Route Origin Authorization

$ rpki-client -vvf rpki.cc/repo/MythicalKitten/1/326130613a363034303a32383a3a2f34382d3438203d3e203530323234.roa
File:                     326130613a363034303a32383a3a2f34382d3438203d3e203530323234.roa (raw, json)
Hash identifier:          5akv4zdzpCy03ZHI8GT54UeOeSHx08FkgGk6V1XbPnA=
Subject key identifier:   0E:99:4B:AD:33:B2:09:A6:DD:27:FC:65:EE:E7:8F:DC:13:09:B7:72
Certificate issuer:       /CN=85560E86F645F1E903C8627A31BDB65C534860B9
Certificate serial:       535503123A656CE78F14D5DCC2C603B4AE5AB527
Authority key identifier: 85:56:0E:86:F6:45:F1:E9:03:C8:62:7A:31:BD:B6:5C:53:48:60:B9
Authority info access:    rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/85560E86F645F1E903C8627A31BDB65C534860B9.cer
Subject info access:      rsync://rpki.cc/repo/MythicalKitten/1/326130613a363034303a32383a3a2f34382d3438203d3e203530323234.roa
Signing time:             Sun 10 Mar 2024 05:56:10 +0000
ROA not before:           Sun 10 Mar 2024 05:51:10 +0000
ROA not after:            Sun 09 Mar 2025 05:56:10 +0000
asID:                     50224
IP address blocks:        2a0a:6040:28::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.cc/repo/MythicalKitten/1/85560E86F645F1E903C8627A31BDB65C534860B9.crl
                          rsync://rpki.cc/repo/MythicalKitten/1/85560E86F645F1E903C8627A31BDB65C534860B9.mft
                          rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/85560E86F645F1E903C8627A31BDB65C534860B9.cer
                          rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl
                          rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 13:30:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            53:55:03:12:3a:65:6c:e7:8f:14:d5:dc:c2:c6:03:b4:ae:5a:b5:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85560E86F645F1E903C8627A31BDB65C534860B9
        Validity
            Not Before: Mar 10 05:51:10 2024 GMT
            Not After : Mar  9 05:56:10 2025 GMT
        Subject: CN=0E994BAD33B209A6DD27FC65EEE78FDC1309B772
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:db:0c:4a:b6:4e:5b:82:ee:e6:ad:ab:5b:de:
                    0c:43:14:17:48:3d:74:6d:de:38:05:c3:2c:63:43:
                    c4:a6:a0:6b:26:3f:3a:62:e8:75:c1:0b:58:3a:6d:
                    64:2b:9e:11:fd:be:1b:b9:27:e6:8e:f8:17:7d:91:
                    10:79:aa:1a:33:1a:1f:d5:ab:85:47:ae:e9:33:7f:
                    6f:f2:50:47:4d:9d:9f:18:ec:68:f6:f3:6f:cf:2d:
                    63:4f:c2:52:35:e4:f0:0d:0d:6a:89:a9:16:1b:d5:
                    eb:41:99:4e:80:68:b1:83:fe:98:d4:97:49:dd:df:
                    84:74:ae:8a:67:02:fb:93:9d:c8:5c:88:0b:47:40:
                    c6:e6:a4:14:83:56:09:f8:43:4a:5e:48:a8:11:bb:
                    0d:a7:8c:7b:c2:81:d4:7e:8e:2a:71:8f:f3:3d:53:
                    a5:76:e8:97:83:d5:20:07:08:2f:bd:30:36:7a:ff:
                    76:ec:dd:36:0f:c6:9a:2e:28:5a:47:63:f6:aa:f2:
                    2e:db:1c:38:81:03:87:45:b1:32:cd:4d:2d:64:af:
                    4e:b8:35:61:e6:58:8d:84:a2:9f:57:3f:3f:09:0a:
                    e2:01:14:6d:5e:e3:15:cd:c3:2d:f5:12:1d:e1:75:
                    ed:6e:f0:29:ed:69:28:2b:56:70:69:cc:f7:4d:a4:
                    25:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:99:4B:AD:33:B2:09:A6:DD:27:FC:65:EE:E7:8F:DC:13:09:B7:72
            X509v3 Authority Key Identifier:
                keyid:85:56:0E:86:F6:45:F1:E9:03:C8:62:7A:31:BD:B6:5C:53:48:60:B9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.cc/repo/MythicalKitten/1/85560E86F645F1E903C8627A31BDB65C534860B9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/85560E86F645F1E903C8627A31BDB65C534860B9.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.cc/repo/MythicalKitten/1/326130613a363034303a32383a3a2f34382d3438203d3e203530323234.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:6040:28::/48

    Signature Algorithm: sha256WithRSAEncryption
         90:85:7e:d2:9a:59:57:66:26:34:6e:51:5b:37:f8:86:9c:10:
         83:85:b5:99:35:e8:6d:75:b4:f3:74:34:3f:b0:3e:80:66:6a:
         c0:b3:53:49:01:ba:df:2a:ac:de:db:14:67:9d:ff:09:0d:ee:
         0c:d3:c7:48:54:28:33:7a:2e:0b:3d:1c:e3:74:77:7b:8d:22:
         dc:44:c9:f3:d7:37:26:8b:0f:17:9f:6d:e3:f8:ae:f7:09:60:
         ac:08:a9:15:e7:ee:5f:a1:d1:ce:a4:43:56:fe:95:a8:c1:fd:
         6a:a2:8e:f2:53:03:5b:01:08:63:21:44:bd:44:d6:f2:61:a9:
         6b:a5:3e:38:dc:4e:55:1c:0b:cd:bb:ea:03:9f:4f:00:26:6a:
         2d:58:fc:60:47:01:2f:ea:9e:b5:82:2b:08:4c:78:4f:61:da:
         08:67:5e:6e:16:21:61:92:7a:5d:74:7e:85:e9:ec:b6:d4:4f:
         9d:94:20:ae:fb:29:2d:d9:e0:c7:da:b0:13:53:a3:7f:ed:51:
         9d:87:05:ce:99:78:66:54:86:47:a3:d3:dd:38:d6:f6:24:27:
         ba:4a:06:45:8e:34:bd:fe:d6:e0:bc:48:84:a0:dc:da:ea:d6:
         88:b3:36:fc:ac:56:36:6c:ef:33:66:f8:ae:f2:b3:a5:17:b8:
         1a:f9:7d:ef
-----BEGIN CERTIFICATE-----
MIIE7DCCA9SgAwIBAgIUU1UDEjplbOePFNXcwsYDtK5atScwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODU1NjBFODZGNjQ1RjFFOTAzQzg2MjdBMzFCREI2NUM1
MzQ4NjBCOTAeFw0yNDAzMTAwNTUxMTBaFw0yNTAzMDkwNTU2MTBaMDMxMTAvBgNV
BAMTKDBFOTk0QkFEMzNCMjA5QTZERDI3RkM2NUVFRTc4RkRDMTMwOUI3NzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDr2wxKtk5bgu7mratb3gxDFBdI
PXRt3jgFwyxjQ8SmoGsmPzpi6HXBC1g6bWQrnhH9vhu5J+aO+Bd9kRB5qhozGh/V
q4VHrukzf2/yUEdNnZ8Y7Gj282/PLWNPwlI15PANDWqJqRYb1etBmU6AaLGD/pjU
l0nd34R0ropnAvuTnchciAtHQMbmpBSDVgn4Q0peSKgRuw2njHvCgdR+jipxj/M9
U6V26JeD1SAHCC+9MDZ6/3bs3TYPxpouKFpHY/aq8i7bHDiBA4dFsTLNTS1kr064
NWHmWI2Eop9XPz8JCuIBFG1e4xXNwy31Eh3hde1u8CntaSgrVnBpzPdNpCWNAgMB
AAGjggH2MIIB8jAdBgNVHQ4EFgQUDplLrTOyCabdJ/xl7ueP3BMJt3IwHwYDVR0j
BBgwFoAUhVYOhvZF8ekDyGJ6Mb22XFNIYLkwDgYDVR0PAQH/BAQDAgeAMGMGA1Ud
HwRcMFowWKBWoFSGUnJzeW5jOi8vcnBraS5jYy9yZXBvL015dGhpY2FsS2l0dGVu
LzEvODU1NjBFODZGNjQ1RjFFOTAzQzg2MjdBMzFCREI2NUM1MzQ4NjBCOS5jcmww
egYIKwYBBQUHAQEEbjBsMGoGCCsGAQUFBzAChl5yc3luYzovL2Nsb3VkaWUtcmVw
by5ycGtpLmFwcC9yZXBvL0NMT1VESUUtUlBLSS8wLzg1NTYwRTg2RjY0NUYxRTkw
M0M4NjI3QTMxQkRCNjVDNTM0ODYwQjkuY2VyMIGABggrBgEFBQcBCwR0MHIwcAYI
KwYBBQUHMAuGZHJzeW5jOi8vcnBraS5jYy9yZXBvL015dGhpY2FsS2l0dGVuLzEv
MzI2MTMwNjEzYTM2MzAzNDMwM2EzMjM4M2EzYTJmMzQzODJkMzQzODIwM2QzZTIw
MzUzMDMyMzIzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEF
BQcBBwEB/wQTMBEwDwQCAAIwCQMHACoKYEAAKDANBgkqhkiG9w0BAQsFAAOCAQEA
kIV+0ppZV2YmNG5RWzf4hpwQg4W1mTXobXW083Q0P7A+gGZqwLNTSQG63yqs3tsU
Z53/CQ3uDNPHSFQoM3ouCz0c43R3e40i3ETJ89c3JosPF59t4/iu9wlgrAipFefu
X6HRzqRDVv6VqMH9aqKO8lMDWwEIYyFEvUTW8mGpa6U+ONxOVRwLzbvqA59PACZq
LVj8YEcBL+qetYIrCEx4T2HaCGdebhYhYZJ6XXR+hensttRPnZQgrvspLdngx9qw
E1Ojf+1RnYcFzpl4ZlSGR6PT3TjW9iQnukoGRY40vf7W4LxIhKDc2urWiLM2/KxW
NmzvM2b4rvKzpRe4Gvl97w==
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:09:59 2024 by rpki-client on console-fra.rpki-client.org