Route Origin Authorization

$ rpki-client -vvf repo.rpki.space/repo/Pfcloud/0/326131343a3763323a3a2f33312d3332203d3e203531333936.roa
File:                     326131343a3763323a3a2f33312d3332203d3e203531333936.roa (raw, json)
Hash identifier:          BnqGqWCqFbZRAQvqh2fuARYnYagyLSJRBck3hTgawF8=
Subject key identifier:   80:77:F8:99:BA:3A:EC:37:40:C7:32:EE:19:59:09:E9:E8:8D:2D:5D
Certificate issuer:       /CN=43FB377824B048048B8756B6C65C599B82AEB5B9
Certificate serial:       342DC5DD397A65C7A2AC5431CC99C472C9AEFB89
Authority key identifier: 43:FB:37:78:24:B0:48:04:8B:87:56:B6:C6:5C:59:9B:82:AE:B5:B9
Authority info access:    rsync://repo.rpki.space/repo/Infiniroute/1/43FB377824B048048B8756B6C65C599B82AEB5B9.cer
Subject info access:      rsync://repo.rpki.space/repo/Pfcloud/0/326131343a3763323a3a2f33312d3332203d3e203531333936.roa
Signing time:             Tue 29 Apr 2025 16:19:19 +0000
ROA not before:           Tue 29 Apr 2025 16:14:19 +0000
ROA not after:            Tue 28 Apr 2026 16:19:19 +0000
asID:                     51396
IP address blocks:        2a14:7c2::/31 maxlen: 32
Validation:               OK
Signature path:           rsync://repo.rpki.space/repo/Pfcloud/0/43FB377824B048048B8756B6C65C599B82AEB5B9.crl
                          rsync://repo.rpki.space/repo/Pfcloud/0/43FB377824B048048B8756B6C65C599B82AEB5B9.mft
                          rsync://repo.rpki.space/repo/Infiniroute/1/43FB377824B048048B8756B6C65C599B82AEB5B9.cer
                          rsync://repo.rpki.space/repo/Infiniroute/1/5B8E21C6890BD79AB764D91B60C39C3B7E4985E1.crl
                          rsync://repo.rpki.space/repo/Infiniroute/1/5B8E21C6890BD79AB764D91B60C39C3B7E4985E1.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/W44hxokL15q3ZNkbYMOcO35JheE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Sep 2025 11:00:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            34:2d:c5:dd:39:7a:65:c7:a2:ac:54:31:cc:99:c4:72:c9:ae:fb:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43FB377824B048048B8756B6C65C599B82AEB5B9
        Validity
            Not Before: Apr 29 16:14:19 2025 GMT
            Not After : Apr 28 16:19:19 2026 GMT
        Subject: CN=8077F899BA3AEC3740C732EE195909E9E88D2D5D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:8f:23:6e:03:2a:f3:ad:59:23:55:d0:74:76:
                    88:ad:69:8d:a1:d8:aa:2e:5d:aa:d6:ad:4a:53:89:
                    e4:36:ec:7a:d7:87:d4:97:ac:14:15:8a:39:cd:2d:
                    3c:fe:5e:6d:64:8c:9f:7f:59:11:bc:c6:5c:18:e6:
                    a9:cc:2a:20:e8:c7:4a:19:d6:61:dc:9c:1a:91:d2:
                    ee:e3:ff:5c:2e:9e:9c:05:ba:a1:4f:48:76:73:6d:
                    4b:56:61:a5:b9:74:7b:9d:f2:e1:8f:2e:5e:6a:38:
                    15:7e:3e:e8:6f:76:24:8f:43:2c:87:58:47:9a:6e:
                    ca:c2:62:6c:f9:74:db:8a:b3:c1:c9:ee:97:5d:56:
                    cd:0f:36:ba:e4:aa:cd:dd:87:3d:2c:08:7f:d6:f5:
                    05:73:81:4b:f4:fe:a8:36:3b:7f:3c:b7:66:3e:72:
                    94:73:68:d1:1a:32:0a:6f:a0:d3:96:ac:c9:27:59:
                    6c:28:db:cf:a4:19:6c:29:59:45:13:77:18:48:d4:
                    77:87:1c:c2:88:05:73:e2:e8:64:69:b9:64:e2:48:
                    01:28:ce:55:54:50:2a:38:a3:34:b7:6d:b1:f5:75:
                    4c:f1:e2:69:de:6c:70:13:ae:43:62:2f:60:90:6e:
                    84:e4:c4:8f:6a:7a:d4:23:22:58:0a:7e:bc:71:49:
                    c3:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:77:F8:99:BA:3A:EC:37:40:C7:32:EE:19:59:09:E9:E8:8D:2D:5D
            X509v3 Authority Key Identifier:
                keyid:43:FB:37:78:24:B0:48:04:8B:87:56:B6:C6:5C:59:9B:82:AE:B5:B9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo.rpki.space/repo/Pfcloud/0/43FB377824B048048B8756B6C65C599B82AEB5B9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo.rpki.space/repo/Infiniroute/1/43FB377824B048048B8756B6C65C599B82AEB5B9.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo.rpki.space/repo/Pfcloud/0/326131343a3763323a3a2f33312d3332203d3e203531333936.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a14:7c2::/31

    Signature Algorithm: sha256WithRSAEncryption
         9f:86:d7:dd:f5:21:e8:94:5d:c4:af:f0:2b:04:3f:21:84:ec:
         66:d8:c4:3d:6d:46:a9:a7:60:80:7b:63:93:5e:73:a4:2d:51:
         04:f7:15:61:98:7c:57:f1:2d:16:fe:bf:91:c5:0f:e7:c2:f7:
         54:cd:0a:e3:48:58:88:ab:28:b4:ae:b6:48:44:3d:a6:ac:31:
         d1:7f:90:2e:ea:4c:d5:5d:ce:b2:4b:60:25:9c:60:5c:48:10:
         0e:65:22:e3:ac:20:43:b0:01:91:28:0e:27:06:99:01:82:d1:
         b2:2a:71:43:dc:69:18:47:b6:dc:47:96:04:d1:0b:35:33:59:
         1c:c2:8f:3c:a6:ac:c9:f8:2d:85:a3:01:89:bf:90:a4:13:70:
         68:fc:41:35:db:9e:c9:9e:22:59:3a:9a:ac:0f:28:76:49:b4:
         58:37:fc:4f:95:13:a1:38:96:de:38:14:42:32:b7:5e:19:a8:
         38:4d:eb:de:e9:32:67:f5:40:9a:68:60:c7:b7:48:56:b1:e9:
         9a:34:3d:76:6c:bb:03:56:35:f8:46:93:1b:34:43:47:83:bd:
         bd:38:70:52:a1:73:7c:6b:95:7c:bb:c3:51:2f:d0:b6:0e:38:
         dc:0e:ec:83:b5:cd:a6:36:87:32:95:88:57:5b:4d:51:04:ea:
         4a:fa:e8:6c
-----BEGIN CERTIFICATE-----
MIIE3DCCA8SgAwIBAgIUNC3F3Tl6ZceirFQxzJnEcsmu+4kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDNGQjM3NzgyNEIwNDgwNDhCODc1NkI2QzY1QzU5OUI4
MkFFQjVCOTAeFw0yNTA0MjkxNjE0MTlaFw0yNjA0MjgxNjE5MTlaMDMxMTAvBgNV
BAMTKDgwNzdGODk5QkEzQUVDMzc0MEM3MzJFRTE5NTkwOUU5RTg4RDJENUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrjyNuAyrzrVkjVdB0doitaY2h
2KouXarWrUpTieQ27HrXh9SXrBQVijnNLTz+Xm1kjJ9/WRG8xlwY5qnMKiDox0oZ
1mHcnBqR0u7j/1wunpwFuqFPSHZzbUtWYaW5dHud8uGPLl5qOBV+PuhvdiSPQyyH
WEeabsrCYmz5dNuKs8HJ7pddVs0PNrrkqs3dhz0sCH/W9QVzgUv0/qg2O388t2Y+
cpRzaNEaMgpvoNOWrMknWWwo28+kGWwpWUUTdxhI1HeHHMKIBXPi6GRpuWTiSAEo
zlVUUCo4ozS3bbH1dUzx4mnebHATrkNiL2CQboTkxI9qetQjIlgKfrxxScNNAgMB
AAGjggHmMIIB4jAdBgNVHQ4EFgQUgHf4mbo67DdAxzLuGVkJ6eiNLV0wHwYDVR0j
BBgwFoAUQ/s3eCSwSASLh1a2xlxZm4KutbkwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud
HwRdMFswWaBXoFWGU3JzeW5jOi8vcmVwby5ycGtpLnNwYWNlL3JlcG8vUGZjbG91
ZC8wLzQzRkIzNzc4MjRCMDQ4MDQ4Qjg3NTZCNkM2NUM1OTlCODJBRUI1QjkuY3Js
MHMGCCsGAQUFBwEBBGcwZTBjBggrBgEFBQcwAoZXcnN5bmM6Ly9yZXBvLnJwa2ku
c3BhY2UvcmVwby9JbmZpbmlyb3V0ZS8xLzQzRkIzNzc4MjRCMDQ4MDQ4Qjg3NTZC
NkM2NUM1OTlCODJBRUI1QjkuY2VyMHkGCCsGAQUFBwELBG0wazBpBggrBgEFBQcw
C4ZdcnN5bmM6Ly9yZXBvLnJwa2kuc3BhY2UvcmVwby9QZmNsb3VkLzAvMzI2MTMx
MzQzYTM3NjMzMjNhM2EyZjMzMzEyZDMzMzIyMDNkM2UyMDM1MzEzMzM5MzYucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0E
AgACMAcDBQEqFAfCMA0GCSqGSIb3DQEBCwUAA4IBAQCfhtfd9SHolF3Er/ArBD8h
hOxm2MQ9bUapp2CAe2OTXnOkLVEE9xVhmHxX8S0W/r+RxQ/nwvdUzQrjSFiIqyi0
rrZIRD2mrDHRf5Au6kzVXc6yS2AlnGBcSBAOZSLjrCBDsAGRKA4nBpkBgtGyKnFD
3GkYR7bcR5YE0Qs1M1kcwo88pqzJ+C2FowGJv5CkE3Bo/EE1257JniJZOpqsDyh2
SbRYN/xPlROhOJbeOBRCMrdeGag4Teve6TJn9UCaaGDHt0hWsemaND12bLsDVjX4
RpMbNENHg729OHBSoXN8a5V8u8NRL9C2DjjcDuyDtc2mNocylYhXW01RBOpK+uhs
-----END CERTIFICATE-----