Route Origin Authorization

$ rpki-client -vvf rpki-01.pdxnet.uk/repo/paradoxnetworks/2/326130353a646663343a633162663a3a2f34382d3438203d3e203532303235.roa
File:                     326130353a646663343a633162663a3a2f34382d3438203d3e203532303235.roa (raw, json)
Hash identifier:          GgGZynvTBNdbBRIaDaEqTTpFoxQvy5uwCVjBo5n/wHA=
Subject key identifier:   AF:8B:8D:97:AB:BA:DE:C4:63:C3:0C:42:A1:5D:D9:73:1D:54:80:B2
Certificate issuer:       /CN=0AAD221E4070989D4939FACA0F0981AB26E93895
Certificate serial:       0DCA6C6D92387532518993A4A24B5E2FD96DF2C2
Authority key identifier: 0A:AD:22:1E:40:70:98:9D:49:39:FA:CA:0F:09:81:AB:26:E9:38:95
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0AAD221E4070989D4939FACA0F0981AB26E93895.cer
Subject info access:      rsync://rpki-01.pdxnet.uk/repo/paradoxnetworks/2/326130353a646663343a633162663a3a2f34382d3438203d3e203532303235.roa
Signing time:             Thu 23 May 2024 12:50:21 +0000
ROA not before:           Thu 23 May 2024 12:45:21 +0000
ROA not after:            Thu 22 May 2025 12:50:21 +0000
asID:                     52025
IP address blocks:        2a05:dfc4:c1bf::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-01.pdxnet.uk/repo/paradoxnetworks/2/0AAD221E4070989D4939FACA0F0981AB26E93895.crl
                          rsync://rpki-01.pdxnet.uk/repo/paradoxnetworks/2/0AAD221E4070989D4939FACA0F0981AB26E93895.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0AAD221E4070989D4939FACA0F0981AB26E93895.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 21 Nov 2024 15:27:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0d:ca:6c:6d:92:38:75:32:51:89:93:a4:a2:4b:5e:2f:d9:6d:f2:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0AAD221E4070989D4939FACA0F0981AB26E93895
        Validity
            Not Before: May 23 12:45:21 2024 GMT
            Not After : May 22 12:50:21 2025 GMT
        Subject: CN=AF8B8D97ABBADEC463C30C42A15DD9731D5480B2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:10:9a:e0:0e:8b:35:f9:c6:12:40:2e:ce:bd:
                    7e:8d:50:fb:47:bd:84:ee:6e:6f:bf:50:94:c5:80:
                    6e:cd:b1:c7:86:a0:30:c5:ce:79:c1:4d:55:95:b8:
                    1d:bb:59:33:7e:a2:6f:0c:42:fa:7d:5b:0c:cd:e6:
                    75:1c:31:35:89:61:2b:c2:89:7b:a5:2e:88:71:54:
                    07:7f:7b:fc:f1:39:e8:67:fd:74:b9:a7:f1:71:39:
                    dc:f9:db:53:7b:19:35:15:f4:3a:79:2c:dc:0e:d2:
                    26:c3:b4:74:87:f1:ed:36:c5:22:da:19:65:5d:f5:
                    22:61:23:12:ec:87:5b:c5:9c:84:ba:79:00:fb:8c:
                    f3:53:a2:0c:8a:19:8d:4a:82:6f:69:48:22:f6:3a:
                    ed:1f:c6:87:1e:c3:b8:02:a4:b5:8a:d6:8d:67:ad:
                    1e:df:2e:d8:5f:d5:0e:ab:61:f6:e6:ad:56:36:e1:
                    03:80:18:5e:a0:04:11:65:30:3b:91:5a:ab:ad:55:
                    6d:c6:11:e8:29:96:9f:25:1b:8b:80:ce:69:5c:8c:
                    5d:73:70:4d:40:c8:25:a1:d3:95:e6:54:a3:f8:ba:
                    4f:91:3d:49:78:2f:25:c4:5f:53:eb:05:38:58:8f:
                    64:e8:66:02:8f:3d:74:37:d6:3f:59:18:46:e8:21:
                    50:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:8B:8D:97:AB:BA:DE:C4:63:C3:0C:42:A1:5D:D9:73:1D:54:80:B2
            X509v3 Authority Key Identifier:
                keyid:0A:AD:22:1E:40:70:98:9D:49:39:FA:CA:0F:09:81:AB:26:E9:38:95

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-01.pdxnet.uk/repo/paradoxnetworks/2/0AAD221E4070989D4939FACA0F0981AB26E93895.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0AAD221E4070989D4939FACA0F0981AB26E93895.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-01.pdxnet.uk/repo/paradoxnetworks/2/326130353a646663343a633162663a3a2f34382d3438203d3e203532303235.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a05:dfc4:c1bf::/48

    Signature Algorithm: sha256WithRSAEncryption
         2a:97:fb:85:e0:dd:15:b1:c0:c9:da:c7:3d:80:6d:4f:b3:15:
         ce:dc:dc:59:be:c4:91:93:49:49:a0:94:5d:88:10:b5:d3:ad:
         d7:a6:39:8a:bf:83:5b:8a:cf:e2:5b:83:39:67:fa:cb:da:3e:
         cb:b7:b0:03:ce:5e:63:85:0c:7e:c4:17:fd:e9:01:48:0c:66:
         0d:06:94:a4:86:8c:55:6a:8c:19:be:74:89:a7:fc:2d:eb:67:
         ad:7d:89:da:c5:84:e9:d7:99:c9:9b:c4:ca:54:2a:b6:c1:3d:
         64:24:fa:52:36:3d:82:3f:0e:4b:fd:aa:58:51:91:e2:c7:cd:
         a2:65:64:41:5a:71:45:fd:75:0d:7b:72:c6:0a:63:c5:d7:c1:
         a5:ee:dd:1d:a0:58:92:ad:ff:d9:1f:b6:9f:a0:a5:58:02:c0:
         a9:77:68:c5:0e:e7:51:e6:64:33:ea:c1:9f:4c:b7:7e:1c:0e:
         8e:36:6d:fd:55:7b:ed:96:a9:4a:78:af:02:36:4a:50:31:74:
         9d:2b:d5:51:21:70:7f:8e:53:36:bf:b5:72:9b:4e:c8:41:b2:
         05:df:53:a5:c0:01:c5:ce:a2:8d:55:74:20:f3:2e:49:c5:d4:
         32:70:56:8d:6f:bb:03:aa:26:f8:79:cd:f0:90:be:89:25:35:
         9a:c3:6a:6c
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgIUDcpsbZI4dTJRiZOkokteL9lt8sIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMEFBRDIyMUU0MDcwOTg5RDQ5MzlGQUNBMEYwOTgxQUIy
NkU5Mzg5NTAeFw0yNDA1MjMxMjQ1MjFaFw0yNTA1MjIxMjUwMjFaMDMxMTAvBgNV
BAMTKEFGOEI4RDk3QUJCQURFQzQ2M0MzMEM0MkExNUREOTczMUQ1NDgwQjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdEJrgDos1+cYSQC7OvX6NUPtH
vYTubm+/UJTFgG7NsceGoDDFznnBTVWVuB27WTN+om8MQvp9WwzN5nUcMTWJYSvC
iXulLohxVAd/e/zxOehn/XS5p/FxOdz521N7GTUV9Dp5LNwO0ibDtHSH8e02xSLa
GWVd9SJhIxLsh1vFnIS6eQD7jPNTogyKGY1Kgm9pSCL2Ou0fxocew7gCpLWK1o1n
rR7fLthf1Q6rYfbmrVY24QOAGF6gBBFlMDuRWqutVW3GEegplp8lG4uAzmlcjF1z
cE1AyCWh05XmVKP4uk+RPUl4LyXEX1PrBThYj2ToZgKPPXQ31j9ZGEboIVANAgMB
AAGjggIsMIICKDAdBgNVHQ4EFgQUr4uNl6u63sRjwwxCoV3Zcx1UgLIwHwYDVR0j
BBgwFoAUCq0iHkBwmJ1JOfrKDwmBqybpOJUwDgYDVR0PAQH/BAQDAgeAMG4GA1Ud
HwRnMGUwY6BhoF+GXXJzeW5jOi8vcnBraS0wMS5wZHhuZXQudWsvcmVwby9wYXJh
ZG94bmV0d29ya3MvMi8wQUFEMjIxRTQwNzA5ODlENDkzOUZBQ0EwRjA5ODFBQjI2
RTkzODk1LmNybDCBkwYIKwYBBQUHAQEEgYYwgYMwgYAGCCsGAQUFBzAChnRyc3lu
YzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRvcnkvOGE4NDhhZGY4NTBkMDYz
ZTAxODU3NTVjOTFiZTNmOWQvMi8wQUFEMjIxRTQwNzA5ODlENDkzOUZBQ0EwRjA5
ODFBQjI2RTkzODk1LmNlcjCBkQYIKwYBBQUHAQsEgYQwgYEwfwYIKwYBBQUHMAuG
c3JzeW5jOi8vcnBraS0wMS5wZHhuZXQudWsvcmVwby9wYXJhZG94bmV0d29ya3Mv
Mi8zMjYxMzAzNTNhNjQ2NjYzMzQzYTYzMzE2MjY2M2EzYTJmMzQzODJkMzQzODIw
M2QzZTIwMzUzMjMwMzIzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF38TBvzANBgkqhkiG9w0BAQsF
AAOCAQEAKpf7heDdFbHAydrHPYBtT7MVztzcWb7EkZNJSaCUXYgQtdOt16Y5ir+D
W4rP4luDOWf6y9o+y7ewA85eY4UMfsQX/ekBSAxmDQaUpIaMVWqMGb50iaf8Letn
rX2J2sWE6deZyZvEylQqtsE9ZCT6UjY9gj8OS/2qWFGR4sfNomVkQVpxRf11DXty
xgpjxdfBpe7dHaBYkq3/2R+2n6ClWALAqXdoxQ7nUeZkM+rBn0y3fhwOjjZt/VV7
7ZapSnivAjZKUDF0nSvVUSFwf45TNr+1cptOyEGyBd9TpcABxc6ijVV0IPMuScXU
MnBWjW+7A6om+HnN8JC+iSU1msNqbA==
-----END CERTIFICATE-----
Generated at Wed Nov 20 21:31:32 2024 by rpki-client on console-ams.rpki-client.org