Route Origin Authorization

$ rpki-client -vvf rpki.folf.systems/repo/Folf-Systems/0/323030313a3637633a6233383a3a2f34382d3438203d3e20323030333630.roa
File:                     323030313a3637633a6233383a3a2f34382d3438203d3e20323030333630.roa (raw, json)
Hash identifier:          EG6I3M0sUovMcM9lMtR1AnJFwVzkcTuLH+5MLdlDcO0=
Subject key identifier:   7A:3B:48:DC:DE:92:7E:F8:19:5C:B9:E1:FE:65:60:43:A4:7C:9C:A3
Certificate issuer:       /CN=e883d1d2313a14e8659f604a65d65ce39a3f826b
Certificate serial:       246253D45B1EAE14830633CFF53444C00370A4CC
Authority key identifier: E8:83:D1:D2:31:3A:14:E8:65:9F:60:4A:65:D6:5C:E3:9A:3F:82:6B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6IPR0jE6FOhln2BKZdZc45o_gms.cer
Subject info access:      rsync://rpki.folf.systems/repo/Folf-Systems/0/323030313a3637633a6233383a3a2f34382d3438203d3e20323030333630.roa
Signing time:             Thu 28 Dec 2023 04:01:39 +0000
ROA not before:           Thu 28 Dec 2023 03:56:39 +0000
ROA not after:            Thu 26 Dec 2024 04:01:39 +0000
asID:                     200360
IP address blocks:        2001:67c:b38::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.folf.systems/repo/Folf-Systems/0/E883D1D2313A14E8659F604A65D65CE39A3F826B.crl
                          rsync://rpki.folf.systems/repo/Folf-Systems/0/E883D1D2313A14E8659F604A65D65CE39A3F826B.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6IPR0jE6FOhln2BKZdZc45o_gms.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 26 Jun 2024 08:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            24:62:53:d4:5b:1e:ae:14:83:06:33:cf:f5:34:44:c0:03:70:a4:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e883d1d2313a14e8659f604a65d65ce39a3f826b
        Validity
            Not Before: Dec 28 03:56:39 2023 GMT
            Not After : Dec 26 04:01:39 2024 GMT
        Subject: CN=7A3B48DCDE927EF8195CB9E1FE656043A47C9CA3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:25:3c:2d:0e:40:38:88:e9:94:13:6b:29:f7:
                    e0:4f:4c:5a:a1:9e:ed:ea:06:f8:ca:ee:b6:ad:cf:
                    aa:2b:51:a7:48:1d:6f:ea:d4:ea:5e:28:b3:52:e0:
                    13:a0:c5:f9:dc:fa:2d:80:2b:ba:e7:73:e6:5c:bb:
                    96:22:a6:60:8d:94:5d:85:b5:a0:50:93:0d:6c:6d:
                    3d:93:a3:56:db:f6:ba:b5:c3:5c:c9:ed:46:d1:a0:
                    ba:d1:0c:da:c9:9e:b8:8d:22:e1:ce:1c:73:fa:55:
                    59:92:0c:be:36:77:91:81:d5:c4:37:70:84:bc:c4:
                    cf:ca:0b:98:dd:c6:ea:72:5b:05:80:c4:20:8e:c9:
                    f2:1d:09:fe:cb:05:ae:f1:40:e3:d3:d4:06:78:eb:
                    a0:dc:1d:51:64:2d:7c:67:aa:ea:79:6a:1b:a3:31:
                    90:e9:c2:cd:a1:0c:51:38:84:d4:7e:c2:f3:ed:f2:
                    bd:f3:a4:09:2d:67:c1:6d:59:bb:82:c7:90:04:ee:
                    ca:39:8d:0c:02:c5:0c:e8:a4:79:3c:06:2b:ac:d6:
                    1d:0b:52:76:34:75:ac:00:54:eb:d4:14:bf:d8:45:
                    85:8c:a5:1a:98:66:64:fb:53:1e:5e:92:f7:96:03:
                    b4:fb:6e:0d:fe:87:f0:3f:2b:02:c8:a4:99:fe:6d:
                    8b:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:3B:48:DC:DE:92:7E:F8:19:5C:B9:E1:FE:65:60:43:A4:7C:9C:A3
            X509v3 Authority Key Identifier:
                keyid:E8:83:D1:D2:31:3A:14:E8:65:9F:60:4A:65:D6:5C:E3:9A:3F:82:6B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.folf.systems/repo/Folf-Systems/0/E883D1D2313A14E8659F604A65D65CE39A3F826B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6IPR0jE6FOhln2BKZdZc45o_gms.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.folf.systems/repo/Folf-Systems/0/323030313a3637633a6233383a3a2f34382d3438203d3e20323030333630.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:67c:b38::/48

    Signature Algorithm: sha256WithRSAEncryption
         01:0f:d4:e6:73:1f:32:51:47:d1:6c:23:a8:29:da:1f:e2:94:
         b0:ce:85:29:d0:e9:9f:12:cc:e7:19:0f:3f:fa:33:5d:20:13:
         b0:ca:f3:3d:ed:54:85:0e:13:2b:ee:0e:4c:71:29:10:2a:bb:
         d4:9e:a9:00:0c:24:27:29:2e:91:52:c0:9d:38:e6:7f:e8:eb:
         a0:5d:98:e3:80:e5:ea:fd:5f:ff:06:de:ad:2d:d2:71:f8:f9:
         a3:1f:98:05:34:ea:d8:1b:6a:bd:0d:da:7e:72:3c:6c:a0:18:
         62:70:66:c7:46:f4:e0:57:0d:ad:a3:5c:ec:f2:fb:f4:b6:fc:
         25:df:87:59:2e:59:48:d9:9b:49:d3:95:28:74:24:92:a5:66:
         6e:79:90:27:c3:24:b2:f9:ce:77:44:7c:a1:8d:69:da:30:d6:
         67:dc:50:72:b6:20:60:7e:44:72:66:f9:93:0e:2a:65:3e:d5:
         74:52:a9:6c:eb:01:73:dd:cf:7c:5b:0e:dd:7a:6a:c6:34:b5:
         03:24:da:39:50:9d:d1:16:8a:29:f3:01:1d:d3:25:46:af:37:
         1a:d7:fc:e5:38:81:c1:e1:0f:69:3a:d0:9e:1a:e6:55:93:25:
         46:d5:8b:61:9e:a0:7b:ce:af:97:e0:92:7f:14:e2:db:06:74:
         9e:89:b5:22
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIUJGJT1FserhSDBjPP9TREwANwpMwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTg4M2QxZDIzMTNhMTRlODY1OWY2MDRhNjVkNjVjZTM5
YTNmODI2YjAeFw0yMzEyMjgwMzU2MzlaFw0yNDEyMjYwNDAxMzlaMDMxMTAvBgNV
BAMTKDdBM0I0OERDREU5MjdFRjgxOTVDQjlFMUZFNjU2MDQzQTQ3QzlDQTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCJTwtDkA4iOmUE2sp9+BPTFqh
nu3qBvjK7ratz6orUadIHW/q1OpeKLNS4BOgxfnc+i2AK7rnc+Zcu5YipmCNlF2F
taBQkw1sbT2To1bb9rq1w1zJ7UbRoLrRDNrJnriNIuHOHHP6VVmSDL42d5GB1cQ3
cIS8xM/KC5jdxupyWwWAxCCOyfIdCf7LBa7xQOPT1AZ466DcHVFkLXxnqup5ahuj
MZDpws2hDFE4hNR+wvPt8r3zpAktZ8FtWbuCx5AE7so5jQwCxQzopHk8Bius1h0L
UnY0dawAVOvUFL/YRYWMpRqYZmT7Ux5ekveWA7T7bg3+h/A/KwLIpJn+bYt/AgMB
AAGjggHyMIIB7jAdBgNVHQ4EFgQUejtI3N6SfvgZXLnh/mVgQ6R8nKMwHwYDVR0j
BBgwFoAU6IPR0jE6FOhln2BKZdZc45o/gmswDgYDVR0PAQH/BAQDAgeAMGsGA1Ud
HwRkMGIwYKBeoFyGWnJzeW5jOi8vcnBraS5mb2xmLnN5c3RlbXMvcmVwby9Gb2xm
LVN5c3RlbXMvMC9FODgzRDFEMjMxM0ExNEU4NjU5RjYwNEE2NUQ2NUNFMzlBM0Y4
MjZCLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNklQUjBqRTZGT2hsbjJCS1pk
WmM0NW9fZ21zLmNlcjCBigYIKwYBBQUHAQsEfjB8MHoGCCsGAQUFBzALhm5yc3lu
YzovL3Jwa2kuZm9sZi5zeXN0ZW1zL3JlcG8vRm9sZi1TeXN0ZW1zLzAvMzIzMDMw
MzEzYTM2Mzc2MzNhNjIzMzM4M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzMDMw
MzMzNjMwLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEH
AQH/BBMwETAPBAIAAjAJAwcAIAEGfAs4MA0GCSqGSIb3DQEBCwUAA4IBAQABD9Tm
cx8yUUfRbCOoKdof4pSwzoUp0OmfEsznGQ8/+jNdIBOwyvM97VSFDhMr7g5McSkQ
KrvUnqkADCQnKS6RUsCdOOZ/6OugXZjjgOXq/V//Bt6tLdJx+PmjH5gFNOrYG2q9
Ddp+cjxsoBhicGbHRvTgVw2to1zs8vv0tvwl34dZLllI2ZtJ05UodCSSpWZueZAn
wySy+c53RHyhjWnaMNZn3FBytiBgfkRyZvmTDiplPtV0Uqls6wFz3c98Ww7demrG
NLUDJNo5UJ3RFoop8wEd0yVGrzca1/zlOIHB4Q9pOtCeGuZVkyVG1YthnqB7zq+X
4JJ/FOLbBnSeibUi
-----END CERTIFICATE-----