Route Origin Authorization

$ rpki-client -vvf rpki-01.pdxnet.uk/repo/paradoxnetworks/2/326130353a646663343a313333663a3a2f34382d3438203d3e203532303235.roa
File:                     326130353a646663343a313333663a3a2f34382d3438203d3e203532303235.roa (raw, json)
Hash identifier:          mZPKa6pxc5ebXc6U4UdGOewK3hVz3NufGmZ/P8zbNRg=
Subject key identifier:   0D:CC:C5:31:DC:D9:CB:BD:6C:BD:B6:C8:FD:7B:42:72:B4:69:88:A9
Certificate issuer:       /CN=0AAD221E4070989D4939FACA0F0981AB26E93895
Certificate serial:       4D32B99BC802C8D94CC79C3A4B836479FDD9CEB7
Authority key identifier: 0A:AD:22:1E:40:70:98:9D:49:39:FA:CA:0F:09:81:AB:26:E9:38:95
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0AAD221E4070989D4939FACA0F0981AB26E93895.cer
Subject info access:      rsync://rpki-01.pdxnet.uk/repo/paradoxnetworks/2/326130353a646663343a313333663a3a2f34382d3438203d3e203532303235.roa
Signing time:             Thu 23 May 2024 12:48:59 +0000
ROA not before:           Thu 23 May 2024 12:43:59 +0000
ROA not after:            Thu 22 May 2025 12:48:59 +0000
asID:                     52025
IP address blocks:        2a05:dfc4:133f::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-01.pdxnet.uk/repo/paradoxnetworks/2/0AAD221E4070989D4939FACA0F0981AB26E93895.crl
                          rsync://rpki-01.pdxnet.uk/repo/paradoxnetworks/2/0AAD221E4070989D4939FACA0F0981AB26E93895.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0AAD221E4070989D4939FACA0F0981AB26E93895.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 04 Dec 2024 09:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4d:32:b9:9b:c8:02:c8:d9:4c:c7:9c:3a:4b:83:64:79:fd:d9:ce:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0AAD221E4070989D4939FACA0F0981AB26E93895
        Validity
            Not Before: May 23 12:43:59 2024 GMT
            Not After : May 22 12:48:59 2025 GMT
        Subject: CN=0DCCC531DCD9CBBD6CBDB6C8FD7B4272B46988A9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:74:c4:b7:0b:97:9f:7b:2e:5f:f5:1d:40:87:
                    27:d7:d0:43:3f:c8:b7:39:62:4b:d6:b3:1b:f7:fd:
                    8c:2b:9d:03:e5:bf:60:4f:51:82:de:43:8a:d3:61:
                    5e:bf:0b:87:28:96:6a:1a:a0:48:99:dd:2c:ad:2e:
                    71:8c:06:a9:19:77:e1:f2:76:5d:10:61:ab:7b:2c:
                    72:c7:65:f0:e7:e2:a5:27:18:51:9a:76:04:58:d2:
                    5d:c9:aa:f7:18:d3:e2:15:39:d1:e5:eb:a0:27:13:
                    a4:c3:7b:7f:fd:c6:9c:52:45:1a:d3:99:3e:94:af:
                    f5:1b:7a:84:1d:f8:a9:ba:66:95:c4:53:ae:0d:43:
                    48:cd:67:5f:87:30:7d:00:05:d2:12:57:d0:37:1f:
                    c8:09:9d:74:9b:13:97:fc:c7:17:f2:39:af:31:8f:
                    75:12:e7:94:b1:e7:cd:1b:07:46:90:ef:1a:4c:bb:
                    a0:38:15:72:1e:c4:16:f5:b4:13:f0:29:18:77:59:
                    b1:52:0f:5c:0e:c9:f1:ba:55:e8:76:4d:e2:d1:a8:
                    16:38:ba:8f:68:b1:9f:a4:92:70:ab:44:28:53:e7:
                    a5:34:50:7e:63:3d:ec:09:34:ca:87:37:a1:23:c0:
                    75:89:c8:19:49:a6:30:e6:73:c8:6b:39:25:f9:ea:
                    f4:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:CC:C5:31:DC:D9:CB:BD:6C:BD:B6:C8:FD:7B:42:72:B4:69:88:A9
            X509v3 Authority Key Identifier:
                keyid:0A:AD:22:1E:40:70:98:9D:49:39:FA:CA:0F:09:81:AB:26:E9:38:95

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-01.pdxnet.uk/repo/paradoxnetworks/2/0AAD221E4070989D4939FACA0F0981AB26E93895.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0AAD221E4070989D4939FACA0F0981AB26E93895.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-01.pdxnet.uk/repo/paradoxnetworks/2/326130353a646663343a313333663a3a2f34382d3438203d3e203532303235.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a05:dfc4:133f::/48

    Signature Algorithm: sha256WithRSAEncryption
         0d:68:60:e3:6a:95:eb:39:8b:58:e0:6d:e3:b6:c0:11:0f:2f:
         db:2d:c5:eb:c7:d0:e9:24:e3:30:8c:b8:f8:93:45:60:48:63:
         75:03:52:2b:ed:58:a0:99:89:21:df:32:5a:41:c2:b3:f5:d3:
         2e:10:1e:87:7c:96:45:48:22:a9:58:a7:52:37:79:4e:5c:4e:
         77:dd:4a:9f:f6:86:57:f0:a9:66:e0:12:5f:e9:3b:51:27:ca:
         3d:c7:c1:72:ff:b8:3b:a1:e7:8b:4d:13:a4:58:63:68:24:ca:
         c4:ae:26:a1:4c:2c:cf:d2:be:69:49:7f:40:4e:f7:51:5d:d7:
         05:1d:0f:f7:77:06:d2:e5:89:4e:09:9f:f3:08:2e:d6:d9:23:
         b6:c5:25:2a:da:25:12:03:62:b8:0e:c9:66:ec:73:82:79:bb:
         8c:16:d5:62:b5:78:37:b5:b5:05:d0:0c:ca:eb:18:58:04:c6:
         22:08:a3:db:22:1d:7b:94:8c:1e:80:36:0f:44:07:0b:08:5d:
         39:79:fc:ae:4a:4b:21:e6:92:9a:85:1e:d7:ee:4b:af:e5:64:
         8a:3f:3c:79:db:ab:9a:18:6a:a7:cf:bb:d8:8e:0c:cb:49:69:
         07:e9:01:1a:ad:0b:61:3a:4b:e1:cf:bd:34:cb:48:eb:5a:2c:
         f4:8b:b5:94
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgIUTTK5m8gCyNlMx5w6S4Nkef3ZzrcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMEFBRDIyMUU0MDcwOTg5RDQ5MzlGQUNBMEYwOTgxQUIy
NkU5Mzg5NTAeFw0yNDA1MjMxMjQzNTlaFw0yNTA1MjIxMjQ4NTlaMDMxMTAvBgNV
BAMTKDBEQ0NDNTMxRENEOUNCQkQ2Q0JEQjZDOEZEN0I0MjcyQjQ2OTg4QTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRdMS3C5efey5f9R1AhyfX0EM/
yLc5YkvWsxv3/YwrnQPlv2BPUYLeQ4rTYV6/C4colmoaoEiZ3SytLnGMBqkZd+Hy
dl0QYat7LHLHZfDn4qUnGFGadgRY0l3JqvcY0+IVOdHl66AnE6TDe3/9xpxSRRrT
mT6Ur/UbeoQd+Km6ZpXEU64NQ0jNZ1+HMH0ABdISV9A3H8gJnXSbE5f8xxfyOa8x
j3US55Sx580bB0aQ7xpMu6A4FXIexBb1tBPwKRh3WbFSD1wOyfG6Veh2TeLRqBY4
uo9osZ+kknCrRChT56U0UH5jPewJNMqHN6EjwHWJyBlJpjDmc8hrOSX56vTtAgMB
AAGjggIsMIICKDAdBgNVHQ4EFgQUDczFMdzZy71svbbI/XtCcrRpiKkwHwYDVR0j
BBgwFoAUCq0iHkBwmJ1JOfrKDwmBqybpOJUwDgYDVR0PAQH/BAQDAgeAMG4GA1Ud
HwRnMGUwY6BhoF+GXXJzeW5jOi8vcnBraS0wMS5wZHhuZXQudWsvcmVwby9wYXJh
ZG94bmV0d29ya3MvMi8wQUFEMjIxRTQwNzA5ODlENDkzOUZBQ0EwRjA5ODFBQjI2
RTkzODk1LmNybDCBkwYIKwYBBQUHAQEEgYYwgYMwgYAGCCsGAQUFBzAChnRyc3lu
YzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRvcnkvOGE4NDhhZGY4NTBkMDYz
ZTAxODU3NTVjOTFiZTNmOWQvMi8wQUFEMjIxRTQwNzA5ODlENDkzOUZBQ0EwRjA5
ODFBQjI2RTkzODk1LmNlcjCBkQYIKwYBBQUHAQsEgYQwgYEwfwYIKwYBBQUHMAuG
c3JzeW5jOi8vcnBraS0wMS5wZHhuZXQudWsvcmVwby9wYXJhZG94bmV0d29ya3Mv
Mi8zMjYxMzAzNTNhNjQ2NjYzMzQzYTMxMzMzMzY2M2EzYTJmMzQzODJkMzQzODIw
M2QzZTIwMzUzMjMwMzIzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF38QTPzANBgkqhkiG9w0BAQsF
AAOCAQEADWhg42qV6zmLWOBt47bAEQ8v2y3F68fQ6STjMIy4+JNFYEhjdQNSK+1Y
oJmJId8yWkHCs/XTLhAeh3yWRUgiqVinUjd5TlxOd91Kn/aGV/CpZuASX+k7USfK
PcfBcv+4O6Hni00TpFhjaCTKxK4moUwsz9K+aUl/QE73UV3XBR0P93cG0uWJTgmf
8wgu1tkjtsUlKtolEgNiuA7JZuxzgnm7jBbVYrV4N7W1BdAMyusYWATGIgij2yId
e5SMHoA2D0QHCwhdOXn8rkpLIeaSmoUe1+5Lr+Vkij88edurmhhqp8+72I4My0lp
B+kBGq0LYTpL4c+9NMtI61os9Iu1lA==
-----END CERTIFICATE-----
Generated at Tue Dec 3 11:04:25 2024 by rpki-client on console-fra.rpki-client.org