Route Origin Authorization

$ rpki-client -vvf repo.rpki.space/repo/Pfcloud/0/326131343a3763323a3a2f33312d3332203d3e203531333936.roa
File:                     326131343a3763323a3a2f33312d3332203d3e203531333936.roa (raw, json)
Hash identifier:          7i5tKLUJOF5/YI3qNxy4wN+GGK/8ueCL+aFJI7w/reg=
Subject key identifier:   6E:06:9F:F3:2A:1B:3A:8F:9D:72:27:9E:F5:6D:57:B4:83:25:F7:EC
Certificate issuer:       /CN=43FB377824B048048B8756B6C65C599B82AEB5B9
Certificate serial:       3CB39266CF6B13F130AE7024DAC40AA16081830B
Authority key identifier: 43:FB:37:78:24:B0:48:04:8B:87:56:B6:C6:5C:59:9B:82:AE:B5:B9
Authority info access:    rsync://repo.rpki.space/repo/Infiniroute/1/43FB377824B048048B8756B6C65C599B82AEB5B9.cer
Subject info access:      rsync://repo.rpki.space/repo/Pfcloud/0/326131343a3763323a3a2f33312d3332203d3e203531333936.roa
Signing time:             Tue 28 May 2024 16:19:18 +0000
ROA not before:           Tue 28 May 2024 16:14:18 +0000
ROA not after:            Tue 27 May 2025 16:19:18 +0000
asID:                     51396
IP address blocks:        2a14:7c2::/31 maxlen: 32

Validation:               OK
Signature path:           rsync://repo.rpki.space/repo/Pfcloud/0/43FB377824B048048B8756B6C65C599B82AEB5B9.crl
                          rsync://repo.rpki.space/repo/Pfcloud/0/43FB377824B048048B8756B6C65C599B82AEB5B9.mft
                          rsync://repo.rpki.space/repo/Infiniroute/1/43FB377824B048048B8756B6C65C599B82AEB5B9.cer
                          rsync://repo.rpki.space/repo/Infiniroute/1/5B8E21C6890BD79AB764D91B60C39C3B7E4985E1.crl
                          rsync://repo.rpki.space/repo/Infiniroute/1/5B8E21C6890BD79AB764D91B60C39C3B7E4985E1.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/W44hxokL15q3ZNkbYMOcO35JheE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 21 Nov 2024 15:27:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3c:b3:92:66:cf:6b:13:f1:30:ae:70:24:da:c4:0a:a1:60:81:83:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43FB377824B048048B8756B6C65C599B82AEB5B9
        Validity
            Not Before: May 28 16:14:18 2024 GMT
            Not After : May 27 16:19:18 2025 GMT
        Subject: CN=6E069FF32A1B3A8F9D72279EF56D57B48325F7EC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:e3:dd:b9:a3:ce:33:72:98:86:c5:79:ef:c6:
                    57:31:31:9a:57:56:7a:ea:a4:b7:d0:72:53:a2:f7:
                    ad:13:a7:90:2a:38:d6:a2:1f:1c:57:b1:c8:b1:2a:
                    0b:a8:a9:35:94:2a:70:36:1e:78:02:f4:5f:d9:1a:
                    9f:9b:53:af:ed:6c:b6:bf:3b:20:6a:48:eb:c4:57:
                    13:ad:19:01:d5:42:31:a7:05:00:05:68:b7:f3:72:
                    8a:e4:45:5a:46:1d:20:cf:d1:95:f4:62:3c:57:9c:
                    31:8b:42:ed:58:11:cc:17:0d:f0:a8:ee:09:9c:6f:
                    8d:66:e4:01:7b:53:40:ac:46:b1:3d:63:e0:85:f1:
                    20:e0:9b:9d:7b:7e:ed:57:3e:4b:c5:5d:0c:6e:25:
                    dc:0b:c0:40:41:9e:eb:73:17:7f:95:d7:3e:10:c6:
                    4d:fd:15:97:3f:37:e2:b1:57:96:8f:3b:2c:fe:03:
                    93:e0:b3:15:1b:ab:a9:29:dd:95:55:a5:46:df:90:
                    5e:99:11:bb:70:51:e6:7c:c7:f2:b1:c1:b8:58:51:
                    7b:de:a6:68:7c:54:58:44:38:69:0b:f6:6b:13:08:
                    21:9d:8a:6a:0b:cc:9c:01:a5:fc:3a:9d:d7:bc:22:
                    df:6d:b7:8d:4a:3f:8b:fc:7a:b6:89:96:bd:63:39:
                    d6:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:06:9F:F3:2A:1B:3A:8F:9D:72:27:9E:F5:6D:57:B4:83:25:F7:EC
            X509v3 Authority Key Identifier:
                keyid:43:FB:37:78:24:B0:48:04:8B:87:56:B6:C6:5C:59:9B:82:AE:B5:B9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo.rpki.space/repo/Pfcloud/0/43FB377824B048048B8756B6C65C599B82AEB5B9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo.rpki.space/repo/Infiniroute/1/43FB377824B048048B8756B6C65C599B82AEB5B9.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo.rpki.space/repo/Pfcloud/0/326131343a3763323a3a2f33312d3332203d3e203531333936.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:7c2::/31

    Signature Algorithm: sha256WithRSAEncryption
         53:7e:88:bf:0c:6c:e4:98:39:ae:5a:82:73:46:39:71:08:fa:
         67:4e:3b:00:a2:df:55:0b:eb:3c:18:91:02:7a:25:ad:24:10:
         2f:e3:b2:c4:ca:39:b3:f4:e4:9b:b4:ff:26:a2:12:cd:ae:8b:
         26:9a:3a:88:d1:d1:38:81:1a:49:27:78:f7:a1:99:10:6d:a1:
         3f:bf:a9:6e:b6:b7:65:79:f8:bb:4a:fc:40:4b:35:1f:fe:f5:
         ce:67:83:3f:e5:68:f2:7a:d3:e4:df:ab:3a:fa:da:34:65:d9:
         ea:64:31:04:1d:2f:2a:e2:07:8e:78:c2:35:54:57:da:b4:d7:
         17:e7:3e:3a:9d:8f:54:75:71:2d:5e:b8:db:0e:14:c7:44:66:
         b1:92:7c:aa:b1:62:ad:32:f7:2d:6e:ac:7c:c0:ce:a8:6d:fa:
         8b:27:7f:b9:7b:7c:81:0a:de:87:9f:91:18:30:94:95:02:fe:
         f5:ee:54:53:8c:6c:cf:7f:6a:1f:07:f8:c9:e9:fd:83:b9:33:
         e4:8a:bf:65:eb:b4:26:60:be:1b:5c:1b:5f:52:32:62:f3:c4:
         c5:f3:43:83:87:33:78:cf:87:1d:b3:70:22:11:19:5d:a9:81:
         08:8b:8f:56:b2:60:14:4d:6a:d5:aa:0f:fd:d3:af:c4:ab:cf:
         70:ca:ad:23
-----BEGIN CERTIFICATE-----
MIIE3DCCA8SgAwIBAgIUPLOSZs9rE/EwrnAk2sQKoWCBgwswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDNGQjM3NzgyNEIwNDgwNDhCODc1NkI2QzY1QzU5OUI4
MkFFQjVCOTAeFw0yNDA1MjgxNjE0MThaFw0yNTA1MjcxNjE5MThaMDMxMTAvBgNV
BAMTKDZFMDY5RkYzMkExQjNBOEY5RDcyMjc5RUY1NkQ1N0I0ODMyNUY3RUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCh4925o84zcpiGxXnvxlcxMZpX
VnrqpLfQclOi960Tp5AqONaiHxxXscixKguoqTWUKnA2HngC9F/ZGp+bU6/tbLa/
OyBqSOvEVxOtGQHVQjGnBQAFaLfzcorkRVpGHSDP0ZX0YjxXnDGLQu1YEcwXDfCo
7gmcb41m5AF7U0CsRrE9Y+CF8SDgm517fu1XPkvFXQxuJdwLwEBBnutzF3+V1z4Q
xk39FZc/N+KxV5aPOyz+A5PgsxUbq6kp3ZVVpUbfkF6ZEbtwUeZ8x/KxwbhYUXve
pmh8VFhEOGkL9msTCCGdimoLzJwBpfw6nde8It9tt41KP4v8eraJlr1jOdbBAgMB
AAGjggHmMIIB4jAdBgNVHQ4EFgQUbgaf8yobOo+dciee9W1XtIMl9+wwHwYDVR0j
BBgwFoAUQ/s3eCSwSASLh1a2xlxZm4KutbkwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud
HwRdMFswWaBXoFWGU3JzeW5jOi8vcmVwby5ycGtpLnNwYWNlL3JlcG8vUGZjbG91
ZC8wLzQzRkIzNzc4MjRCMDQ4MDQ4Qjg3NTZCNkM2NUM1OTlCODJBRUI1QjkuY3Js
MHMGCCsGAQUFBwEBBGcwZTBjBggrBgEFBQcwAoZXcnN5bmM6Ly9yZXBvLnJwa2ku
c3BhY2UvcmVwby9JbmZpbmlyb3V0ZS8xLzQzRkIzNzc4MjRCMDQ4MDQ4Qjg3NTZC
NkM2NUM1OTlCODJBRUI1QjkuY2VyMHkGCCsGAQUFBwELBG0wazBpBggrBgEFBQcw
C4ZdcnN5bmM6Ly9yZXBvLnJwa2kuc3BhY2UvcmVwby9QZmNsb3VkLzAvMzI2MTMx
MzQzYTM3NjMzMjNhM2EyZjMzMzEyZDMzMzIyMDNkM2UyMDM1MzEzMzM5MzYucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0E
AgACMAcDBQEqFAfCMA0GCSqGSIb3DQEBCwUAA4IBAQBTfoi/DGzkmDmuWoJzRjlx
CPpnTjsAot9VC+s8GJECeiWtJBAv47LEyjmz9OSbtP8mohLNrosmmjqI0dE4gRpJ
J3j3oZkQbaE/v6lutrdlefi7SvxASzUf/vXOZ4M/5WjyetPk36s6+to0ZdnqZDEE
HS8q4geOeMI1VFfatNcX5z46nY9UdXEtXrjbDhTHRGaxknyqsWKtMvctbqx8wM6o
bfqLJ3+5e3yBCt6Hn5EYMJSVAv717lRTjGzPf2ofB/jJ6f2DuTPkir9l67QmYL4b
XBtfUjJi88TF80ODhzN4z4cds3AiERldqYEIi49WsmAUTWrVqg/906/Eq89wyq0j
-----END CERTIFICATE-----