6:f7:ce:ea:e2:28:77:d3:a9:88:35:be:a2:ee:d7:
                    35:f8:b0:92:5e:b0:7e:dc:c6:c4:39:a5:42:ef:85:
                    44:a2:f6:b3:84:5b:97:78:83:85:10:0d:2e:8e:ba:
                    9b:07:32:75:6f:ea:58:6f:e4:18:b2:a1:bb:26:ac:
                    1b:b9:db:1b:83:b8:8f:71:0f:77:a4:f1:7c:6f:c4:
                    6f:22:74:c5:bd:a6:53:24:19:09:b0:bd:b8:ac:8f:
                    40:3b:55:2e:1a:2f:cb:16:b9:77:4f:54:09:b1:13:
                    23:54:74:65:85:28:30:96:f5:e9:95:2b:f9:c4:a4:
                    02:45:d4:2d:3e:e8:41:53:2e:ff:b4:10:a6:f4:ff:
                    d9:b2:b6:02:7d:5f:66:b6:f4:2f:00:3e:b7:76:28:
                    43:78:32:87:ef:66:97:55:78:93:b3:48:8e:4a:fc:
                    18:96:49:37:fb:a6:dd:9b:2d:39:7b:c0:de:8b:f8:
                    79:43:eb:b9:9a:0f:c5:66:97:ab:1c:1c:ce:c8:49:
                    12:37:6e:37:91:4c:56:06:3b:5a:31:a7:96:39:33:
                    4f:5e:2f:74:7f:c8:da:1c:aa:bb:d7:25:18:ce:ca:
                    89:54:ce:a8:11:1a:3a:eb:70:be:b7:24:67:e8:9f:
                    ec:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:E5:F1:E0:0C:30:DC:E9:69:A6:A5:70:1B:C3:97:E1:56:02:DD:97
            X509v3 Authority Key Identifier:
                keyid:5B:8E:21:C6:89:0B:D7:9A:B7:64:D9:1B:60:C3:9C:3B:7E:49:85:E1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo.rpki.space/repo/Infiniroute/1/5B8E21C6890BD79AB764D91B60C39C3B7E4985E1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W44hxokL15q3ZNkbYMOcO35JheE.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo.rpki.space/repo/Infiniroute/1/326131343a3763303a653030303a3a2f33362d3336203d3e203531333936.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:7c0:e000::/36

    Signature Algorithm: sha256WithRSAEncryption
         92:6d:01:8d:a9:37:b9:34:d4:68:72:d5:37:64:28:1b:5f:26:
         fe:be:8b:b6:12:25:3e:81:e2:15:da:eb:36:29:1a:14:d0:cc:
         0d:35:58:1e:c5:83:0d:b9:f1:cb:e7:bd:ca:39:49:70:0b:4f:
         4c:ef:3b:cf:1c:72:a1:f2:cf:1a:8e:69:0c:05:6a:8d:bb:43:
         10:07:cd:fc:5b:81:d7:b8:c6:cb:10:26:e8:91:1c:72:5c:df:
         53:5f:9a:bf:84:a8:9c:a3:9a:83:16:32:e9:0a:bf:5c:50:37:
         e4:52:11:22:94:b0:5b:2c:b9:e0:6f:43:da:25:b0:44:22:ae:
         c6:d2:7b:ba:54:6b:18:ee:00:14:87:ae:b4:6a:04:6e:ea:07:
         7b:c0:02:01:3a:f5:ba:b4:a9:5e:e2:13:f8:63:ea:5f:7f:d1:
         72:cc:36:fe:a2:6b:2b:3c:64:d2:ea:e0:53:a0:9b:f9:48:f2:
         5f:3c:70:8f:01:67:44:26:da:19:68:53:78:38:a0:80:2f:f0:
         ca:9d:21:11:b9:2d:97:f6:4e:20:e9:96:4f:d4:95:c5:b3:69:
         dc:5e:a2:7d:a6:95:f1:bd:93:79:68:ef:58:7d:04:86:45:fe:
         e6:c6:9f:78:b6:cc:54:2f:d0:e4:19:65:a7:14:2b:fb:af:8e:
         33:9e:5f:28
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgIUWcHrw49Q8JmpwQUOMJKuQQUeIuQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWI4ZTIxYzY4OTBiZDc5YWI3NjRkOTFiNjBjMzljM2I3
ZTQ5ODVlMTAeFw0yNDEwMzAxMzQyNTVaFw0yNTEwMjkxMzQ3NTVaMDMxMTAvBgNV
BAMTKENBRTVGMUUwMEMzMERDRTk2OUE2QTU3MDFCQzM5N0UxNTYwMkREOTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxL3NQdEMafB7Koow598b3zuri
KHfTqYg1vqLu1zX4sJJesH7cxsQ5pULvhUSi9rOEW5d4g4UQDS6OupsHMnVv6lhv
5BiyobsmrBu52xuDuI9xD3ek8XxvxG8idMW9plMkGQmwvbisj0A7VS4aL8sWuXdP
VAmxEyNUdGWFKDCW9emVK/nEpAJF1C0+6EFTLv+0EKb0/9mytgJ9X2a29C8APrd2
KEN4MofvZpdVeJOzSI5K/BiWSTf7pt2bLTl7wN6L+HlD67maD8Vml6scHM7ISRI3
bjeRTFYGO1oxp5Y5M09eL3R/yNocqrvXJRjOyolUzqgRGjrrcL63JGfon+z7AgMB
AAGjggHrMIIB5zAdBgNVHQ4EFgQUyuXx4Aww3OlppqVwG8OX4VYC3ZcwHwYDVR0j
BBgwFoAUW44hxokL15q3ZNkbYMOcO35JheEwDgYDVR0PAQH/BAQDAgeAMGgGA1Ud
HwRhMF8wXaBboFmGV3JzeW5jOi8vcmVwby5ycGtpLnNwYWNlL3JlcG8vSW5maW5p
cm91dGUvMS81QjhFMjFDNjg5MEJENzlBQjc2NEQ5MUI2MEMzOUMzQjdFNDk4NUUx
LmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvVzQ0aHhva0wxNXEzWk5rYllNT2NP
MzVKaGVFLmNlcjCBhwYIKwYBBQUHAQsEezB5MHcGCCsGAQUFBzALhmtyc3luYzov
L3JlcG8ucnBraS5zcGFjZS9yZXBvL0luZmluaXJvdXRlLzEvMzI2MTMxMzQzYTM3
NjMzMDNhNjUzMDMwMzAzYTNhMmYzMzM2MmQzMzM2MjAzZDNlMjAzNTMxMzMzOTM2
LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIw
EDAOBAIAAjAIAwYEKhQHwOAwDQYJKoZIhvcNAQELBQADggEBAJJtAY2pN7k01Ghy
1TdkKBtfJv6+i7YSJT6B4hXa6zYpGhTQzA01WB7Fgw258cvnvco5SXALT0zvO88c
cqHyzxqOaQwFao27QxAHzfxbgde4xssQJuiRHHJc31Nfmr+EqJyjmoMWMukKv1xQ
N+RSESKUsFssueBvQ9olsEQirsbSe7pUaxjuABSHrrRqBG7qB3vAAgE69bq0qV7i
E/hj6l9/0XLMNv6iays8ZNLq4FOgm/lI8l88cI8BZ0Qm2hloU3g4oIAv8MqdIRG5
LZf2TiDplk/UlcWzadxeon2mlfG9k3lo71h9BIZF/ubGn3i2zFQv0OQZZacUK/uv
jjOeXyg=
-----END CERTIFICATE-----
Generated at Wed Nov 20 21:51:52 2024 by rpki-client on console-fra.rpki-client.org