Route Origin Authorization

$ rpki-client -vvf rpki-01.pdxnet.uk/repo/paradoxnetworks/2/326130353a646663343a313532373a3a2f34382d313238203d3e203532303235.roa
File:                     326130353a646663343a313532373a3a2f34382d313238203d3e203532303235.roa (raw, json)
Hash identifier:          2AODb9svi3mOqWMhnljdhVE62gNSdmH+r8msjuFMLu0=
Subject key identifier:   38:2A:E0:D2:97:94:CA:42:71:F8:0F:41:53:7E:58:64:C6:7E:5C:CB
Certificate issuer:       /CN=0AAD221E4070989D4939FACA0F0981AB26E93895
Certificate serial:       2381D4E1E11FF7AA0E2A7DA9981728ADCEAA5ADA
Authority key identifier: 0A:AD:22:1E:40:70:98:9D:49:39:FA:CA:0F:09:81:AB:26:E9:38:95
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0AAD221E4070989D4939FACA0F0981AB26E93895.cer
Subject info access:      rsync://rpki-01.pdxnet.uk/repo/paradoxnetworks/2/326130353a646663343a313532373a3a2f34382d313238203d3e203532303235.roa
Signing time:             Thu 06 Feb 2025 05:58:58 +0000
ROA not before:           Thu 06 Feb 2025 05:53:58 +0000
ROA not after:            Thu 05 Feb 2026 05:58:58 +0000
asID:                     52025
IP address blocks:        2a05:dfc4:1527::/48 maxlen: 128
Validation:               OK
Signature path:           rsync://rpki-01.pdxnet.uk/repo/paradoxnetworks/2/0AAD221E4070989D4939FACA0F0981AB26E93895.crl
                          rsync://rpki-01.pdxnet.uk/repo/paradoxnetworks/2/0AAD221E4070989D4939FACA0F0981AB26E93895.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0AAD221E4070989D4939FACA0F0981AB26E93895.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 03 Apr 2025 21:50:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            23:81:d4:e1:e1:1f:f7:aa:0e:2a:7d:a9:98:17:28:ad:ce:aa:5a:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0AAD221E4070989D4939FACA0F0981AB26E93895
        Validity
            Not Before: Feb  6 05:53:58 2025 GMT
            Not After : Feb  5 05:58:58 2026 GMT
        Subject: CN=382AE0D29794CA4271F80F41537E5864C67E5CCB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:7d:47:e1:a4:29:c4:5b:31:b0:14:55:44:cf:
                    95:17:3f:0b:2f:ea:58:8a:46:b9:e4:87:4b:43:a5:
                    c8:c6:2a:9c:ae:78:24:c9:7a:12:f0:be:2f:62:4a:
                    3a:0f:03:77:c9:b1:52:26:2f:99:36:56:3a:21:78:
                    d4:72:8b:07:17:ec:99:64:8f:71:f2:36:84:a3:7d:
                    42:0b:b8:39:64:d2:ad:29:5a:41:eb:d5:e3:2a:22:
                    20:60:91:dd:57:99:0a:f4:eb:25:73:5c:b3:28:5b:
                    55:cf:28:80:6b:2c:f5:8d:4e:b9:a5:28:63:90:d3:
                    57:d6:4c:89:09:31:22:74:0c:35:48:69:14:16:e5:
                    83:d1:0a:66:bd:b2:b9:d8:3c:20:fe:0d:9e:64:8a:
                    79:8b:3c:32:5a:5d:43:bb:c5:d5:e1:ee:0a:d0:54:
                    cf:18:0c:50:17:21:bc:8f:cd:18:f5:4b:89:6b:d2:
                    b6:3f:86:ab:3d:b7:12:e3:97:56:90:d5:03:0f:be:
                    70:27:1f:2e:54:b2:72:01:ff:54:65:ee:21:25:9f:
                    6b:0a:cb:b8:b0:2c:0d:ca:1a:e8:ed:6f:e3:1c:f8:
                    39:af:5c:4d:ed:6c:77:c4:15:a7:8e:ad:64:17:e3:
                    a0:2c:7a:e1:8c:ad:1f:54:a1:2e:63:c4:da:3f:65:
                    92:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:2A:E0:D2:97:94:CA:42:71:F8:0F:41:53:7E:58:64:C6:7E:5C:CB
            X509v3 Authority Key Identifier:
                keyid:0A:AD:22:1E:40:70:98:9D:49:39:FA:CA:0F:09:81:AB:26:E9:38:95

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-01.pdxnet.uk/repo/paradoxnetworks/2/0AAD221E4070989D4939FACA0F0981AB26E93895.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0AAD221E4070989D4939FACA0F0981AB26E93895.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-01.pdxnet.uk/repo/paradoxnetworks/2/326130353a646663343a313532373a3a2f34382d313238203d3e203532303235.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a05:dfc4:1527::/48

    Signature Algorithm: sha256WithRSAEncryption
         a6:5c:d7:65:a8:40:9a:c9:86:7c:76:e1:08:2e:d9:b4:88:38:
         1e:58:31:01:a6:99:e6:f4:8e:2d:a4:f8:71:78:e5:cd:4d:89:
         37:46:58:59:1c:42:0f:00:5a:d8:86:b6:cc:67:51:c4:83:3d:
         38:39:88:cf:fd:4c:7e:a2:7d:1c:53:0c:05:10:5d:b4:03:6f:
         1f:45:6f:a3:d5:d6:53:cc:09:96:66:13:ae:09:bb:79:84:38:
         03:81:67:af:07:04:da:dd:68:e9:40:8b:8d:f5:4f:99:b2:c7:
         70:37:19:75:ff:0d:23:ac:77:d0:64:c1:2a:5b:63:58:1a:43:
         c5:2a:94:47:f6:f4:48:26:bc:34:46:e6:4b:b0:31:2a:6e:86:
         1b:91:7f:07:b4:c1:97:73:97:2a:c7:ba:c6:80:ac:54:15:43:
         4a:19:ad:c9:91:48:5f:0e:9c:14:2e:73:a7:76:e6:dd:00:4d:
         e4:2f:54:09:61:50:d4:42:c5:a3:7b:08:e9:61:46:8a:3d:d2:
         72:76:c9:29:34:a1:e0:90:95:78:f9:1f:98:49:c4:65:c7:98:
         86:1a:45:d0:82:f2:d0:ae:e1:66:73:d4:60:6c:2d:d0:46:66:
         a2:80:e9:e3:ba:cb:66:a6:2f:e3:87:3f:e8:2b:57:88:37:24:
         63:ec:27:ba
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgIUI4HU4eEf96oOKn2pmBcorc6qWtowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMEFBRDIyMUU0MDcwOTg5RDQ5MzlGQUNBMEYwOTgxQUIy
NkU5Mzg5NTAeFw0yNTAyMDYwNTUzNThaFw0yNjAyMDUwNTU4NThaMDMxMTAvBgNV
BAMTKDM4MkFFMEQyOTc5NENBNDI3MUY4MEY0MTUzN0U1ODY0QzY3RTVDQ0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1fUfhpCnEWzGwFFVEz5UXPwsv
6liKRrnkh0tDpcjGKpyueCTJehLwvi9iSjoPA3fJsVImL5k2VjoheNRyiwcX7Jlk
j3HyNoSjfUILuDlk0q0pWkHr1eMqIiBgkd1XmQr06yVzXLMoW1XPKIBrLPWNTrml
KGOQ01fWTIkJMSJ0DDVIaRQW5YPRCma9srnYPCD+DZ5kinmLPDJaXUO7xdXh7grQ
VM8YDFAXIbyPzRj1S4lr0rY/hqs9txLjl1aQ1QMPvnAnHy5UsnIB/1Rl7iEln2sK
y7iwLA3KGujtb+Mc+DmvXE3tbHfEFaeOrWQX46AseuGMrR9UoS5jxNo/ZZIzAgMB
AAGjggIvMIICKzAdBgNVHQ4EFgQUOCrg0peUykJx+A9BU35YZMZ+XMswHwYDVR0j
BBgwFoAUCq0iHkBwmJ1JOfrKDwmBqybpOJUwDgYDVR0PAQH/BAQDAgeAMG4GA1Ud
HwRnMGUwY6BhoF+GXXJzeW5jOi8vcnBraS0wMS5wZHhuZXQudWsvcmVwby9wYXJh
ZG94bmV0d29ya3MvMi8wQUFEMjIxRTQwNzA5ODlENDkzOUZBQ0EwRjA5ODFBQjI2
RTkzODk1LmNybDCBkwYIKwYBBQUHAQEEgYYwgYMwgYAGCCsGAQUFBzAChnRyc3lu
YzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRvcnkvOGE4NDhhZGY4NTBkMDYz
ZTAxODU3NTVjOTFiZTNmOWQvMi8wQUFEMjIxRTQwNzA5ODlENDkzOUZBQ0EwRjA5
ODFBQjI2RTkzODk1LmNlcjCBlAYIKwYBBQUHAQsEgYcwgYQwgYEGCCsGAQUFBzAL
hnVyc3luYzovL3Jwa2ktMDEucGR4bmV0LnVrL3JlcG8vcGFyYWRveG5ldHdvcmtz
LzIvMzI2MTMwMzUzYTY0NjY2MzM0M2EzMTM1MzIzNzNhM2EyZjM0MzgyZDMxMzIz
ODIwM2QzZTIwMzUzMjMwMzIzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcO
AjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF38QVJzANBgkqhkiG9w0B
AQsFAAOCAQEAplzXZahAmsmGfHbhCC7ZtIg4HlgxAaaZ5vSOLaT4cXjlzU2JN0ZY
WRxCDwBa2Ia2zGdRxIM9ODmIz/1MfqJ9HFMMBRBdtANvH0Vvo9XWU8wJlmYTrgm7
eYQ4A4FnrwcE2t1o6UCLjfVPmbLHcDcZdf8NI6x30GTBKltjWBpDxSqUR/b0SCa8
NEbmS7AxKm6GG5F/B7TBl3OXKse6xoCsVBVDShmtyZFIXw6cFC5zp3bm3QBN5C9U
CWFQ1ELFo3sI6WFGij3ScnbJKTSh4JCVePkfmEnEZceYhhpF0ILy0K7hZnPUYGwt
0EZmooDp47rLZqYv44c/6CtXiDckY+wnug==
-----END CERTIFICATE-----
Generated at Thu Apr 3 07:18:55 2025 by rpki-client