Route Origin Authorization

$ rpki-client -vvf rpki-01.pdxnet.uk/repo/paradoxnetworks/2/326130353a646663343a62643a3a2f34382d313238203d3e203532303235.roa
File:                     326130353a646663343a62643a3a2f34382d313238203d3e203532303235.roa (raw, json)
Hash identifier:          3C2+YShTwYTkLejJJ4dwPBkCV7tQfybUqklHUhMgCQ4=
Subject key identifier:   BD:38:17:4E:62:C4:A8:E0:44:1C:3A:1D:82:E1:CC:08:58:E5:5F:F9
Certificate issuer:       /CN=0AAD221E4070989D4939FACA0F0981AB26E93895
Certificate serial:       75B26EEBF679F26485F7F94C52AAA2124A95A8BB
Authority key identifier: 0A:AD:22:1E:40:70:98:9D:49:39:FA:CA:0F:09:81:AB:26:E9:38:95
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0AAD221E4070989D4939FACA0F0981AB26E93895.cer
Subject info access:      rsync://rpki-01.pdxnet.uk/repo/paradoxnetworks/2/326130353a646663343a62643a3a2f34382d313238203d3e203532303235.roa
Signing time:             Thu 23 May 2024 12:56:29 +0000
ROA not before:           Thu 23 May 2024 12:51:29 +0000
ROA not after:            Thu 22 May 2025 12:56:29 +0000
asID:                     52025
IP address blocks:        2a05:dfc4:bd::/48 maxlen: 128

Validation:               OK
Signature path:           rsync://rpki-01.pdxnet.uk/repo/paradoxnetworks/2/0AAD221E4070989D4939FACA0F0981AB26E93895.crl
                          rsync://rpki-01.pdxnet.uk/repo/paradoxnetworks/2/0AAD221E4070989D4939FACA0F0981AB26E93895.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0AAD221E4070989D4939FACA0F0981AB26E93895.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 21:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            75:b2:6e:eb:f6:79:f2:64:85:f7:f9:4c:52:aa:a2:12:4a:95:a8:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0AAD221E4070989D4939FACA0F0981AB26E93895
        Validity
            Not Before: May 23 12:51:29 2024 GMT
            Not After : May 22 12:56:29 2025 GMT
        Subject: CN=BD38174E62C4A8E0441C3A1D82E1CC0858E55FF9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:5e:ff:65:12:a8:cc:79:dd:a4:fe:e4:37:b5:
                    05:99:b6:98:36:7f:46:e2:0a:1e:48:2f:54:b1:e4:
                    5c:1f:11:0f:29:78:10:88:0c:18:3c:a0:d8:b8:01:
                    a4:9d:d6:e9:a0:13:c6:d2:a9:ef:0e:14:81:71:f8:
                    0f:2b:b9:90:ba:6b:a2:36:20:6c:7e:b9:43:1e:5d:
                    a2:16:42:a7:77:f5:f4:6f:7d:e5:fc:fb:aa:52:6e:
                    31:b9:34:f2:f3:66:43:ae:6f:72:24:31:c6:bd:b8:
                    78:8a:f4:72:2d:50:6b:b3:fb:0f:3e:f9:0f:4c:64:
                    eb:0e:7b:3d:05:7c:94:8e:2e:87:c1:64:58:17:59:
                    bd:60:2c:93:b5:62:df:8b:29:9b:5d:f1:25:b8:74:
                    05:35:99:22:59:88:fe:82:f0:2a:8d:b2:39:9a:de:
                    c6:d3:4b:92:d1:9d:77:48:73:a5:dc:e3:87:6e:e4:
                    95:62:2f:93:91:cb:0e:30:8e:06:01:74:06:b0:87:
                    c2:1a:d7:e2:fe:7c:15:07:f4:a2:df:73:81:10:45:
                    a8:73:de:e6:69:2c:c3:37:00:17:65:78:4b:5a:74:
                    21:0b:bd:55:18:f3:77:83:31:f5:b5:6f:d6:7a:b8:
                    f3:ef:61:38:58:a1:4e:0c:5b:0c:0f:21:ee:77:a6:
                    ec:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:38:17:4E:62:C4:A8:E0:44:1C:3A:1D:82:E1:CC:08:58:E5:5F:F9
            X509v3 Authority Key Identifier:
                keyid:0A:AD:22:1E:40:70:98:9D:49:39:FA:CA:0F:09:81:AB:26:E9:38:95

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-01.pdxnet.uk/repo/paradoxnetworks/2/0AAD221E4070989D4939FACA0F0981AB26E93895.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0AAD221E4070989D4939FACA0F0981AB26E93895.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-01.pdxnet.uk/repo/paradoxnetworks/2/326130353a646663343a62643a3a2f34382d313238203d3e203532303235.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a05:dfc4:bd::/48

    Signature Algorithm: sha256WithRSAEncryption
         1e:df:8d:77:25:01:57:2a:81:93:8d:22:71:04:a6:75:ed:1d:
         9f:e6:b9:38:2d:bc:ab:a4:ff:ff:4e:56:21:4d:92:72:2b:e2:
         e5:d3:69:b4:cb:d8:69:55:f8:0b:e7:2c:8b:81:e6:34:93:24:
         4d:65:cb:ea:c3:74:42:d1:35:9d:58:9d:d5:05:81:57:68:37:
         5a:09:9e:fd:90:2b:b7:4a:aa:93:31:e8:7c:40:91:55:9e:08:
         5c:f0:8f:68:6c:0c:86:50:93:e0:a1:e7:b6:3d:81:73:eb:4b:
         77:13:6a:c6:99:1a:c5:38:75:fc:95:d9:c0:85:b9:25:09:a7:
         19:c6:c1:93:5b:f8:61:9d:ba:13:ae:49:1c:1c:c7:fa:00:00:
         8b:d5:4a:c5:80:a9:4c:f3:2f:9f:fc:33:d0:f7:08:82:7b:61:
         e5:c2:09:2e:f3:93:b2:b1:c7:a4:f9:22:72:29:96:cf:36:3d:
         81:8b:64:44:03:0f:be:30:b7:3b:d3:d8:9d:22:46:08:13:b4:
         2d:2f:9d:9c:69:c4:0d:de:c6:d3:08:42:82:e8:ec:47:b2:62:
         f4:dc:b9:14:bf:f8:15:82:d3:c4:8d:2a:b5:52:4d:55:b3:48:
         8e:2b:ab:17:8f:95:6f:8d:cc:f3:81:e3:99:6f:c0:c5:1a:d9:
         a6:d9:37:f0
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgIUdbJu6/Z58mSF9/lMUqqiEkqVqLswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMEFBRDIyMUU0MDcwOTg5RDQ5MzlGQUNBMEYwOTgxQUIy
NkU5Mzg5NTAeFw0yNDA1MjMxMjUxMjlaFw0yNTA1MjIxMjU2MjlaMDMxMTAvBgNV
BAMTKEJEMzgxNzRFNjJDNEE4RTA0NDFDM0ExRDgyRTFDQzA4NThFNTVGRjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9Xv9lEqjMed2k/uQ3tQWZtpg2
f0biCh5IL1Sx5FwfEQ8peBCIDBg8oNi4AaSd1umgE8bSqe8OFIFx+A8ruZC6a6I2
IGx+uUMeXaIWQqd39fRvfeX8+6pSbjG5NPLzZkOub3IkMca9uHiK9HItUGuz+w8+
+Q9MZOsOez0FfJSOLofBZFgXWb1gLJO1Yt+LKZtd8SW4dAU1mSJZiP6C8CqNsjma
3sbTS5LRnXdIc6Xc44du5JViL5ORyw4wjgYBdAawh8Ia1+L+fBUH9KLfc4EQRahz
3uZpLMM3ABdleEtadCELvVUY83eDMfW1b9Z6uPPvYThYoU4MWwwPIe53puzLAgMB
AAGjggIpMIICJTAdBgNVHQ4EFgQUvTgXTmLEqOBEHDodguHMCFjlX/kwHwYDVR0j
BBgwFoAUCq0iHkBwmJ1JOfrKDwmBqybpOJUwDgYDVR0PAQH/BAQDAgeAMG4GA1Ud
HwRnMGUwY6BhoF+GXXJzeW5jOi8vcnBraS0wMS5wZHhuZXQudWsvcmVwby9wYXJh
ZG94bmV0d29ya3MvMi8wQUFEMjIxRTQwNzA5ODlENDkzOUZBQ0EwRjA5ODFBQjI2
RTkzODk1LmNybDCBkwYIKwYBBQUHAQEEgYYwgYMwgYAGCCsGAQUFBzAChnRyc3lu
YzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRvcnkvOGE4NDhhZGY4NTBkMDYz
ZTAxODU3NTVjOTFiZTNmOWQvMi8wQUFEMjIxRTQwNzA5ODlENDkzOUZBQ0EwRjA5
ODFBQjI2RTkzODk1LmNlcjCBjgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4Zx
cnN5bmM6Ly9ycGtpLTAxLnBkeG5ldC51ay9yZXBvL3BhcmFkb3huZXR3b3Jrcy8y
LzMyNjEzMDM1M2E2NDY2NjMzNDNhNjI2NDNhM2EyZjM0MzgyZDMxMzIzODIwM2Qz
ZTIwMzUzMjMwMzIzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggr
BgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF38QAvTANBgkqhkiG9w0BAQsFAAOC
AQEAHt+NdyUBVyqBk40icQSmde0dn+a5OC28q6T//05WIU2Scivi5dNptMvYaVX4
C+csi4HmNJMkTWXL6sN0QtE1nVid1QWBV2g3Wgme/ZArt0qqkzHofECRVZ4IXPCP
aGwMhlCT4KHntj2Bc+tLdxNqxpkaxTh1/JXZwIW5JQmnGcbBk1v4YZ26E65JHBzH
+gAAi9VKxYCpTPMvn/wz0PcIgnth5cIJLvOTsrHHpPkicimWzzY9gYtkRAMPvjC3
O9PYnSJGCBO0LS+dnGnEDd7G0whCgujsR7Ji9Ny5FL/4FYLTxI0qtVJNVbNIjiur
F4+Vb43M84HjmW/AxRrZptk38A==
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:00:48 2024 by rpki-client on console-fra.rpki-client.org