Route Origin Authorization

$ rpki-client -vvf rpki-repo.as207960.net/repo/rpki_ca_a50d7178badf43beb9811c7ec27b489c/0/326131313a663263303a666663323a3a2f34382d3438203d3e20313939333337.roa
File:                     326131313a663263303a666663323a3a2f34382d3438203d3e20313939333337.roa (raw, json)
Hash identifier:          OX3RHdtuqmLEvG1ZYjgRikhuEWksaQB7VsQm/hmQ+LY=
Subject key identifier:   FF:8C:AE:AA:24:FF:C4:5B:04:62:F8:93:DD:A8:CA:54:4E:8B:BC:3D
Certificate issuer:       /CN=1A889E0950A8B6489E67E7C7189539FB887EAD71
Certificate serial:       5C543439FBDA71D3BFA62F6405F9189627E435C8
Authority key identifier: 1A:88:9E:09:50:A8:B6:48:9E:67:E7:C7:18:95:39:FB:88:7E:AD:71
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/1A889E0950A8B6489E67E7C7189539FB887EAD71.cer
Subject info access:      rsync://rpki-repo.as207960.net/repo/rpki_ca_a50d7178badf43beb9811c7ec27b489c/0/326131313a663263303a666663323a3a2f34382d3438203d3e20313939333337.roa
Signing time:             Sun 07 Jul 2024 19:12:42 +0000
ROA not before:           Sun 07 Jul 2024 19:07:42 +0000
ROA not after:            Sun 06 Jul 2025 19:12:42 +0000
asID:                     199337
IP address blocks:        2a11:f2c0:ffc2::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-repo.as207960.net/repo/rpki_ca_a50d7178badf43beb9811c7ec27b489c/0/1A889E0950A8B6489E67E7C7189539FB887EAD71.crl
                          rsync://rpki-repo.as207960.net/repo/rpki_ca_a50d7178badf43beb9811c7ec27b489c/0/1A889E0950A8B6489E67E7C7189539FB887EAD71.mft
                          rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/1A889E0950A8B6489E67E7C7189539FB887EAD71.cer
                          rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/0839A93DAB544C296FFA143456844A8B2818B1D0.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/0839A93DAB544C296FFA143456844A8B2818B1D0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CDmpPatUTClv-hQ0VoRKiygYsdA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 00:20:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5c:54:34:39:fb:da:71:d3:bf:a6:2f:64:05:f9:18:96:27:e4:35:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1A889E0950A8B6489E67E7C7189539FB887EAD71
        Validity
            Not Before: Jul  7 19:07:42 2024 GMT
            Not After : Jul  6 19:12:42 2025 GMT
        Subject: CN=FF8CAEAA24FFC45B0462F893DDA8CA544E8BBC3D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:a2:09:3b:d2:aa:9f:a7:7e:5c:63:47:25:27:
                    94:e0:c2:92:a0:a1:2b:97:07:14:81:a2:21:2b:db:
                    d3:17:0a:d8:99:0c:7d:5c:91:32:7d:74:53:09:4d:
                    96:0e:1e:88:ce:23:08:0b:2c:c0:fd:9b:b8:e3:95:
                    42:b8:2f:46:34:8d:0e:e4:4a:36:07:a5:26:31:2a:
                    46:f5:68:5c:48:86:4d:3d:ce:ff:b7:4e:64:29:0b:
                    bf:59:38:e2:3f:c0:e0:a3:1c:36:96:6b:80:47:bb:
                    8c:d1:05:b9:ca:85:2b:3c:ab:c3:82:47:d2:11:ef:
                    68:e6:07:9a:33:60:3d:56:b8:2c:53:50:07:bf:77:
                    9b:6b:f6:d5:70:3b:03:94:92:e1:ab:88:0f:b3:56:
                    4e:c4:da:21:2e:4a:38:2b:9f:9d:bd:c6:b9:7c:c6:
                    f4:02:29:20:6d:9e:db:1c:b4:30:ce:cc:36:03:c9:
                    bf:84:d1:41:2c:a2:b2:03:a7:7c:83:01:8b:c7:a2:
                    48:2a:56:c5:9b:44:2c:6a:0e:ed:10:e9:c9:c7:67:
                    89:2a:a6:84:b4:9a:f0:b4:de:4f:c5:ef:29:22:bb:
                    0f:ef:12:db:b0:66:c8:28:b8:33:50:4a:98:91:de:
                    c0:e5:1a:f1:87:02:76:44:df:72:58:c3:6d:df:ee:
                    0b:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:8C:AE:AA:24:FF:C4:5B:04:62:F8:93:DD:A8:CA:54:4E:8B:BC:3D
            X509v3 Authority Key Identifier:
                keyid:1A:88:9E:09:50:A8:B6:48:9E:67:E7:C7:18:95:39:FB:88:7E:AD:71

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.as207960.net/repo/rpki_ca_a50d7178badf43beb9811c7ec27b489c/0/1A889E0950A8B6489E67E7C7189539FB887EAD71.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/dde837fb-6390-41b5-82a0-f0d02c03a2c6/7/1A889E0950A8B6489E67E7C7189539FB887EAD71.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.as207960.net/repo/rpki_ca_a50d7178badf43beb9811c7ec27b489c/0/326131313a663263303a666663323a3a2f34382d3438203d3e20313939333337.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:f2c0:ffc2::/48

    Signature Algorithm: sha256WithRSAEncryption
         06:65:5f:af:2c:81:66:db:32:86:63:9f:6a:e5:56:7f:e5:47:
         61:fe:11:19:73:08:30:33:d3:5a:b9:64:50:e7:8f:db:f0:1b:
         60:e8:76:30:7e:58:e0:a9:2f:51:1f:43:3e:46:ae:c7:3b:2c:
         ee:1b:1f:31:ca:da:95:9d:d4:fd:9c:32:4d:bf:df:83:ce:db:
         cf:71:c3:e7:78:70:1c:2f:2c:b9:20:9c:e4:23:a3:5d:96:57:
         79:22:5b:ed:df:36:7f:60:9e:16:6b:b6:e0:9a:4e:11:11:1f:
         00:3d:aa:94:12:d5:c1:b8:21:da:10:9d:82:70:c7:5d:73:84:
         18:25:f5:af:b3:b6:88:f1:0e:01:04:82:39:75:22:60:89:aa:
         e9:10:28:44:98:90:49:5a:e7:8b:6c:39:45:6b:f2:df:a1:92:
         1a:c8:bf:18:c8:92:8d:55:b7:21:3d:6b:e5:c7:56:bf:18:1f:
         48:bc:78:36:f9:1c:d7:2d:fe:cc:1f:11:3a:3e:f3:3f:80:c9:
         b6:a5:31:dc:d9:cc:05:ab:c9:58:e5:76:87:9f:56:77:79:7a:
         10:90:63:14:94:d2:98:f8:93:81:d9:ba:16:49:ed:34:f7:4e:
         84:72:73:e2:17:4d:dd:42:46:0d:c7:76:4b:21:a5:af:98:54:
         26:49:5a:70
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgIUXFQ0OfvacdO/pi9kBfkYlifkNcgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMUE4ODlFMDk1MEE4QjY0ODlFNjdFN0M3MTg5NTM5RkI4
ODdFQUQ3MTAeFw0yNDA3MDcxOTA3NDJaFw0yNTA3MDYxOTEyNDJaMDMxMTAvBgNV
BAMTKEZGOENBRUFBMjRGRkM0NUIwNDYyRjg5M0REQThDQTU0NEU4QkJDM0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCTogk70qqfp35cY0clJ5TgwpKg
oSuXBxSBoiEr29MXCtiZDH1ckTJ9dFMJTZYOHojOIwgLLMD9m7jjlUK4L0Y0jQ7k
SjYHpSYxKkb1aFxIhk09zv+3TmQpC79ZOOI/wOCjHDaWa4BHu4zRBbnKhSs8q8OC
R9IR72jmB5ozYD1WuCxTUAe/d5tr9tVwOwOUkuGriA+zVk7E2iEuSjgrn529xrl8
xvQCKSBtntsctDDOzDYDyb+E0UEsorIDp3yDAYvHokgqVsWbRCxqDu0Q6cnHZ4kq
poS0mvC03k/F7ykiuw/vEtuwZsgouDNQSpiR3sDlGvGHAnZE33JYw23f7gtHAgMB
AAGjggJ7MIICdzAdBgNVHQ4EFgQU/4yuqiT/xFsEYviT3ajKVE6LvD0wHwYDVR0j
BBgwFoAUGoieCVCotkieZ+fHGJU5+4h+rXEwDgYDVR0PAQH/BAQDAgeAMIGPBgNV
HR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3Jwa2ktcmVwby5hczIwNzk2MC5uZXQv
cmVwby9ycGtpX2NhX2E1MGQ3MTc4YmFkZjQzYmViOTgxMWM3ZWMyN2I0ODljLzAv
MUE4ODlFMDk1MEE4QjY0ODlFNjdFN0M3MTg5NTM5RkI4ODdFQUQ3MS5jcmwwgZ4G
CCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3luYy5wYWFz
LnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9kZGU4MzdmYi02MzkwLTQxYjUtODJh
MC1mMGQwMmMwM2EyYzYvNy8xQTg4OUUwOTUwQThCNjQ4OUU2N0U3QzcxODk1MzlG
Qjg4N0VBRDcxLmNlcjCBswYIKwYBBQUHAQsEgaYwgaMwgaAGCCsGAQUFBzALhoGT
cnN5bmM6Ly9ycGtpLXJlcG8uYXMyMDc5NjAubmV0L3JlcG8vcnBraV9jYV9hNTBk
NzE3OGJhZGY0M2JlYjk4MTFjN2VjMjdiNDg5Yy8wLzMyNjEzMTMxM2E2NjMyNjMz
MDNhNjY2NjYzMzIzYTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMTM5MzkzMzMzMzcu
cm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzAR
MA8EAgACMAkDBwAqEfLA/8IwDQYJKoZIhvcNAQELBQADggEBAAZlX68sgWbbMoZj
n2rlVn/lR2H+ERlzCDAz01q5ZFDnj9vwG2DodjB+WOCpL1EfQz5Grsc7LO4bHzHK
2pWd1P2cMk2/34PO289xw+d4cBwvLLkgnOQjo12WV3kiW+3fNn9gnhZrtuCaThER
HwA9qpQS1cG4IdoQnYJwx11zhBgl9a+ztojxDgEEgjl1ImCJqukQKESYkEla54ts
OUVr8t+hkhrIvxjIko1VtyE9a+XHVr8YH0i8eDb5HNct/swfETo+8z+AybalMdzZ
zAWryVjldoefVnd5ehCQYxSU0pj4k4HZuhZJ7TT3ToRyc+IXTd1CRg3Hdkshpa+Y
VCZJWnA=
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:39:17 2024 by rpki-client on console-ams.rpki-client.org