Route Origin Authorization

$ rpki-client -vvf rpki.cc/repo/MythicalKitten/1/326130613a363034303a31343a3a2f34382d3438203d3e203530323234.roa
File:                     326130613a363034303a31343a3a2f34382d3438203d3e203530323234.roa (raw, json)
Hash identifier:          UGJBEw7bXCmE8a9qcc+oHb3ilEfoNbTXByjwFpP8Ftk=
Subject key identifier:   B1:4B:9C:BE:43:AE:BF:71:73:FD:CB:E4:F6:33:B7:B5:3C:EB:2E:2E
Certificate issuer:       /CN=85560E86F645F1E903C8627A31BDB65C534860B9
Certificate serial:       2CA240AEA68FC6F7694AA622384928D7D343862C
Authority key identifier: 85:56:0E:86:F6:45:F1:E9:03:C8:62:7A:31:BD:B6:5C:53:48:60:B9
Authority info access:    rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/85560E86F645F1E903C8627A31BDB65C534860B9.cer
Subject info access:      rsync://rpki.cc/repo/MythicalKitten/1/326130613a363034303a31343a3a2f34382d3438203d3e203530323234.roa
Signing time:             Mon 22 Apr 2024 11:13:04 +0000
ROA not before:           Mon 22 Apr 2024 11:08:04 +0000
ROA not after:            Mon 21 Apr 2025 11:13:04 +0000
asID:                     50224
IP address blocks:        2a0a:6040:14::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.cc/repo/MythicalKitten/1/85560E86F645F1E903C8627A31BDB65C534860B9.crl
                          rsync://rpki.cc/repo/MythicalKitten/1/85560E86F645F1E903C8627A31BDB65C534860B9.mft
                          rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/85560E86F645F1E903C8627A31BDB65C534860B9.cer
                          rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl
                          rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 21 Nov 2024 18:11:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2c:a2:40:ae:a6:8f:c6:f7:69:4a:a6:22:38:49:28:d7:d3:43:86:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85560E86F645F1E903C8627A31BDB65C534860B9
        Validity
            Not Before: Apr 22 11:08:04 2024 GMT
            Not After : Apr 21 11:13:04 2025 GMT
        Subject: CN=B14B9CBE43AEBF7173FDCBE4F633B7B53CEB2E2E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:eb:b6:ab:7e:1b:ef:34:0b:db:32:4b:0b:6f:
                    ad:49:67:63:a5:20:9b:fa:31:ae:cd:bc:ef:8d:19:
                    58:96:8b:95:c2:ad:64:e2:fa:1b:68:47:67:4d:2d:
                    df:7b:6d:42:4e:9f:84:9f:ee:20:9f:be:1b:5d:4b:
                    14:9e:c9:bc:94:8b:61:9c:c8:67:1a:68:35:95:51:
                    65:55:ee:a0:e4:04:13:d8:31:bf:17:06:23:fa:91:
                    2d:66:9b:d3:19:63:ae:12:53:0b:0b:30:31:bd:91:
                    fe:51:e9:d0:81:8a:eb:78:e2:94:da:e4:2f:03:a4:
                    33:a7:42:07:78:a6:74:69:97:d6:12:61:12:42:12:
                    15:a8:14:68:df:c2:81:5a:d9:13:41:4c:d8:01:44:
                    e6:d8:c3:f5:19:78:cd:df:d1:64:71:ee:eb:3b:62:
                    35:19:f0:ff:53:b8:a8:aa:6f:3b:76:c2:41:a6:8a:
                    48:c9:d6:65:e6:de:46:f4:0e:ed:5d:12:37:9c:6b:
                    3d:c9:29:30:05:1b:ee:ff:40:bd:6b:c6:18:65:2e:
                    65:80:d8:7c:4e:44:f6:f3:3c:3f:0c:2c:eb:dd:04:
                    68:ef:67:56:13:ca:28:57:90:40:fb:ed:7a:03:00:
                    fe:ce:01:dd:b5:9a:35:bd:4d:38:1f:8d:f1:d1:9e:
                    50:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:4B:9C:BE:43:AE:BF:71:73:FD:CB:E4:F6:33:B7:B5:3C:EB:2E:2E
            X509v3 Authority Key Identifier:
                keyid:85:56:0E:86:F6:45:F1:E9:03:C8:62:7A:31:BD:B6:5C:53:48:60:B9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.cc/repo/MythicalKitten/1/85560E86F645F1E903C8627A31BDB65C534860B9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/85560E86F645F1E903C8627A31BDB65C534860B9.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.cc/repo/MythicalKitten/1/326130613a363034303a31343a3a2f34382d3438203d3e203530323234.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:6040:14::/48

    Signature Algorithm: sha256WithRSAEncryption
         b1:29:b5:13:f6:d7:42:a8:11:86:a9:1e:bc:d7:e1:f5:52:75:
         c6:7f:83:c4:7a:b6:96:76:d2:ec:07:e2:6a:49:80:32:fa:7a:
         44:54:c2:dc:8b:f0:e4:2d:36:4a:12:1e:e1:48:44:5f:aa:e1:
         cd:b0:fc:c3:bf:13:d2:39:9c:8f:da:52:4d:b2:7f:dc:57:31:
         84:58:cd:b6:1d:64:aa:1e:20:5b:da:aa:1e:27:a7:3f:d9:20:
         20:03:ff:6b:c4:e0:54:69:d9:17:83:7d:ea:17:47:48:7e:8f:
         b5:db:d3:7c:13:70:c2:d8:05:8a:61:70:b5:f6:fd:70:8f:69:
         fa:09:87:1f:71:02:c8:91:4d:bd:1e:7e:b2:ba:06:22:e7:bf:
         39:4b:4f:34:7c:54:c1:f3:63:87:5a:27:68:96:a3:62:d9:17:
         4d:6d:c5:74:d2:b7:c2:8e:06:c0:d8:c8:77:fe:0d:4b:5b:93:
         5b:21:bc:05:6f:fd:85:f9:23:c7:4a:94:6c:21:6c:40:f5:66:
         26:7e:a6:25:36:51:1f:15:3d:d7:e8:ce:9c:54:4e:07:e4:90:
         32:a7:20:2d:66:4e:68:fd:55:dd:d2:8a:9c:eb:24:e4:87:16:
         36:2b:37:41:56:94:be:eb:52:08:fd:49:f3:fe:13:6f:da:0c:
         09:11:3b:76
-----BEGIN CERTIFICATE-----
MIIE7DCCA9SgAwIBAgIULKJArqaPxvdpSqYiOEko19NDhiwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODU1NjBFODZGNjQ1RjFFOTAzQzg2MjdBMzFCREI2NUM1
MzQ4NjBCOTAeFw0yNDA0MjIxMTA4MDRaFw0yNTA0MjExMTEzMDRaMDMxMTAvBgNV
BAMTKEIxNEI5Q0JFNDNBRUJGNzE3M0ZEQ0JFNEY2MzNCN0I1M0NFQjJFMkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDR67arfhvvNAvbMksLb61JZ2Ol
IJv6Ma7NvO+NGViWi5XCrWTi+htoR2dNLd97bUJOn4Sf7iCfvhtdSxSeybyUi2Gc
yGcaaDWVUWVV7qDkBBPYMb8XBiP6kS1mm9MZY64SUwsLMDG9kf5R6dCBiut44pTa
5C8DpDOnQgd4pnRpl9YSYRJCEhWoFGjfwoFa2RNBTNgBRObYw/UZeM3f0WRx7us7
YjUZ8P9TuKiqbzt2wkGmikjJ1mXm3kb0Du1dEjecaz3JKTAFG+7/QL1rxhhlLmWA
2HxORPbzPD8MLOvdBGjvZ1YTyihXkED77XoDAP7OAd21mjW9TTgfjfHRnlAvAgMB
AAGjggH2MIIB8jAdBgNVHQ4EFgQUsUucvkOuv3Fz/cvk9jO3tTzrLi4wHwYDVR0j
BBgwFoAUhVYOhvZF8ekDyGJ6Mb22XFNIYLkwDgYDVR0PAQH/BAQDAgeAMGMGA1Ud
HwRcMFowWKBWoFSGUnJzeW5jOi8vcnBraS5jYy9yZXBvL015dGhpY2FsS2l0dGVu
LzEvODU1NjBFODZGNjQ1RjFFOTAzQzg2MjdBMzFCREI2NUM1MzQ4NjBCOS5jcmww
egYIKwYBBQUHAQEEbjBsMGoGCCsGAQUFBzAChl5yc3luYzovL2Nsb3VkaWUtcmVw
by5ycGtpLmFwcC9yZXBvL0NMT1VESUUtUlBLSS8wLzg1NTYwRTg2RjY0NUYxRTkw
M0M4NjI3QTMxQkRCNjVDNTM0ODYwQjkuY2VyMIGABggrBgEFBQcBCwR0MHIwcAYI
KwYBBQUHMAuGZHJzeW5jOi8vcnBraS5jYy9yZXBvL015dGhpY2FsS2l0dGVuLzEv
MzI2MTMwNjEzYTM2MzAzNDMwM2EzMTM0M2EzYTJmMzQzODJkMzQzODIwM2QzZTIw
MzUzMDMyMzIzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEF
BQcBBwEB/wQTMBEwDwQCAAIwCQMHACoKYEAAFDANBgkqhkiG9w0BAQsFAAOCAQEA
sSm1E/bXQqgRhqkevNfh9VJ1xn+DxHq2lnbS7AfiakmAMvp6RFTC3Ivw5C02ShIe
4UhEX6rhzbD8w78T0jmcj9pSTbJ/3FcxhFjNth1kqh4gW9qqHienP9kgIAP/a8Tg
VGnZF4N96hdHSH6PtdvTfBNwwtgFimFwtfb9cI9p+gmHH3ECyJFNvR5+sroGIue/
OUtPNHxUwfNjh1onaJajYtkXTW3FdNK3wo4GwNjId/4NS1uTWyG8BW/9hfkjx0qU
bCFsQPVmJn6mJTZRHxU91+jOnFROB+SQMqcgLWZOaP1V3dKKnOsk5IcWNis3QVaU
vutSCP1J8/4Tb9oMCRE7dg==
-----END CERTIFICATE-----
Generated at Thu Nov 21 04:03:49 2024 by rpki-client on console-ams.rpki-client.org